Archives
-
WIF support for W2k3
WIF will be finally supported in W2k3. This has represented a big barrier for the adoption of WIF in one of my customers for a while, but it looks like now I will able to use it after December :). This is the official announcement made by the Geneva Team this weekend on their blog,
-
WCF extensibility guide
The first chapter of the WCF extensibility guide that Jesus and I have been working on during the last few months went live in MSDN this weekend. You can find it here, http://msdn.microsoft.com/en-us/library/ee672186.aspx
-
Scenarios for WS-Passive and OpenID
I was wondering these days what would be the point in using WS-Passive when there is another simple sign-on solution, OpenID, that works really well and it’s getting a great adoption in the community. I can not say the same about WS-Passive, I haven’t seen any concrete implementation yet (For instance, Microsoft is planning to release a first implementation as part of the WIF framework before the end of this year).
-
Client Configuration in WCF 4.0
As Dr Nick announced in this post, WCF 4.0 will ship with a new feature to configure a client channel from a configuration source other than the traditional section in the application configuration file (I discussed a workaround for doing the same thing in WCF 3.0 a time ago in this post)
-
OAuth in action – Linq2Twitter
The other day I came across a pretty cool project, Linq2Twitter, that basically implements a linq provider for consuming the Twitter REST Api. This project is not only interesting because it provides an intuitive model for incorporating Twitter calls into any existing application, but also because it shows how to use the OAuth authentication mode that the Twitter Api supports.
-
Buenos Aires Codecamp 2009
El proximo sabado 26 de septiembre vamos a tener la oportunidad de tener nuevamente un codecamp en buenos aires de la mano de Microsoft.
-
A bad idea, EF Entities over WCF Part II
In the previous post, I discussed how bad was to expose EF entities directly as data contracts from a perspective of “interoperability”. This also revealed a lot of internal implementation details about EF that the client applications should not worry about.
-
Disposing a WCF Proxy
A common misconception is to think that a WCF proxy can be used and disposed as any other regular class that implements IDisposable. However, the IDisposable implementation in the WCF client channel is not like any other, and it can throws exceptions. A phrase I got from this thread in the WCF forum will give you a better context about this scenario,
-
A Bad Idea, EF Entities over WCF
Do you want to see something very ugly ?. Try to send a complete EF entity directly as a data contract over the wire with WCF,
-
Tellago esta contratando!!
Como Jesus menciono en su post “We are still hiring..”, en Tellago estamos buscando gente que quieran unirse a nuestro equipo de desarrollo. En estos momentos tenemos algunas posiciones para Arquitectos y Desarrolladores con buenos conocimientos de Biztalk e idioma ingles.
-
Injecting Custom Logic in ADO.NET Data Services
ADO.NET Data services represent today one of the most powerful alternatives to build RESTful services in the .NET platform. This framework basically creates a RESTful API on top of any IQueryable data source. Most of the steps required to publish a set of resources through http and make them available for any client are automatically implemented.
-
What I like about OpenRasta
After having playing with the current bits of OpenRasta (OR) for a while, I am now able to see great advantages in using this framework over other existing frameworks for building RESTful services such as WCF or the ASP.NET MVC.
-
Webcast "OpenID, OAuth y Live ID. Cual es la diferencia ?
El proximo miercoles 20 de mayo a las 3 PM (GMT-05:00 Colombia, Panama), voy a estar presentando un MSDN webcast acerca de OpenID, OAuth y Windows Live ID. El evento va a ser transmitido en castellano para la comunidad de latinoamerica, y se va a enfocar en las caracteristicas principales de estas soluciones/protocolos, como funcionan, y algunos escenarios en donde se pueden aplicar con exito.
-
I am joining Tellago
On May 18th, I will officially become part of Tellago. I will be joining a great team with people that I respect immensely like Jesus Rodriguez, DonXml, or Joe Klug to name a few. Thanks guys for give me this opportunity!!.
