Introduction
This sample demonstrates a real-world SaaS architecture and scenario using the Azure Services Platform to perform federation and multi-tenancy. Technologies used include the Access Control service (part of .NET Services) as well as SQL Data Services (part of SQL Services).
Overview
Azure IssueTracker demonstrates a real-world ISV scenario where you want to create and host a SaaS application for your consumers. This sample is being releasede in two versions: Standard and Enterprise. The Standard version allows ad-hoc users to use LiveID federation with the .NET Access Control Service and authorize other LiveID users. This allows small groups of users to quickly provision projects and issue tracking capabilities.
The Enterprise version of IssueTracker uses the same claims-based authorization capabilities as the standard version, but allows greater control by customers over claims and authorization decisions. Additionally, the Enterprise version offers more premium capabilities like onsite configuration and monitoring in true S+S fashion.
The IssueTracker service itself is a very simple service - providing basic issue management and workflow capabilities. Because the service and the website are claims-aware applications, it allows for some interesting scenarios. Using a single set of claims and authorization logic, both active clients and passive web clients can consume the IssueTracker service. This architecture gives us the best of software on premises with rich UI capabilities as well as the broad reach of web clients - without changing a single line of code to support it.
Standard Release
The Standard edition contains the core architecture of the system, including:
- Federation with LiveID via the .NET Access Control Service. This allows users to get a token to the service with their LiveID credentials and allows the .NET Access Control Service to perform rule mapping and add additional claims.
- Delegation using Geneva Framework and 'Act As'. This allows us to take the client's security token obtained at the website and pass it along to the IssueTracker services layer that does the actual work. Claims are checked in both the web client as well as the service for authorization. This effectively decouples the client from the service implementation and allows for a variety of clients to use the IssueTracker service.
- Scale free data storage and custom issues. The IssueTracker service takes advantage of SQL Data Services to provide the data services for this application. Because SDS supports the flexible data model, it is trivial to support a custom issue data per project. This allows customers to track the issues and data that matter them in true multi-tenant fashion.
Enterprise Edition
- An extension to the Standard Edition, IssueTracker Enterprise Edition includes:
- Federation with any SAML 1.1 compliant identity provider
- Management intgeration - allows your customers to manage your service just like on-premises:
- Use MMC to change claim mappings
- use PowerShell scripts to enable/disable IssueTracker, obtain operations response time
- Integration with monitoring - customers can integrate with popular monitoring packages and monitor the health of the service
The code base has also been updated to use MVC RC1
Dependencies
Azure IssueTracker requires the following technologies in order to compile and run:
Authors and Contributors
The following folks architected, coded, or consulted on this sample.