Key Scenarios

This topic describes the most common situations developers must address when providing security functionality in their applications. Each scenario explains the task, describes a real-world situation where such a task might occur, and includes code that demonstrates how to use the Security Application Block to complete the task. The scenarios are the following:

• Obtaining a Temporary Token for an Authenticated User. This scenario illustrates how to use the SaveIdentity method to cache an authenticated identity and return a temporary token that serves as an alternative to user credentials for the duration of the user session. You can also use this technique to save a user principal or a user identity.
• Authenticating a User Using a Token. This scenario illustrates how to use the GetIdentity method to return an identity that has already been cached, when provided with a valid token. The same technique can be used to retrieve a user principal or user profile.
• Terminating a User Session (Expiring a Token). This scenario illustrates how to use the ExpireIdentity method to expire a token corresponding to an identity, when the user session ends. You can also use this technique to expire a user principal or a user profile.
• Determining Whether a User Is Authorized to Perform a Task. This scenario illustrates how to use the Authorize method of an authorization provider to perform authorization.