-
OpenRasta, an open source alternative for developing Restful services
OpenRasta (OR) is the name of a new open source framework for developing Restful applications (Web applications or services) created by Sebastien Lambla. As the ASP.NET MVC, this framework is also an implementation of the MVC pattern, which focus mainly on a good separation of concerns, and provide different extensibility points where the developer can plugging custom code at the moment of developing applications.
-
Developing RESTful services with JSON and POX support in the ASP.NET MVC
Many of the features available out of the box today in the ASP.NET MVC framework are only intended to develop web applications using REST principles. There is not support for accepting incoming messages encoded as JSON or plain old XML (POX), or even support for returning POX from a controller action. Only form-urlencoded data is accepted by default for incoming messages, and JSON/HTML (with support of the view engines) for outgoing messages in controller actions.
-
Webcast para el programa Microsoft Student Partner “Building Web Services”
Aqui pueden encontrar el material de la prestacion que di en el dia de hoy acerca de construccion de web services con ASP.NET y WCF en Visual Studio 2008.
-
Mutual Certificate Authentication for WCF REST services
When Mutual Certificate Authentication is configured for REST services, both, the client and the service perform identity verification or authentication through X509 certificates.
-
Sharing the security context between ASP.NET and WCF REST Services
It is very common for WCF services that work as Ajax callbacks and ASP.NET pages that live in the same web application to share a common security context for the authenticated user. However, in order to make this happens, the ASP.NET compatibility mode must be enabled for the WCF service. When that setting is enabled, WCF basically includes the service call within the ASP.NET pipeline, all the ASP.NET modules configured for the application are executed, and as result, the HttpContext get initialized for that service as it was a normal page.
-
MVP again 2009!!
I just got great news! MVP in Connected Systems for another year.
-
Support for Form-UrlEncoded data in WCF Rest services
Some people have been asking around in the MSDN forums or stackoverflow about a possible way to pass form-urlencoded data to an existing WCF REST service. Although this is not a core feature in WCF from my point view, there is still some support for addressing this scenario in the REST Starter kit.
-
Streaming large content from a WCF RESTFul service
Streaming large content such as media content, images or files is a common scenario for RESTful services. If a scenario like this is not well addressed or implemented on the service side, there is a high risk of consuming server resources like memory or CPU in a matter of seconds. This usually happens when the complete content is loaded in memory before it is transferred to the service consumer.
-
Custom Basic Authentication for RESTful services
It’s very common when developing RESTful services to authenticate users against a proprietary user database. This is generally done with a combination of username and password through http basic authentication. Unfortunately, basic authentication is tied to windows accounts in IIS, which leads us to find out some alternatives or workarounds to support this scenario. WCF 3.5 made possible to authenticate transport credentials with one of the existing UsernamePasswordValidator extensions, however, this approach does not work for IIS hosted services.
-
“MUrl” and “MService”, two new DSLs for REST services
Doug Purdy and Chris Sells announced today in the mix the availability of two new DSLs for RESTful services. MUrl for defining RESTful clients, and MService for defining the service implementation.
-
Negotiating SAML tokens for REST clients with the HttpClient class
Continuing my post “Brokered authentication for REST active clients”, I will show today how the client code can be simplified using the new HttpClient (WCF REST Starter kit 2) and some custom http processing stages attached to its pipeline.
-
PollingAgent and AtomPubClient in the WCF Rest Starter kit preview 2
PollingAgent is an utility class for consuming REST services that implement conditional gets. An instance of this class will periodically invoke the service within a predefined interval of time, and fire an event on the client side when a new response is available to consume. It is internally layered on top of the HttpClient class, so all the pipeline infrastructure provided by this last one is also supported for this pooling agent.
-
HttpClient in the WCF REST Starter Kit Preview 2
HttpClient is a new utility class introduced in the WCF REST Startert Kit Preview 2 for consuming REST services. This new class is made up of three different parts,
-
Code generation with T4, Entities to DTOs example
T4 is a powerful template engine for code generation shipped out of the box within Visual Studio. It is an evolution of T3, which was initially introduced a couple of years ago as part of the DSL toolkits and the software factories.
