See also previous post on Claims-based authentification in next SharePoint
So, what is this claim and claims-based model that generates so much fuzz?
The claims-based model has three components:
1. the relying party, which needs the claim in order to decide what it is going to do
2. the identity provider, which provides the claim
3. the user, who decides what if any information he wants to provide.
Claims can contain static information such as birth date or credit card info, relationship-based information such as group membership or derived claims that make general assertions such as the user is over 21 years of age. There are also metaclaims about how information was verified, such as in-person registration, or how it was issued.
Claims can be used in three ways:
1. to securely transmit the requesting user’s identity across machines
2. provide application-specific concepts, such as roles, so applications can augment claims about the user and allow applications to reason about those claims in the context of authorization decisions
3. interoperate with multiple authentication providers in a consistent manner.
© Copyright 2009, Tomas Elfving
0 kommentarer:
Post a Comment