Today I was reading an article about “Architecting Multi-Tenant Applications in Windows Azure” in the June 13 edition of MSDN magazine. There were four areas the author intends to cover in the series where Azure helps in the design of applications. The first one was about Authentication.
It turns out that Microsoft Azure Active Directory has some neat integration wrapped around a number of authentication Authorities. Facebook, Google, Yahoo and Microsoft Live were listed in the Article. I don’t know all the Authorities currently supported in Azure Active Directory.
The neat part about this tool is that it is a centralized framework with the appropriate device drivers necessary to connect to the different authorities. This allows you to program your applications to a single interface without having to roll your own device drivers. Since it is in Azure you can use it from any application having access to the internet.
Obviously, it will work best with applications hosted in Azure. Since Azure Active Directory does all of the heavy lifting, it should work rather nicely from a remote client not hosted on Azure. It doesn’t require that much communication to use it.
While I was reading the article I was wondering how smart it is to use something like a Facebook account as a single sign-on tool. I get at least on phishing email daily from someone trying to get my Facebook password, amongst others. Does it make sense to use something as public as a Facebook account for authentication?
If we choose not to use public authentication, does that diminish the need or value of tools such as Microsoft Azure Active Directory? Do you have other frameworks handling remote authentication you like to use? Share your thoughts below or send them to me at btaylor@sswug.org.
Cheers,
Ben