Book Review: Programming Windows Identity Foundation

Programming Windows Identity Foundation
Programming Windows Identity Foundationalt

Programming Windows Identity Foundation by Vittorio Bertocci is right now the only serious book about Windows Identity Foundation available.

I started using Windows Identity Foundation when I made my first experiments on Windows Azure AppFabric Access Control Service. I wanted to generalize the way how people authenticate theirselves to my systems and AppFabric ACS seemed to me like good point where to start. My first steps trying to get things work opened the door to whole new authentication world for me. As I went through different blog postings and articles to get more information I discovered that the thing I am trying to use is the one I am looking for.

As best security API for .NET was found I wanted to know more about it and this is how I found Programming Windows Identity Foundation.

What’s inside?

Programming WIF focuses on architecture, design and implementation of WIF. I think Vittorio is very good at teaching people because you find no too complex topics from the book. You learn more and more as you read and as a good thing you will find that you can also try out your new knowledge on WIF immediately.

After giving good overview about WIF author moves on and introduces how to use WIF in ASP.NET applications. You will get complete picture how WIF integrates to ASP.NET request processing pipeline and how you can control the process by yourself. There are two chapters about ASP.NET. First one is more like introduction and the second one goes deeper and deeper until you have very good idea about how to use ASP.NET and WIF together, what issues you may face and how you can configure and extend WIF.

Other two chapters cover using WIF with Windows Communication Foundation (WCF) band   Windows Azure. WCF chapter expects that you know WCF very well. This is not introductory chapter for beginners, this is heavy reading if you are not familiar with WCF. The chapter about Windows Azure describes how to use WIF in cloud applications.

Last chapter talks about some future developments of WIF and describer some problems and their solutions. Most interesting part of this chapter is section about Silverlight.

Who should read this book?

Programming WIF is targeted to developers. It does not matter if you are beginner or old bullet-proof professional – every developer should be able to be read this book with no difficulties. I don’t recommend this book to administrators and project managers because they find almost nothing that is related to their work.

I strongly recommend this book to all developers who are interested in modern authentication methods on Microsoft platform. The book is written so well that I almost forgot all things around me when I was reading the book. All additional tools you need are free. There is also Azure AppFabric ACS test version available and you can try it out for free.

Table of contents



Part I Windows Identity Foundation for Everybody
1 Claims-Based Identity
2 Core ASP.NET Programming

Part II Windows Identity Foundation for Identity Developers
3 WIF Processing Pipeline in ASP.NET
4 Advanced ASP.NET Programming
5 WIF and WCF
6 WIF and Windows Azure
7 The Road Ahead


No Comments