Why Windows Server AppFabric Monitoring does not work

30 בנובמבר 2011

I wanted to demonstrate how Windows Server AppFabric Monitoring works for WCF services, but when I called my services I did not see any recording of any WCF call. Why?  It took me some time to find the problem. To make the story short. AppFabric monitoring relies on SQL Agent. WCF event are written to a database that is set when we configure AppFabric Hosting Service. This information is written to the "ApplicationServerMonitoringConnectionString" connection string in the root web.config of the server When the system is working properly, WCF events are written...
one comment

Windows SDK 1.6 was released

23 בנובמבר 2011

Windows Azure SDK 1.6 was released a couple of days ago - it's the November release. It includes updates to the Windows Azure Tools for Visual Studio 2010 and Windows Azure Libraries for .NET, in addition to other fixes and performance improvements. The entire Windows Azure SDK 1.6 is available for download. The Windows Azure Tools for Visual Studio 2010 can be obtained separately via the Web Platform Installer. The objective with this update to the tools for Visual Studio 2010 is to make it possible for developers to manage all aspects of application creation and deployment...
one comment

Securing AppFabric Service bus with ACS

I was working with a customer that wanted to use AppFabric Topics to push notifications to clients. as We all know anyone who wants to listen or send messages using service bus has to authenticate first. Traditionally authentication to the service bus was done by presenting a secret key before a connection was established.It is reasonable to put the secret key in a software package deployed on a server (Some can argue with that and say it is a security violation) but providing the key to numerous clients? This is a true security breach. So How can we...

Using AppFabric Azure Topics

17 בנובמבר 2011

Recently the AppFabric team released real pub-sub capabilities with the new queues and topics features. Queues are simple. AppFabric provides a queue for durable messaging between senders and receivers. Topics are interesting because they allows to create different subscriptions so different clients can receive only the messages they need. To demonstrate how to use topics I created two helper classes: Senders and Receiver that will send and receive messages using AppFabric Topics. Sender /// <summary>     /// Send messages to AppFabric Topic     /// </summary>     /// <typeparam name="T"></typeparam>     public class...

Dynamic metadata for custom STS

16 בנובמבר 2011

Security Token Services (STS) expose metadata in a special metadata files. Usually the file is exposed to the web in the address baseStsAddress/FederationMetadata/2007-06/FederationMetadata.xml  so typical customers can download the file and fetch the information required to use the STS. The metadata file contain information about the endpoints exposed, the claims the STS can produce, the signing key and algorithms. Producing the metadata file is not trivial this is why we do not want to do this manually each time something changes in our custom STS. So instead of creating a real (static) metadata file we...
no comments

Disable SSL Certificate Negotiation Validation

SSL is required for a growing number of scenarios yet a public certificate which is produced by a trusted certificate authority is not always available. In such scenarios we use self signed certificates. The problems with these certificates is that all certificate validation mechanisms will fail. To overcome that we need to do the following: 1. Disable WCF certificate validation <endpointBehaviors>         <behavior name="clientBehavior">           <clientCredentials>             <serviceCertificate>               <authentication certificateValidationMode="None"/>             </serviceCertificate>           </clientCredentials>         </behavior>       </endpointBehaviors> 2. Disable Http certificate validation  ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(delegate  { return true;  }); 3. Make sure that the domain name (of the site...
no comments

Convert SAML token to SWT token using ACS

In Claim based applications we use token to provide the application (Relying party) with details (a collection of claims) about the the authenticated identity. In ASP.net web sites and WCF SOAP services SAML tokens are used as a container for the claims. SAML is a standard that describe how token and claims are constructed and how they are cryptographically protected using digital signature and encryption. SAML tokens are powerful yet they are large. The size of the token is not a real issue in ASP.Net web sites as well as in SOAP WCF services but for REST web services...
no comments