WAAD THE F**K

Transcript

1. WAAD THE F**K
   Introducing Windows Azure Active Directory
   

   View Slide

2. Hi!
   Robert Muehsig
   CodeInside.eu
   @robert0muehsig
   Web Geek & ASP.NET MVP
   Working @ OneOffixx AG
   

   View Slide

3. View Slide

4. Uhmm… I might know…
   The „Windows Azure Active Directory“ Naming
   =
   Marketing
   

   View Slide

5. Recap Active Directory
   - LDAP
   - User / Machines
   - Old…
   - Easy to use…
   

   View Slide

6. Welcome to a new World
   The Cloud
   Problem:
   Authentication &
   Authorization &
   Identity Data
   

   View Slide

7. Authentication via SAML / WS-Fed
   • First „idea“ how to work in a connected world
   • WS-* Family
   • Claims
   • XML-based
   

   View Slide

8. Authentication via SAML / WS-Fed
   Problem:
   I need more data?!
   (from other users…)
   

   View Slide

9. Introducing Windows Azure Active Directory
   Like Facebook. But for Enterprises.
   

   View Slide

10. Introducing Windows Azure Active Directory
    • Single sign-on
    • Auth based on Webstandards (SAML 2.0, WS-Fed, OpenId)
    • „Graph API“ – REST API
    • Identity & Access Management
    • Active Directory Integration via „DirSync“ or ADFS
    • Used in Office 365
    

    View Slide

11. Introducing Windows Azure Active Directory
    IT-Pro & Dev Heaven
    

    View Slide

12. DEMOS
    

    View Slide

13. Recap
    ✓ Sign in with Azure User
    

    View Slide

14. Recap
    ✓ Sign in with Azure Users
    ✓ Read & Write Directory Data
    

    View Slide

15. Recap
    ✓ Sign in with Azure Users
    ✓ Read & Write Directory Data
    ✓ WAAD Secured WebApi&Client
    

    View Slide

16. View Slide

17. Meet the Management Portal
    

    View Slide

18. View Slide

19. Demo: VS 2013 Wizard
    Just code…
    

    View Slide

20. Recap Wizard
    • WS-Fed
    • Authentication
    • Web.config-Magic
    

    View Slide

21. Demo: Auth with OpenID Connect
    Just Code…
    

    View Slide

22. Recap OpenID Connect with Azure
    AD
    • Identity Layer on top of OAuth 2.0
    • Web-Friendly
    • OWIN based
    

    View Slide

23. Recap OpenID Connect with Azure
    AD
    • Sign-In Code =>
    AccountController.cs
    app.UseOpenIdConnectAuthentication(
    new
    OpenIdConnectAuthenticationOptions
    {
    Client_Id = clientId,
    Authority = authority,
    Post_Logout_Redirect_Uri =
    postLogoutRedirectUri
    });
    

    View Slide

24. Adding a Console Client
    Just Code…
    

    View Slide

25. Recap Adding a Console Client
    • „Web API“ Service Manifest
    • Each „Client App“ needs an
    ID and Access Permissions
    • Another OWIN Middleware
    • ADAL – Active Directory
    Authentication Library
    

    View Slide

26. Recap Adding a Console Client
    OWIN Magic
    app.UseWindowsAzureActiveDirectoryBearerAuthent
    ication(
    new
    WindowsAzureActiveDirectoryBearerAuthentication
    Options
    {
    Audience =
    "https://localhost:44301/",
    Tenant = tenant,
    AuthenticationType =
    "OAuth2Bearer",
    });
    

    View Slide

27. Recap Adding a Console Client
    Web API Magic
    public class DemoController : ApiController
    {
    [HostAuthentication("OAuth2Bearer")]
    [Authorize]
    public string Get()
    {
    return ("Hello World @" +
    DateTime.UtcNow.ToShortTimeString() + " !");
    }
    }
    

    View Slide

28. Demo: Graph API
    Just Code…
    

    View Slide

29. Recap Graph API
    • Managed API
    • CRUD
    • Query / Search Features
    Moar Magic
    

    View Slide

30. FAST Release Cycle
    • Very fast development cycle – many
    „previews“ and more features
    coming.
    

    View Slide

31. View Slide

32. Resources
    https://github.com/AzureADSamples/
    http://cloudidentity.com
    

    View Slide