Infosys | Microsoft: Role of Claims based Authentication in Federated Security -- 5 (Zermatt)

Zermatt is the code name of the Single Sign On /Federated Security Solution which Microsoft is planning to offer. This is currently in its Beta. It is a set of classes which helps end users build Security Token Service (STS) of their own and generate the tokens as per their requirement. As long as it fits into the representation standard schema of SAML (Security Assertion Markup Language), the RP (relying party) is capable of understanding the same, the single sign on solution works.

It leverages a host of WS protocols for achieving this like WS Security, WS Policy, WS Trust, WS Federation, etc. Based on the type of client trying to access the service, there are 2 broad categories.

Active Clients: Clients which are WCF Service aware and which can understand all of the WS protocols mentioned above (since WCF is built with all of these WS protocols in it).

Passive Clients: Clients which are not WCF Service aware and which cannot understand all of the WS protocols mentioned above. Good example for this is the browser like IE. Zermatt offers a slightly different solution for this through Http Module and Http Redirect mechanisms for achieving the same.

The Beta SDK , has a decent number of samples to play around and you can always ping me back in case you have any queires around the same.

To summarize, Claims based authentication with Zermatt, will form the foundation for Federated Security in S+S scenario which is also referred to as Cloud Computing in different context.

Infosys | Microsoft

Role of Claims based Authentication in Federated Security -- 5 (Zermatt)

TrackBack

Post a comment

Blogger Profiles

Recent Posts

Categories

Archives