» » Programming Windows® Identity Foundation (Dev - Pro)

Download Programming Windows® Identity Foundation (Dev - Pro) epub

by Vittorio Bertocci

Get hands-on guidance designed to help you put the newest .NET Framework component- Windows Identity Foundation, the identity and access logic for all on-premises and cloud development- to work.

Download Programming Windows® Identity Foundation (Dev - Pro) epub
ISBN: 0735627185
ISBN13: 978-0735627185
Category: Technology
Subcategory: Operating Systems
Author: Vittorio Bertocci
Language: English
Publisher: Microsoft Press; 1 edition (September 13, 2010)
Pages: 272 pages
ePUB size: 1449 kb
FB2 size: 1823 kb
Rating: 4.5
Votes: 100
Other Formats: mbr rtf lit doc

If you've used Windows Identity Foundation at all, you'll find that the documentation on it is lacking. There are a ton of entry-level "getting started" articles combined with even more "high-level theory" articles out there, but really not much in the way of concrete information.

This is the Lost Windows Identity Foundation Documentation.

It's great from a reference and from a how-to standpoint, including plenty of diagrams and code snippets that help to explain how different scenarios work and how those scenarios specifically apply to WIF.

I was working on a custom passive STS using WIF and found it nearly impossible to do without this book. Once I had it, there was more in it than I was even hoping for - explanations of how to handle sliding token expiration, for example, which is pretty much nowhere to be found out on the web.

It's also been really handy in helping to explain complex federation issues to my team, who are not nearly as neck-deep in this stuff as I am. After we got the first copy of this, we actually ended up getting a second because it's so useful and people sort of "hog it" and forget to return it to the library.

The only thing that's missing in my opinion is how to work with WIF in an ASP.NET MVC environment. WIF was written primarily with web forms in mind, so all of the code samples and scenarios described in this book revolve around web forms. It's sort of an unmentioned "exercise for the reader" to get things working with MVC. That's more a fault with WIF than the book, though, hence I am not docking a star for missing it.

If you use WIF, you owe it to yourself to pick up a copy of this book.
Because there really aren't any good alternatives out there.

As far as technical books go, this one is only so-so. The chapters are somewhat oddly organized -- or one could say disorganized -- and make it difficult to mentally compartmentalize the lessons.

Some of the examples use odd choices of scenarios and it could use more code samples and discussions of the internals and less of the high level concepts (perhaps it's the organization that's throwing me off).

In the end, it's a middling book that becomes a near must-have because of the current lack of in-depth coverage on the topic. I would recommend it, but it's not the most practical of books when it comes to gaining a deep technical understanding of the topic at hand.
This is a very good book, the author knows extremely well what he explains, provides a great introduction and the example of using the driver's license or passport as a valid identification from a trusted issuer provider on a movie theather or liquor store is an excellent analogy to understand. He goes quickly about how to use it on your own app, how to get claims backs and create custom code to extend the framework. Also he gives a lot of deep theory about the authentication process and all the complexities of security and how WIF makes things easier for you. He mentions how to create a test STS using WIF (new Visual Studio template that comes with the framework), that can be used during development to simulate a real life scenario and how to create your own custom claims.

I read the book, I have a better understanding, 200+ pages of great wisdom. Get it!!

Skunk Black
The book was good when it came out but it isn't usable anymore in 4.5... which is sad since it's the only book available. From an author who is actually member of the WIF team it is quite sad that the documentation is not adapted when the technology changes, what else do we have at our disposal ??
Having followed Vittorio's work (blog, webcasts, code samples)related to claims-based identity over the last two-three years, I ordered this book as soon as it arrived. And this book did not disappoint. I read the book cover-to-cover within a week of its arrival and found it to be very useful in helping me better understand the concepts behind WIF.

Here are some additional details that I hope will be helpful to anyone considering this book:

1) Claims based identity is an important enabling technology that .NET developers and designer need to understand well. And this is not just case, if you are an ASP.NET or WCF developer. Claims-based identity is important even if you are SharePoint, BI or Azure developer.

2) This book is broken up into two parts. The first part explains the basics of claims based identity. Second part is more advanced and gets into the nuts and bolts of WIF.

3) Don't skip over the ASP.NET chapters (2, 3 & 4 ) just because you are not going to use WIF inside ASP.NET. These aforementioned chapters cover a number of important concepts ( such as single-sign-on, claims transformation, federation) that you will need to understand when using WIF outside of ASP.NET (say with WCF).

4) Being involved with the WIF team for a long time, Vittorio is able to provide important context around how some of the features have evolved, design decisions etc.

5) Last but not the least, it is hard to write a book on security. Fortunately, Vittorio has managed to write it in a conversational, unassuming style that makes it easy to read. Wherever needed, he provides a just in time, overview of protocols ( WS-Trust, WS-Federation and so on) without getting mired in the details associated with these, rather arcane, specifications.
Even though I was familiar with the federation technology, I appreciated the hold-your-hand intro to it, esp. in the MS context. A lot of folks will benefit from it, while some can just skim/skip portions. This book is great for architects who may not write much code (if any) but who need to understand the WIF thoroughly since it is such an important piece of the MS stack. Clearly this is a book for initial immersion in WIF (and a very good one for it), not for continued use as a reference.

I look forward to future output from the author.