Clarity, Technology, and Solving Problems | PracticeThis.com
WP7 App with Key Windows Azure resources – Slides, Videos, How-To’s, and T-shooting – for quick consumption on the go.
I just finished building another security workshop that covers authentication and identity technologies implemented by MS products. The workshop is targeted to developers and not IT folks. It is common practice (or should I call it anti-practice) that development projects re-invent the wheel and build again and again custom authentication or identity flow mechanisms which are surest recipe for disaster from security perspective. There is plenty of reasons why and one of them is that development teams do not have solid understanding of what MS technologies offer out-of-the-box with regards to authentication.
I have divided the workshop into four major parts:
I call it educational workshop influenced by what I was discussing in Security Workshops. This workshop explains what MS offers and when to use. It does not train the participants how to use it in depth assuming after completing the workshop participants will be able to deepen their knowledge after picking proper technology.
Great set of links. Thanks for sharing. Wondering if it would be possible for you to address the "Trusted Subsystem Model" in WCF under IIS hosting using BasicHttpBinding. We have a lot of 1.1 clients but want to move to WCF for the Services layer. It is quite easy with ASMX to set up an <authorization .../> element in the Web.config file to set up the Trusted Subsytem model, but it is getting a bit tricky to do this in WCF under IIS. Would appreciate if you could share your thoughts on this.
Kris, happy you liked the links.
Funny you mention WCF authorization, it is something i planned to work on for nearst term. After i get my hands dirty with it i will post my thoughts on this for sure
I think you want to take a look at these first:
החודש פגשתי את אליק לוין ממיקרוסופט ישראל לשיחה קצרה. עם המון התלהבות ממה שהוא עושה ועם חיוך תמידי על
I was delivering "Authentication Explained" session for Security User Group. First of - thanks for attending