Azure AD enables access authorization to SQL Azure as an alternative to providing username/password information in the connection string: https://azure.microsoft.com/en-us/documentation/articles/sql-database-aad-authentication/. It is somewhat analogous to using Windows Authentication when both the client and the database are on a Windows domain network. It is particularly useful on public (non-confidential) clients where storing secrets is inappropriate and […]
Tag Archives: Authentication
Passive is good!
Some time back I wrote about avoiding handling of credentials (creation/maintenance/verification of user names, passwords, pins, etc.) in your own application code, but rather delegating that functionality to a specialized, external identity provider (IdP; http://blogs.msdn.com/b/mrochon/archive/2014/12/02/should-an-application-handle-user-credentials.aspx). This aversion should apply to even collection of credentials (e.g. asking the user for user name/password). Even that role should be delegated […]
Using OAuth2 with SOAP
I started at Microsoft when SOAP was all the rage, before there was such a thing as WCF. So it is with some nostalgia that I tried to combine one of latest technologies: Universal App Platform (UAP) with SOAP using OAuth2 protocol for authentication. One possible application of this approach would be for folks who […]
Using Owin to authenticate with Microsoft Account (Live Id)
I have recently battled my way through creating an Owin-based web UI application using Microsoft Account (MSA, formerly Live Id) as my authentication provider. Here are a summary of my experience and the resulting code. 1. This blog has most of what you need, including how to set up your application to use MSA and […]
Using WS-Federation with Windows Store and .NET rich clients
In general, rich client apps use OAuth flow to obtain authorization tokens to a web service. However, that flow may not be available from the authentication servers. In the following I am using an alternative approach: WS-Federation, well supported by ASP.NET web services. The solution consists of a web service, often used to provide REST […]
Silverlight and basic authentication
Silverlight client does not support TransportCredentialOnly to enable Basic authentication. Here is some code to add the basic authentication http header to a standard Silverlight WCF proxy: ServiceReference1.ServiceClient svc = new ServiceReference1.ServiceClient(); // binding, new EndpointAddress(“any.txt://deadend.com”)); svc.GetDataUsingDataContractCompleted += (s, a) => […]