Claims Based Authentication

Claims based authentication is not a new concept , but it was recently adopted by Microsoft and other major software giants as a standard.

The main purpose and use of the CBA , is authentication against cloud services and also to be used with Federated Identity services.

Some core concepts include

STS : Security Token Service .

RP : Relying Party



Issuing Authority

  1. Also read more on the WIF ( Windows Identy Foundation ) that is part of .NET 3.5 and 4.0
  2. Also read more on the Geneva Project ( later changed to ADFS 2.0 ) Active Directory Federation Services , if you plan to use your own AD as an account /Identity silo .

That would open up a whole world of

[1] How can I Use my Cloud application , yet use my local AD to do authetication.

[2] how can I extend my application to use open Identiy providers like ( Google ID , Live ID , Amazon ws , Yahoo ID etc. )

I was concerned about how to make this work with the new SharePoint 2010 directly , I noticed that out of the box , no Identiy Provider list to choose from (silly me).  from which I started finding out more about this whole project.

I came across this blog during my researh and I believe it is the most detailed.

It is by Steve Peschka, (great job  Steve)

Hope that puts you on the right track.

Best of Luck