-
WCFMock, a mocking framework for WCF services
WCFMock, a mocking framework for WCF services. Not a very original name, but it was the first one that came out to my mind :). If you have been following my blog for a while, you might notice that I discussed different approaches in the past to unit test WCF services, here and here. One of the major pains that you will find today for unit testing WCF services is the static operation context (OperationContext and WebOperationContext). If you service implementation relies on that context for doing something, you will have a hard time trying to test that functionality.
-
Brokered authentication for REST active clients with SAML
I have been thinking for a while about what could be a good way to support brokered authentication for active REST clients. Something I did not want to do was to force the use of WS-Trust Active profile, which is in essence SOAP based.
-
Carrying sensitive information in SAML assertions
When SAML is used in conjunction with WS-Security, only an small piece of the token is encrypted, the proof key for the relying party. The rest of the token goes in plain text, that also includes the user's claims.
-
Contract Projections in WCF declarative services
As my friend Jesus mentioned in the post "Using XAML serialization in WCF 4.0", WCF 4.0 introduces a new way to implement services that are totally defined in XAML, which receive the name of "declarative services". In the past, creating a simple service involved three basic steps,
-
Issues to subdivide an entity framework model
The other day, my team and I ran into some design issues while trying to split a big Entity Framework model into smaller pieces according to areas of functionality. At first glance, it seemed to be a common design problem, something easy to overcome, but it did not result that way. I could not find much information about people having the same issue either.
-
Some thoughts on OpenID and OAuth for Desktop clients
OpenID and OAuth are today excellent solutions for "Single Sign On" (SSO) and "Authorization Delegation" respectively. They are, however, based on Http Redirections and therefore, tied to passive clients or commonly called web browsers.
-
Upcoming MSDN WebCast "Geneva Cardspace" for Latin America
I will be presenting a MSDN webcast about "Geneva Cardspace" next Thursday 12th at 2 PM (GMT-05:00 Colombia, Panama). The event will be conducted in Spanish for all the community in Latin America.
-
Addressing authorization with OAuth or the .NET Access Control Service
OAuth
-
WS-TRUST profiles and Cardspace
Geneva framework supports today the two WS-Trust profiles, Active and Passive.
-
Security Token Handlers in Geneva Framework
According to the Geneva documentation,
-
Buenos Aires MSDN and Technet Briefing 2009
I just got an email from Miguel Angel Saenz confirming the date of the next biggest Microsoft event in Buenos Aires Argentina, "MSDN briefing", which will take place on March 25th.
-
Some thoughts on Portable STS (P-STS) and Geneva Cardspace
The other day and friend of mine asked me about portable STS implementations, if I knew about any available solution that he could use on his company. That reminded me of a conversation I had like two years ago with another developer working on custom .NET CLR framework version for portable devices (like smartcards). As part of that project, his team was also working on a TCP/IP communication stack for the device, and a http handler for accepting raw WS-TRUST messages. One goal for that project was to have a P-STS that could be interoperable with WCF. The idea seemed very promising at time.
-
Claims negotiation between a consumer, STS and Relying Party in WCF
According to the WS-Trust specification, a service consumer has a way to negotiate or ask for specific claims to the STS. Those claims (or some of them) will be generally used by the service implementation running on the relying party.
-
Running a partial SSL website with ASP.NET MVC
Keith Brown has just released a helper class (Based on an original implementation made by Dominick Baier) with very useful methods for mixing Http and Https in a regular asp.net application. Before jumping in this post, make sure to read his post (And Dominick's) to understand all the problems you may have to deal with when implementing a partial SSL website.
-
Describing RESTful applications
The other day I came across this interesting article written by Subbu Allamaraju, where he discusses some of the aspects that drive the design of a pure and self-describing RESTful interface for a service (Or service contract in other words).