WAAD THE F**K

WAAD THE F**K

Introducing Windows Azure Active Directory

Presentation was hold in Nurnberg, Germany at the Developer Week 2014 (DWX14)

34676b6e108d2752c33c33bf2f47972c?s=128

Robert Muehsig

June 17, 2014
Tweet

Transcript

  1. WAAD THE F**K Introducing Windows Azure Active Directory

  2. Hi! Robert Muehsig CodeInside.eu @robert0muehsig Web Geek & ASP.NET MVP

    Working @ OneOffixx AG
  3. None
  4. Uhmm… I might know… The „Windows Azure Active Directory“ Naming

    = Marketing
  5. Recap Active Directory - LDAP - User / Machines -

    Old… - Easy to use…
  6. Welcome to a new World The Cloud Problem: Authentication &

    Authorization & Identity Data
  7. Authentication via SAML / WS-Fed • First „idea“ how to

    work in a connected world • WS-* Family • Claims • XML-based
  8. Authentication via SAML / WS-Fed Problem: I need more data?!

    (from other users…)
  9. Introducing Windows Azure Active Directory Like Facebook. But for Enterprises.

  10. Introducing Windows Azure Active Directory • Single sign-on • Auth

    based on Webstandards (SAML 2.0, WS-Fed, OpenId) • „Graph API“ – REST API • Identity & Access Management • Active Directory Integration via „DirSync“ or ADFS • Used in Office 365
  11. Introducing Windows Azure Active Directory IT-Pro & Dev Heaven

  12. DEMOS

  13. Recap ✓ Sign in with Azure User

  14. Recap ✓ Sign in with Azure Users ✓ Read &

    Write Directory Data
  15. Recap ✓ Sign in with Azure Users ✓ Read &

    Write Directory Data ✓ WAAD Secured WebApi&Client
  16. None
  17. Meet the Management Portal

  18. None
  19. Demo: VS 2013 Wizard Just code…

  20. Recap Wizard • WS-Fed • Authentication • Web.config-Magic

  21. Demo: Auth with OpenID Connect Just Code…

  22. Recap OpenID Connect with Azure AD • Identity Layer on

    top of OAuth 2.0 • Web-Friendly • OWIN based
  23. Recap OpenID Connect with Azure AD • Sign-In Code =>

    AccountController.cs app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { Client_Id = clientId, Authority = authority, Post_Logout_Redirect_Uri = postLogoutRedirectUri });
  24. Adding a Console Client Just Code…

  25. Recap Adding a Console Client • „Web API“ Service Manifest

    • Each „Client App“ needs an ID and Access Permissions • Another OWIN Middleware • ADAL – Active Directory Authentication Library
  26. Recap Adding a Console Client OWIN Magic app.UseWindowsAzureActiveDirectoryBearerAuthent ication( new

    WindowsAzureActiveDirectoryBearerAuthentication Options { Audience = "https://localhost:44301/", Tenant = tenant, AuthenticationType = "OAuth2Bearer", });
  27. Recap Adding a Console Client Web API Magic public class

    DemoController : ApiController { [HostAuthentication("OAuth2Bearer")] [Authorize] public string Get() { return ("Hello World @" + DateTime.UtcNow.ToShortTimeString() + " !"); } }
  28. Demo: Graph API Just Code…

  29. Recap Graph API • Managed API • CRUD • Query

    / Search Features Moar Magic
  30. FAST Release Cycle • Very fast development cycle – many

    „previews“ and more features coming.
  31. None
  32. Resources https://github.com/AzureADSamples/ http://cloudidentity.com