Share via

Claim based security made easy

  • Article

When we implemented claim based authorization in LitwareHR, we had to write a lot of code and play with non-trivial configurations (LitwarehR includes 2 STS and all the supporting infrastructure for securing the web services and the callers to them).

Not being a security expert myself, I found the “theory” behind this amazingly simple and powerful, but the “practice” quite complex.

The good news is that all this just got much easier with the release of “Zermatt”:

“Zermatt” is a .NET developer framework and SDK that helps developers build claims-aware applications to address today’s application security requirements using a simplified model that is open and extensible, can improve security, and boosts productivity for developers. Developers can build externalized authentication capabilities for “relying party” applications and build custom “identity providers”, often referred to as Security Token Services (STS). With these components, developers can build applications that meet a variety of business needs more quickly.

Quoting my good friend Peter Provost: “I love deleting code!”. “Zermatt” will allow us to get rid of a ton of "plumbing" code in LitwareHR.

Update: if you look at LitwareHR code, you will see that the approach used is very similar to Zermatt's, so it is great to see that we were on the right direction. Obviously, Zermatt's scope is larger.

 

Resources:

Link to the beta:  https://go.microsoft.com/fwlink/?LinkId=122266

Download Keith Brown's Whitepaperhttps://go.microsoft.com/fwlink/?LinkId=122266

More info on MSDN:  https://msdn.microsoft.com/en-us/security/aa570351.aspx

Maestro Bertocci's blog: https://blogs.msdn.com/vbertocci

Kim Cameron blog: https://www.identityblog.com 

Keith Brown blog & article: https://www.pluralsight.com/community/blogs/keith/archive/2008/07/09/introducing-microsoft-code-name-zermatt.aspx 

Requirements:

“Zermatt” requires .Net 3.5 to be installed. It has been verified on Windows 2K3 SP2 with IIS 6.0 and Windows Vista SP1 and Windows Server 2008 with IIS 7.0.

Comments

  • Anonymous
    July 14, 2008
    David Cumps has a nice series on Design Patterns Dan Lewis has a post on IE and SharePoint and security

  • Anonymous
    July 20, 2008
    Service Security/Identity Management/SOA I am super thrilled to see Microsoft roll out " Zermatt

  • Anonymous
    December 02, 2008
    Service Security/Identity Management/SOA I am super thrilled to see Microsoft roll out " Zermatt ", a .NET developer framework and SDK to help build claims-based applications. I, like Eugenio here , had to roll out my own a couple of months