Search Results

Search found 2648 results on 106 pages for 'federated identity'.

Page 8/106 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • How to control order of assignment for new identity column in SQL Server?

    - by alpav
    I have a table with CreateDate datetime field default(getdate()) that does not have any identity column. I would like to add identity(1,1) field that would reflect same order of existing records as CreateDate field (order by would give same results). How can I do that ? I guess if I create clustered key on CreateDate field and then add identity column it will work (not sure if it's guaranteed), is there a good/better way ? I am interested in SQL Server 2005, but I guess the answer will be the same for SQL Server 2008, SQL Server 2000.

    Read the article

  • How to control order of assignment for new identity column in mssql ?

    - by alpav
    I have a table with CreateDate datetime field default(getdate()) that does not have any identity column. I would like to add identity(1,1) field that would reflect same order of existing records as CreateDate field (order by would give same results). How can I do that ? I guess if I create clustered key on CreateDate field and then add identity column it will work (not sure if it's guaranteed), is there a good/better way ? I am interested in sql 2005, but I guess the answer will be the same for sql 2008, sql 2000.

    Read the article

  • expected identity upn connecting to service as network service,

    - by Jim
    Hi, We have a web application, running in an application pool as 'NETWORK SERVICE'. The web application connects to a service (.svc) on another web server. The other web server also has the service hosted as 'NETWORK SERVICE'. I believe this is the default. The following endpoint, when run anywhere else works perfectly. <endpoint address="http://server123/UnitTrustService/UnitTrustService.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_UnitTrustService" contract="UnitTrustServiceReference.UnitTrustService" name="WSHttpBinding_UnitTrustService"> <identity> <servicePrincipalName value="server123" /> </identity> </endpoint> Unfortunately when executed from the web site, we get the following error. System.ServiceModel.Security.MessageSecurityException: The identity check failed for the outgoing message. The expected identity is 'identity(http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn)' for the 'http://server123/UnitTrustService/UnitTrustService.svc' target endpoint. Server stack trace: at System.ServiceModel.Security.IdentityVerifier.EnsureIdentity(EndpointAddress serviceReference, AuthorizationContext authorizationContext, String errorString)... Any ideas? I have tried running this as local system on the web server machine with exactly the same configuration and it works perfectly. It has something to do with IIS? Regards Craig.

    Read the article

  • Chalk Talk with John: Business Value of Identity and Access Management

    - by John Brunswick
    Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-family:"Calibri","sans-serif"; mso-ascii- mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi- mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} Conveying the business value of Identity and Access Management to non technologists can potentially be challenging, especially considering the breadth capability supplied by these technologies. In this episode of Chalk Talk with John, Bob at Codeaway Valley asks Jim from Middleware Fields how they are able to manage access to buildings and facilities throughout their community. Bob and his team struggle to keep up with the needs of their community members, while ensuring the community’s safety. Jim shares his creative solution to simplifying the management of access throughout their community in Middleware Fields. Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-family:"Calibri","sans-serif"; mso-ascii- mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi- mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} About me: Hi, I am John Brunswick, an Oracle Enterprise Architect. As an Oracle Enterprise Architect, I focus on the alignment of technical capabilities in support of business vision and objectives, as well as the overall business value of technology.  Before coming to Oracle, I was a Practice Manager within BEA System's Business Interaction Division consulting organization, orchestrating enterprise systems in support of line of business goals. Follow me on Twitter and visit my site for Oracle Fusion Middleware related tips.

    Read the article

  • Is it possible to set a claimType to be required and have a certain value in WIF?

    - by Nissan Fan
    <claimTypeRequired> <claimType type="http://www.stackoverflow.com/claims/canwalkthedog" optional="false" /> </claimTypeRequired> Is it possible in WIF apps to setup the web.config to use constraints. E.g. Say that a particular claim is required and must contain a value such as 1 or 'Y'? I want to create a situation where the framework dispermits access to an application if a claim doesn't meet a certain criteria, rather than to code it out implicitly.

    Read the article

  • Adding A Custom Dropdown in RCDC for Forefront Identity Manager 2010

    - by Daniel Lackey
    My latest exploration has been FIM 2010 for Identity Management. The following is a post of how to add a custom dropdown for the FIM Portal. I have decided to document this as I cannot find documentation on how to do this anywhere else. I hope that it finds useful to others.   For starters, this was to me not an easy task to figure out. I really would like to know why it is so cumbersome to do something that seems like a lot of people would need to do, but that’s for another day J   The dropdown I wanted to add was for ‘Account Status’ which would display if the account is ‘Enabled’ or ‘Disabled’ in the data source Active Directory. This option would also allow helpdesk users or admins to administer the userAccountControl attribute in AD from the FIM Portal interface.   The first thing I had to do was create the attribute itself. This is done by going to Administration à Schema Management from the FIM 2010 portal. Once here, you click on All Attributes. What is listed here are all attributes and their associated Resource Types in FIM. To create the ‘AccountStatus’ attribute, click on New. As shown below, enter ‘AccountStatus’ with no spaces for the System Name and ‘Account Status’ for the Display Name. The Data Type is going to be ‘Indexed String’. Click Next.           Leave everything on the Localization tab default and click Next.   On the Validation tab as shown below, we will enter the regex expression ^(Enabled|Disabled)?$ with our two desired string values ‘Enabled’ and ‘Disabled’. Click on Finish and then and Submit to complete adding the attribute.       The next step involves associating the attribute with a resource type. This is called ‘Binding’ the attribute. From the Schema Management page, click on All Bindings. From the page that comes up, click on New. As shown below, enter ‘User’ for the Resource Type and ‘Account Status’ for the Attribute Type. This is essentially binding the Account Status attribute to the ‘User’ Resource Type. Click Next.    On the ‘Attribute Override’ tab, type in ‘Account Status’ for the Display Name field. Click Next.   On the ‘Localization’ tab, click Next.   On the ‘Validation’ tab, enter the regex expression ^(Enabled|Disabled)?$ we entered previously for the attribute. Click Finish and then Submit to complete.   Now that the Attribute and the Binding are complete, you have to give users permission to see the attribute on the User Edit page. Go to Administration à Management Policy Rules. Look for the rule named Administration: Administrators can read and update Users and click on it. Once it opens, click on the ‘Target Resources’ tab and look at the section named Resource Attributes. Type in at the end the ‘Account Status’ attribute and check it with the validator. Once done click on OK to save the changes.         Lastly, we need to add the actual dropdown control to the RCDC (Resource Control Display Configuration) for User Editing. Go to Administration à Resource Control Display Configuration. From here navigate until you find the RCDC named Configuration for User Editing RCDC and click on it. The following is what you will see:       First step is to export the Configuration Data file. Click on the Export configuration link and save the file to your desktop of other folder.   Find the file you just exported and open the file in your XML editor of choice. I use notepad but anything will work. Since we are adding a dropdown control, first find another control in the existing file that is already a dropdown in FIM. I used EmployeeType as my example. Copy the control from the beginning tag named <my:Control… to the ending tag </my:Control>. Now take what you copied and paste it in whatever location you desire within the form between two other controls. I chose to place the ‘Account Status’ field after the ‘Account Name’ field. After you paste the control you will need to modify so it looks like this:       Notice where you specify what attribute you are dealing with where it has AccountStatus in the XML. Once you are complete with modifying this, save the file and make sure it is a .xml file.   Now go back to the Configuration for User Editing screen and look at the section named ‘Configuration Data’. Click the ‘Browse’ button and find the XML file you just modified and choose it. Click OK on the bottom of the window and you are done!   Now when you click on a user’s name in the FIM Portal, you should see the newly added dropdown box as below:       Later I will post more about this drop down, specifically on how to automate actually ‘Disabling’ the account in the data source through the FIM Workflows and MAs.   <my:Control my:Name="AccountStatus" my:TypeName="UocDropDownList" my:Caption="{Binding Source=schema, Path=AccountStatus.DisplayName}" my:Description="{Binding Source=schema, Path=AccountStatus.Description}" my:RightsLevel="{Binding Source=rights, Path=AccountStatus}"> <my:Properties> <my:Property my:Name="ValuePath" my:Value="Value"/> <my:Property my:Name="CaptionPath" my:Value="Caption"/> <my:Property my:Name="HintPath" my:Value="Hint"/> <my:Property my:Name="ItemSource" my:Value="{Binding Source=schema, Path=AccountStatus.LocalizedAllowedValues}"/> <my:Property my:Name="SelectedValue" my:Value="{Binding Source=object, Path=AccountStatus, Mode=TwoWay}"/> </my:Properties> </my:Control>

    Read the article

  • Application Pool Identity corruption

    - by Gavin Osborn
    I have observed a few times while deploying software into IIS that every now and again the related Application Pools fail to restart and in the Event Log we see an error like the following: The identity of application pool, 'AppPoolName' is invalid. If it remains invalid when the first request for the application pool is processed, the application pool will be disabled. This does not happen frequently but when it does the only solution is to re-apply the Identity password in the IIS Manager Window. As soon as I re-apply and then restart the application pool the web sites come back up. Facts: The account is a service account whose password never expires. The account is local to the IIS host. The account password is never changed. This is IIS 6 running on Windows Server 2003 Deployment of the software is via MSI and involves several IIS Resets. The software is created in house and does not do anything fancy to IIS. Any ideas how the identity information might become corrupt? Edit: Clarification To be clear - this user account and password combination work absolutely fine and usually works fine as the Identity of the Application Pool. It is only when we deploy updates of our software into an existing IIS application that it stops working. Our password has not changed Our deployment does not change the password or reconfigure the application pools. This does not happen every time, 1/20 times perhaps. If we re-enter the password into IIS and restart the App Pools everything works.

    Read the article

  • Welcome to ubiquitous file sharing (December 08, 2009)

    - by user12612012
    The core of any file server is its file system and ZFS provides the foundation on which we have built our ubiquitous file sharing and single access control model.  ZFS has a rich, Windows and NFSv4 compatible, ACL implementation (ZFS only uses ACLs), it understands both UNIX IDs and Windows SIDs and it is integrated with the identity mapping service; it knows when a UNIX/NIS user and a Windows user are equivalent, and similarly for groups.  We have a single access control architecture, regardless of whether you are accessing the system via NFS or SMB/CIFS.The NFS and SMB protocol services are also integrated with the identity mapping service and shares are not restricted to UNIX permissions or Windows permissions.  All access control is performed by ZFS, the system can always share file systems simultaneously over both protocols and our model is native access to any share from either protocol.Modal architectures have unnecessary restrictions, confusing rules, administrative overhead and weird deployments to try to make them work; they exist as a compromise not because they offer a benefit.  Having some shares that only support UNIX permissions, others that only support ACLs and some that support both in a quirky way really doesn't seem like the sort of thing you'd want in a multi-protocol file server.  Perhaps because the server has been built on a file system that was designed for UNIX permissions, possibly with ACL support bolted on as an add-on afterthought, or because the protocol services are not truly integrated with the operating system, it may not be capable of supporting a single integrated model.With a single, integrated sharing and access control model: If you connect from Windows or another SMB/CIFS client: The system creates a credential containing both your Windows identity and your UNIX/NIS identity.  The credential includes UNIX/NIS IDs and SIDs, and UNIX/NIS groups and Windows groups. If your Windows identity is mapped to an ephemeral ID, files created by you will be owned by your Windows identity (ZFS understands both UNIX IDs and Windows SIDs). If your Windows identity is mapped to a real UNIX/NIS UID, files created by you will be owned by your UNIX/NIS identity. If you access a file that you previously created from UNIX, the system will map your UNIX identity to your Windows identity and recognize that you are the owner.  Identity mapping also supports access checking if you are being assessed for access via the ACL. If you connect via NFS (typically from a UNIX client): The system creates a credential containing your UNIX/NIS identity (including groups). Files you create will be owned by your UNIX/NIS identity. If you access a file that you previously created from Windows and the file is owned by your UID, no mapping is required. Otherwise the system will map your Windows identity to your UNIX/NIS identity and recognize that you are the owner.  Again, mapping is fully supported during ACL processing. The NFS, SMB/CIFS and ZFS services all work cooperatively to ensure that your UNIX identity and your Windows identity are equivalent when you access the system.  This, along with the single ACL-based access control implementation, results in a system that provides that elusive ubiquitous file sharing experience.

    Read the article

  • Can I make an identity field span multiple tables in SQL Server?

    - by johnnycakes
    Can I have an "identity" (unique, non-repeating) column span multiple tables? For example, let's say I have two tables: Books and Authors. Authors AuthorID AuthorName Books BookID BookTitle The BookID column and the AuthorID column are identity columns. I want the identity part to span both columns. So, if there is an AuthorID with a value of 123, then there cannot be a BookID with a value of 123. And vice versa. I hope that makes sense. Is this possible? Thanks. Why do I want to do this? I am writing an APS.NET MVC app. I am creating a comment section. Authors can have comments. Books can have comments. I want to be able to pass an entity ID (a book ID or an author ID) to an action and have the action pull up all the corresponding comments. The action won't care if it's a book or an author or whatever. Sound reasonable?

