Databases
StackOverflow2013
Postsdbo
POImplementing claims-based security (WCF/ASP.NET)
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POImplementing claims-based security (WCF/ASP.NET)
    primarykey
    data
    text
    <p>After researching on the topic of claims-Based security (or a federated security model). I've been coming across many examples that use <a href="http://en.wikipedia.org/wiki/Windows_CardSpace" rel="nofollow noreferrer">CardSpace</a> as an example. The main article that I read that gave a really great explanation of the subject was a <a href="https://connect.microsoft.com/Downloads/DownloadDetails.aspx?SiteID=642&amp;DownloadID=12901" rel="nofollow noreferrer">PDF</a> by Microsoft on a framework called <a href="https://connect.microsoft.com/Downloads/Downloads.aspx?SiteID=642" rel="nofollow noreferrer">Zermatt</a>. </p> <p>The claims-based security architecture I'm looking into is the equivalent of implementing an <a href="http://msdn.microsoft.com/en-us/library/ff650503.aspx" rel="nofollow noreferrer">STS</a> Authentication Broker in combination with an STS Authorization Broker. This way, when I create a new service all I need to do is ensure that the service will only accept claims issued by the Authorization Broker. And as noted in the article, the Authorization Broker would only accept claims issued by the Authentication Broker. </p> <p>When that's setup, any time a client attempts to use the new service, it must authenticate with the <strong><em>Authentication Broker</em></strong> <strong>(issuing an authenticated claim)</strong> and then get authorized with the <strong><em>Authorization Broker</em></strong> <strong>(issuing an authorized claim)</strong>.</p> <p>This is all fine and dandy and the architecture is clear, but I don't see exactly how to implement an STS. As I mentioned, most (if not all) examples around the web are showing how to use CardSpace, but that doesn't exactly work when you have a database backing up your authentication scheme.</p> <p><strong>Sample Scenario</strong></p> <p><a href="http://img512.imageshack.us/img512/8329/claimsbasedsecurityza6.jpg" rel="nofollow noreferrer">alt text http://img512.imageshack.us/img512/8329/claimsbasedsecurityza6.jpg</a></p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. USBrock Adams
    1. USnyxtom
    plurals
    1. PL
      singulars
      1. LTLinked
    1. PL
      singulars
      1. LTLinked
    2. PL
      singulars
      1. LTDuplicate
    3. PL
      singulars
      1. LTLinked
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    2. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POImplementing claims-based security (WCF/ASP.NET)
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. POImplementing claims-based security (WCF/ASP.NET)
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. POImplementing claims-based security (WCF/ASP.NET)
      1. This table or related slice is empty.
      1. VTUpMod
    1. This table or related slice is empty.
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload