- Easing the pain of identity integration
- James McCutcheon
- nSquared
- LiveID Overview
- Advantages and Drivers
- Types of Authentication: WebAuth; DelAuth; ClientAuth
- Contacts
- Summary
- Discussion
- At the end of this session the audience should understand LiveID and how to sue it
- Feel confident and comfortable to go and start creating apps that use LiveID.
- One identity model that puts users in control of their identities
- Flexibility via choice
- Enhances Developer Productivity
- Standards Based
- Services: Live Identity
- Software: Live Framework
- Find & Locate: Live Search; Virtual Earth
- Identity: LiveID
- User Data: Contacts, Photos, App Storage
- Notifications & Messaging: Messenger, Alerts, Agents
- Infrastructure: Admin Centre; SilverLight Streaming
- Operating Environment
- Different authentication protocols; Different principal types = AuthN
- Trust relationship management; Child account legal and parental controls; Account sign-up/management = On-boarding
- Identity Provider availability and reliability; Anti-spam account detection = IdP QoS
- = Identity “pain”
- Business Logic
- Consumer + Enterprise
- Federation friendly
- Open & Standards-based
- Rich functionality
- Ease of use
- = Above all: SECURE!
- A = Authentication (Auth Principles + Principle Types)
- P = Policy (Trust relationships + Auth token policies)
- P = Profile (Account registration + Membership DB)
- A = Authorization (Claims + Roles + Access control)
- Web Application (Authentication)
- Web site integration (co-branded user experience; open source samples in 7 languages – C#, VB, Java, Perl, PHP, ruby, Python)
- Windows Live ID Web Authentication SDK (dev.live.com)
- Web Application (Delegation)
- App provider accessing user data stored in Live Services (Open source samples in 7 languages)
- Windows Live ID Deleted Authentication SDK
- ASP.NET
- ASP.NET controls -> simplified integration (controls: IDLogin, IDLoginView, Contacts, SilverlightStreaming Media, Virtual Earth Maps)
- Windows Live Tools
- Windows Rich Client Application
- Rich client applications (Windows Client OS)
- Windows Live ID Client SDK
- You the end user don’t have to worry about setting up and maintaining the back end infrastructure required for AuthZ and AuthN
- LiveID Services takes care of it for you
- LiveID Services is always online, secure, backup and available
- Based on Open standard and platform neutral
- Easy to provision, access and use
- Technology agnostic
- Move seamless across multiple…
- Provides an identity platform
- All delivered as Software + Services
- Live Identity Services Web Authentication
- Enabling apps to be secure
- lx.azure.microsoft.com
- Azure Services Developer Portal
- Create new project
- Domain: development.azuredemo.com
- Return URL: http://development.azure.com:8888/default.aspx
- Receive new Application ID and Secret Key
- Hosts file edit: 127.0.0.1 = development.azuredemo.com
- Edit Web.config: appSettings: add key: wll_appid & wll_secret
- Edit IDLoginStatus: ApplicationConfigKey & SecretConfigKey
Web Authentication Protocol Overview
- End User with web browser -> Relying Party Web Site e.g. Contoso.com
- Relay back to Windows Live ID Service
- Windows Live ID Web authentication SDK Docs:
- Windows Live Tools (IDLogin Status Control – ASP.NET)
- Sign-in Screen Customization XML
- Customizable Registration Screens
Live Identity Services Delegated Authentication
- Enabling Data Portability
- Request Consent
- Grant Consent
- Using Consent (via token)
- Refresh token
- Integrate Desktop Applications to use Live ID
- More…
- Microsoft is becoming an OpenID Provider (OP)
Summary – Windows Live ID
- The biggest identity provider on the planet
- But LIVDE ID platform is much more than just the familiar login box
- Various types of users and various authentication models are supported
No comments:
Post a Comment