    Read the article

  • Building a Roadmap for an IAM Platform

    - by B Shashikumar
    Identity Management is no longer a departmental solution, it has become a strategic part of every organization's security posture. Enterprises require a forward thinking Identity Management strategy. In our previous blog post on "The Oracle Platform Approach", we discussed a recent study by Aberdeen which showed that organizations taking a platform approach can reduce cost by as much as 48% and have 35% fewer audit deficiencies. So how does an organization get started with an Identity Management (IAM) Platform? What are the components of such a platform and how can an organization continuously evolve it for better ROI and IT agility. What are some of the best practices to begin an IAM deployment? To find out the answers and to learn how ot build a comprehensive IAM roadmap, check out this presentation which discusses how Oracle can provide a quick start to your IAM program.  Platform approach-series-building a-roadmap-finalv1 View more presentations from OracleIDM

    Read the article

  • Taking the Plunge - or Dipping Your Toe - into the Fluffy IAM Cloud by Paul Dhanjal (Simeio Solutions)

    - by Greg Jensen
    In our last three posts, we’ve examined the revolution that’s occurring today in identity and access management (IAM). We looked at the business drivers behind the growth of cloud-based IAM, the shortcomings of the old, last-century IAM models, and the new opportunities that federation, identity hubs and other new cloud capabilities can provide by changing the way you interact with everyone who does business with you. In this, our final post in the series, we’ll cover the key things you, the enterprise architect, should keep in mind when considering moving IAM to the cloud. Invariably, what starts the consideration process is a burning business need: a compliance requirement, security vulnerability or belt-tightening edict. Many on the business side view IAM as the “silver bullet” – and for good reason. You can almost always devise a solution using some aspect of IAM. The most critical question to ask first when using IAM to address the business need is, simply: is my solution complete? Typically, “business” is not focused on the big picture. Understandably, they’re focused instead on the need at hand: Can we be HIPAA compliant in 6 months? Can we tighten our new hire, employee transfer and termination processes? What can we do to prevent another password breach? Can we reduce our service center costs by the end of next quarter? The business may not be focused on the complete set of services offered by IAM but rather a single aspect or two. But it is the job – indeed the duty – of the enterprise architect to ensure that all aspects are being met. It’s like remodeling a house but failing to consider the impact on the foundation, the furnace or the zoning or setback requirements. While the homeowners may not be thinking of such things, the architect, of course, must. At Simeio Solutions, the way we ensure that all aspects are being taken into account – to expose any gaps or weaknesses – is to assess our client’s IAM capabilities against a five-step maturity model ranging from “ad hoc” to “optimized.” The model we use is similar to Capability Maturity Model Integration (CMMI) developed by the Software Engineering Institute (SEI) at Carnegie Mellon University. It’s based upon some simple criteria, which can provide a visual representation of how well our clients fair when evaluated against four core categories: ·         Program Governance ·         Access Management (e.g., Single Sign-On) ·         Identity and Access Governance (e.g., Identity Intelligence) ·         Enterprise Security (e.g., DLP and SIEM) Often our clients believe they have a solution with all the bases covered, but the model exposes the gaps or weaknesses. The gaps are ideal opportunities for the cloud to enter into the conversation. The complete process is straightforward: 1.    Look at the big picture, not just the immediate need – what is our roadmap and how does this solution fit? 2.    Determine where you stand with respect to the four core areas – what are the gaps? 3.    Decide how to cover the gaps – what role can the cloud play? Returning to our home remodeling analogy, at some point, if gaps or weaknesses are discovered when evaluating the complete impact of the proposed remodel – if the existing foundation wouldn’t support the new addition, for example – the owners need to decide if it’s time to move to a new house instead of trying to remodel the old one. However, with IAM it’s not an either-or proposition – i.e., either move to the cloud or fix the existing infrastructure. It’s possible to use new cloud technologies just to cover the gaps. Many of our clients start their migration to the cloud this way, dipping in their toe instead of taking the plunge all at once. Because our cloud services offering is based on the Oracle Identity and Access Management Suite, we can offer a tremendous amount of flexibility in this regard. The Oracle platform is not a collection of point solutions, but rather a complete, integrated, best-of-breed suite. Yet it’s not an all-or-nothing proposition. You can choose just the features and capabilities you need using a pay-as-you-go model, incrementally turning on and off services as needed. Better still, all the other capabilities are there, at the ready, whenever you need them. Spooling up these cloud-only services takes just a fraction of the time it would take a typical organization to deploy internally. SLAs in the cloud may be higher than on premise, too. And by using a suite of software that’s complete and integrated, you can dramatically lower cost and complexity. If your in-house solution cannot be migrated to the cloud, you might consider using hardware appliances such as Simeio’s Cloud Interceptor to extend your enterprise out into the network. You might also consider using Expert Managed Services. Cost is usually the key factor – not just development costs but also operational sustainment costs. Talent or resourcing issues often come into play when thinking about sustaining a program. Expert Managed Services such as those we offer at Simeio can address those concerns head on. In a cloud offering, identity and access services lend to the new paradigms described in my previous posts. Most importantly, it allows us all to focus on what we're meant to do – provide value, lower costs and increase security to our respective organizations. It’s that magic “silver bullet” that business knew you had all along. If you’d like to talk more, you can find us at simeiosolutions.com.

