Robert Hurlbut's Blog

Thoughts on .NET, Security, Architecture, Agility, and Databases.


.Company / Other Sites / Other Blogs

.NET Links

.NET Local Boston Events

.NET User Groups in New England

Blogs - .NET

Blogs - Agile

Blogs - Architecture

Blogs - CLR

Blogs - Security

Blogs - SQL Server

Blogs - System.Transactions

Enterprise Services (COM+) Resources

Indigo Resources

Microsoft Security Resources

Presentation resources

Recommended Books

Rotor Resources

Security Resources

March 2006 - Posts

A little late (voting ends today at 5:00 pm), but I have submitted a Birds of a Feather (BoF) session for TechEd 2006:

Developing as a Non-Administrator with XP and Vista

There has been lots of talk lately about the importance of running and developing software with least privilege accounts (LUA). Unfortunately, there are many developers who still run as Administrators on Windows XP and 2003 because it is either difficult to make the shift or just easier to develop that way. As a result, newly created software may only run when users are Administrators. This can cause problems for users who have to run software as a Non-Administrator. Also, Windows Vista promises to change things for better security with User Account Control (UAC). This session will provide a forum for developers to discuss the challenges of developing as a Non-Administrator with current Windows XP and 2003 environments as well as using the new UAC features in Windows Vista.
Intended Audience: Developer
Submitted By: Robert Hurlbut, Hurlbut Consulting, Inc.
Please go vote here if this sounds interesting to you. I know some members of the Vista UAC team will probably be there (they are presenting a couple of sessions on UAC at TechEd) plus a few others with lots of experience on this topic. It should be a great discussion.
Posted by RHurlbut | 1 comment(s)
Filed under: , , ,

This is great news! The much awaited (by myself and many others) release of Rotor 2.0 has been released. Get it here.

Here is what is new:

- Full support for Generics.
- New C# 2.0 features like Anonymous Methods, Anonymous Delegates and Generics
- BCL additions.
- Lightweight Code Generation (LCG).
- Stub-based dispatch.
- Numerous bug fixes.

Enjoy! [Found by way of Jan Kotas on the Rotor team]

Posted by RHurlbut | 1 comment(s)
Filed under: , , ,

Over the past couple of weeks, I have been working on understanding some of the latest options available for Windows Communication Foundation (WCF) and Federation security. In particular, I have looked at Kerberos authentication (where your Active Domain serves as your Secure Token Server (STS)) to give you seamless Single-Sign On (SSO). But, how do you leverage SSO if your users are outside of your domain? There are a couple of options:

1. WSFederationHttpBinding (renamed from WSFederationBinding in the Feb CTP to make it clear this only works over HTTP)

2. Active Directory Federation Services (ADFS)

ADFS looks pretty straight forward, but may be too heavy for what I was interested in doing. Today, I found this great simple example "Implementing a Secure token service with WCF" by Pablo M. Cibraro[found by way of Sam Gentile]. Pablo uses the username token for client authentication and an X509 certificate to encrypt and sign the server token.

More Posts