1 min read

Ptr: Azure Pack UserVoice Feedback

Ptr: http://feedback.azure.com/forums/255259-azure-pack Looks like Microsoft just launched a public UserVoice site for Azure Pack! You can submit or vote for your most wanted features for upcoming releases. Cool! Like all feedback sites not all features or requests can be met, but it’s still a great way for customers to tell Microsoft where they should focus…

1 min read

Ptr: Authentication Scenarios in Azure AD

Came across a great article on MSDN recently that outlines the various authentication scenarios in Azure AD. Azure Active Directory (Azure AD) simplifies authentication for developers by providing identity as a service, with support for industry-standard protocols such as OAuth 2.0 and OpenID Connect, as well as open source libraries for different platforms to help…

14 min read

Windows Azure Pack Tenant Public API Authentication Options

Web services, as we’ve learned throughout this series, are integral to the workings of Windows Azure Pack. Every UI exposed to the user connects to the backend via web service, every resource provider is managed by Windows Azure Pack through their own web services, and 3rd party functionality can be tied in through web services….

2 min read

Windows Azure Pack at TechEd 2014

It looks like Windows Azure Pack is starting to become my new favorite thing — so much so that I was excited to see that there were a number of presentations on it at TechEd this year. What makes this even better is that the presentations were recorded and you can stream them from Channel…

13 min read

Web Service Authentication in Windows Azure Pack

It’s been a couple months since we last looked at Windows Azure Pack so before we jump into the thick of it lets recap. Windows Azure Pack is an awesome on-premise private cloud platform The interactive portions are broken down into two sections: admin areas and tenant areas It relies on JWTs as bearer tokens…

2 min read

Covert Redirect in OAuth 2.0 and OpenID — or yeah, and?

Earlier today a news story broke claiming the sky is falling because OAuth 2.0 and OpenID are vulnerable to “Covert Redirect” attacks — or as the rest of the world calls them — open redirects. This class of vulnerability has been around for quite a while and frankly is already mentioned in the threat model for…

2 min read

Windows Azure Pack Authentication Part 3.5 – Using ADFS

Since we looked at using a custom IdP for Windows Azure Pack last time I figured it would be good to explicitly list some resources for those looking to use ADFS instead as that’s a fairly common scenario people are exploring. Building Clouds Federated Identities to Windows Azure Pack through AD FS – Part 1…

3 min read

Creating Authority-Signed and Self-Signed Certificates in .NET

Whenever I get some free time I like to tackle certain projects that have piqued my interest. Often times I don’t get to complete these projects, or they take months to complete. In this case I’ve spent the last few months trying to get these samples to work. Hopefully you’ll find them useful. In the…

42 min read

Windows Azure Pack Authentication Part 3 – Using a Third Party IdP

In the previous installments of this series we looked at how Windows Azure Pack authenticates users and how it’s configured out of the box for federation. This time around we’re going to look at how you can configure federation with a third party IdP. Microsoft designed Windows Azure Pack the right way. It supports federation…

20 min read

Windows Azure Pack Authentication Part 2

Last time we looked at how Windows Azure Pack authenticates users in the Admin Portal. In this post we are going to look at how authentication works in the Tenant Portal. Authentication in the Tenant Portal works exactly the same way authentication in the Admin Portal works. Detailed and informative explanation, right? Actually, with any luck…