SlideShare a Scribd company logo

Session 3c The SF SaaS Framework

Download as PPTX, PDF
Code Mastery
Code Mastery

This document discusses using federated identity management with Azure AppFabric Access Control Service (ACS) and Windows Identity Foundation (WIF) for single sign-on in software as a service applications. The solution allows leveraging popular identity providers like Google and Yahoo for authentication while avoiding the need to manage user accounts. ACS acts as an aggregator between identity providers and relying parties. WIF is used to integrate applications with ACS and manage claims. The approach favors proven security standards over custom code and avoids storing sensitive user data.

TechnologyBusiness
1 of 26
SaaS Security Using Federated Identity Management Azure AppFabric Access Control Service (ACS) Windows Identity Foundation (WIF)
What Were The Requirements? • Favor proven security frameworks and industry standards over custom security code • Single sign on (SSO) between tenants • Preferably not own or manage sensitive data • Avoid account management in the app such as lost password, etc.
Our Solution: Federated Identity Management • Leverage popular web identity providers such as Google, Yahoo. • Leverage Azure ACS as an aggregator of these providers • Leverage WIF for integration with ACS and claims management
Concept Diagram Federation Provider Identity Providers OpenID ACS SAML Relying Party (RP) IIS Google * WIF Claim Yahoo STS
Demo Setup Azure AppFabric Access Control Service (ACS)
Demo – Preview Portal
Demo – Portal
Demo – Create Namespace
Demo – Manage Access Control
Demo – Identity Provider
Demo – Relying Party Application Settings
Demo – RP – Authentication Settings
Demo – Edit Rule Group
Demo – Generate Rules To Create Claims
Demo – WS-Federation Metadata
Demo Setup Windows Identity Foundation (WIF)
Demo – Add STS Reference
Demo – Application URI
Demo – STS Location
Demo – Add Project Reference
ASP.NET Request Validation Error Message: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (wresult="<t:RequestSecurityTo..."). Workaround For Testing: Solution For Production:
Authentication Flow Diagram 1 3 Browser 6 4 2 5 MVC Website Access Control Identity Providers(IP) Service (ACS) Google Yahoo WIF STS 1. Request login returns 302 redirect to ACS 4. Post credentials, returns token with 302 2. Request IP selection form from ACS redirect to ACS 3. Request login form from IP 5. Validate and transform token to SAML claims. 6. Post SAML to MVC website callback. WIF processes and sets cookie.
Demo Claims Authentication And Authorization
Demo - Claims
Disadvantages • Your user identities are tied to your ACS namespace - challenging if you ever wanted to migrate away from your ACS namespace • Additional cost – you pay for each token issued • Reliance on external service for authentication • WIF is not well integrated into the .NET framework (but that improves in 4.5) – WIF is also not very DI friendly
Summary • Low barrier to entry for using existing social identities in your app • ACS and WIF encapsulate the complexity • Users don’t need to remember another username and password • Developers get to save time implementing and maintaining account management features

Recommended

SAML and Liferay
SAML and LiferaySAML and Liferay
SAML and Liferay
Mika Koivisto
 
Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?
Anil Saldanha
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation Considerations
John Bauer
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuth
Dan Brinkmann
 
Saml in cloud
Saml in cloudSaml in cloud
Saml in cloud
Nagraj Rao
 
Presentation sso design_security
Presentation sso design_securityPresentation sso design_security
Presentation sso design_security
Marco Morana
 
IBM Single Sign-On
IBM Single Sign-OnIBM Single Sign-On
IBM Single Sign-On
Van Staub, MBA
 
The bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2CThe bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2C
Anton Staykov
 

Recommended

SAML and Liferay
SAML and LiferaySAML and Liferay
SAML and Liferay
Mika Koivisto
 
Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?
Anil Saldanha
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation Considerations
John Bauer
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuth
Dan Brinkmann
 
