A Guide to Claims-Based Identity and Access Control: Authentication and Authorization for Services and the Web (Microsoft patterns & practices) - Softcover

As an application designer or developer, imagine a world where you don’t have to worry about authentication. Imagine instead that all requests to your application already include the information you need to make access control decisions and to personalize the application for the user. In this world, your applications can trust another system component to securely provide user information, such as the user’s name or e-mail address, a manager’s e-mail address, or even a purchasing authorization limit. The user’s information always arrives in the same simple format, regardless of the authentication mechanism, whether it’s Microsoft Windows integrated authentication, forms-based authentication in a Web browser, an X.509 client certificate, Windows Azure Access Control Service, or something more exotic. Even if someone in charge of your company’s security policy changes how users authenticate, you still get the information, and it’s always in the same format. This is the utopia of claims-based identity that A Guide to Claims-Based Identity and Access Control describes. As you’ll see, claims provide an innovative approach for building applications that authenticate and authorize users. This book gives you enough information to evaluate claims-based identity as a possible option when you’re planning a new application or making changes to an existing one. It is intended for any architect, developer, or information technology (IT) professional who designs, builds, or operates web applications, web services, or SharePoint applications that require identity information about their users.

Dominick Baier works as a consultant for the Germany-based company thinktecture (http://www.thinktecture.com). His main area of focus is identity & access control. He helps customers around the world implementing claims-based identity, single sign-on, authorization and federation in their web applications, services and APIs. Dominick is the author of "Developing more-secure ASP.NET Application" and co-author of the Microsoft patterns & practices "Guide to Claims-based Identity and Access Control." You can find Dominick on the web at http://www.leastprivilege.com and on Twitter via @leastprivilege.

Vittorio Bertocci is a Senior Architect Evangelist in the Windows Azure Platform Evangelism team with Microsoft Corp. Vittorio has spent the past four years helping customers deploy solutions based on identity and access management, SOA, and services. You can find him at http://blogs.msdn.com/vbertocci.

Keith Brown is a co-founder of Pluralsight, a premier Microsoft .NET training provider. Keith is the author of Pluralsight's Applied .NET Security course as well as several books, including The .NET Developer's Guide to Windows Security. Learn more at www.pluralsight.com/keith.

Scott Densmore works as a Software Engineer at Microsoft. His primary interests are cloud computing and mobile device computing. You can find him at http://scottdensmore.typepad.com/ and on Twitter @scottdensmore.

Eugenio Pace is a Principal Program Manager Lead in the patterns & practices group at Microsoft. He is responsible for developing guidance for migrating and building applications for the Windows Azure platform and for Windows Phone 7. Before that he worked on architecture guidance for claims based identity and identity federation. You can find him at: http://blogs.msdn.com/eugeniop/ or on twitter @eugenio_Pace.

Matias Woloski is a Software Architect specializing in identity and cloud computing. For the past 12 years he has designed and developed software and helped companies take advantage of emerging technologies. Matias is currently building a company Auth0.com to help cloud and mobile apps be adopted by the enterprise by simplifying single sign on setup. He is a co-author of three books: the Claims Based Identity and Access Control Guide, Moving Applications to the Cloud and Developing Applications for the Cloud. You can reach him at woloski.com or on Twitter @woloski

Forewords by: Kim Cameron and Stuart Kwan