Vibro.NET

[funny] Stolen Identity Video

vibro — Thu, 19 Nov 2009 23:20:56 GMT

PDC is slowly wrapping up, and it has been an awesome one. Identity was all over the place, and the interest you guys have show for the topic makes the months of behind-the-scenes hard work well worth it!

Before resuming the “serious” steams of news around the content (there’s more to come!), let me share with you this hilarious video in which, you really can say that, identity is the undisputed protagonist… enjoy! (thanks to Mike for the link!)

http://www.youtube.com/watch?v=bT_8pkoIGms

More WIF RTM Extravaganza: Sharepoint 2010 & Claims-Based Identity on the Id Element

vibro — Wed, 18 Nov 2009 09:00:00 GMT

Riding the wave of the WIF RTM joy, Here there’s a bonus for you: an exclusive interview with Venky, Program Manager Lead in the Sharepoint team, where he describes how claims-based identity is helping Sharepoint to address its identity challenges.

This is an unusual interview for the Id Element, as it depicts somebody who USES an identity product rather than somebody who writes it: I personally find it really, really interesting, and I am sure you’ll agree with me ;-) enjoy!

When it comes to identity management intensive applications, it's hard to top Sharepoint. Whether you are signing in a portal, accessing a document or using a webpart for reaching out to external web services, your identity is going to be the factor that drives it all.
Vittorio went to visit Venky Veeraraghavan, Program Manager Lead in the Sharepoint team, to discuss how Sharepoint deals with identity challenges. Venky gives a fantastic explanation of how claims-based identity and Windows Identity Foundation helped the Sharepoint team to deliver on the identity functionalities they needed without getting entangled in low level details such as protocol handling.
Tune in!

Stuart Kwan & yours truly broadcasted LIVE on Channel9 – TOMORROW!

vibro — Wed, 18 Nov 2009 07:48:17 GMT

Yes, you read it right :-)

Tomorrow at 1:00pm PST Stuart Kwan and I will appear LIVE on the new unscripted broadcast that the Channel9 guys are doing from the PDC floor; we are going to be grilled by Scott Hanselman, who presumably will want to know everything about Identity!

Instructions:

To watch, go to www.microsoftpdc.com
To participate and ask questions, send a tweet to @ch9live
PDC attendees can drop by the Channel 9 Live stage in the Big Room to be part of the action in person

Now, don’t ask me how my name ended up in the same program as stars of the magnitude of DelBene, Guthrie, Don & Chris… some times it’s just chance! I guess that WIF RTM and the roaring interest you guys are demonstrating for identity are a good part of it… awesome!

I include screenshot below for good measure :)

Soooooo… see you there? ;-)

Enjoyed TailSpin demo in today’s PDC09 keynote? Get it now!

vibro — Tue, 17 Nov 2009 19:43:04 GMT

Few hours ago Cameron Skinner and Doug Purdy were featured in Bob Muglia’s keynote. They showed great demos, where identity played a no-drama role: Cameron used WIF and ADFSv2 for enhancing SSO capabilities to his MVC application, Doug benefitted by that decision when he didn’t have to worry about authentication while modeling, deploying in staging and finally in the cloud the same application. I may be biased, but I found both demos extremely compelling (not just for the identity parts!!!).

The app they used happens to be the brainchild of LostInTangent AKA Jonathan Carter: being the good guy he is, Jonathan decided to make the demo available for you to download so that you can experience it directly on your own machine and experiment with variations.

There’s preciously little code about identity in the sample, and exactly for that reason it effectively demonstrate how Windows Identity Foundation can transform authentication in a non-problem and allow you to focus on the business aspects of the application.

It was real fun to work with Jonathan for the identity portion of the demo: again, this is just a small part of a very comprehensive application, LostInTangent really knows his stuff. Do check it out, it is a great way of familiarizing with the new features in VS2010 and our new server wave!

Announcing the Identity Developer Training Course on Channel9

vibro — Tue, 17 Nov 2009 19:14:57 GMT

Microsoft is a recognized thought leader in Identity: since the Geneva announcements wave in PDC08, we opened a dialog with developers for helping you to reap the benefits of claims based identity with the .NET framework. And today we RTM’ed WIF! :)

During the past year we rolled out many successful initiatives, from the Id Element show on Channel9 to the Identity Developer Training Kit. Today we are raising the game again, by releasing the Identity Developer Training Course on Channel9.

