Categories
Uncategorized

Colin Bowern at the Metro Toronto .NET User Group: Authentication Alternatives for ASP.NET

This article also appears in Canadian Developer Connection.

Slide: Passwords are like pants (with picture of boxer shorts): You shouldn't leave them out where people can see them, you should change them regularly and you shouldn't loan them out to strangers!Click the photo to see it at full size.
(And yes, he’s using the word “pants” in the British English sense, as in “underpants”.)

On Thursday evening, I caught Colin Bowern’s presentation, Authentication Alternatives for ASP.NET at the monthly gathering of the Metro Toronto .NET User Group. Here’s the abstract:

Asking someone to create another username and password is presents risk. Most people use the same password across sites, or worse yet they write it down! The good news is there are smart people thinking about how to solve this problem and for web developers there are easy ways to take advantage of their hard work. In this session we will take a look at the credential management from a user perspective. We will dig into the efforts made in Active Directory, Windows Live ID, OpenID, OAuth, and Facebook Connect and how you can take advantage of them in your application.

He covered Windows Live ID, OpenID and OAuth. Not only did he show the theory, but he also presented some reasonably easy-to-follow code and showed it in action. Colin’s got a good presentation style; perhaps he picked up a thing or two at the speaker’s workshop we had a week ago as part of EnergizeIT!

Here’s the “Call to Action” slide from his presentation:

Colin Bowern's "Call to Action" slide

…which says:

    1. Stop requiring users to create more identities
    2. Leverage OpenID for authentication – see the DotNetOpenID project at Google Code
    3. Investigate OAuth for delegated resource access
    4. For apps targeting corporate scenarios, read up on the Geneva product set – see items on Channel 9 tagged “identity”

Afterwards, I joined Colin, Metro Toronto .NET User Group President Graham Marko and a few others for some post-presentation Guinness at the nearby pub The Spotted Dick and told them I’d catch them at the Toronto Code Camp in a couple of weeks.

Next Presentation: Yours Truly on ASP.NET MVC

Metro Toronto .Net user Group logo I was invited to present at the Metro Toronto .NET User Group meeting. Graham said I could present on any topic I wanted, so I asked if anyone had done one on ASP.NET MVC yet. No one had, so I figured I’d cover it. I’ve been looking into it casually for the past little bit and I’ll be diving into it over the next month, with my experience using another MVC web framework, Ruby on Rails, as my guide. I promise I’ll be informative and entertaining! You might want to come even if you’re not a .NET developer.

The next meeting will take place on Thursday, May 28th from 6:00 p.m. to 9:00 p.m. at the North Tower of the Manulife Financial Offices (200 Bloor Street East, on the north side, between Church and Jarvis). Yes, the meetings take place around dinner, but they provide some pizza and pop, and there’s always an opportunity for post-session nachos at the nearby pub.

2 replies on “Colin Bowern at the Metro Toronto .NET User Group: Authentication Alternatives for ASP.NET”

Comments are closed.