1 min read

Ptr: Authentication Scenarios in Azure AD

Came across a great article on MSDN recently that outlines the various authentication scenarios in Azure AD. Azure Active Directory (Azure AD) simplifies authentication for developers by providing identity as a service, with support for industry-standard protocols such as OAuth 2.0 and OpenID Connect, as well as open source libraries for different platforms to help…

42 min read

Windows Azure Pack Authentication Part 3 – Using a Third Party IdP

In the previous installments of this series we looked at how Windows Azure Pack authenticates users and how it’s configured out of the box for federation. This time around we’re going to look at how you can configure federation with a third party IdP. Microsoft designed Windows Azure Pack the right way. It supports federation…

20 min read

Windows Azure Pack Authentication Part 2

Last time we looked at how Windows Azure Pack authenticates users in the Admin Portal. In this post we are going to look at how authentication works in the Tenant Portal. Authentication in the Tenant Portal works exactly the same way authentication in the Admin Portal works. Detailed and informative explanation, right? Actually, with any luck…

13 min read

Real-time User Notification and Session Management with SignalR – Part 1

As more and more applications and services are becoming always on and accessible from a wide range of devices it’s important that we are able to securely manage sessions for users across all of these systems. Imagine that you have a web application that a user tends to stay logged into all day. Over time…

1 min read

Guide to Claims-Based Identity Second Edition

It looks like the Guide to Claims-Based Identity and Access Control was released as a second addition! Take a look at the list of authors: Dominick Baier Vittorio Bertocci Keith Brown Scott Densmore Eugenio Pace Matias Woloski If you want a list of experts on security then look no further. These guys are some of…

11 min read

Strongly Typed Claims

Sometimes it’s a pain in the neck working with Claims. A lot of times you need to look for particular claim and that usually means looping through the claims collection and parsing the value to a particular type. This little dance is the trade-off for having such a simple interface to a potentially arbitrary collection…

31 min read

Tamper-Evident Configuration Files in ASP.NET

A couple weeks ago someone sent a message to one of our internal mailing lists. His message was pretty straightforward: how do you prevent modifications of a configuration file for an application [while the user has administrative rights on the machine]? There were a couple responses including mine, which was to cryptographically sign the configuration…

5 min read

Adjusting the Home Realm Discovery page in ADFS to support Email Addresses

Over on the Geneva forums a question was asked: Does anyone have an example of how to change the HomeRealmDiscovery Page in ADFSv2 to accept an e-mail address in a text field and based upon that (actually the domain suffix) select the correct Claims/Identity Provider? It’s pretty easy to modify the HomeRealmDiscovery page, so I…

1 min read

Talking about Security Article Series

Over on the Canadian Solution Developer’s blog I have a series on the basics of writing secure applications.  It’s a bit of an introduction to all the things we should know in order to write software that doesn’t contain too many vulnerabilities. Obviously it’s not a series on everything you need to know about security,…