Browse by Tags

Tagged Content List
  • Blog Post: ACS SAML / ADFS v2 Sample

    The November 2009 CTP of ACS integrates with Active Directory Federation Server v2. ACS can act as a bridge between enterprise identity and REST web services. The runtime flow is pretty simple (shown below). At runtime, the client app requests a SAML bearer token from AD FS v2. The easiest way to do...
  • Blog Post: Management Browser uploaded

    Since releasing the new version of ACS on Nov 5, we’ve received quite a bit of feedback that we should provide a UI for managing ACS rules/scopes/issuers/token policies. In response, Cyrus put together a little WPF app that does the trick. It’s available on MSDN code gallery here: http://code.msdn.microsoft...
  • Blog Post: Web Resource Authorization Protocol (WRAP) and Simple Web Token (SWT) on google groups

    The Access Control Service uses a new community protocol and format that are now posted on google groups: http://groups.google.com/group/wrap-wg http://groups.google.com/group/oauth-wrap-wg Check em out. If you are a security geek, it’s worth the read.
  • Blog Post: Access Control Service – Roadmap for PDC and Beyond

    We are in the process of making some key design changes to the Access Control Service (ACS) for our PDC release this fall. I think these changes will bring tremendous benefits to ACS customers in the near-term, but the changes break all ACS-related code that exists today. This post summarizes the planned...
  • Blog Post: Mix 09 Deck

    For some reason the slide deck I presented at Mix didn’t show up on the Mix 09 website. If you are interested in the deck, see the link below.
  • Blog Post: TokenClient (Mix) introduction

    This week at Mix I demonstrated a new experimental client API (TokenClient) for interacting with the Access Control Service (ACS). The purpose of this API is to simplify the developer interaction with the ACS Security Token Service. It still uses WS-Trust on the wire, but restricts the WS-Trust options...
  • Blog Post: Access Control Service - Common Interaction Model

    In my previous post I described at a high level a simple scenario that leverages the Access Control Service. Now I'd like to describe the interactions between messaging participants and the .NET Access Control Service. Recall the scenario: a multi-tenant payroll application is running in the cloud -...
  • Blog Post: Robots and BizTalk Services

    I just posted a new screencast on Channel 9: http://channel9.msdn.com/Showpost.aspx?postid=386824 . It's purpose is to show off the power of claims and claims transformation, especially in a hosted service like BizTalk Services.
  • Blog Post: Claims and the Calculator sample in the BizTalk Services SDK

    The identity provider in BizTalk Services is a way for applications to delegate identity and access control to a hosted service. In other words, an application can use BizTalk Services to answer the all-important question "Who are you and what are you allowed to do?". If you haven't checked...
  • Blog Post: PictureServices and BizTalk Services

    Previous posts have talked a bit about PictureServices. Now I'd like to run through what it took to bring PictureServices to the BizTalk Services. I've talked a bit in other posts about BizTalk Services, but it has some interesting and very useful messaging features. For starters, BizTalk Services has...
  • Blog Post: It's a bird. No, it's a plane. No, what the heck is it?

    I'm not sure if my grammar for the title of this post is correct. I offer my apology to those that I've offended ( Eats, Shoots & Leaves is a great book). Check out Blurb.com . It's a way to self-publish a book that contains practically anything. Based on the price list, it seems like a very economical...
  • Blog Post: Introduction to BizTalk.NET Services

    Background BizTalk.NET Services ( http://labs.biztalk.net ) is a nascent and experiemental project that is all about generic, secure connectivity. Many WCF customers ask us how to notify client applications that something has happened in a service. If the client is addressable and listening, this is...
  • Blog Post: BizTalk Services CTP is Public

    The BizTalk Services CTP is available for all to play with. In general, the concept is services in the cloud. It's a gross understatement, but enough for now. It's way cool because it opens the door for some innovative service scenarios. I plan on blogging quite a bit about these services in the near...
Page 1 of 1 (13 items)