Saml in cloud
Saml in cloudSaml in cloud
Saml in cloud
Nagraj Rao
 
Presentation sso design_security
Presentation sso design_securityPresentation sso design_security
Presentation sso design_security
Marco Morana
 
IBM Single Sign-On
IBM Single Sign-OnIBM Single Sign-On
IBM Single Sign-On
Van Staub, MBA
 
The bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2CThe bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2C
Anton Staykov
 
“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything
Dave Hay
 
SharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthSharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims Auth
Kashif Imran
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partners
Corey Roth
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010
Spencer Harbar
 
Introducing SAML 2.0 Protocol: Security and Performance
Introducing SAML 2.0 Protocol: Security and PerformanceIntroducing SAML 2.0 Protocol: Security and Performance
Introducing SAML 2.0 Protocol: Security and Performance
Amin Saqi
 
LIExplorer
LIExplorerLIExplorer
LIExplorer
Vijay Viswas
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancy
Devam Shah
 
Active Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBMActive Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBM
Van Staub, MBA
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.Net
Shivanand Arur
 
Ad fs
Ad fsAd fs
Ad fs
Iván Sanchez Vera
 
SAML Smackdown
SAML SmackdownSAML Smackdown
SAML Smackdown
Pat Patterson
 
Web Single sign on system
Web Single sign on systemWeb Single sign on system
Web Single sign on system
Swati Sinha
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?
Đỗ Duy Trung
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.ppt
webhostingguy
 
Single sign on using SAML
Single sign on using SAML Single sign on using SAML
Single sign on using SAML
Programming Talents
 
Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018
Jeremy Gray
 
SharePoint 2007 Security
SharePoint 2007 SecuritySharePoint 2007 Security
SharePoint 2007 Security
SharePoint & .NET Blog
 
Asp.net membership anduserroles_ppt
Asp.net membership anduserroles_pptAsp.net membership anduserroles_ppt
Asp.net membership anduserroles_ppt
Shivanand Arur
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol Overview
Mike Schwartz
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners Guide
Phuong Nguyen
 
2007 03 12 Swecr 2
2007 03 12 Swecr 22007 03 12 Swecr 2
2007 03 12 Swecr 2
kiyoshi_tezuka
 
Building multi tenant highly secured applications on .net for any cloud - dem...
Building multi tenant highly secured applications on .net for any cloud - dem...Building multi tenant highly secured applications on .net for any cloud - dem...
Building multi tenant highly secured applications on .net for any cloud - dem...
kanimozhin
 

More Related Content

What's hot

“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything
Dave Hay
 
SharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthSharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims Auth
Kashif Imran
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partners
Corey Roth
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010
Spencer Harbar
 
Introducing SAML 2.0 Protocol: Security and Performance
Introducing SAML 2.0 Protocol: Security and PerformanceIntroducing SAML 2.0 Protocol: Security and Performance
Introducing SAML 2.0 Protocol: Security and Performance
Amin Saqi
 
LIExplorer
LIExplorerLIExplorer
LIExplorer
Vijay Viswas
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancy
Devam Shah
 
Active Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBMActive Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBM
Van Staub, MBA
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.Net
Shivanand Arur
 
Ad fs
Ad fsAd fs
Ad fs
Iván Sanchez Vera
 
SAML Smackdown
SAML SmackdownSAML Smackdown
SAML Smackdown
Pat Patterson
 
Web Single sign on system
Web Single sign on systemWeb Single sign on system
Web Single sign on system
Swati Sinha
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?
Đỗ Duy Trung
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.ppt
webhostingguy
 
Single sign on using SAML
Single sign on using SAML Single sign on using SAML
Single sign on using SAML
Programming Talents
 
Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018
Jeremy Gray
 
SharePoint 2007 Security
SharePoint 2007 SecuritySharePoint 2007 Security
SharePoint 2007 Security
SharePoint & .NET Blog
 
Asp.net membership anduserroles_ppt
Asp.net membership anduserroles_pptAsp.net membership anduserroles_ppt
Asp.net membership anduserroles_ppt
Shivanand Arur
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol Overview
Mike Schwartz
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners Guide
Phuong Nguyen
 

What's hot (20)

“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything
 
SharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthSharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims Auth
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partners
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010
 
Introducing SAML 2.0 Protocol: Security and Performance
Introducing SAML 2.0 Protocol: Security and PerformanceIntroducing SAML 2.0 Protocol: Security and Performance
Introducing SAML 2.0 Protocol: Security and Performance
 
LIExplorer
LIExplorerLIExplorer
LIExplorer
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancy
 
Active Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBMActive Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBM
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.Net
 
Ad fs
Ad fsAd fs
Ad fs
 
SAML Smackdown
SAML SmackdownSAML Smackdown
SAML Smackdown
 
Web Single sign on system
Web Single sign on systemWeb Single sign on system
Web Single sign on system
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.ppt
 
Single sign on using SAML
Single sign on using SAML Single sign on using SAML
Single sign on using SAML
 
Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018
 
SharePoint 2007 Security
SharePoint 2007 SecuritySharePoint 2007 Security
SharePoint 2007 Security
 
Asp.net membership anduserroles_ppt
Asp.net membership anduserroles_pptAsp.net membership anduserroles_ppt
Asp.net membership anduserroles_ppt
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol Overview
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners Guide
 

Viewers also liked

2007 03 12 Swecr 2
2007 03 12 Swecr 22007 03 12 Swecr 2
2007 03 12 Swecr 2
kiyoshi_tezuka
 
Building multi tenant highly secured applications on .net for any cloud - dem...
Building multi tenant highly secured applications on .net for any cloud - dem...Building multi tenant highly secured applications on .net for any cloud - dem...
Building multi tenant highly secured applications on .net for any cloud - dem...
kanimozhin
 
Webinar series part 2 recipe for a successful saa s company - migrating sing...
Webinar series part 2 recipe for a successful saa s company - migrating sing...Webinar series part 2 recipe for a successful saa s company - migrating sing...
Webinar series part 2 recipe for a successful saa s company - migrating sing...
kanimozhin
 
SaaS Operations Practice Overview SoftServe DevOps
SaaS Operations Practice Overview SoftServe DevOpsSaaS Operations Practice Overview SoftServe DevOps
SaaS Operations Practice Overview SoftServe DevOps
SoftServe
 
AWS 기반 소프트웨어 서비스(SaaS) -김용우 솔루션즈 아키텍트 :: AWS 파트너 테크시프트 세미나
AWS 기반 소프트웨어 서비스(SaaS) -김용우 솔루션즈 아키텍트 :: AWS 파트너 테크시프트 세미나 AWS 기반 소프트웨어 서비스(SaaS) -김용우 솔루션즈 아키텍트 :: AWS 파트너 테크시프트 세미나
AWS 기반 소프트웨어 서비스(SaaS) -김용우 솔루션즈 아키텍트 :: AWS 파트너 테크시프트 세미나
Amazon Web Services Korea
 
SaaS Architecture Past and Present
SaaS Architecture Past and PresentSaaS Architecture Past and Present
SaaS Architecture Past and Present
Techcello
 
SaaS 동향
SaaS 동향SaaS 동향
SaaS 동향
Seong-Bok Lee
 
Open Architecture for Developing Multitenant Software-as-a-Service Applications
Open Architecture for Developing Multitenant Software-as-a-Service ApplicationsOpen Architecture for Developing Multitenant Software-as-a-Service Applications
Open Architecture for Developing Multitenant Software-as-a-Service Applications
Javier Mijail Espadas Pech
 
Building SaaS products with Windows Azure
Building SaaS products with Windows Azure Building SaaS products with Windows Azure
Building SaaS products with Windows Azure
8KMiles Software Services
 
Architecting SaaS: Doing It Right the First Time
Architecting SaaS: Doing It Right the First TimeArchitecting SaaS: Doing It Right the First Time
Architecting SaaS: Doing It Right the First Time
Serhiy (Serge) Haziyev
 
SaaS Introduction-May2014
SaaS Introduction-May2014SaaS Introduction-May2014
SaaS Introduction-May2014
Nguyen Tung
 
Iaas.paas.saas
Iaas.paas.saasIaas.paas.saas
Iaas.paas.saas
Alex Tregubov
 
Software As A Service Presentation
Software As A Service PresentationSoftware As A Service Presentation
Software As A Service Presentation
al95iii
 
The SaaS business model
The SaaS business modelThe SaaS business model
The SaaS business model
David Skok
 

Viewers also liked (14)

2007 03 12 Swecr 2
2007 03 12 Swecr 22007 03 12 Swecr 2
2007 03 12 Swecr 2
 
Building multi tenant highly secured applications on .net for any cloud - dem...
Building multi tenant highly secured applications on .net for any cloud - dem...Building multi tenant highly secured applications on .net for any cloud - dem...
Building multi tenant highly secured applications on .net for any cloud - dem...
 
Webinar series part 2 recipe for a successful saa s company - migrating sing...
Webinar series part 2 recipe for a successful saa s company - migrating sing...Webinar series part 2 recipe for a successful saa s company - migrating sing...
Webinar series part 2 recipe for a successful saa s company - migrating sing...
 
SaaS Operations Practice Overview SoftServe DevOps
SaaS Operations Practice Overview SoftServe DevOpsSaaS Operations Practice Overview SoftServe DevOps
SaaS Operations Practice Overview SoftServe DevOps
 
AWS 기반 소프트웨어 서비스(SaaS) -김용우 솔루션즈 아키텍트 :: AWS 파트너 테크시프트 세미나
AWS 기반 소프트웨어 서비스(SaaS) -김용우 솔루션즈 아키텍트 :: AWS 파트너 테크시프트 세미나 AWS 기반 소프트웨어 서비스(SaaS) -김용우 솔루션즈 아키텍트 :: AWS 파트너 테크시프트 세미나
AWS 기반 소프트웨어 서비스(SaaS) -김용우 솔루션즈 아키텍트 :: AWS 파트너 테크시프트 세미나
 
SaaS Architecture Past and Present
SaaS Architecture Past and PresentSaaS Architecture Past and Present
SaaS Architecture Past and Present
 
SaaS 동향
SaaS 동향SaaS 동향
SaaS 동향
 
Open Architecture for Developing Multitenant Software-as-a-Service Applications
Open Architecture for Developing Multitenant Software-as-a-Service ApplicationsOpen Architecture for Developing Multitenant Software-as-a-Service Applications
Open Architecture for Developing Multitenant Software-as-a-Service Applications
 
Building SaaS products with Windows Azure
Building SaaS products with Windows Azure Building SaaS products with Windows Azure
Building SaaS products with Windows Azure
 
Architecting SaaS: Doing It Right the First Time
Architecting SaaS: Doing It Right the First TimeArchitecting SaaS: Doing It Right the First Time
Architecting SaaS: Doing It Right the First Time
 
SaaS Introduction-May2014
SaaS Introduction-May2014SaaS Introduction-May2014
SaaS Introduction-May2014
 
Iaas.paas.saas
Iaas.paas.saasIaas.paas.saas
Iaas.paas.saas
 
Software As A Service Presentation
Software As A Service PresentationSoftware As A Service Presentation
Software As A Service Presentation
 
The SaaS business model
The SaaS business modelThe SaaS business model
The SaaS business model
 

Similar to Session 3c The SF SaaS Framework

Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Michael Collier
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App Fabric
Spiffy
 
Net Services
Net ServicesNet Services
Net Services
rsnarayanan
 
Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011
Joris Poelmans
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API Security
Jagadish Vemugunta
 
Expandindo seu Data Center com uma infraestrutura hibrida
Expandindo seu Data Center com uma infraestrutura hibridaExpandindo seu Data Center com uma infraestrutura hibrida
Expandindo seu Data Center com uma infraestrutura hibrida
Alexandre Santos
 
Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforce
deimos
 
O Dell Secure360 Presentation5 12 10b
O Dell Secure360 Presentation5 12 10bO Dell Secure360 Presentation5 12 10b
O Dell Secure360 Presentation5 12 10b
Bruce O'Dell
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
Danny Jessee
 
Claims based identity second edition device
Claims based identity second edition deviceClaims based identity second edition device
Claims based identity second edition device
Steve Xu
 
Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010
Danny Jessee
 
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
Faiza Mehar
 
SharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
SharePoint Saturday The Conference 2011 - Extranets & Claims AuthenticationSharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
SharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
Brian Culver
 
V cloud request manager overview presentation
V cloud request manager overview presentationV cloud request manager overview presentation
V cloud request manager overview presentation
solarisyourep
 
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
Krishna-Kumar
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design Patterns
Amazon Web Services
 
Build and Deploy LightSwitch Application on Windows Azure
Build and Deploy LightSwitch Application on Windows AzureBuild and Deploy LightSwitch Application on Windows Azure
Build and Deploy LightSwitch Application on Windows Azure
K.Mohamed Faizal
 
Serverless identity management, authentication, and authorization - SDD405-R ...
Serverless identity management, authentication, and authorization - SDD405-R ...Serverless identity management, authentication, and authorization - SDD405-R ...
Serverless identity management, authentication, and authorization - SDD405-R ...
Amazon Web Services
 
NIC - Windows Azure Pack - Level 300
NIC - Windows Azure Pack - Level 300NIC - Windows Azure Pack - Level 300
NIC - Windows Azure Pack - Level 300
Kristian Nese
 
Configuring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicConfiguring kerberos based sso in weblogic
Configuring kerberos based sso in weblogic
Harihara sarma
 

Similar to Session 3c The SF SaaS Framework (20)

Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App Fabric
 
Net Services
Net ServicesNet Services
Net Services
 
Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011Claim Based Authentication in SharePoint 2010 for Community Day 2011
Claim Based Authentication in SharePoint 2010 for Community Day 2011
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API Security
 
Expandindo seu Data Center com uma infraestrutura hibrida
Expandindo seu Data Center com uma infraestrutura hibridaExpandindo seu Data Center com uma infraestrutura hibrida
Expandindo seu Data Center com uma infraestrutura hibrida
 
Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforce
 
O Dell Secure360 Presentation5 12 10b
O Dell Secure360 Presentation5 12 10bO Dell Secure360 Presentation5 12 10b
O Dell Secure360 Presentation5 12 10b
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
Claims based identity second edition device
Claims based identity second edition deviceClaims based identity second edition device
Claims based identity second edition device
 
Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010Claims-Based Identity in SharePoint 2010
Claims-Based Identity in SharePoint 2010
 
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
 
SharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
SharePoint Saturday The Conference 2011 - Extranets & Claims AuthenticationSharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
SharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
 
V cloud request manager overview presentation
V cloud request manager overview presentationV cloud request manager overview presentation
V cloud request manager overview presentation
 
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design Patterns
 
Build and Deploy LightSwitch Application on Windows Azure
Build and Deploy LightSwitch Application on Windows AzureBuild and Deploy LightSwitch Application on Windows Azure
Build and Deploy LightSwitch Application on Windows Azure
 
Serverless identity management, authentication, and authorization - SDD405-R ...
Serverless identity management, authentication, and authorization - SDD405-R ...Serverless identity management, authentication, and authorization - SDD405-R ...
Serverless identity management, authentication, and authorization - SDD405-R ...
 
