Archive | Security RSS feed for this section
Handling SAML 2 Claims in ADFS 2.0
One of the reasons for moving to ADFS 2.0 is to take advantage of the newly added SAML 2 support. Previous ADFS versions supported WS-Federation and SAML 1.1 security tokens but didn’t support the SAML protocol or SAML 2 security tokens. This post outlines my experience in configuring ADFS to accept a SAML 2 security token from a SAML 2 Claim Provider and then send a SAML 1.1 security token to a WS-Federation Relying Party.
Continue reading...HTTP Modules and Clients with Certificates
29. June 2010
Comments Off
Suppose you want to restrict access to certificates from a specific certificate authority, but only certain types of certificates like those found on SmartCards. The following code is an example of how to use a HTTP Module to restrict web client access to a website to only specific types of certificates.
Continue reading...Living in an ADFS 2.0 World
29. June 2010
Comments Off
Recently my customer had asked me to build a proof of concept lab to support a federated trust with an Oracle federation server. This request was the perfect opportunity for me to get up to speed with the latest and greatest in Active Directory Federation Services. In the next couple of posts I will go over some interesting and sometimes frustrating things I learned while getting everything working.
Continue reading...200 Million Per Arrest? What a deal!
8. April 2010
Comments Off
The main point of an article by Rep Duncan Hunter is how the Federal Air Marshal Service is a total waste of money, resulting in little over 4.2 arrests per year but costing the tax payers approx. $200 million per arrest.
Continue reading...Insecure login at Tumblr, really?
22. March 2010
Comments Off
You see it all the time… A cool new website that offers a great set of features. What is usually missed in this process is the check for a secure login screen. A perfect example is the latest social networking site Tumblr. Hopefully my account credentials won’t be hacked before Tumblr can get a secure login page available…
Continue reading...Chris Blankenship’s Ramblings
I am an Infrastructure Consultant with Microsoft 
focused on Directory Services, Identity, and Security technologies.
This is my personal blog where the information provided comes from my own personal experiences.
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.
30. June 2010
Comments Off