10. December 2010 00:01
On the 10th day of Windows Azure Platform Christmas my true love gave to me Windows Azure AppFabric Access Control.
What is Windows Azure AppFabric Access Control?
It’s very common these days to have an application that integrates with other services like Facebook, Google, Windows Live ID, AD FS (Active Directory Federation Services) 2.0 and Yahoo. The complexity of this comes in when you have to control the different types of identity tokens that the Identity Service Providers of these services return when you attempt to log in. The Access Control Service was provided to allow your application to have a single point of sign on and authorisation, so that you don’t have to worry about the different types of tokens provided by these Identity Service Providers.
So how does it work?
Let’s say you’ve developed an application that integrates with Facebook. The first thing your application would do is authenticate itself with the Facebook Identity Service Provider with the e-mail address and password you provided. The Facebook Identity Service Provider would then pass back a token to your application which would then be passed on to the Access Control Service. When Access Control receives the token, it validates it to make sure that it did come from Facebook, it then; based on rules defined by the application’s administrator in the Access Control Rule Engine, creates a new token which is passes to your application. Finally, your application processes this token to make sure that it was sent from Access Control and completes the sign on process.
This does seem like a more complicated process, but what’s key here is that regardless of Identity Service Provider, Access Control will serve up one familiar defined token to your application. As a developer, that is sooo much better! Think of all that complexity that’s just been removed.
For a bit more information and some samples, why not visit CodePlex
Tomorrow’s installment: Windows Azure AppFabric - Caching
P.S. If you have any questions, corrections or suggestions to make please let me know.