InfoQ Homepage Identity Management Content on InfoQ
-
Is OAuth 2.0 Bad for the Web?
Eran Hammer-Lahav, one of the editors of the OAuth 2.0 specification, published a diatribe on the latest standard draft. For him, the current proposal mortgages the future of the Web. He sees the current specification focusing too much on simplicity for the application developer while severely limiting the ability to create discoverable and interoperable services.
-
Series On Available Authentication Mechanisms For OData Services And Clients
The WCF Data Services Team have recently been doing a series on the available authentication mechanisms for client/OData service authentication.
-
Java EE 6: Application Security Enhancements
Java Enterprise Edition Version 6 release includes new security features in the areas of web container security as well as authentication and authorization aspects of Java application development. These features include programmatic and declarative security enforcement in the web tier. This post gives an overview of these new security features.
-
Eugenio Pace on Identity Federation, WIF and ADFS 2.0
Microsoft has entered the cloud and customers are looking into moving their applications to this new platform. In doing so authentication and identity management needs to be addressed. InfoQ Editor Jon Arild Tørresdal talked to Eugenio Pace, Senior Program Manager in the Patterns & Practices team about the recent federation and identity technologies released from Microsoft.
-
Windows Domain to Amazon EC2 Single Sign-On Access Solutions
David Chappell, the Principal of Chappell & Associates, US, has written a whitepaper proposing several solutions for Single Sign-on (SSO) access to applications deployed on Amazon EC2 from a Windows domain. InfoQ explored these solutions to understand what the benefits and tradeoffs each one presented.
-
RESTful API Authentication Schemes
“Everyone feels the need to write a custom authentication protocol” says George Reese, which he claims is one of the things he learnt working on a programming API for cloud providers and Saas Vendors. In a post George proposes a set of standards for any REST authentication need.
-
Easily Accessing Azure Cloud Services with AppFabric
Microsoft Windows Azure Platform AppFabric is a set of technologies helpful to connect on-premises applications with Azure cloud services and resources and eases interoperability between users belonging to different domains. The main components are the Service Bus and the Access Control Service.
-
New Patterns & Practices Project – Claims Based Authentication & Authorization Guide
The Patterns & Practices team announced a newly started project for developing a new guide called "Claims Based Authentication & Authorization Guide". This guide will give best practices on how to implement "Geneva", Microsoft's attempt to simplify user access and single sign-on based on claims.
-
Identity Developer Training Kit Based On Microsoft 'Geneva' Released
Microsoft released an identity developer training kit, following closely on the heels of the release of Geneva Beta 2 at Teched. The training kit is a set of hands-on labs and resources designed to help developers to take advantage of Microsoft’s identity products and services.
-
Geneva Manages Your Identity
Microsoft has released Geneva Beta 1, previously known as Zermatt, an identity management solution which takes the burden of authenticating and authorizing users away from applications. Geneva supports the OASIS WS-Trust specification.
-
Presentation: Security (CAS and OpenID) with Ruby
In this presentation from QCon SF 2007, Justin Gehtland explains two open solutions to distributed identity and their Rails integration components: the OpenID system (using ruby-openid) and CAS (using rubycas-client).
-
What Social Networks Are Teaching Us About Data Portability
As more social networking sites are popping up, the questions around the data they keep are rising. Data portability has become the watch phrase across the Web 2.0 world. Is there something to be learned about data access and portability from these services?
-
Higgins 1.0: Identity Management Solutions from the Eclipse Foundation
Identity management for networked and distributed applications continues to present several unique challenges for users and developers. Higgins is a suite of identity management solutions from the Eclipse foundation, created with the intent of simplifying and adding consistency to online authentication.
-
Single Sign-On beyond the firewall
Taking a look at the challenges that lay ahead in the quest for Federated Identity Management.
-
In Case You Missed It: A .NET OpenID Library
For those of you looking at using OpenID, there is a .NET compatible library available. The Library was written in Boo, a .NET language inspired by Python. It also leverages a library from the Mono project.