|
|
Browse by Tags
All Tags » WCS » the Web (RSS)
-
On the Paris-Seattle flight, coming back after 2 weeks spent stuffing myself with all sorts of food with the excuse "after all, you can't find this in USA" :) Before hurling myself back in the vortex of daily work, and celebrate the end of the year with something crazy, I want to take some time writing down some hallucinatory (=vision without execution) thoughts about omnidirectional identities . Be warned, this may be just pointless rambling at this point. Few weeks ago I chatted about this in front of a microphone with John Udell , digressing along a crazy tangent instead of answering his questions about the book (I eventually came back to Earth and answered properly :)). I don't know if he'll deem those fragments publication worthy, but just in case I'll make a brain dump here. It's not that there's much more to do in this small seat anyway (just finished the latest Eco . He didn't mention underbite at all, I'm happy). Looking back at the activities related to identity in the past year, I am glad to report that amazing progress has been done. Something that makes 2007 very different from 2006 is the kind of work that was made: in 2007 the accent was on execution. The vision behind the metasystem is still being explored, sure, like Kim's series on linkage or the discussions about display token and first law demonstrate; and I feel that conjugating the metasystem and claims in enterprise environment is an area that still need focus (especially in fighting old forma mentis that Read More...
|
-
Ah finally. I waited for this moment a looong time :-) the first draft of "Understanding Windows CardSpace" is available in prerelease online, on Safari Rough Cuts . More details below. It's already few weeks that our book, " Understanding Windows CardSpace ", showed up on Amazon and in the in-store kiosks at Borders . It's really an emotion to make an ego search and find a book that you wrote , as opposed to books in which you are acknowledged (which BTW is always VERY nice! Thanks to the authors of " Writing Secure Code for Windows Vista™ "," Web Services Architecture and Its Specifications: Essentials for Understanding WS-* "," Web Service Security "," Windows Communication Foundation Unleashed " and " Microsoft® Windows® Communication Foundation Hands-on! Beta Edition " for mentioning me). The manuscript is finally in a shape that allows to give a good idea of what the final book will look like: and while it's true that many figures are still the sketches I made on my tablet, if you are a regular reader of this blog you are definitely used to the style... Hence, we published the manuscript in its current form on Rough Cuts . Rough Cuts is a great service provided by Safari , that can be accessed even if you are not a safari subscriber. In their own words: Sometimes you just can't wait for the book. When you need to gain early access to information on cutting-edge technologies, turn to the Rough Cuts service from Safari Books Online. With the Rough Cuts service, you'll access Read More...
|
-
In short: this is the description of a sample that sends a CardSpace-obtained token to an AJAX service implemented with the new Orcas features. Few posts ago I published a tutorial about using CardSpace with Silver. While talking about it with Kushal Shah from the Workflow team, he suggested that it could be nice if we'd also demonstrate how to use CardSpace with the new RESTful capabilities of WCF: that sounded perfect for my "cardspace+<technology_of_choice>" series, hence I promply jumped on the task. The post below documents the results. Preamble Before diving into the code, let's take a moment for understanding what is this all about. The .NET framework 3.5, currently in beta , extends WCF with new capabilities explicitly designed to enable web development scenarios. There's really a lot to say on the subject, however for our context it is enough to say that you can now expose WCF services in ways that makes them extremely easy to consume from web pages. In practice, this mean that you can 1) invoke WCF services via HTTP verbs (POST and GET) and 2) handle messages in web-friendly formats, such as JSON. The macroscopic implication is that you don't need a proxy. Calling a WCF service becames a simple exercise in BLOCKED SCRIPT you gather the data from whatever UI element you need to, you create "by hand" a web request in AJAX style (with the object XMLHttpRequest or the activeXs Msxml2.XMLHTTP/Microsoft.XMLHTTP) and finally you use the results for updating selcted parts Read More...
|
-
Dennis announces the CTP of the Biztalk Services, one of the webbyest CTP we have: those are actually services, the only thing you need (if you want a quick start) is the SDK . There is much to be said about this new release, and I hope I'll be able to play with it soon (dear Editor, don't worry: I know I have to send the next chapter first :-)). However, I think that the most exciting news is in the following Dennis words: "your service opens at a URI on the connect.biztalk.net machines. Then a client connects to that URI and can start sending messages. We don’t want to be in the way of your app, so our relay will immediately try to establish a direct connection between clients" See? True P2P! What are you doing still reading this post, aren't you toying with it yet? :-) BTW, take a close look to the Identity Selector in the screenshot in Dennis' post: I'm sure that the loyal readers of this blog will recognize some of the cards (thanks James for pointing this out!) Read More...