NIC - Windows Azure Pack - Level 300
NIC - Windows Azure Pack - Level 300NIC - Windows Azure Pack - Level 300
NIC - Windows Azure Pack - Level 300
 
Configuring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicConfiguring kerberos based sso in weblogic
Configuring kerberos based sso in weblogic
 

More from Code Mastery

Using SSRS Reports with SSAS Cubes
Using SSRS Reports with SSAS CubesUsing SSRS Reports with SSAS Cubes
Using SSRS Reports with SSAS Cubes
Code Mastery
 
Query Tuning for Database Pros & Developers
Query Tuning for Database Pros & DevelopersQuery Tuning for Database Pros & Developers
Query Tuning for Database Pros & Developers
Code Mastery
 
Exploring, Visualizing and Presenting Data with Power View
Exploring, Visualizing and Presenting Data with Power ViewExploring, Visualizing and Presenting Data with Power View
Exploring, Visualizing and Presenting Data with Power View
Code Mastery
 
Building a SSAS Tabular Model Database
Building a SSAS Tabular Model DatabaseBuilding a SSAS Tabular Model Database
Building a SSAS Tabular Model Database
Code Mastery
 
Designer and Developer Collaboration with Visual Studio 2012 and Expression B...
Designer and Developer Collaboration with Visual Studio 2012 and Expression B...Designer and Developer Collaboration with Visual Studio 2012 and Expression B...
Designer and Developer Collaboration with Visual Studio 2012 and Expression B...
Code Mastery
 
Build automation best practices
Build automation best practicesBuild automation best practices
Build automation best practices
Code Mastery
 
Keynote Rockford Lhotka on the Microsoft Development Platftorm
Keynote Rockford Lhotka on the Microsoft Development PlatftormKeynote Rockford Lhotka on the Microsoft Development Platftorm
Keynote Rockford Lhotka on the Microsoft Development Platftorm
Code Mastery
 
Session 5 Systems Integration Architectures: BizTalk VS Windows Workflow Foun...
Session 5 Systems Integration Architectures: BizTalk VS Windows Workflow Foun...Session 5 Systems Integration Architectures: BizTalk VS Windows Workflow Foun...
Session 5 Systems Integration Architectures: BizTalk VS Windows Workflow Foun...
Code Mastery
 
Session 4 Future of BizTalk and the Cloud
Session 4 Future of BizTalk and the CloudSession 4 Future of BizTalk and the Cloud
Session 4 Future of BizTalk and the Cloud
Code Mastery
 
Session 3b The SF SaaS Framework
Session 3b The SF SaaS FrameworkSession 3b The SF SaaS Framework
Session 3b The SF SaaS Framework
Code Mastery
 
Session 3a The SF SaaS Framework
Session 3a The SF SaaS FrameworkSession 3a The SF SaaS Framework
Session 3a The SF SaaS Framework
Code Mastery
 
Session 2 Integrating SharePoint 2010 and Windows Azure
Session 2 Integrating SharePoint 2010 and Windows AzureSession 2 Integrating SharePoint 2010 and Windows Azure
Session 2 Integrating SharePoint 2010 and Windows Azure
Code Mastery
 
Session 1 IaaS, PaaS, SaaS Overview
Session 1 IaaS, PaaS, SaaS OverviewSession 1 IaaS, PaaS, SaaS Overview
Session 1 IaaS, PaaS, SaaS Overview
Code Mastery
 
Loading a data warehouse using ssis 2012
Loading a data warehouse using ssis 2012Loading a data warehouse using ssis 2012
Loading a data warehouse using ssis 2012
Code Mastery
 
Exploring, visualizing and presenting data with power view
Exploring, visualizing and presenting data with power viewExploring, visualizing and presenting data with power view
Exploring, visualizing and presenting data with power view
Code Mastery
 
Data Warehouse Design & Dimensional Modeling
Data Warehouse Design & Dimensional ModelingData Warehouse Design & Dimensional Modeling
Data Warehouse Design & Dimensional Modeling
Code Mastery
 
Creating a Tabular Model Using SQL Server 2012 Analysis Services
Creating a Tabular Model Using SQL Server 2012 Analysis ServicesCreating a Tabular Model Using SQL Server 2012 Analysis Services
Creating a Tabular Model Using SQL Server 2012 Analysis Services
Code Mastery
 