    Read the article

  • IIS7.5 Domain Account Application Pool Identity for SQL Server Authentication

    - by Gareth Hill
    In Windows Server 2003/IIS6 land we typically create an app pool that runs as the identity of an AD account created with minimal privileges simply for that purpose. This same domain user would also be granted access to SQL Server so that any ASP.NET application in that app pool would be able to connect to SQL Server with Integrated Security=SSPI. We are making a brave move to the world of Windows Server 2008 R2/IIS7.5 and are looking to replicate this model, but I am struggling with how to make the application pool in IIS7.5 run as the identity of an AD account? I know this sounds simple and hopefully it is, but my attempts so far have been fruitless. Should the application pool identity be a 'Custom account' for a domain account? Does the domain account need to be added to any groups?

    Read the article

  • IIS7.5 Domain Account Application Pool Identity for SQL Server Authentication

    - by user38652
    In Windows Server 2003/IIS6 land we typically create an app pool that runs as the identity of an AD account created with minimal privileges simply for that purpose. This same domain user would also be granted access to SQL Server so that any ASP.NET application in that app pool would be able to connect to SQL Server with Integrated Security=SSPI. We are making a brave move to the world of Windows Server 2008 R2/IIS7.5 and are looking to replicate this model, but I am struggling with how to make the application pool in IIS7.5 run as the identity of an AD account? I know this sounds simple and hopefully it is, but my attempts so far have been fruitless. Should the application pool identity be a 'Custom account' for a domain account? Does the domain account need to be added to any groups?

    Read the article

  • How to properly reserve identity values for usage in a database?

    - by esac
    We have some code in which we need to maintain our own identity (PK) column in SQL. We have a table in which we bulk insert data, but we add data to related tables before the bulk insert is done, thus we can not use an IDENTITY column and find out the value up front. The current code is selecting the MAX value of the field and incrementing it by 1. Although there is a highly unlikely chance that two instances of our application will be running at the same time, it is still not thread-safe (not to mention that it goes to the database everytime). I am using the ADO.net entity model. How would I go about 'reserving' a range of id's to use, and when that range runs out, grab a new block to use, and guarantee that the same range will not be used.

    Read the article

  • 5 Blogging Tips for Developing a Unique Identity

    There are countless blogging tips you can find on generating traffic or even the best platform to use but what about how to stand out? Your uniqueness is ultimately what will determine the degree of ... [Author: TJ Philpott - Computers and Internet - April 01, 2010]

    Read the article

  • Logo Design in Brand Identity

    Yes, it is entirely possible that your business can do without hiring someone to create a logo design for you or your company. However, what if someone promises that using a logo design would bring i... [Author: Claudia Winifred - Web Design and Development - March 20, 2010]

    Read the article

  • Drop in service for account management, authentication, identity?

    - by Mike Repass
    I'm building an Android app and associated set of web services for uploading/downloading data. I need a basic (no frills) solution for account management (register, login, logout, verify credentials/token). What open source / third party solutions exist for this scenario? I need: create a new account db based on a salt simple web service to create a new account simple web service to authenticate supplied credentials and return some sort of token That's it, I can get by without 'fancy' email activation or password reset for the time being. Are there off-the-shelf components for this? Should I just use a 'blank' django or rails app to get this done? Seems crazy for everyone to be doing CREATE TABLE user_accounts ... Thoughts? Thank you.

