Claims-based Identity and Silverlight 4.0 – Part 1 of N

A lot as been said about Claims-based Identity in the last years, and this is has became a lot more interesting since we’ve had several issues when developing Identity of an application. Problems like defining:

• How will we do Authentication?
  • Will we use Username and Password, Active Directory, Integrated Windows Authentication(Kerberos, NTLM), LiveId, OpenId, GoogleId, Twitter, Facebook? (some many options, which one is better?
  • Do we really want to built another Identity Silo?
  • Will we want Single-Sign-On (SSO)? How will we perform the Authentication this way? Are we going to make a replication of their Users in our platform? How will we sync that?
• What about Authorization?
  • Will we need to implement, yet another Authorization Silo or will we use something like Active Directory information for it?
  • Who will manage the authorizations?

So there’s a lot of questions regarding this subject that come up when we start digging a little deeper, and Claims-based Identity really helps us do this.

There are great explanations about what is Claims-based Identity and how can we used it and some of those are:

• An Introduction to Claims-Based Identity – A channel9 video from the Identity Developer Training Course where Vittorio Bertocci explains this.
• Claims and Identity: On-Premise and Cloud Solutions is an article by Vittorio Bertocci that was published on “The Architect Journal from July 2008”
• Claims-Based Authorization with WIF is an article by Michele Leroux Bustamante that was published on “MSDN Magazine from November 2009”
• Claims based Identity & Access Control Guide from the Patterns & Practices Team
• Claims-Based Identity for Windows – An article by David Chappell
• Exploring Claims-Based Identity is an article by Keith Brown that was published on “MSDN Magazine from September 2007”
• Claims-Based Identity Term Definitions
• Claims-Based Identity Overview and Concepts

Those are very interesting resources that we can use in order to understand Claims-based Identity better, but what about implementing it?

What I’ll do in the next parts will be describe how can we take advantage of Claims-based Identity in Silverlight 4 Applications, using WIF – Windows Identity Foundation to accomplish that task.

If you’ve got something you’d like to see covered just leave a comment and I’ll ‘try’ to address that topic.