Preparing for Windows 8 and Metro
Preparing for Windows 8 and MetroPreparing for Windows 8 and Metro
Preparing for Windows 8 and Metro
Code Mastery
 
Extending Your Reach using the Cloud and Mobile Devices
Extending Your Reach using the Cloud and Mobile DevicesExtending Your Reach using the Cloud and Mobile Devices
Extending Your Reach using the Cloud and Mobile Devices
Code Mastery
 
Creating Tomorrow’s Web Applications Using Today’s Technologies
Creating Tomorrow’s Web Applications Using Today’s Technologies Creating Tomorrow’s Web Applications Using Today’s Technologies
Creating Tomorrow’s Web Applications Using Today’s Technologies
Code Mastery
 

More from Code Mastery (20)

Using SSRS Reports with SSAS Cubes
Using SSRS Reports with SSAS CubesUsing SSRS Reports with SSAS Cubes
Using SSRS Reports with SSAS Cubes
 
Query Tuning for Database Pros & Developers
Query Tuning for Database Pros & DevelopersQuery Tuning for Database Pros & Developers
Query Tuning for Database Pros & Developers
 
Exploring, Visualizing and Presenting Data with Power View
Exploring, Visualizing and Presenting Data with Power ViewExploring, Visualizing and Presenting Data with Power View
Exploring, Visualizing and Presenting Data with Power View
 
Building a SSAS Tabular Model Database
Building a SSAS Tabular Model DatabaseBuilding a SSAS Tabular Model Database
Building a SSAS Tabular Model Database
 
Designer and Developer Collaboration with Visual Studio 2012 and Expression B...
Designer and Developer Collaboration with Visual Studio 2012 and Expression B...Designer and Developer Collaboration with Visual Studio 2012 and Expression B...
Designer and Developer Collaboration with Visual Studio 2012 and Expression B...
 
Build automation best practices
Build automation best practicesBuild automation best practices
Build automation best practices
 
Keynote Rockford Lhotka on the Microsoft Development Platftorm
Keynote Rockford Lhotka on the Microsoft Development PlatftormKeynote Rockford Lhotka on the Microsoft Development Platftorm
Keynote Rockford Lhotka on the Microsoft Development Platftorm
 
Session 5 Systems Integration Architectures: BizTalk VS Windows Workflow Foun...
Session 5 Systems Integration Architectures: BizTalk VS Windows Workflow Foun...Session 5 Systems Integration Architectures: BizTalk VS Windows Workflow Foun...
Session 5 Systems Integration Architectures: BizTalk VS Windows Workflow Foun...
 
Session 4 Future of BizTalk and the Cloud
Session 4 Future of BizTalk and the CloudSession 4 Future of BizTalk and the Cloud
Session 4 Future of BizTalk and the Cloud
 
Session 3b The SF SaaS Framework
Session 3b The SF SaaS FrameworkSession 3b The SF SaaS Framework
Session 3b The SF SaaS Framework
 
Session 3a The SF SaaS Framework
Session 3a The SF SaaS FrameworkSession 3a The SF SaaS Framework
Session 3a The SF SaaS Framework
 
Session 2 Integrating SharePoint 2010 and Windows Azure
Session 2 Integrating SharePoint 2010 and Windows AzureSession 2 Integrating SharePoint 2010 and Windows Azure
Session 2 Integrating SharePoint 2010 and Windows Azure
 
Session 1 IaaS, PaaS, SaaS Overview
Session 1 IaaS, PaaS, SaaS OverviewSession 1 IaaS, PaaS, SaaS Overview
Session 1 IaaS, PaaS, SaaS Overview
 
Loading a data warehouse using ssis 2012
Loading a data warehouse using ssis 2012Loading a data warehouse using ssis 2012
Loading a data warehouse using ssis 2012
 
Exploring, visualizing and presenting data with power view
Exploring, visualizing and presenting data with power viewExploring, visualizing and presenting data with power view
Exploring, visualizing and presenting data with power view
 
Data Warehouse Design & Dimensional Modeling
Data Warehouse Design & Dimensional ModelingData Warehouse Design & Dimensional Modeling
Data Warehouse Design & Dimensional Modeling
 
Creating a Tabular Model Using SQL Server 2012 Analysis Services
Creating a Tabular Model Using SQL Server 2012 Analysis ServicesCreating a Tabular Model Using SQL Server 2012 Analysis Services
Creating a Tabular Model Using SQL Server 2012 Analysis Services
 
Preparing for Windows 8 and Metro
Preparing for Windows 8 and MetroPreparing for Windows 8 and Metro
Preparing for Windows 8 and Metro
 
Extending Your Reach using the Cloud and Mobile Devices
Extending Your Reach using the Cloud and Mobile DevicesExtending Your Reach using the Cloud and Mobile Devices
Extending Your Reach using the Cloud and Mobile Devices
 
Creating Tomorrow’s Web Applications Using Today’s Technologies
Creating Tomorrow’s Web Applications Using Today’s Technologies Creating Tomorrow’s Web Applications Using Today’s Technologies
Creating Tomorrow’s Web Applications Using Today’s Technologies
 

Recently uploaded

Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
jpupo2018
 
OpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - AuthorizationOpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - Authorization
David Brossard
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Jeffrey Haguewood
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 

Recently uploaded (20)

Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
 
OpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - AuthorizationOpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - Authorization
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 

Session 3c The SF SaaS Framework

  • 1. SaaS Security Using Federated Identity Management Azure AppFabric Access Control Service (ACS) Windows Identity Foundation (WIF)
  • 2. What Were The Requirements? • Favor proven security frameworks and industry standards over custom security code • Single sign on (SSO) between tenants • Preferably not own or manage sensitive data • Avoid account management in the app such as lost password, etc.
  • 3. Our Solution: Federated Identity Management • Leverage popular web identity providers such as Google, Yahoo. • Leverage Azure ACS as an aggregator of these providers • Leverage WIF for integration with ACS and claims management
  • 4. Concept Diagram Federation Provider Identity Providers OpenID ACS SAML Relying Party (RP) IIS Google * WIF Claim Yahoo STS
  • 5. Demo Setup Azure AppFabric Access Control Service (ACS)
  • 8. Demo – Create Namespace
  • 9. Demo – Manage Access Control
  • 10. Demo – Identity Provider
  • 11. Demo – Relying Party Application Settings
  • 12. Demo – RP – Authentication Settings
  • 13. Demo – Edit Rule Group
  • 14. Demo – Generate Rules To Create Claims
  • 16. Demo Setup Windows Identity Foundation (WIF)
  • 17. Demo – Add STS Reference
  • 19. Demo – STS Location
  • 20. Demo – Add Project Reference
  • 21. ASP.NET Request Validation Error Message: System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (wresult="<t:RequestSecurityTo..."). Workaround For Testing: Solution For Production:
  • 22. Authentication Flow Diagram 1 3 Browser 6 4 2 5 MVC Website Access Control Identity Providers(IP) Service (ACS) Google Yahoo WIF STS 1. Request login returns 302 redirect to ACS 4. Post credentials, returns token with 302 2. Request IP selection form from ACS redirect to ACS 3. Request login form from IP 5. Validate and transform token to SAML claims. 6. Post SAML to MVC website callback. WIF processes and sets cookie.
  • 25. Disadvantages • Your user identities are tied to your ACS namespace - challenging if you ever wanted to migrate away from your ACS namespace • Additional cost – you pay for each token issued • Reliance on external service for authentication • WIF is not well integrated into the .NET framework (but that improves in 4.5) – WIF is also not very DI friendly
  • 26. Summary • Low barrier to entry for using existing social identities in your app • ACS and WIF encapsulate the complexity • Users don’t need to remember another username and password • Developers get to save time implementing and maintaining account management features

Editor's Notes

  1. If project is source controlled – manually check out web.config (WIF not smart enough to do so)