Programming Windows Identity Foundation


Get hands-on guidance designed to help you put the newest .NET Framework component- Windows Identity Foundation, the identity and access logic for all on-premises and cloud development- to work.

Read More Show Less
... See more details below
Other sellers (Paperback)
  • All (24) from $1.99   
  • New (11) from $2.64   
  • Used (13) from $1.99   
Programming Windows Identity Foundation

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK 7.0
  • Samsung Galaxy Tab 4 NOOK 10.1
  • NOOK HD Tablet
  • NOOK HD+ Tablet
  • NOOK eReaders
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$15.49 price
(Save 44%)$27.99 List Price


Get hands-on guidance designed to help you put the newest .NET Framework component- Windows Identity Foundation, the identity and access logic for all on-premises and cloud development- to work.

Read More Show Less

Product Details

  • ISBN-13: 9780735627185
  • Publisher: Microsoft Press
  • Publication date: 9/10/2010
  • Series: Developer Reference Series
  • Pages: 272
  • Sales rank: 1,303,610
  • Product dimensions: 7.30 (w) x 8.90 (h) x 0.80 (d)

Meet the Author

Vittorio Bertocciis a Senior Architect Evangelist in DPE and a key member of the extended engineering team that produces Microsoft's claims-based platform components (e.g. Windows Identity Foundation, ADFS 2.0). He is responsible for identity evangelism for the .NET developers community and drove initiatives such as the Identity Developer Training Kit and the IdElement show on Channel 9.

He is co-author of Understanding Windows Cardspace (Addison-Wesley, 2008) and a prominent authority/blogger on Azure, "Geneva" (the code name for Windows Identity Foundation), .NET development, and related topics.

Read More Show Less

Table of Contents




Part I Windows Identity Foundation for Everybody

1 Claims-Based Identity? 3

What Is Claims-Based Identity? 3

Traditional Approaches to Authentication 4

Decoupling Applications from the Mechanics of Identity and Access 8

WIF Programming Model 15

An API for Claims-Based Identity 16

WIF's Essential Behavior 16

IClaimsidentity and IClaims Principal 18

Summary 21

2 Core ASP.Net Programming 23

Externalizing Authentication 24

WIF Basic Anatomy: What You Get Out of the Box 24

Our First Example: Outsourcing Web Site Authentication to an STS 25

Authorization and Customization 33

ASP.NET Roles and Authorization Compatibility 36

Claims and Customization 37

A First Look at <microsoft.identityModel> 39

Basic Claims-Based Authorization 41

Summary 46

Part II Windows Identity Foundation for Identity Developers

3 WIF Processing Pipeline in ASP.NET 51

Using Windows Identity Foundation 52

WS-Federation: Protocol, Tokens, Metadata 54

WS-Federation 55

The Web Browser Sign-in Flow 57

A Closer Look to Security Tokens 62

Metadata Documents 69

How WIF Implements WS-Federation 72

The WIF Sign-in Flow 74

WIF Configuration and Main Classes 82

A Second Look at <microsoft.identityModel> 82

Notable Classes 90

Summary 94

4 Advanced ASP.NET Programming 95

More About Externalizing Authentication 96

Identity Providers 97

Federation Providers 99

The WIF STS Template 102

Single Sign-on, Single Sign-out, and Sessions 112

Single Sign-on 113

Single Sign-out 115

More About Sessions 122

Federation 126

Transforming Claims 129

Pass-Through Claims 134

Modifying Claims and Injecting New Claims 135

Home Realm Discovery 135

Step-up Authentication, Multiple Credential Types, and Similar Scenarios 140

Claims Processing at the RP 141

Authorization 142

Authentication and Claims Processing 142

Summary 143

5 WIF and WCF 145

The Basics 146

Passive vs. Active 146

Canonical Scenario 154

Custom TokenHandlers 163

Object Model and Activation 167

Client-Side Features 170

Delegation and Trusted Subsystems 170

Taking Control of Token Requests 179

Summary 184

6 WIF and Windows Azure 185

The Basics 186

Packages and Config Files 187

The WIF Runtime Assembly and Windows Azure 188

Windows Azure and X.509 Certificates 188

Web Roles 190

Sessions 191

Endpoint Identity and Trust Management 192

WCF Roles 195

Service Metadata 195

Sessions 196

Tracing and Diagnostics 201

WIF and ACS 204

Custom STS in the Cloud 205

Dynamic Metadata Generation 205

RP Management 213

Summary 213

7 The Road Ahead 215

New Scenarios and Technologies 215


Silverlight 223

SAML Protocol 229

Web Identities and REST 230

Conclusion 239

Index 241

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)