Betclic Everest Group Tech Team, profile picture
Uploaded byBetclic Everest Group Tech Team
2,510 views

Mini-Training: SSO with Windows Identity Foundation

The document explains Single Sign-On (SSO), which allows users to log in once and access multiple systems, reducing password fatigue and IT support costs. It mentions key concepts such as security tokens, identity providers, and the significance of standards like OpenID and SAML. Additionally, it highlights the Betclic Everest Group's commitment to secure online gaming and responsible practices across various international brands.

Embed presentation

Downloaded 14 times
SSO with Window Identity Foundation
What is SSO ? - SSO : Single Sign-On - Log in once and access to all systems without to log in again at each of them
Benefits - Reducing password fatigue from different user name and password combinations - Reducing time spent re-entering passwords for the same identity - Reducing IT costs due to lower number of IT help desk calls about passwords
- the negative impact in case the credentials are available to other persons and misused ("keys to the castle") Criticisms
Principle & vocabulary - Security Token - Claims & Claims-based applications - STS : Security Token Service - RP : Relying Party - IdP : Identity Provider
* alcohol can damage your health
Standards - OpenID - Facebook, Microsoft, Google, PayPal, Ping Identity, Symantec, and Yahoo - SAML & WS-Federation - Microsoft - ADFS V2 - Azure AppFabric Access Control - Windows Identity Foundation - Oauth - Liberty Alliance - Windows CardSpace (U-Prove) - MicroID - Windows CardSpace - Higgins
OpenID SAML Dates from 2005 2001 Current version OpenID 2.0 SAML 2.0 Main purpose Single sign-on for consumers Single sign-on for enterprise users Protocols used XRDS, HTTP SAML, XML, HTTP, SOAP .Net libraries DotNetOpenAuth System.IdentityModel Windows Identity Foundation OpenID vs SAML
SAML
OpenID
Windows Identity Foundation - WSFederationAuthenticationModule - Handle redirection to STS - Process the sign-in response - Create the ClaimsPrincipal - SessionAuthenticationModule - Manage the authenticated session - Write cookies
Windows Identity Foundation
https://betclicstage.com/r1/back/st1/back/Common/home.aspx Betclic ADFS
Test localy with Thinktecture.IdentityModel.EmbeddedSts - Use WS-Federation STS for ASP.NET with minimal configuration (replace deprecated "Identity and Access Control" Visual Studio extension) http://www.nuget.org/packages/Thinktecture.IdentityModel.EmbeddedSts/
Create a claims-based application on Visual Studio 2013 https://adfs-bead.betclicstage.net/federationmetadata/2007-06/federationmetadata.xml
Identity Developer Training Kit http://www.microsoft.com/en-us/download/confirmation.aspx?id=14347 Passive Authentication for ASP.NET with WIF https://msdn.microsoft.com/en-us/magazine/ff872350.aspx Federated Identities: OpenID vs SAML vs OAuth http://www.softwaresecured.com/2013/07/16/federated-identities-openid-vs-saml-vs-oauth/
Find out more • On https://techblog.betclicgroup.com/
About Us • Betclic Everest Group, one of the world leaders in online gaming, has a unique portfolio comprising various complementary international brands: Betclic, Everest Poker/Casino, Bet-at-home, Expekt, Imperial Casino, Monte- Carlo Casino… • Through our brands, Betclic Everest Group places expertise, technological know-how and security at the heart of our strategy to deliver an on-line gaming offer attuned to the passion of our players. We want our brands to be easy to use for every gamer around the world. We’re building our company to make that happen. • Active in 100 countries with more than 12 million customers worldwide, the Group is committed to promoting secure and responsible gaming and is a member of several international professional associations including the EGBA (European Gaming and Betting Association) and the ESSA (European Sports Security Association).
We want our Sports betting, Poker, Horse racing and Casino & Games brands to be easy to use for every gamer around the world. Code with us to make that happen. Look at all the challenges we offer HERE Check our Employer Page Follow us on LinkedIn WE’RE HIRING !

