Support for ASP.NET Identity 2.0

[kal]

It would be nice to be able to use ASP.NET Identity 2.0 APIs for user authentication and authorization and even nicer if B* could used as the store like we did for ASP.NET membership and role providers a while back.

See http://www.asp.net/identity

[kal]

Won't have time to complete in this milestone. Move to the Future Work pool

[Lercher]

I'm not quite positive on this, but isn't this an out of the box feature of the newer IISes (>= 7.0), is it? Which is supported, I suppose?

A different idea for getting at least a bit of security to the standalone service version of the server would be to have optionally different end points, esp. tcp ports for sparql queries, sparql updates and the administrative services such as store creation. So these operations could be filtered by a simple firewall configuration.

[kal]

I think that supporting ASP.NET Identity for IIS deployments is pretty much a no-op - it should just work.

This ticket though is also about supporting the ASP.NET Identity 2.0 APIs so that BrightstarDB can be used to store identity information instead of having to run a separate SQL store. I think that will end up being a chunk of work; I've started a separate subproject for ASP.NET role and membership providers using BrightstarDB (working on the old ASP.NET APIs) and this ticket might well end up getting moved into that project.

In terms of endpoint security it is an interesting idea to support the different endpoints on different ports, but I'm not sure how practical that is in the Nancy framework; however it should be pretty easy to setup a proxy (either IIS or Nginx for example) that exposes the different endpoints on different ports and then use the firewall on top of that.