Share via

Announcing the Beta release of “Zermatt” Developer Identity Framework

  • Article

Ahh, I’ve been looking forward for this post for a looong time.

We just made available for download the bits of the Beta of “Zermatt” Developer Identity Framework. “Zermatt” is the codename of a .NET framework that helps developers build claims-aware applications to address challenging application security requirements using a simplified application access model.

Let me expand a bit on that. If you want to develop applications that take advantage of claims & identity Metasystem goodness in general, Zermatt makes your life easier by providing base classes, controls but especially capabilities & a programming model that take care of most of the plumbing for you. Regardless of the role (IP, RP, subject) or the style (Active, Passive, “Passive-Aggressive”), Zermatt shields you from the sheer handling of protocols & tokens and provides you with a great model for externalizing your access logic. For my loyal readers and in general to whoever worked with tokens and cardspace in general, who stormed me with mails since the TechEd EMEA demo and even earlier: this means that we can finally retire historical samples like the SimpleSTS and the TokenProcessor class. Zermatt is a fully supported developer framework that gives you those capabilities and MUCH more. How much more? Below there’s a partial list of the goodies you get:

· An HttpModule (the Federated Access Module, or FAM) that takes care of handling the token processing pipeline: fully extensible & web.config-urable, it exposes programmable events for every relevant step in the authentication lifecycle

· A new claim model, which unifies token & principal programming models achieving direct reuse of some classic access control techniques (IsInRole, PrincipalPermission) without requiring a rewrite

· Visual ASP.NET controls which take care of enhancing web pages with capabilities such as: information card signin and one-off information card requests, passive signin, session management and passive STS capabilities. All of those include comprehensive property management a and a rich events model

· Full control of session management: intended audience, pages whitelist, session duration, custom session tickets, etc

· A unified token handling model that works across ASP.NET and WCF applications alike

· Base classes for authoring STS, which handle automatically historically tedious tasks such as RST & RSTR parsing

· Native support for handling information cards: serialization, deserialization, issuance. Integration with the STS programming model for simplifying the development of cardspace-ready STSes

· Delegate authentication. Applications can now request new tokens on behalf of their callers, greatly simplifying three tier architectures and enabling a whole new class of scenarios

This is only a partial list. For a more in-depth coverage of Zermatt capabilities I invite you to read this excellent paper from Keith Brown, which introduces you to the basic concepts behind claim based identity management and describes Zermatt object model with samples and walkthroughs.

Needless to say, I’ll blog about this every single time I’ll have a moment. Once I’ll be back from vacation, we’ll also get a surprise guest on channel9 for hearing directly from the engineers who brought us Zermatt.

Finally, this is the tool that can help developers to experience directly the power of claim-aware applications. I invite you to download Zermatt and use it as much as you can: as you know this world is very new, and we’d really like feedback, feedback, feedback. Feedback on what works, what doesn’t, what you’d like to see, what you accomplished with it… we love every bit :-) the place for sending us your feedback & discussing Zermatt is the forum at this address.

Summary:

· Get Zermatt bits from here

· Discuss here & give feedback here

· Read Keith Brown paper about Zermatt here

Congratulations to the Zermatt team for a great beta of a new breed of products!

And now… back to the beach ;-) see you in a week!

Comments

  • Anonymous
    July 09, 2008
    PingBack from http://blog.a-foton.ru/2008/07/announcing-the-beta-release-of-%e2%80%9czermatt%e2%80%9d-developer-identity-framework/

  • Anonymous
    July 09, 2008
    For a couple of years now, I've been giving talks about "claims-based identity", and "claims

  • Anonymous
    July 09, 2008
    Derrière le nom de code " Zermatt " se cache un framework permettant de créer des

  • Anonymous
    July 09, 2008
    Forgive the obvious question, but how does this compare with the WCF Identity Model [http://msdn.microsoft.com/en-us/library/ms729851.aspx]? When should you use one vs. the other?

  • Anonymous
    July 09, 2008
    Announcing the Beta release of “Zermatt” Developer Identity Framework うーん、Webサービスベースの認証系の仕組み、と考えててていいのかなぁ。...

  • Anonymous
    July 10, 2008
    ASP.NET Static Singletons for ASP.NET Controls [Via: Rick Strahl ] WPF Learning WPF with BabySmash...

  • Anonymous
    July 12, 2008
    IIts been a long wait. After working with customers for getting out their token service and doing all

  • Anonymous
    July 13, 2008
    Interested in the 'identity problem'?  Sometimes these quiet, little betas should really get more

  • Anonymous
    July 13, 2008
    Zermatt egy kisváros Svájc déli részén, mindössze tíz kilométerre az olasz határtól. A kb. 5500 fős település

  • Anonymous
    July 14, 2008
    One of the great issues that exist when developing solutions is the Security, and when we talk about

  • Anonymous
    July 14, 2008
       One of the great issues that exist when developing solutions is the Security, and when we

  • Anonymous
    July 16, 2008
    Just back from vacation. The tan barely started to fade, and here I am already playing with the new shiny

  • Anonymous
    July 22, 2008
    The comment has been removed

  • Anonymous
    July 22, 2008
    Hi Mike, see the thread "Server 2003 Dependency" at https://connect.microsoft.com/community/discussion/richui/default.aspx?SiteID=642. Marc Goodner from the product group gave the following answer to the same question: [...] We have a link on the home page to the readme, I guess it doesn't stand out. I'l add it to the downloads section later today so others don't go through that. https://connect.microsoft.com/content/content.aspx?ContentID=9025&Site ID=642 Right now we only have an SDK version which includes samples that use the ASP.Net integration features. Those features require either IIS 6.0 or 7.0. We still haven't made a decision regarding support for XP at RTM. For the ASP.Net features I expect the IIS 6.0 or 7.0 requirement to remain. [...]

  • Anonymous
    July 22, 2008
    For those that have been writing claims-aware web applications for AD FS, you have a leg up on the value

  • Anonymous
    July 30, 2008
    Cât timp am fost în concediu... Noi resurse pentru dezvoltare: S-a lansat Zermatt beta . Superba stațiune

  • Anonymous
    August 25, 2008
    You would not believe how often I have to set up identity enabled web sites: for verifying a theory,

  • Anonymous
    September 01, 2008
    Zermatt is the framework recently released by Microsoft to develop claim-aware applications. You can

  • Anonymous
    September 24, 2008
    I don't write content for the ADFS team anymore; there are a few resources, however, that you can go

  • Anonymous
    November 02, 2008
      PDC has come and gone, and Microsoft's identity landscape has changed. New products emerged, services