More Related Content

PPTX
Web Single sign on system
bySwati Sinha
 
PPTX
Single sign on - SSO
byAjit Dadresa
 
PPTX
SINGLE SIGN-ON
byShambhavi Sahay
 
PPTX
Enterprise single sign on
byArchit Sharma
 
PPT
Single Sign On - Case Study
byEbizon
 
PDF
Single Sign On - The Basics
byIshan A B Ambanwela
 
PDF
Single sign on (SSO) How does your company apply?
byĐỗ Duy Trung
 
PPTX
Single sign on
byguest64ab8e
 
Web Single sign on system
bySwati Sinha
 
Single sign on - SSO
byAjit Dadresa
 
SINGLE SIGN-ON
byShambhavi Sahay
 
Enterprise single sign on
byArchit Sharma
 
Single Sign On - Case Study
byEbizon
 
Single Sign On - The Basics
byIshan A B Ambanwela
 
Single sign on (SSO) How does your company apply?
byĐỗ Duy Trung
 
Single sign on
byguest64ab8e
 

What's hot

PDF
Ad(microsoftの方)のOpenId Connect対応
byNaohiro Fujie
 
PPTX
Single sign on - benefits, challenges and case study : iFour consultancy
byDevam Shah
 
PPTX
Wif and sl4 (en)
byNuno Godinho
 
PDF
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-On
byelliando dias
 
PDF
Java EE Application Security With PicketLink
bypigorcraveiro
 
PPT
Presentation sso design_security
byMarco Morana
 
PPTX
Saml vs Oauth : Which one should I use?
byAnil Saldanha
 
PPT
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
byCraig Dickson
 
PDF
SAML and Liferay
byMika Koivisto
 
PPTX
LIExplorer
byVijay Viswas
 
PDF
SSO using CAS + two-factor authentication (PyGrunn 2014 talk)
byArtur Barseghyan
 
PPTX
SSO introduction
byAidy Tificate
 
PPT
Jasig Central Authentication Service in Ten Minutes
byAndrew Petro
 
PDF
Identity Management Overview: CAS and Shibboleth
byAndrew Petro
 
PPTX
Uno, nessuno o 10.000, la gestione dell'identità ai tempi di Microsoft Azure
byGiuliano Latini
 
PPTX
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
byMike Schwartz
 
PPT
SSO Strategy Implementation Considerations
byJohn Bauer
 
PDF
Peeples authentication authorization_services_with_saml_xacml_with_jboss_eap6
byKenneth Peeples
 
PPT
CAS Enhancement
byGuo Albert
 
PPTX
Single Sign On Considerations
byVenkat Gattamaneni
 
Ad(microsoftの方)のOpenId Connect対応
byNaohiro Fujie
 
Single sign on - benefits, challenges and case study : iFour consultancy
byDevam Shah
 
Wif and sl4 (en)
byNuno Godinho
 
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-On
byelliando dias
 
Java EE Application Security With PicketLink
bypigorcraveiro
 
Presentation sso design_security
byMarco Morana
 
Saml vs Oauth : Which one should I use?
byAnil Saldanha
 
Fast and Free SSO: A Survey of Open-Source Solutions to Single Sign-on
byCraig Dickson
 
SAML and Liferay
byMika Koivisto
 
LIExplorer
byVijay Viswas
 
SSO using CAS + two-factor authentication (PyGrunn 2014 talk)
byArtur Barseghyan
 
SSO introduction
byAidy Tificate
 
Jasig Central Authentication Service in Ten Minutes
byAndrew Petro
 
Identity Management Overview: CAS and Shibboleth
byAndrew Petro
 
Uno, nessuno o 10.000, la gestione dell'identità ai tempi di Microsoft Azure
byGiuliano Latini
 
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
byMike Schwartz
 
SSO Strategy Implementation Considerations
byJohn Bauer
 
Peeples authentication authorization_services_with_saml_xacml_with_jboss_eap6
byKenneth Peeples
 
CAS Enhancement
byGuo Albert
 
Single Sign On Considerations
byVenkat Gattamaneni
 

Similar to Mini-Training: SSO with Windows Identity Foundation

PDF
Open sso fisl9.0
byStartup Cursos
 
PPT
Single sign on and its significance .ppt
byDAKSHATAPANCHAL2
 
PDF
Open Source Identity Integration with OpenSSO
byelliando dias
 
PPT
OWASPSanAntonio_2006_08_SingleSignOn.ppt
bywebhostingguy
 
PPTX
Single Sign On 101
byMike Schwartz
 
PPTX
Presentation
byLaxman Kumar
 
PDF
Single sign on using SAML
byProgramming Talents
 
PDF
Why you should use true single-sign-on in Icinga Web 2 - Icinga Camp Stockhol...
byIcinga
 
PPTX
SSO IN/With Drupal and Identitiy Management
byManish Harsh
 
PDF
WSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem
byWSO2
 
PDF
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-On
byCloudIDSummit
 
PDF
Cloud Identity Webinar
byWSO2
 
PDF
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_final
byGrant Reveal
 
PPTX
Help! I Have An Identity Crisis: A look at various mechanisms of Single Sign On
bySaloni Shah
 
PDF
Atlanta Salesforce UG Meeting 2/23/2011 Symplified
byvraopolisetti
 
PDF
A Guide To Single Sign-On for IBM Collaboration Solutions
byGabriella Davis
 
DOCX
School of Computer & Information SciencesITS-532 Cloud C.docx
byjeffsrosalyn
 
PDF
Benefits and Risks of a Single Identity - IBM Connect 2017
byGabriella Davis
 
PDF
Understanding Single Sign-On (SSO): Enhancing User Experience and Security
byRoseJLever
 
PDF
SAML Executive Overview
byPortalGuard
 
Open sso fisl9.0
byStartup Cursos
 
Single sign on and its significance .ppt
byDAKSHATAPANCHAL2
 
Open Source Identity Integration with OpenSSO
byelliando dias
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
bywebhostingguy
 
Single Sign On 101
byMike Schwartz
 
Presentation
byLaxman Kumar
 
Single sign on using SAML
byProgramming Talents
 
Why you should use true single-sign-on in Icinga Web 2 - Icinga Camp Stockhol...
byIcinga
 
SSO IN/With Drupal and Identitiy Management
byManish Harsh
 
WSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem
byWSO2
 
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-On
byCloudIDSummit
 
Cloud Identity Webinar
byWSO2
 
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_final
byGrant Reveal
 
Help! I Have An Identity Crisis: A look at various mechanisms of Single Sign On
bySaloni Shah
 
Atlanta Salesforce UG Meeting 2/23/2011 Symplified
byvraopolisetti
 
A Guide To Single Sign-On for IBM Collaboration Solutions
byGabriella Davis
 
School of Computer & Information SciencesITS-532 Cloud C.docx
byjeffsrosalyn
 
Benefits and Risks of a Single Identity - IBM Connect 2017
byGabriella Davis
 
Understanding Single Sign-On (SSO): Enhancing User Experience and Security
byRoseJLever
 
SAML Executive Overview
byPortalGuard
 

More from Betclic Everest Group Tech Team

PPTX
Mini training - Reactive Extensions (Rx)
byBetclic Everest Group Tech Team
 
PPTX
Mini training - Moving to xUnit.net
byBetclic Everest Group Tech Team
 
PPTX
Mini training - Introduction to Microsoft Azure Storage
byBetclic Everest Group Tech Team
 
PDF
Akka.Net
byBetclic Everest Group Tech Team
 
PPTX
Mini training- Scenario Driven Design
byBetclic Everest Group Tech Team
 
PDF
Email Management in Outlook
byBetclic Everest Group Tech Team
 
PPTX
Training - What is Performance ?
byBetclic Everest Group Tech Team
 
PPTX
Mini-Training: Docker
byBetclic Everest Group Tech Team
 
PDF
Mini Training Flyway
byBetclic Everest Group Tech Team
 
PDF
Mini-Training: NDepend
byBetclic Everest Group Tech Team
 
PDF
Management 3.0 Workout
byBetclic Everest Group Tech Team
 
PDF
Lean for Business
byBetclic Everest Group Tech Team
 
PPTX
Short-Training asp.net vNext
byBetclic Everest Group Tech Team
 
PPTX
Training – Going Async
byBetclic Everest Group Tech Team
 
PDF
Mini-Training: Mobile UX Trends
byBetclic Everest Group Tech Team
 
PPTX
Training: MVVM Pattern
byBetclic Everest Group Tech Team
 
PPTX
Mini-training: Personalization & Recommendation Demystified
byBetclic Everest Group Tech Team
 
PPTX
Mini-training: Let’s Git It!
byBetclic Everest Group Tech Team
 
PDF
AngularJS Best Practices
byBetclic Everest Group Tech Team
 
PDF
Mini-Training: Roslyn
byBetclic Everest Group Tech Team
 
Mini training - Reactive Extensions (Rx)
byBetclic Everest Group Tech Team
 
Mini training - Moving to xUnit.net
byBetclic Everest Group Tech Team
 
Mini training - Introduction to Microsoft Azure Storage
byBetclic Everest Group Tech Team
 
