What do you think?
Rate this book
A Guide to Claims-Based Identity and Access Control
As an application designer or developer, imagine a world where you don’t have to worry about authentication. Imagine instead that all requests to your application already include the information you need to make access control decisions and to personalize the application for the user.
In this world, your applications can trust another system component to securely provide user information, such as the user’s name or e-mail address, a manager’s e-mail address, or even a purchasing authorization limit. The user’s information always arrives in the same simple format, regardless of the authentication mechanism, whether it’s Microsoft Windows integrated authentication, forms-based authentication in a Web browser, an X.509 client certificate, Windows Azure Access Control Service, or something more exotic. Even if someone in charge of your company’s security policy changes how users authenticate, you still get the information, and it’s always in the same format.
This is the utopia of claims-based identity that A Guide to Claims-Based Identity and Access Control describes. As you’ll see, claims provide an innovative approach for building applications that authenticate and authorize users.
This book gives you enough information to evaluate claims-based identity as a possible option when you’re planning a new application or making changes to an existing one. It is intended for any architect, developer, or information technology (IT) professional who designs, builds, or operates web applications, web services, or SharePoint applications that require identity information about their users.
In this world, your applications can trust another system component to securely provide user information, such as the user’s name or e-mail address, a manager’s e-mail address, or even a purchasing authorization limit. The user’s information always arrives in the same simple format, regardless of the authentication mechanism, whether it’s Microsoft Windows integrated authentication, forms-based authentication in a Web browser, an X.509 client certificate, Windows Azure Access Control Service, or something more exotic. Even if someone in charge of your company’s security policy changes how users authenticate, you still get the information, and it’s always in the same format.
This is the utopia of claims-based identity that A Guide to Claims-Based Identity and Access Control describes. As you’ll see, claims provide an innovative approach for building applications that authenticate and authorize users.
This book gives you enough information to evaluate claims-based identity as a possible option when you’re planning a new application or making changes to an existing one. It is intended for any architect, developer, or information technology (IT) professional who designs, builds, or operates web applications, web services, or SharePoint applications that require identity information about their users.
- GenresTechnologyProgramming
595 pages, Kindle Edition
First published April 14, 2010
20 people are currently reading
51 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 6 of 6 reviews
August 29, 2017
Overall this book was very helpful in terms of understanding how to structure federated identity for applications. This sort of holistic approach (as opposed to detailed specifications about specific protocols) doesn't have as much literature as it should have. The main downsides to this book is that it is heavily laden with implementation specific details that don't age quite as well.
March 11, 2019
Chapter 9 'Securing REST Services' is still relevant today for the new comer to the world of Claims. Still, it has a strong WCF SOAP and WPF solution focus.
October 17, 2020
Excellent book on claims, learnt so many new things on developing an enterprise level application by using claims instead of by using identity system. Thanks a lot for sharing such great resource.
January 9, 2015
This is definitely THE book to get started with claims. It starts right at the beginning explaining what’s a claim, why we should use it. Many different scenarios are presented. Each of them is presented with and without claims and most of the time how to migrate from one to the other. The complete solution is available on codeplex.com and if a PDF is good enough for you; it's also available on codeplex for free.
February 11, 2013
Well written with good examples, excellent for someone that doesn't know anything about claims.
Best of all, FREE
Best of all, FREE
April 23, 2013
detailed introduction into Microsoft's claim-based identity solutions. Many very detailed examples...
Displaying 1 - 6 of 6 reviews