|
-
In short: I discuss Sidebar Gadgets, and I show you how to invoke a CardSpace-protected WCF service from a simple Gadget. Full source code is provided, along with detailed commentary on the road I've followed for getting there. Added bonus: the code shows how to apply an arbitrary configuration file to WCF, an issue often encountered when hosting WCF code in processes you don't control. Sidebar Gadgets are mini applications which live in the Sidebar, a UI element on the Windows Vista desktop. They are extremely handy for keeping an eye on information you are often interested to; they are also very good at providing you a quick-reach UI for tasks you perform often. As you know I wear the server guy hat, so I'm not really the best person for explaining the advanteges of Gadget: I would suggest visiting Michael and Jaime blogs if you want more details on the subject. When I thought of how the gadget model could be useful for me, I realized that much of the information I'd like to keep an eye on happens to be confidential (like being notified if I received a wire transfer, or getting the access statistics from my website); the actions I want to take when I react to changes in those data are also requiring high security levels (like accessing a portion of my home banking for giving approval for a certain utility bill to be paid). So, would not be great if we could use CardSpace for authenticating the services accessed by a Gadget? I thought for few nights about the issue, devised a Read More...
|
-
Few days ago I have posted a tutorial on combining WPF/E and CardSpace for securing rich internet applications. Literally hours later Daniel Bartholomew , the great guy that extended dotnetnuke with a cardspace ready module , followed the tutorial and published the live example on the web! You can experience that by visiting his test page . Thank you Daniel, this is AWESOME !!!!!! :-) Read More...
|
-
One of the most common question I've got in the last year or so had to do with OpenID and if it had a role in out future plans. I can only guess that the OpenID guys received a corresponding question about CardSpace... well, you don't need to wonder anymore. *** Hardt of Sxip Identity , Michael Graves of VeriSign , Scott Kveton of JanRain and our very own Kim Cameron published an announcement in which they disclose that " JanRain, Microsoft, Sxip, and VeriSign will collaborate on interoperability between OpenID and Windows CardSpace™ to make the Internet safer and easier to use ". Now: this not only *great* for identity itself, but I believe it is a lesson about the whole WS-* versus REST debacle. The two approaches deal with different problems, and the choice between the two does not need to be exclusive. Trends and hype cycles tend to polarize everything, often parties become religious about their choices ( certain fanatics even go as far as putting their favourite approach on their license plate :-)). Hopefully today's announcement will show that integration is not only possible, it is the way ahead. Always IMHO, naturally :-) Read More...
|
-
If you are watching the Card-space, I'm sure you didn't miss it: the Otto Store smart client application, announced during TechEd Europe and VSLive, is now up and running. You can download and install it from there . This news is relevant to this blog in different ways. The Otto store is the first application available on the internet to use managed cards. It is the first application to secure web services call via CardSpace. And among the customers I have worked with in the last year, Otto is the first one to release a CardSpace based application. Hoooray! It was a pleasure to work with everybody on the project, I can't tell you the satisfaction of seeing all this beautifully coming together. I could fill the entire post just with juicy annedoctes, like the time when me and Jaime (the great guy who dealt with the WPF parts here in Corp) flew in Germany for the first ADS: we took an early cab from downtown Munich to the offices, and it was the very first ride of the very first work day of our extremely young driver. A 20 mins drive became a 45 mins tour in the foggy & frozen countryside around Munich, with the driver increasily panicking: the GPS was banned by his company policy, so I could not pull out my beloved Universal and give him a hand. He was very brave and professional! In the end we did it to the meeting, though with some delay: looking at he app today, anyway, looks like that delay didn't really matter that much. But you're not interested in annedoctes, are you: Read More...
|
-
Dennis and his team just went live with, no pun intended, the all new & improved live labs STS !! While the former incarnation was a pure resource STS, this is a full fledged Identity Provider STS. If you have a Live ID, you can go throught the easy steps of the registration and get your very own live labs managed card. You have a choice of 2 authentication factors: self issued cards and username/password. Youc an then register the certificate of your RP, and you're all set. You can start playing with it from the very start! I am truly happy of this, you can finally get a direct feeling of what an identity authority is and how to incorporate it in your experiments. Unfortunately I don't have much time now to give more detailed instructions, but I'll do that as soon as I have a second. In the meanwhile, please remember: this is a lab, don't expect commercial-grade assurances. Below a screenshot of my indentity selector after the newly imported live labs card Great job Dennis et al! I suspect that there's the hand of Hervey as well :-) Read More...
|
|
|
|