Akka.Net
byBetclic Everest Group Tech Team
 
Mini training- Scenario Driven Design
byBetclic Everest Group Tech Team
 
Email Management in Outlook
byBetclic Everest Group Tech Team
 
Training - What is Performance ?
byBetclic Everest Group Tech Team
 
Mini-Training: Docker
byBetclic Everest Group Tech Team
 
Mini Training Flyway
byBetclic Everest Group Tech Team
 
Mini-Training: NDepend
byBetclic Everest Group Tech Team
 
Management 3.0 Workout
byBetclic Everest Group Tech Team
 
Lean for Business
byBetclic Everest Group Tech Team
 
Short-Training asp.net vNext
byBetclic Everest Group Tech Team
 
Training – Going Async
byBetclic Everest Group Tech Team
 
Mini-Training: Mobile UX Trends
byBetclic Everest Group Tech Team
 
Training: MVVM Pattern
byBetclic Everest Group Tech Team
 
Mini-training: Personalization & Recommendation Demystified
byBetclic Everest Group Tech Team
 
Mini-training: Let’s Git It!
byBetclic Everest Group Tech Team
 
AngularJS Best Practices
byBetclic Everest Group Tech Team
 
Mini-Training: Roslyn
byBetclic Everest Group Tech Team
 

Recently uploaded

PDF
One Agent to Rule Them All - The Fellowship of AI Agents
byIvo Andreev
 
PPTX
Lecture 3 - Scheduling - Operating System
bynurulalomador
 
PDF
Imed Eddine Bouchoucha | computer engineer | software Architect
byImed Bouchoucha
 
PDF
TNG_Architecting Green Software - An Introduction_Nils-Oliver Linden&Alexande...
byQAware GmbH
 
PDF
How NetSuite Cloud ERP Helps Businesses Overcome Legacy System Downtime.
byTechWize
 
PDF
Red Hat Summit 2025 - Triton GPU Kernel programming.pdf
bySanjeev Rampal
 
PDF
Manual vs Automated Accessibility Testing – What to Choose in 2025.pdf
bykalichargn70th171
 
PDF
How Modern Custom Software is Revolutionizing Mortgage Lending Processes -Ma...
byMatellio
 
PPTX
Deep Dive into Durable Functions, presented at Cloudbrew 2025
byJoonas Westlin
 
PDF
Blueprint to build quality before the code exists - StackConnect Milan 2025
byLudovicoBesana1
 
PDF
BCS-FACS Peter Landin Semantics Seminar - Formal Methods: Whence and Whither?
byJonathan Bowen
 
PPT
Oracle Integration Cloud – Complete Step-by-Step Integration Workflow Guide
byjayasuryanexinfo
 
PDF
nsfconvertersoftwaretoconvertNSFtoPST.pdf
byNSF Converter Software
 
PPTX
application security presentation 2 by harman
byharmanideapad
 
PDF
Revolutionising-SQL-Data-Modelling-with-SqlDBM.pdf
bySQL DBM
 
PDF
Constraints First - Why Our On-Prem Ticketing System Starts With Limits, Not ...
bySpirit Face
 
PPTX
Modern P&C Insurance Software for Smarter, Faster Operations.pptx
byInsurance Tech Services
 
PPTX
Why Your Business Needs Snowflake Consulting_ From Data Silos to AI-Ready Cloud
byChetu
 
PDF
Database Management Systems(DBMS):UNIT-I Introduction to Database(DBMS) BCA S...
byKuvempu University
 
PDF
Cloud-Based Underwriting Software for Insurance
byInsurance Tech Services
 
One Agent to Rule Them All - The Fellowship of AI Agents
byIvo Andreev
 
Lecture 3 - Scheduling - Operating System
bynurulalomador
 
Imed Eddine Bouchoucha | computer engineer | software Architect
byImed Bouchoucha
 
TNG_Architecting Green Software - An Introduction_Nils-Oliver Linden&Alexande...
byQAware GmbH
 
How NetSuite Cloud ERP Helps Businesses Overcome Legacy System Downtime.
byTechWize
 
Red Hat Summit 2025 - Triton GPU Kernel programming.pdf
bySanjeev Rampal
 
Manual vs Automated Accessibility Testing – What to Choose in 2025.pdf
bykalichargn70th171
 
How Modern Custom Software is Revolutionizing Mortgage Lending Processes -Ma...
byMatellio
 
Deep Dive into Durable Functions, presented at Cloudbrew 2025
byJoonas Westlin
 
Blueprint to build quality before the code exists - StackConnect Milan 2025
byLudovicoBesana1
 
BCS-FACS Peter Landin Semantics Seminar - Formal Methods: Whence and Whither?
byJonathan Bowen
 
