Upgrade to Pro — share decks privately, control downloads, hide ads and more …

WAAD THE F**K

WAAD THE F**K

Introducing Windows Azure Active Directory

Presentation was hold in Nurnberg, Germany at the Developer Week 2014 (DWX14)

Robert Muehsig

June 17, 2014
Tweet

More Decks by Robert Muehsig

Other Decks in Programming

Transcript

  1. WAAD THE F**K Introducing Windows Azure Active Directory

  2. Hi! Robert Muehsig CodeInside.eu @robert0muehsig Web Geek & ASP.NET MVP

    Working @ OneOffixx AG
  3. None
  4. Uhmm… I might know… The „Windows Azure Active Directory“ Naming

    = Marketing
  5. Recap Active Directory - LDAP - User / Machines -

    Old… - Easy to use…
  6. Welcome to a new World The Cloud Problem: Authentication &

    Authorization & Identity Data
  7. Authentication via SAML / WS-Fed • First „idea“ how to

    work in a connected world • WS-* Family • Claims • XML-based
  8. Authentication via SAML / WS-Fed Problem: I need more data?!

    (from other users…)
  9. Introducing Windows Azure Active Directory Like Facebook. But for Enterprises.

  10. Introducing Windows Azure Active Directory • Single sign-on • Auth

    based on Webstandards (SAML 2.0, WS-Fed, OpenId) • „Graph API“ – REST API • Identity & Access Management • Active Directory Integration via „DirSync“ or ADFS • Used in Office 365
  11. Introducing Windows Azure Active Directory IT-Pro & Dev Heaven

  12. DEMOS

  13. Recap ✓ Sign in with Azure User

  14. Recap ✓ Sign in with Azure Users ✓ Read &

    Write Directory Data
  15. Recap ✓ Sign in with Azure Users ✓ Read &

    Write Directory Data ✓ WAAD Secured WebApi&Client
  16. None
  17. Meet the Management Portal

  18. None
  19. Demo: VS 2013 Wizard Just code…

  20. Recap Wizard • WS-Fed • Authentication • Web.config-Magic

  21. Demo: Auth with OpenID Connect Just Code…

  22. Recap OpenID Connect with Azure AD • Identity Layer on

    top of OAuth 2.0 • Web-Friendly • OWIN based
  23. Recap OpenID Connect with Azure AD • Sign-In Code =>

    AccountController.cs app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { Client_Id = clientId, Authority = authority, Post_Logout_Redirect_Uri = postLogoutRedirectUri });
  24. Adding a Console Client Just Code…

  25. Recap Adding a Console Client • „Web API“ Service Manifest

    • Each „Client App“ needs an ID and Access Permissions • Another OWIN Middleware • ADAL – Active Directory Authentication Library
  26. Recap Adding a Console Client OWIN Magic app.UseWindowsAzureActiveDirectoryBearerAuthent ication( new

    WindowsAzureActiveDirectoryBearerAuthentication Options { Audience = "https://localhost:44301/", Tenant = tenant, AuthenticationType = "OAuth2Bearer", });
  27. Recap Adding a Console Client Web API Magic public class

    DemoController : ApiController { [HostAuthentication("OAuth2Bearer")] [Authorize] public string Get() { return ("Hello World @" + DateTime.UtcNow.ToShortTimeString() + " !"); } }
  28. Demo: Graph API Just Code…

  29. Recap Graph API • Managed API • CRUD • Query

    / Search Features Moar Magic
  30. FAST Release Cycle • Very fast development cycle – many

    „previews“ and more features coming.
  31. None
  32. Resources https://github.com/AzureADSamples/ http://cloudidentity.com