"GOTO Copenhagen 2014 is designed for software developers, IT architects, agilists, product owners and project managers who want to go into depth with one or more subject areas e.g. Java, .Net, JavaScript, Web, Mobile, Cloud, Lean/Agile, and Architecture. Each training offers a chance to develop your skills and become more effective in your work. The conference includes 8-12 daily trainings. You can choose to sign up for just one training, a two-day-training, or join one training each day– it’s completely up to you! Our trainers are authors, experts and practitioners across various areas of software development so you get a chance to learn from and network with the best".

Workshop: "Identity & Access Control for ASP.NET Web API-based Architectures"

Track: Identity & Access Control for ASP.NET Web API-based Architectures / Time: Monday 09:45 - 17:30 / Location: Room 4

HTTP services (or Web APIs as they are called today) have proven to be the right technology to model back ends that can be consumed by arbitrary clients – desktop, mobile, browser-based or native. But this diversity also creates quite interesting security challenges around authentication and authorization across devices and platforms.
ASP.NET Web API is Microsoft’s framework to implement such architectures using the .NET platform, and starting with version 2.0 has a full-featured security framework and infrastructure to deal with all scenarios you might come across. Lean from one of the most influential experts in that area how that works!
 
-  Identity & Access Control in .NET – Status Quo
-  ASP.NET Web API Security Architecture
-  Katana/OWIN Security Framework & Authentication Middleware
-  Native vs Browser-based Clients
-  Token-based Authentication
-  OAuth2
-  JSON Web Tokens
-  Client and User-based Authorization

 

Dominick Baier, Security Consultant at thinktecture

Dominick Baier

Biography: Dominick Baier

Dominick spends most of his time thinking about identity and access control in distributed systems and application architectures. He’s the creator of the popular open source security token services called IdentityServer and AuthorizationServer as well as the security library IdentityModel (http://thinktecture.github.io). He works with the Germany-based company thinktecture as a security consultant and is the co-author of “A guide to claims-based identity and access control” as well as a frequent conference speaker. He blogs at http://leastprivilege .com and tweets under @leastprivilege.