Upload
ibon-landa
View
464
Download
1
Embed Size (px)
DESCRIPTION
Citation preview
< Ibon LandaSoftware Development Team [email protected]@ibonilm
Gestión de identidad en Cloud
Ibon Landa• Software Development Team Lead• Windows Azure MVP
http://geeks.ms/blogs/ilandahttp://www.estoyenlanube.com
@ibonilm
Omnipresencia deWindows Server ADKerberos, Secure Channel/Domain Join, Windows Integrated Auth and LDAP…
Windows Server Active
Directory
Intranet
Managed Access
Managed Identities
Integrated Business
Apps
Omnipresencia de Windows Server AD
Windows Server Active
Directory
Intranet
Managed Access
Managed Identities
Integrated Business
Apps
SAAS que compres
SAAS propias
Windows Azure Active DirectoryOn-premise and cloud identities managed as oneIdentity
Lifecycle ManagementSingle Sign-onAutorización de acceso a la informaciónServicio de directorio multi-tenant
Windows Server Active
Directory
On-Premises
SAAS you build
SAAS you sell
Windows Azure Active
Directory
Other Microsoft Services
Office 365
3rd Party SAAS you
buy
DirSync
¿Cómo se conecta una aplicación?
Cloud Application
Contoso.comDirectory
? ?
?
Protocolos
Protocol Purpose Details
REST/HTTP directory access
Create, Read, Update, Delete directory objects and relationships
Compatible with OData V3Authenticate with OAuth 2.0
OAuth 2.0 Service to service authenticationDelegated access
JWT token format
SAML 2.0 Web application authentication SAML 2.0 token formatUsed with Office 365 Services
WS-Federation 1.3 Web application authentication SAML 1.1 token formatUsed with Office 365 Services
www.estoyenlanube.com
< Ibon LandaSoftware Development Team [email protected]@ibonilm
Gestión de identidad en Cloud