Chapter 9. Authenticating Users with .NET Access Control Services
.NET Access Control Services (ACS) is one of three .NET Services for Windows Azure Platform. ACS is a customizable, cloud-based Security Token Service (STS) that supports user authentication by any of the following credentials:
User (solution) name and password
Windows Live ID
Windows CardSpace
X.509 certificate
Security Assertion Markup Language (SAML) tokens issued by third-party STSs
Note
Wikipedia describes SAML as "an XML-based standard for exchanging authentication and authorization data between security domains, that is, between an identity provider (a producer of assertions) and a service provider (a consumer of assertions)." SAML "is a product of the OASIS Security Services Technical Committee [and] has become the definitive standard underlying many web Single Sign-On solutions in the enterprise identity management problem space." Additional information about the SAML Technical Committee (TC) is at http://bit.ly/Xsv31, www.oasis-open.org/committees/tc_home.php?wg_abbrev=security. The saml.xml.org site (http://saml.xml.org/) is the primary source of SAML resources for developers.
ACS is an STS infrastructure hosted in Windows Azure that authenticates credentials and issues tokens. Each .NET Services solution has a private, isolated STS at its disposal. ACS also provides a role-based authorization framework that relies on claims-based rules. Integrating ACS with an Azure WebRole or other .NET applications requires ...
Get Cloud Computing with the Windows® Azure™ Platform now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