Why The Identity Developer Training Course

The hands on lab in the kit were designed specifically to help you to address the most common scenarios, as gathered at events and indicated by the search engine queries that landed visitors to our blogs; however, once the content was packed in the training kit it was totally opaque to search engines and direct queries, leaving the full burden of discoverability to the short description in the download page or blog posts & tweets.

The Identity Developer Training Course represents the unbundling of the Identity Developer Training Kit: all the labs documentation is now unfolded and hosted by Channel9 on the public internet, ready to answer YOUR queries right when you need it.

Once the content is on line, an entire new range of possibilities opens up: we can complement the content with instructional videos that can be streamed on-demand, roll continuous updates without forcing you to re-download the package, and many others we are considering for the next releases.

Discover Identity at Your Own Pace

The content is designed to provide a gentle introduction to the claims-based approach to identity and the Microsoft technologies that developers can use to put it in practice: in this release we focus on Windows Identity Foundation and the Access Control Service. The course also offers more advanced content, which will appeal to experienced developers and will help beginners to move to the next level.

Just to give you an idea of the kind of content we make available, here there’s a list of the units we offer in the first version of the Identity Developer Training Course:

Overview
- Video: Welcome To The Identity Training Course
- Video: An Introduction to Claims-Based Identity
Web Sites and Identity
- HOL
  - Exercise 1: Enabling claims based access for an ASP.NET Web Application by generating a local STS
  - Exercise 2: Customizing the Credentials Accepted by a Local STS
  - Exercise 3: Accepting Tokens from an Active Directory Federation Services (ADFS) STS
  - Exercise 4: Accepting Tokens from Live ID
  - Exercise 5: Invoking a WCF Service on the Backend via Delegated Access
Web Services and Identity
- HOL
  - Exercise 1: Using Windows Identity Foundation to Handle Authentication and Authorization in a WCF Service
  - Exercise 2: Accepting Tokens from an Active Directory Federation Services (ADFS) STS
  - Exercise 3: Invoking a WCF Service on the Backend via Delegated Access
ASP.NET Membership Provider and Federation
- HOL
  - Exercise 1: Enhance an ASP.NET Membership Website with Identity Provider Capabilities and Use it from a Third Party Website
Identity and the Windows Azure Platform
- Video: What is the Access Control Service?
- HOL: Introduction to the .NET Access Control Service
  - Exercise 1: Using ACS with Symmetric Keys
  - Exercise 2: Using ACS with SAML Tokens
- HOL: Federated Authentication in a Windows Azure Web Role Application
  - Exercise 1: Enabling Federated Authentication for ASP.NET applications in Windows Azure

You can go through the course “cover to cover”, or pick and choose the references that can help them with the task at hand.

Get on board!

The interest in Identity has been growing at steady pace for the last year: with the RTM release of Windows Identity Foundation and the cloud services getting more concrete every day, we expect the interest of the community to grow further.

Developers skilled in identity matters are in preciously short supply, and our courses represent an easy (and FREE!) way to acquire a skill in high demand. If you want to get on board:

Go through to the online identity developer training course…
…or download the classic identity developer training kit
Explore our end to end sample, FabrikamShipping, or our ASP.NET custom controls (here and here)
Subscribe to the Id Element show on Channel9 to hear about the latest news in Identity directly from the protagonists

As always, we look forward for your feedback: please let us know what works and what you would like us to do differently!

Windows Identity Foundation RTM!

vibro — Tue, 17 Nov 2009 18:16:13 GMT

Hello from PDC09 Day 1 keynote! It is my pleasure to let you know that Bob Muglia just announced the general availability of Windows Identity Foundation. Get it while it’s hot!

Almost exactly 2 years ago I had the honor of giving the first sneak-peak of what at the time we called the ADFS “2” project, which during PDC08 was officially announced under the codename “Geneva”.

