Given that my grand-boss has exhorted me to update this page, I thought I'd better do something...
I've been working with all the folks Doug mentions since I re-located to Washington state from the UK, in August last year. I love working on this team, it's dynamic, exciting, there's plenty of variety, the people on the team are really smart (I'm learning lots) and the one month milestone approach really works well.
I've personally been doing a lot of work with XAML over the last 6-8 months (which I think is OK to mention) and will likely be working with XAML for the first half of 2008 too. I'll try to come up with some XAML related posts sometime soon.
A
couple of
folks were giving talks at TechEd this week and used a little Security Token Service (STS) prototype I'd put together. I'm posting a version
here so that folks can download it and play with it at their leisure. Any suggestions for improvements, new features, bug reports, post a comment.
Thanks to
Tomek for posting the file. I was too inept to be able to figure out how to upload using winscp…
BTW - You'll need a fairly recent build of Indigo to compile and run this code.
One of the devs on my team pointed me at
this…
Priceless!
A while back, I wrote a
couple of
entries on
httpcfg and using it to configure certificates when self-hosting Indigo services. The
second entry talked about the various flags that could be passed using the -f parameter.
Unfortunately, I neglected to mention that you can't actually use the syntax with preceding 0x and zeros, despite the fact that the usage help you get from just typing httpcfg at the command line would lead you to believe that such syntax would work just fine.
It turns out you actually need to specify the values as straight decimal numbers, like this;
httpcfg <otheroptions> -f 1 (Gives you cert mapping to windows accounts)
httpcfg <otheroptions> -f 2 (Gives you client cert support)
httpcfg <otheroptions> -f 3 (Gives you both client cert support and mapping to windows accounts)
httpcfg <otheroptions> -f 4 (Turns off ISAPI routing)
httpcfg <otheroptions> -f 5 (Turns off ISAPI routing and gives you cert mapping to windows accounts)
httpcfg <otheroptions> -f 6 (Turns off ISAPI routing and gives you client cert support)
httpcfg <otheroptions> -f 7 (Turns off ISAPI routing and gives you both client cert support and mapping to windows accounts)
So if you want to use client certs you need -f 2 on the command line ( and NOT -f 0x00000002 )
Jason has an entry giving more details on the Service Factory.
My friends and colleagues Jason Hogg and Don Smith, along with some other smart folk have recently opened up the Service Factory over on GotDotNet. They have a some cool Visual Studio 2005 tooling that provides guidance around building and securing web services. Their latest drops have WCF support. Go check it out!
WSE 3.0 has shipped. Hurrah! And congratulations to the team.
I seem to remember Steve Swartz had a blog here at PluralSight for a while, but the content was somewhat, well, lacking ( and now gone ). I've recently found out why. The blog Steve devotes his time to is actually
here.
My friend and colleague Doug Walter now has a
blog on this esteemed
site.
Doug is the lead development lead on the Indigo security team and I've had the pleasure of working with him on a bunch of things, including WS-SecurityPolicy and our claims-based authorization story in Indigo, over the past year or so.
I'm fairly sure that Doug and I will both be posting entries related to authorization over the next few weeks. It promises to be an interesting ride, so hop aboard!