Workshop: Identity & Access Control for modern Web Applications and APIs

Brock and I are currently working on a brand new two day workshop about all things security when building modern web applications and APIs.

You can either attend the full two day version at NDC Oslo (June) – or a stripped down one day version at SDD London (May). Both still have early bird offerings.

Hope to see you!

With ASP.NET MVC, Web API and SignalR tied together using the new OWIN and Katana framework, Microsoft provides a compelling server-side stack to write modern web applications and services. In this new world we typically want to connect client platforms like iOS, Windows or Android as well as JavaScript-based applications using frameworks like AngularJS.

This two day workshop is your chance to dive into all things security related to these new technologies. Learn how to securely connect native and browser-based applications to your back-ends and integrate them with enterprise identity management systems as well as social identity providers and services.

Tags: WS-Federation, SAML, OAuth2, OpenID Connect, OWIN, JSON Web Tokens, Single Sign-on and off, Federation, Delegation, Home Realm Discovery, CORS

Day 1: Web Applications

• Authentication & Authorization on .NET 4.5 and beyond
• Introduction to OWIN and the Katana Project
• Katana Security Framework
  • Cookie-based Authentication
  • Enterprise Authentication with WS-Federation
  • Social Logins (e.g. Google, Facebook, Twitter, etc.)
  • OpenID Connect
• Web Application Patterns
  • Single Sign On / Single Sign Off
  • Federation Gateway
  • Account & Identity Linking
  • Delegation
  • Home Realm Discovery

Day 2: Web APIs

• ASP.NET Web API Security
  • Architecture
  • Authentication & Authorization
  • CORS
  • Katana Integration
• Web API Patterns
  • Token-based Authentication
  • Delegated Authorization
• OAuth2
  • Flows
  • Scopes
  • OAuth2 Middleware
  • Federation
• OpenID Connect (revisited)
• Bringing it all together

Image may be NSFW.
Clik here to view.

Image may be NSFW.
Clik here to view.

Image may be NSFW.
Clik here to view.

Image may be NSFW.
Clik here to view.

Image may be NSFW.
Clik here to view.

Image may be NSFW.
Clik here to view.

Image may be NSFW.
Clik here to view.

Image may be NSFW.
Clik here to view.