As you know, development stacks implementing web sign in protocols traditionally handle sessions by tracking the content of the initial token in form of a session cookie. That is not the only way in which it could be done, and I do think it will change in the future, but for the time…
After having promised (to you and to myself) to write more in depth about the new OWIN components for OpenId Connect and WS-Federation, I am finally carving out some time to sit down and jolt down my thoughts about it. My goals for this post are to help you to understand what those…
Next week a sizeable delegation of admin-centric (..biased?) colleagues will descend to Houston, where during the annual TechEd they’ll deliver all sorts of training goodness in form of breakout sessions, beer-fueled whiteboarding at the Ask the Expert night, demos and chats at the both, and more. I will take the responsibility to carry…
During the //BUILD timeframe we pushed out A LOT of new features and artifacts – to the point that we didn’t yet manage to talk about even half of it! Of all those, the ones that IMO yield the biggest bang for the buck are: The Azure AD authentication scenarios overview topic on…
The enthusiasm for the new OWIN-based programming model is spreading – and one of the things I get asked most often has to do with how to use it to connect to ADFS. That’s actually pretty simple. So simple, in fact, that I don’t really need to write much to tell you how…
Mixing and matching multiple authentication styles in a single web application has always been difficult with WIF. The new OWIN security components in ASP.NET change that, thanks to the finer grained control they grant over request processing pipelines. One of the most common requests I have been hearing in the last couple of…
The back to basics post about token validation published few weeks ago was overwhelmingly well received – hence, always the data driven kind – here I am jolting down the logical next step: an overview of authentication protocols. You heard the names: SAML, OAuth 1 and 2, WS-Federation, Kerberos, WS-Trust, OpenID and OpenID…
Did you install the preview of Windows Phone 8.1? I sure did, and it’s awesome! Windows Phone 8.1 introduces a great new feature, which was until recently only available on Windows 8.x: the WebAuthenticationBroker (WAB for short from now on). ADAL for Windows Store leverages the WAB for all of its authentication UI…
Super-quick post, as I am laser focused on you-know-what Last week we finally lifted the veil from the preview of the new OpenID Connect OWIN middleware in ASP.NET! We didn’t give much details at this point besides the brief post I guest-wrote on the WebDev blog – but we’ll open the floodgates soon…
Final installment of the Azure Active Directory development series on Azure Fridays. The last two videos are all about web API and native clients – at recording time we didn’t have the ADAL 2.0 preview out yet, hence I used ADAL .NET, but pretty much everything we said applies to the Windows Store,…