Demo: Authentication and Authorization with the Azure Access Control Service

Slalom Consultant Joel Forman specializes in cloud computing and the Windows Azure Platform.

One of my favorite Windows Azure building blocks is the AppFabric’s Access Control Service. It is a great solution for outsourcing authentication and authorization for my website or service. I like that I can code and configure my site in a consistent claims-aware way, leveraging Windows Identity Foundation, regardless of Identity Provider. I like how I only need to worry about my application’s personas (Admins, Members, etc.) and have an interface outside of my application to manage mappings of users to those personas.

One hands-on lab that I have been talking up for a while is one found in the Windows Azure Platform Training Kit, entitled “Introduction to the AppFabric Access Control Service V2″. This uses V2 of the Access Control Service, which is set to publicly release soon as announced at MIX 2011 this week.  I recently sat down and recorded a demo of this lab, with a few extensions:

• Demonstrating iterating through claims for the current IClaimsPrincipal
• Configuring the NameClaimType and RoleClaimType in WIF portions of the web.config to facilitate using User.IsInRole(“RoleName”) and the authorization section of the web.config.
• Demonstrating restricting a section of your website to a role via web.config.

Here is the demo, which is about 20 minutes in length:

I hope you can see how easy it can be to leverage the ACS in a ASP.NET website.  It is a great feature that can be leveraged both in sites running in Windows Azure or outside the cloud.

Follow Joel on Twitter: @seattlejoel.