With “Geneva” we collectively indicated one developer product (“Geneva” Framework, now Windows Identity Foundation), one server product (“Geneva” Server, now Active Directory Federation Services v2) and one end-user one (Windows CardSpace “Geneva”, now Windows CardSpace 2). Today we put in your hands the first component of the former “Geneva” platform, and I am personally thrilled that is the one for developers :)

We had a fantastic beta program, receiving tons of good feedback which made its way in the product: what you get today is the first of its kind, and is the answer to the need expressed by so many of you of handling identity and access in .NET applications in consistent & easy way. As you heard me say so many times in my presentations in the last year, the time of hand weaving is over: now you can start to experience the power of the claims-based approach directly in your apps!

You can find the official announcement on the Forefront blog: furthermore, before leaving for Berlin/L.A. I was lucky enough to capture a short impression of Conrad Bayer, Director of Program Management for Identity and Access, and get his comments on this release for the Id Element.

All our content has been updated to work with Windows Identity Foundation RTM, and we created some new interesting deliverables: watch this blog and/or my twitter for the next few hours!

Download the November 2009 release of the Identity Developer Training Kit

vibro — Sat, 07 Nov 2009 00:00:45 GMT

Let’s close the WIF RC day with the November refresh of our Identity Developer Training Kit.

The new version of the Identity Developer Training Kit ported forward the three WIF labs (web site, web services, ASP.NET Membership provider) to the RC, and improved support for Windows 7 and Windows Server 2008 R2.

The ACS labs have been temporary removed, to give us the time to accommodate the new REST scenarios it now supports, but it will be back in in no time.

In addition to that, we’ll also be adding some new interesting content very soon… but I won’t spoil the surprise ;-)

Happy coding!

ClaimsDrivenModifierControl has been updated to WIF RC

vibro — Fri, 06 Nov 2009 19:32:51 GMT

Following the route of FabrikamShipping, the Claims-Driven Modifier Control is now ready to influence the behavior of your federated sample websites… using WIF RC :-)

enjoy!

FabrikamShipping has been updated to WIF RC

vibro — Fri, 06 Nov 2009 19:08:23 GMT

That’s right, the big sample you know and (hopefully?;-)) love has been updated for taking advantage of WIF RC.

Get it while it’s hot at http://code.msdn.microsoft.com/FabrikamShipping

The Id Element Special: up close & personal with WIF RC

vibro — Fri, 06 Nov 2009 18:21:00 GMT

The Federated Identity team finally unwrapped the RC version of Windows Identity Foundation: as you have come to expect, the Id Element did some fact gathering for you. Enjoy!

The release candidate of Windows Identity Foundation is here! Chock-full of improvements driven by YOUR feedback, WIF RC gives a very good idea of how the final release will look like.
Vittorio went to visit Sidd, Govind and Sesha to learn about the new features and explore the rationale behind some of them. From a comprehensive list of new features to deep dives in their favourite scenarios, the guys tell it all. Tune in!

The RC of Windows Identity Foundation is here!

vibro — Fri, 06 Nov 2009 18:06:00 GMT

You have been waiting for it: it is finally here. We have just released WIF RC, you can download it here. Note how nicely the logo reflects WIF’s status of member of the .NET family… i love it!

This release has very few breaking changes, but it is full of small & big improvements. You can learn all about it in our RC special of the Id Element!

Also, we updated to the RC the Identity Training Kit, FabrikamShipping and the ClaimsDrivenModifierControl; as the new versions come online I will post accordingly (and change the text into links).

And now… heads down for the Big R!

The New ACS is Live: if you do HTTP, you can play the Game

vibro — Fri, 06 Nov 2009 07:56:32 GMT

Today the .NET Services team released the first CTP that reflects the changes announced back in September: you can read about it in their team blog and in Justin’s blog and experiment with the service here.

You know, it’s kind of a big deal! The power of the claims-based approach is now within reach for REST developers and a surprisingly wide array of platform and devices: all it takes for taking advantage of the service is being able to use http and perform super-simple crypto (did I just say an oxymoron or what? Come on, you know what i mean :-)). Substantially, many of the diagram you have seen me drawing in the last 4 years remain pretty much unchanged: the difference is mainly in the kind of tokens exchanged (a minimalist bearer that plays fair with the space limitations in HTTPland) and in the protocol used.

