Posts Tagged 'AppFabric'

Azure Platform AppFabric Access Control Service

The final component of the Azure Platform we will consider is the AppFabric Access Control Service (ACS).

Over the past several years Microsoft has been doing a lot of good work related to the issues of “identity” and “security”. The Access Control Service brings these technologies to the Azure cloud. By using the Access Control Service a developer, who is often not an expert in security, does not have to write complex, proprietary code to do authentication and authorization.

There are several use cases for ACS. These include single sign-on, federating identities across security realms and role-based access control. Here we will focus on implementing a simple claims-based identity model. In this model the client will authenticate with ACS. The ACS will provide the client with a “token”. This token is created according to rules established by the server. The client can then present the token to the server. Then, based solely on the token, the server can decide whether or not to grant access to the client and what the client can do. The server and the client need have no specific knowledge of each other’s implementation.

A simplistic analogy might be a “will call” ticket at a theater. A patron arrives at the will call window and presents identification. Often this is a driver’s license and the credit card used to purchase the ticket. The will call person gives the patron the ticket (i.e. token) which the patron can then use to enter the theater. The driver’s license and credit card are meaningless to the theater person granting entry to the patron.

Figure 1 Simple Access Control Service scenario

The steps in this scenario are:

  1. The Client authenticates with ACS
  2. ACS creates a token and returns it to the Client
  3. The Client passes the token to the Server
  4. The Server verifies the token and authorizes functionality

In the diagram the client and server applications are not shown running on the Azure cloud. In practice either one or both could be on Azure, on another cloud, inside an organization’s datacenter or in a third party’s datacenter (e.g. a customer or business partner). It does not matter as far as ACS is concerned.

The AppFabric SDK includes some excellent sample code for getting started with ACS. This screencast walks through the “ASPNET String Reverser” sample project found in the SDK.

This simple example just scratches the surface. There is a lot more that can be done with the Access Control Service. Consider attending Learning Tree’s Windows Azure Programming Course to get into more details of how you can use the Azure Platform AppFabric Access Control Service to simplify and standardize authentication and authorization for your organization’s applications both on-premises and in the cloud!

To recap, in this series of blog posts we have introduced the essential components of Microsoft’s Azure Platform.

These are:

  1. Windows Azure
    1. Compute Services
      1. Web Roles
      2. Worker Roles
    2. Storage Services
      1. Blobs
      2. Tables
      3. Queues
  2. SQL Azure
  3. AppFabric
    1. Service Bus
    2. Access Control Services

I hope you found some of them interesting or useful. Most of all, though, I hope your appetite has been whetted to learn more about Azure and how you can use Microsoft’s cloud to solve real business or technical problems that your organization may be facing!


Azure Platform AppFabric Service Bus

Okay, back to Windows Azure and the Azure Platform …

My personal opinion is that Azure is a very compelling cloud offering. While certainly not perfect, and not without the need for some developer effort, I continue to believe that Azure is a very attractive option for a variety of reasons. This is particularly true for .Net developers.

Organizations wishing to develop a “hybrid” cloud solution should definitely consider the AppFabric Service Bus as a technology of choice. If the hybrid solution is based on Windows and .Net then this choice is extremely appealing.

So what exactly is the Service Bus and what can you use it for?

Well, basically, the Service Bus allows interoperability between applications and services transparently over the Internet. Service Bus circumvents the need to deal with network address translation, firewalls, opening new ports, etc. Applications and services that can authenticate with the Service Bus can communicate with one another without knowing any of the details of where the other is running. Essentially the Service Bus acts as a trusted third party in the communication between an arbitrary host and client. This is perfect for allowing communication between something running in a private data center and something running on the cloud (aka a “hybrid” solution)!

How does this work in practice?

Well, the first thing you have to do is to create an AppFabric project:

Figure 1 Creating an AppFabric Project

Within the project you can define multiple namespaces. Within each namespace you have access to endpoints, names and keys you need to utilize the Service Bus.

Figure 2 The Service Namespace

Then, you can use these endpoints and keys in your client and host projects to enable them to communicate.

Let’s consider an example:

So, enabling communications between applications is perhaps not as simple as one might like. The purpose of the Service Bus, though, is to make implementing these communications as straightforward as possible.

Enroll in Learning Tree’s Windows Azure Programming course to learn in much more detail how to utilize the AppFabric Service Bus in your hybrid cloud solutions!


Learning Tree Logo

Cloud Computing Training

Learning Tree offers over 210 IT training and Management courses, including Cloud Computing training.

Enter your e-mail address to follow this blog and receive notifications of new posts by e-mail.

Join 53 other followers

Follow Learning Tree on Twitter


Do you need a customized Cloud training solution delivered at your facility?

Last year Learning Tree held nearly 2,500 on-site training events worldwide. To find out more about hosting one at your location, click here for a free consultation.
Live, online training
.NET Blog

%d bloggers like this: