Access Control Service
Encyclopedia
Access Control Service, or Windows Azure AppFabric Access Control Service (ACS) is a cloud-based service that provides an easy way of authenticating and authorizing users to gain access to web applications and services while allowing the features of authentication and authorization to be factored out of the application code. This facilitates application development while at the same time providing users the benefit of being able to log in to multiple applications with a reduced number of authentications, and in some cases only one authentication. As well, the system provides an authorization store that can be accessed programmatically as well as via a management portal. Once authorizations are configured, a user coming to an application via ACS arrives at the application entrance with not only an authentication token, but also a set of authorization claims attached to the token.
, PHP
, Python
, Java
and Ruby
. It can be used with both web applications and web services.
Features
ACS has the following features- Integration with Windows Identity FoundationWindows Identity FoundationWindows Identity Foundation is a Microsoft framework for building identity-aware applications. It provides APIs for building ASP.NET or WCF based security token services as well as tools for building claims-aware and federation capable applications....
(WIF) - Support for popular web identity providers including Windows LiveWindows LiveWindows Live is the collective brand name for a set of services and software products from Microsoft, part of their software plus services platform. A majority of these services are Web applications, accessible from a browser, but there are also client-side binary applications that require...
ID, GoogleGoogleGoogle Inc. is an American multinational public corporation invested in Internet search, cloud computing, and advertising technologies. Google hosts and develops a number of Internet-based services and products, and generates profit primarily from advertising through its AdWords program...
, Yahoo, and FacebookFacebookFacebook is a social networking service and website launched in February 2004, operated and privately owned by Facebook, Inc. , Facebook has more than 800 million active users. Users must register before using the site, after which they may create a personal profile, add other users as... - Support for Active Directory Federation ServicesActive Directory Federation ServicesActive Directory Federation Services is a software component developed by Microsoft that can be installed on Windows Server operating systems to provide users with Single Sign-On access to systems and applications located across organizational boundaries...
(AD FS) 2.0 - Support for OAuthOAuthOAuth is an open standard for authorization. It allows users to share their private resources stored on one site with another site without having to hand out their credentials, typically username and password.OAuth allows users to hand out tokens instead of credentials to their data hosted by a...
2.0 (draft 10), WS-Trust, and WS-Federation protocols - Support for the SAML 1.1, SAML 2.0SAML 2.0Security Assertion Markup Language 2.0 is a version of the SAML OASIS standard for exchanging authentication and authorization data between security domains. SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal between an...
, and Simple Web Token (SWT) token formats - Integrated and customizable Home Realm Discovery that allows users to choose their identity provider
- An Open Data ProtocolOpen Data ProtocolThe Open Data Protocol is an open web protocol for querying and updating data. The protocol allows for a consumer to query a datasource over the HTTP protocol and get the result back in formats like Atom, JSON or plain XML, including pagination, ordering or filtering of the data.Many of the...
(OData)-based management service that provides programmatic access to the ACS configuration - A browser-based management portal that allows administrative access to the ACS configuration
Web Platform Support
ACS supports all modern web platforms such as .NET Framework.NET Framework
The .NET Framework is a software framework that runs primarily on Microsoft Windows. It includes a large library and supports several programming languages which allows language interoperability...
, PHP
PHP
PHP is a general-purpose server-side scripting language originally designed for web development to produce dynamic web pages. For this purpose, PHP code is embedded into the HTML source document and interpreted by a web server with a PHP processor module, which generates the web page document...
, Python
Python (programming language)
Python is a general-purpose, high-level programming language whose design philosophy emphasizes code readability. Python claims to "[combine] remarkable power with very clear syntax", and its standard library is large and comprehensive...
, Java
Java (programming language)
Java is a programming language originally developed by James Gosling at Sun Microsystems and released in 1995 as a core component of Sun Microsystems' Java platform. The language derives much of its syntax from C and C++ but has a simpler object model and fewer low-level facilities...
and Ruby
Ruby (programming language)
Ruby is a dynamic, reflective, general-purpose object-oriented programming language that combines syntax inspired by Perl with Smalltalk-like features. Ruby originated in Japan during the mid-1990s and was first developed and designed by Yukihiro "Matz" Matsumoto...
. It can be used with both web applications and web services.