Oracle Integration Cloud – Complete Step-by-Step Integration Workflow Guide
byjayasuryanexinfo
 
nsfconvertersoftwaretoconvertNSFtoPST.pdf
byNSF Converter Software
 
application security presentation 2 by harman
byharmanideapad
 
Revolutionising-SQL-Data-Modelling-with-SqlDBM.pdf
bySQL DBM
 
Constraints First - Why Our On-Prem Ticketing System Starts With Limits, Not ...
bySpirit Face
 
Modern P&C Insurance Software for Smarter, Faster Operations.pptx
byInsurance Tech Services
 
Why Your Business Needs Snowflake Consulting_ From Data Silos to AI-Ready Cloud
byChetu
 
Database Management Systems(DBMS):UNIT-I Introduction to Database(DBMS) BCA S...
byKuvempu University
 
Cloud-Based Underwriting Software for Insurance
byInsurance Tech Services
 

Mini-Training: SSO with Windows Identity Foundation

  • 1.
  • 2.
    What is SSO? - SSO : Single Sign-On - Log in once and access to all systems without to log in again at each of them
  • 3.
    Benefits - Reducing passwordfatigue from different user name and password combinations - Reducing time spent re-entering passwords for the same identity - Reducing IT costs due to lower number of IT help desk calls about passwords
  • 4.
    - the negativeimpact in case the credentials are available to other persons and misused ("keys to the castle") Criticisms
  • 5.
    Principle & vocabulary -Security Token - Claims & Claims-based applications - STS : Security Token Service - RP : Relying Party - IdP : Identity Provider
  • 9.
    * alcohol candamage your health
  • 10.
    Standards - OpenID - Facebook,Microsoft, Google, PayPal, Ping Identity, Symantec, and Yahoo - SAML & WS-Federation - Microsoft - ADFS V2 - Azure AppFabric Access Control - Windows Identity Foundation - Oauth - Liberty Alliance - Windows CardSpace (U-Prove) - MicroID - Windows CardSpace - Higgins
  • 11.
    OpenID SAML Dates from2005 2001 Current version OpenID 2.0 SAML 2.0 Main purpose Single sign-on for consumers Single sign-on for enterprise users Protocols used XRDS, HTTP SAML, XML, HTTP, SOAP .Net libraries DotNetOpenAuth System.IdentityModel Windows Identity Foundation OpenID vs SAML
  • 12.
  • 13.
  • 14.
    Windows Identity Foundation -WSFederationAuthenticationModule - Handle redirection to STS - Process the sign-in response - Create the ClaimsPrincipal - SessionAuthenticationModule - Manage the authenticated session - Write cookies
  • 15.
  • 16.
  • 17.
    Test localy withThinktecture.IdentityModel.EmbeddedSts - Use WS-Federation STS for ASP.NET with minimal configuration (replace deprecated "Identity and Access Control" Visual Studio extension) http://www.nuget.org/packages/Thinktecture.IdentityModel.EmbeddedSts/
  • 18.
    Create a claims-basedapplication on Visual Studio 2013 https://adfs-bead.betclicstage.net/federationmetadata/2007-06/federationmetadata.xml
  • 19.
    Identity Developer TrainingKit http://www.microsoft.com/en-us/download/confirmation.aspx?id=14347 Passive Authentication for ASP.NET with WIF https://msdn.microsoft.com/en-us/magazine/ff872350.aspx Federated Identities: OpenID vs SAML vs OAuth http://www.softwaresecured.com/2013/07/16/federated-identities-openid-vs-saml-vs-oauth/
  • 20.
    Find out more •On https://techblog.betclicgroup.com/
  • 21.
    About Us • BetclicEverest Group, one of the world leaders in online gaming, has a unique portfolio comprising various complementary international brands: Betclic, Everest Poker/Casino, Bet-at-home, Expekt, Imperial Casino, Monte- Carlo Casino… • Through our brands, Betclic Everest Group places expertise, technological know-how and security at the heart of our strategy to deliver an on-line gaming offer attuned to the passion of our players. We want our brands to be easy to use for every gamer around the world. We’re building our company to make that happen. • Active in 100 countries with more than 12 million customers worldwide, the Group is committed to promoting secure and responsible gaming and is a member of several international professional associations including the EGBA (European Gaming and Betting Association) and the ESSA (European Sports Security Association).
  • 22.
    We want ourSports betting, Poker, Horse racing and Casino & Games brands to be easy to use for every gamer around the world. Code with us to make that happen. Look at all the challenges we offer HERE Check our Employer Page Follow us on LinkedIn WE’RE HIRING !