    Read the article

  • Configure Oracle Identity Manager AD/LDAP Authentication

    - by Arda Eralp
    Requirements (on AD side) LDAP connection user with the necessary rights in AD to do subtree searches on your users and groups container, respectively in the scope we configure below For LDAP in OIM to work, you need an AD Group called "oimusers", in which all users who shall be able to login to OIM need to be member. The group need to be named exactly "oimusers". Step 1: Login Weblogic Administration Console  Step 2: Create New Provider Authentication Provider Name: ADAuthenticationProvider Type: ActiveDirectoryAuthenticator Control Flag: SUFFICIENT   User scope configuration User Base DN: Container where your users are found Rest of the parameters stay default   Group scope configuration Group Base DN: Container where your groups are found Your "oimusers" group must be found in this container or in the subtree Rest of the parameters stay default  Step 3: Restart Admin Server Step 4: Check oimusers group Step 5: Re order providers Step 6: Restart Admin Server

    Read the article

  • Identity in .NET 4.5&ndash;Part 3: (Breaking) changes

    - by Your DisplayName here!
    I recently started porting a private build of Thinktecture.IdentityModel to .NET 4.5 and noticed a number of changes. The good news is that I can delete large parts of my library because many features are now in the box. Along the way I found some other nice additions. ClaimsIdentity now has methods to query the claims collection, e.g. HasClaim(), FindFirst(), FindAll(). ClaimsPrincipal has those methods as well. But they work across all contained identities. Nice! ClaimsPrincipal.Current retrieves the ClaimsPrincipal from Thread.CurrentPrincipal. Combined with the above changes, no casting necessary anymore. SecurityTokenHandler now has read and write methods that work directly with strings. This makes it much easier to deal with non-XML tokens like SWT or JWT. A new session security token handler that uses the ASP.NET machine key to protect the cookie. This makes it easier to get started in web farm scenarios. No need for a custom service host factory or the federation behavior anymore. WCF can be switched into “WIF mode” with the useIdentityConfiguration switch (odd name though). Tooling has become better and the new test STS makes it very easy to get started. On the other hand – and that was kind of expected – to bring claims into the core framework, there are also some breaking changes for WIF code. If you want to migrate (and I would recommend that), most changes to your code are mechanical. The following is a brain dump of the changes I encountered. Assembly Microsoft.IdentityModel is gone. The new functionality is now in mscorlib, System.IdentityModel(.Services) and System.ServiceModel. All the namespaces have changed as well. No IClaimsPrincipal and IClaimsIdentity anymore. Configuration section has been split into <system.identityModel /> and <system.identityModel.services />. WCF configuration story has changed as well. Claim.ClaimType is now Claim.Type. ClaimCollection is now IEnumerable<Claim>. IsSessionMode is now IsReferenceMode. Bootstrap token handling is different now. ClaimsPrincipalHttpModule is gone. This is not really needed anymore, apart from maybe claims transformation (see here). Various factory methods on ClaimsPrincipal are gone (e.g. ClaimsPrincipal.CreateFromIdentity()). SecurityTokenHandler.ValidateToken now returns a ReadOnlyCollection<ClaimsIdentity>. Some lower level helper classes are gone or internal now (e.g. KeyGenerator). The WCF WS-Trust bindings are gone. I think this is a pity. They were *really* useful when doing work with WSTrustChannelFactory. Since WIF is part of the Windows operating system and also supported in future versions of .NET, there is no urgent need to migrate to the 4.5 claims model. But obviously, going forward, at some point you want to make the move.

    Read the article

  • On-Premises to Office 365: Identity

    - by Sahil Malik
    SharePoint, WCF and Azure Trainings: more information “Run your business, not your mail server.” I am not sure where I read that, but it makes so much sense! Every organization is moving to the cloud, and some just haven’t started their journey yet. One of the fastest and most compelling online cloud based offerings is Office 365. Available in various SKUs, you can get SharePoint, Lync, Exchange, and Office professional as cloud-based offerings. The subscriptions are as low as $2 per user per month to $20 something per user per month. Also, with SharePoint 2013, if you buy Office 365 subscriptions for your users, you don’t need to buy CALs (Client Access Licenses) for on-premises use. Read full article here. Read full article ....

    Read the article

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >