• Online, Self-Paced
Course Description

In this course, you will learn how to implement claims-based authentication in an ASP.NET MVC web application in Visual Studio 2017.

Learning Objectives

Implementing Claims-Based Authentication

  • start the course
  • use federated user authentication in an ASP.NET MVC web application
  • create a Visual C# class library that uses the Windows Identity Foundation framework to work with a custom security token format
  • create a custom security token handler class by inheriting and overridding properties and methods from the SecurityTokenHandler class
  • use a custom security token handler to validate custom tokens and their signatures as well as to write custom tokens to XML and generate token signatures
  • use a custom security token handler to validate custom token audience URIs, parse custom tokens, and create claims for custom tokens
  • configure a secure token service that manages SAML 2.0 tokens in an ASP.NET MVC web application
  • create a custom security token service configuration class and create a signing certificate utility that retrieves X509 certificates in an ASP.NET web application
  • create a Visual C# class that implements a custom security token service in an ASP.NET web application
  • create an ASP.NET Web Forms login page that is used by a custom security token service to authenticate users from a client ASP.NET web application
  • create an ASP.NET client application that consumes tokens issued by a custom security token service
  • edit a client application's Web.config file so that the client application may consume tokens issued by a given custom security token service

Practice: Handling Token Formats

  • handle token formats (for example, oAuth, OpenID, Microsoft Account, Google, Twitter, and Facebook) for SAML and SWT tokens

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.