Saturday, May 05, 2012

 

So, what's all this about Windows Identity?

WIF is an SDK (and accompanying runtime) that allows a .Net developer to take advantage of WS-Federation and WS-Trust to authenticate a user and make authorization decisions based on claims about that person.

It's a drop-in replacement for simple Windows Auth or Forms Auth in the ASP.Net world, and has a handy method for flowing an identity securely from ASP.Net to WCF without having to write a ton of impersonation code.  From the perspective of a developer, authentication just magically works.  If you're using WIF, you can be guaranteed that if a user is accessing your application, they've been authenticated.  Then, all that's left for you to do is inspect the claims to make authorization decisions.
 

Window Identity Foundation (WIF)

I've been playing a lot with the new .Net 4.0 features over the past year, and I'm very impressed with Microsoft's commitment to open standards.  Most recently, I was tasked with applying Windows Identity Foundation (WIF) to a product that was in development.  I did what any dutiful software engineer would do: I bought a book.  Then, I set the book aside and said to myself, "Self, you don't need no stinkin' book!  You can figure this stuff out!"  Needless to say, a few hours later, I started reading the book.

The book, Programming Windows Identity Foundation, is pretty decent.  It's by no means perfect.  I found several mistakes, beginning with the first code example which wouldn't even compile.  The online errata had only one "verified" entry and dozens of "unverified" entries going back over a year.  Despite this, I still recommend the book for the uninitiated.

This page is powered by Blogger. Isn't yours?