Clarity, Technology, and Solving Problems | PracticeThis.com
WP7 App with Key Windows Azure resources – Slides, Videos, How-To’s, and T-shooting – for quick consumption on the go.
This is a follow up to a previous post Azure AppFabric Access Control Service (ACS) v 2.0 High Level Architecture – Web Application Scenario. This post outlines the high level architecture for a scenario where Azure AppFabric Access Control Service (ACS) V2 involved in authentication and identity flow process between a client and a RESTful Web Service. Good description of the scenario, including visuals and solution summary, can be found here - App Scenario – REST with AppFabric Access Control. The sequence diagram can be found here - Introduction (skip to Web Service Scenario).
In this case there is no involvement of end user, so that User Experience part is irrelevant here.
Important to mention on when to use what for token signing. As per Token Signing:
These keys or certificates are used to protect tokens from tampering while on transit. These certificates and keys are not for authentication. They help maintaining trust between Azure AppFabric Access Control Service (ACS) and the Web Service.
Try out yourself using bootstrap samples available here:
Azure AppFabric Access Control Service (ACS) is one of the core components for Windows Azure platform. ACS’s main purpose is help outsourcing authentication and identity management functionality to third parties. Currently supported 3rd party identity providers are:
As a developer you can utilize available, familiar to end user, authentication mechanism by configuring (no coding required) your web application and ACS to work together.
End user experience can be described as follows:
The following diagram outlines the high level architecture of the Azure AppFabric Access Control Service (ACS) v 2.0, its main components and the information exchanged between them. Notice that end user’s credentials never given away to third party.
The sequence of steps, including visual diagram, required to perform the authentication outlined in details here - Introduction (skip to Web Site Scenario).
Notice that the token that is issued by the Identity Provider (green IdP Token on the diagram) is different from the token that the Web Application receives in the end (blue ACS Token on the diagram). Azure AppFabric Access Control Service (ACS) offers claims rules capability that can transform claims. More information on rules here - Rule Groups and Rule Editor.
Before starting a job in my new role as programming writer I met with few super smart people. I wanted to pick their brain and hear insights for success.
The key theme was along the line – “keep your customer in the center.”
Wisdom of obvious? Maybe. But the more I thought about this simple truth the more insightful it got.
To add clarity to the key theme I came up with the simple frame for how to think about the customers. It is customer types or personas and questions they might ask.
Back when I was an MCS (Microsoft Consulting Services) consultant I worked with several types of people. I recalled the following personas:
During my work in the field as consultant I observed time and again customers get frustrated by investing too much time to complete the task, losing money on labor or missing customers demand, and poor performing software. I also observed customers get frustrated by unusable software (one of the reasons they call consultants). So the main drivers for customers are:
I found it helpful to look at the development lifecycle to better understand each persona customer type:
After reviewing the data points above I came to a conclusion that the problem scope can be summarized by three questions.
It is interesting that “How it works (internals)?” question is not explicitly there.
Here are few examples of how the three question approach can help building scenarios (key questions) driven content: