Pranav RastogiProgram Manager

MicrosoftTwitter : rustd

ASP.NET Identity & Security Overview

www.devconnections.com

ASP.NET IDENTITY & SECURITY

INTRODUCTIONSIt always helps to know who you’re dealing with, so here’s a little background on me.

@rustd

ASP.NETProgram Manager

http://blogs.msdn.com/pranav_rastogi/

Author

www.devconnections.com

ASP.NET IDENTITY & SECURITY

GOAL

Seamless and unified experience for enabling authentication in ASP.NET apps

on premise and in the cloud

www.devconnections.com

ASP.NET IDENTITY & SECURITY

OVERVIEW

ASP.NET Identity ASP.NET Security Windows Azure Active Directory

(WAAD)

www.devconnections.com

ASP.NET IDENTITY & SECURITY

HISTORY OF MEMBERSHIP• ASP.NET 2.0 Membership (VS 2005)

• Forms Auth

• Sql Server based

• ASP.NET Simple Membership (VS 2010)

• Easy to customize profile

• ASP.NET Web Pages

• ASP.NET Universal Providers(VS 2012)

• Support Sql Azure

www.devconnections.com

ASP.NET IDENTITY & SECURITY

ASP.NET IDENTITY• One ASP.NET Membership story.

• Profile.

• Extensibility allows for No SQL persistence model.

• Improve unit testability of application code.

• Separate Authentication from Membership.

• Full support for Async programming.

• Claims Based.

www.devconnections.com

ASP.NET IDENTITY & SECURITY

7

ASP.NET SECURITY - OWIN• Support Individual and Organizational

Accounts

• Host and framework independent

• Web apps and Web APIs

• Claims based

• Clients: browsers, mobile, tablets etc.

www.devconnections.com

ASP.NET IDENTITY & SECURITY

8

DEMO

ASP.NET Identity Profile Roles Social Login Persistence – Azure Table Storage Multi – factor Auth Securing Mobile Clients

www.devconnections.com

ASP.NET IDENTITY & SECURITY

ORGANIZATIONAL ACCOUNTS

www.devconnections.com

ASP.NET IDENTITY & SECURITY

WINDOWS AZURE AD

Active Directory in the Cloud

Integrate with on-premises Active Directory

Enable single sign-on within your apps

Enterprise Graph REST API

www.devconnections.com

ASP.NET IDENTITY & SECURITY

REGISTERING A WEB APP IN AAD

Sign Up for Windows Azure AD

Sign in the Windows Azure portal as global admin

https://account.windowsazure.com/signup https://account.windowsazure.com/organization

www.devconnections.com

ASP.NET IDENTITY & SECURITY

Windows AzureYour

app in AzureWindows Azure

Active Directory

3rd party apps

www.devconnections.com

ASP.NET IDENTITY & SECURITY

LINE OF BUSINESS APPS

www.devconnections.com

ASP.NET IDENTITY & SECURITY

WEB SIGN IN IN .NET

Windows Azure Active Directory

Your Tenant

OAuth2

SAML-P

WS-Federation

Metadata

App

App

www.devconnections.com

ASP.NET IDENTITY & SECURITY

DEMO

LOB app with Single Sign On Single Sign Out

www.devconnections.com

ASP.NET IDENTITY & SECURITY

MULTITENANT APPLICATIONS

www.devconnections.com

ASP.NET IDENTITY & SECURITY

AAD AND MULTI-TENANT APPS

App

Windows Azure Active Directory

SAML-P

WS-Federation

Metadata

Tenant2

SAML-P

WS-Federation

Metadata

Tenant1

App

App

App

www.devconnections.com

ASP.NET IDENTITY & SECURITY

DEMO

Multi-tenant apps Grant Access to Directory

www.devconnections.com

ASP.NET IDENTITY & SECURITY

19

RESOURCES

http://www.asp.net/vnext http://www.windowsazure.com/en-us/d

ocumentation/services/active-directory/ http://blogs.msdn.com/b/webdev/ http://blogs.technet.com/b/ad/

www.devconnections.com

ASP.NET IDENTITY & SECURITY

20

THANK YOU!!!