Freigeben über


Microsoft Premier Workshop: Security: Modern authentication and authorization

Beschreibung
Die Intension des dreitägige Workshop Security: Modern authentication and authorization ist es, Architekten und Developer, die Anwendungen entwickeln, die Cloud Authentication und Authorization Technology verwenden, das notwendigen Wissen zu vermitteln.

Agenda
Module 1: Introduction:
An overview of authentication and authorization issues in full-trust, partial-trust and full internet based applications, purpose of various protocols (e.g. OpenIDConnect, OAuth2, SAML) and Microsoft tools used to support them (Azure AD, AD FS, Windows Application Proxy, OWIN and ADAL toolkits).

Module 2: OAuth2 and OpenID Connect:
This modules delves into the details of these two protocols. It reviews the various flows defined by OAuth2 and how their apply to common application topologies. It also describes their security threat models.

Module 3: Introduction to AD FS:
An overview of the Active Directory Federation Services tool. Included is an overview of its architecture, main functions, management console, basic PowerShell commands and typical use to support application authentication requirements.

Module 4: Introduction to Azure AD:
Discusses the purpose and main features of the Azure AD, including an overview of its B2E, B2B and B2C functionality, user management, application configuration and use of GraphAPI.

Module 5: Claims-based applications:
This module focuses on hands-on use of knowledge acquired in the previous modules to implement a set of related applications using OAuth2 protocols, GraphAPI and various other features of Azure AD (e.g. application roles).

Module 6: ADAL/MSAL toolkits:
Review of APIs used to obtain OAuth2 and OIDC tokens from Azure AD or ADFS.

Module 7: OWIN protocol handlers:
Review of toolkits used to initiate passive protocols in web applications and handle (validate/augment) received security tokens.

Module 8: Application development:
Hands on exercise focused on developing a complex system topology, consisting of web UI and API apps as well as native, rich-client and service apps communicating and authenticating to each other. This exercise can be tailored to customer’s intended development

Zielgruppe
Der Workshop richtet sich an Architekten und Entwickler, die mehr über OAuth2, OpenID Connect, JWT und SAML erfahren wollen.

Level 300
(Level Skala: 100= Strategisch/ 200= technischer Überblick/ 300=tiefe Fachkenntnisse/  400= technisches Expertenwissen)

Anmeldung
Zur Anmeldung wenden Sie sich bitte direkt an Ihren Microsoft Technical Account Manager oder besuchen Sie uns im Web auf Microsoft Premier Education. Dort finden Sie eine Gesamtübersicht aller offenen Workshops, für die Sie sich dort auch gleich anmelden können.