Keith Brown
Keith is a co-founder of Pluralsight where
he oversees the developer security curriculum, which has an impact across all
of Pluralsight's course offerings. Keith spends most of his time researching
security techniques and technologies, and has spent a decade teaching and
developing course material for professional software developers. Keith is a
contributing editor for MSDN Magazine,
where he wrote the Security Briefs column for eight years. Keith regularly
contributes feature articles to the magazine, while focusing his attention most
recently on his
blog.
Keith has authored and co-authored several
books:
- The .NET Developer's Guide to Windows Security
- Programming Windows Security
- Essential ASP.NET 2.0 (with Fritz Onion)
- Effective COM (with Don Box, Tim Ewald, and Chris Sells)
Track abstract - .NET
Single Sign On for ASP.NET Web Applications
For years, Windows has supported a rich, built-in authentication and authorization framework. If you can assume clients will have a Windows account, you can rely on Windows integrated authentication to validate client identity, and use impersonation, ACLs, and role-based security to authorize access to resources. But that model only works if all of your users have Active Directory accounts in a trusted domain. It's difficult to turn one of these applications to face the Internet to support remote employees, partners, and so on.
This talk will introduce you to claims-based identity, which allows you to factor authentication and some authorization decisions out of your applications and into a central identity service. This model makes it much easier to achieve Internet-friendly single sign on. It also makes it easier for your application to receive richer identity information, and paves the way for cross-realm federation, should you ever need to integrate with another organization or another platform (Java, for example). In this talk, you'll be introduced to Windows Identity Foundation as the identity API for web applications.