The protocol ACS uses is WRAP, or Web Resource Authorization Protocol; in fact I should probably call it OAUTH WRAP, given what is mentioned on the WRAP discussion group home page… which is now moved to http://groups.google.com/group/oauth-wrap-wg. OAUTH WRAP has a companion token, the Simple Web Token or SWT, whose spec can be found here. Take the time to leaf through them: you’ll be surprised by how simple & straightforward they are.

I am itching to pick the pen and start scribbling on my tablet some schema for you, but I’ll resist the temptation: we are working on some content for helping you to explore the new possibilities that the service offers, and it will be available to you very soon. In the meanwhile, you can play with the samples in the SDK: and of course, don’t forget to add Justin’s session in your PDC09 agenda!

WIF on .NET Rocks!

vibro — Tue, 03 Nov 2009 17:30:12 GMT

Last Saturday I had the pleasure to spend 1 hour at the phone with Carl & Franklin from .NET Rocks: you can listen to the results here.

We mainly chatted about why claims are good for you: while the first parts are mostly introductory content, we quickly find ourselves discussing advanced topics, like the (good!) implications on development practices on switching to claims. It’s a gentle slope, so you’ll have time to pull out before the water gets too deep… or to dive right in, if identity is your thing ;-)

TechEd Europe & PDC

vibro — Tue, 03 Nov 2009 08:45:40 GMT

November is already here: can you believe it? The last few months have been a crescendo of activities, and now that PDC is just behind the corner they just turned in a tornado (alliterating in English is, well, weird). I can’t really tell you all we’ve been cooking for your identity geeks out there, but you’ll know soon enough: probably sooner than you think ;-)

In any case, this is the last week I have for finalizing everything: next Sunday I’ll hop on a flight for Berlin, where I’ll give a session on WIF: it’s

SIA305, “Windows Identity Foundation Overview”, on Wednesday 11/11 | 9:00-10:15 | New York 3 - Hall 7-1a. Thanks to the good work of the Security, Identity & Access track owners, this year the sessions’ order is actually the correct one: the session will follow the introductory breakout from my good friend David Chappell, who is presenting a 200 on claims based identity the day before (SIA204 Understanding Claims-Based Applications: An Overview of Active Directory Federation Services (AD FS) v2, Windows Identity Foundation, and CardSpace Tue 11/10 | 15:15-16:30 | Budapest - Hall 7-2b).

You’ll also find me at the booth, and I’ll periodically walk by the hands-on lab area (try SIA26!) to see if you have any questions. Looking forward to meet you there!

Every year I attach to TechEd Europe a tour of EU customers: this time I won’t be able to, on Friday I’ll fly straight to L.A. to add the finishing touches before the PDC09’s Big Show. More about this soon!

It’s official: ADFS 2.0 passes Liberty Alliance SAML 2.0 interop tests with IBM, SAP, Novell, Ping, Siemens, Entrust

vibro — Thu, 01 Oct 2009 03:22:36 GMT

Well, in the last 12 months we certainly covered a lot of ground!

Last October we announced that we were going to support the SAML protocol in ADFS 2 (at the time announced under the codename Geneva Server).

Today we are backing that claim (pun intended) with the results of the latest Liberty Alliance Interoperability Testing, which demonstrate that ADFS 2’s SAML 2.0 protocol implementation interoperates with the corresponding products from Entrust, IBM, Novell, Ping Identity, SAP, and Siemens.

As a rightfully proud team explains in the Geneva blog, the test included the three main profiles IdP Lite, SP Lite and EGov 1.5; and it was pretty much the Cartesian product of all vendors & test cases, which kind of explains why I haven’t seen my good friend Caleb Baker as often in the last few weeks :-)

Congratulations to the Federated Identity team for this important milestone. Thanks to their efforts & commitment, the question “does ADFS2 interoperates with X?” just became exceedingly easy to answer :-)

You can read more about this on:

Forefront Blog

Federated Identity team blog

Computerworld

Full results report