ASP.NET Core 1.0: Understanding ASP.NET Core 1.0 (ASP.NET 5)
ZubZib Black Coffee #9 - ASP.NET Identity
-
Upload
non-intanon -
Category
Technology
-
view
4.869 -
download
0
Transcript of ZubZib Black Coffee #9 - ASP.NET Identity
ASP.NET Identity
ASP.NET IdentityNon Intanon | nonintanon.com | [email protected] #9 Skill Update v224 November 2013 ~ UTCC
AGENDAThe HistoryASP.NET IdentityOWINKatanaLive Demo 1 Hello ASP.NET IdentityLive Demo 2 Lets consume the APILive Demo 3 Write your own OWIN middlewareLucky Draw!
2
THE HISTORYMembership 101
Previous Membership SystemsASP.NET MembershipASP.NET Simple MembershipASP.NET Universal Providers
ASP.NET MembershipDesign to solve common membership requirements in 2005Form Authentication + SQL Server databaseLimitationsDatabase schema was designed for SQL Server CANNOT CHANGEProfile Provider API is too complicatedProvider system allow to change backing data store, but only Relational DatabaseForm Authentication wont work nicely with OWIN
asp.net simple membershipDeveloped as a membership system for ASP.NET Web PagesShipped with Web Matrix and Visual Studio 2010 SP1LimitationsHard to persist membership system data in a non-relational storeNo OWINDoesnt work well with existing ASP.NET Membership providers. Not extensible.
ASP.NET Universal ProvidersDeveloped to make it possible to persist membership information in Windows Azure SQL Database (work with SQL Server Compact too)Built on Entity Framework Code First, which means it can be used to persist data in any store supported by EF.Database schema cleaned up a lotStill built on ASP.NET Membership infrastructure hence same limitationsStill using Form Authentication for log-in and log-out
ASP.NET IdentityThe Next Generation Membership System
ASP.NET IDENTITYOne ASP.NET Identity SystemEase of plugging in profile data about the userPersistence ControlUnit TestabilityRole Provider
ASP.NET Identity can be used with all of the ASP.NET Frameworks, such as ASP.NET MVC, Web Forms, Web Pages, Web API, and SignalRASP.NET Identity can be used when you are building web, phone, store, or hybrid applicationsEase of plugging - You have control over schema of user and profile information. Eg. Add birth datesBy default, stores all user information in a database. Uses EF Code First to implement all of its persistence mechanismYou control the DB schema, changing table names, data type of PK is god damn simpleEasy to plug in different storage such as SharePoint, Windows Azure Storage Table Service, NoSQL databases without having to throw System.NotImplementedExceptionsMake web application more unit testable. You can write unit tests for the parts of your application that use ASP.NET IdentityThere is role provider, as normal
9
ASP.NET IDENTITYClaims BasedSocial Login ProvidersWindows Azure Active DirectoryOWIN IntegrationNuGet Package
Supports claims-based authentication users identity is represented as a set of claimsCliams allow developers to be a lot more expressive in describing a users identity than roles allowRole membership is just a Boolean (member or non-member), a claim can include rich information about the users identity and membershipEasily add social log-ins such as Microsoft Account, Facebook, Twitter, Google, and others to your application, and store the user-specific data in your applicationYou can add log-in functionality using Windows Azure Active Directory and store user-specific data in your applicationASP.NET authentication is now based on OWIN middleware that can be used on any OWIN-based hostASP.NET Identity does not have any dependency on System.Web. Its fully compliant OWIN framework and can be used in any OWIN hosted application.ASP.NET Identity uses OWIN Authentication for log-in/log-out of users OWIN CookieAuthentication instead of FormsAuthenticationShip with Visual Studio 2013Redistributed as a NuGet package. New feature come out quicker.
10
OWINOpen Web Interface for .NET
11
OWINOpen Web Interface for .NETDefines a standard interface between .NET web servers and web applicationsGoalTo decouple server and applicationOpen source ecosystem of .NET web development toolsOfficial websitehttp://owin.orgSource codehttp://github.com/owin/owinSpecification (OWIN v1.0.0)http://owin.org/spec/owin-1.0.0.html
OWIN is a simple specification that describes how components in a HTTP pipeline should communicate13
OWIN WTH?OWIN is NOT technologyOWIN is a simple specification that describes how components in a HTTP pipeline should communicateWhat is in the communication between components is specific to each componentOWIN is a community-owned specification, not an implementationInspired by the benefits achieved by Rack () in the Ruby communityNew components could be more easily developed and consumedApplications could be more easily ported between hosts and potentially entire platforms/operating systems
OWIN Server & HOSTSKatanahttps://katanaproject.codeplex.comNowinhttps://github.com/Bobris/Nowin
15
OWIN - FrameworksNancyhttp://nancyfx.comSignalRhttp://signalr.netWebApihttps://aspnetwebstack.codeplex.comFubuMVChttp://mvc.fubu-project.comSimple.Webhttps://github.com/markrendle/Simple.WebDuoVia.Httphttps://github.com/duovia/duovia-http
Framework ()? ASP.NET Framework 1Ruby Ruby on Rails 16
KATANAOWIN Implementations for Microsoft servers and frameworks
KATANA ProjectSamurai SwordOWIN implementations for Microsoft servers and frameworksSet of Components for building and hosting OWIN-based web applicationsSet of open-source OWIN components developed by MicrosoftOffice Websitehttps://katanaproject.codeplex.com
KATANA Architecture
Host = process that runs the application and can be anything from IIS or a standalone executable (IIS/ASPTNET, Custom Host, OwinHost.exe) Start and maintain processServer = open network socket, listen for requests, and send them through the pipeline of OWIN components specified by user (Startup class), currently Katana includes two server implementations: Microsoft.Owin.Host.System.Web and Microsoft.Owin.Host.HttpListenerMiddleware = OWIN pipeline components are known as middleware
Host: The process that runs the application and can be anything from IIS or a standalone executable, to your own custom program. The host is responsible for startup, loading of other OWIN components and shutting down gracefully.Server: Responsible for binding to a TCP port, constructing the environment dictionary and processing requests through an OWIN pipeline.Middleware: The name given to all of the components that handle requests in an OWIN pipeline. It can range from a simple compression component to a complete framework such as ASP.NET Web API, though from the servers perspective, its simply a component that exposes the application delegate.Application: This is your code. Because Katana is not a replacement for ASP.NET but rather a new way to compose and host components, existing ASP.NET Web API and SignalR applications remain unchanged, as those frameworks can participate in an OWIN pipeline. In fact, for these kinds of applications, Katana components will be visible only in a small configuration class.
http://www.asp.net/aspnet/overview/owin-and-katana/an-overview-of-project-katanahttp://msdn.microsoft.com/en-us/magazine/dn451439.aspx
19
LIVE DEMO 1Hello ASP.NET Identity
LIVE DEMO 2Lets consume the API
LIVE DEMO 3Write your own OWIN middleware
LUCKY DRAW !!
THANK YOU3 Times