Browse by Tags
All Tags »
Azure (
RSS)
Today I spoke about web identities and about Azure data sync. In the web identities talk I spoke about the identity concept and about the open ID, SAML and OAuth standards. In the Azure data sync talk I spoke about the value of sync, the Microsoft synchronization framework (MSF) and the Azure data sync service (which is based on MSF) Tomorrow I will speak about cryptography in .Net and explore different types of encryption algorithms and signing APIs. You can find the slide deck here: Web Idenytities...
Until recently, you could only sign up for a new Windows Azure subscription using your Microsoft account (LiveID) It means that your administration account is governed by a private user account. This is a major security threat. The account credentials are simple user name and password (which could be easily stolen) No “Multi factor authentication” is possible No policy and management is enforced on the administration identity All this is changing now with Windows Azure Active Directory ( WAAD ) Now...
It you will try to upload a large file (2Mb and larger) to blob storage it is likely that you will get the following timeout exception: “StorageServerException : Operation could not be completed within the specified time.” The solution is to do things in parallel. Fortunately blob storage has a simple API for parallel upload. blobClient.ParallelOperationThreadCount = 20; To use it it is required to open the max number of outgoing connection using ServicePointManager .DefaultConnectionLimit The following...
On December 21th Microsoft released important improvements for its Azure services which include the following: Mobile Services: Job scheduler support, Europe Region Support, Command Line Support Web Sites: Ability to scale up to 6 shared instances and 10 reserved VMs, integrated source control in custom create wizard SQL Data Sync: Now supported in the new HTML portal ACS Management: Now supported in the new HTML portal Media Services: New job and task management, blob storage support, reserved compute...
Few days ago the new portal was upgraded. The service bus was maid available (and few other new features) but the CTP announcements and the link to the previous portal was removed. Unfortunately as for today not all Azure features are available in the new portal, so the previous portal is still required. For example to use ACS or Data Sync we have to use the previous portal. To access the previous portal click on your name: Then a new menu will be opened, and a nice menu item will point you to the...
A customer asked me if it is possible to connect cloud services to azure virtual network. When creating a new virtual machine we specify the network to be used but when creating a new cloud service the portal does not provide a method to connect the new cloud service to an existing virtual network. Well It is possible !!! Michael Washam wrote a nice blog about it. The Idea is to put NetWorkConfiguration in the config file (.cscfg) of your deployment. Enjoy Manu
When running in a multi server environment like windows azure it is required to make sure the cookies generated by WIF are encrypted with the same pair of keys so all servers can open them. Encrypt cookies using RSA In Windows Azure, the default cookie encryption mechanism (which uses DPAPI) is not appropriate because each instance has a different key. This would mean that a cookie created by one web role instance would not be readable by another web role instance. This could lead to service failures...
When using Windows Azure's Access Control Service (ACS) to perform user authentication against an Active Directory Federated Service (ADFS) endpoint everything works well when using IE However, when using Chrome or Firefox the site continually prompts for credentials over and over again. Why? Turns out, the ADFS website that performs authentication of users (this website gets setup in IIS during the installation of ADFS v2.0) is by default configured for Integrated Windows Authentication (IWA...
I want asked by a client how to upload a blob (Put blob) to a SAS (Shared Access Signature) blob using the REST Api. Here is a simple code snippet demonstrating that using WebClient. class Program { private static CloudBlobContainer m_container; static void Main( string [] args) { try { var m_StorageAccount = CloudStorageAccount .DevelopmentStorageAccount; var m_BlobClient = m_StorageAccount.CreateCloudBlobClient(); m_container = m_BlobClient.GetContainerReference( "myContainer" ); m_container...
I was asked by a customer about the OAuth 2.0 endpoint in the ACS management portal. Well ACS can participate in the OAuth Dance. Its role is to produce authorization code for the user's resource and then produce the actual access token that will enable a client application to access the user's resources at the resource server. There is a demo provided by the ACS team demonstrating OAuth delegation with ACS. I found a very good blog post explaining the OAuth flow of the sample in great details...
The main difference between web and worker roles is the fact that web roles lives in IIS and so they are running in an application pool. Application pools are going down every X minutes (default is 20) if no request arrived. This is problematic for periodic tasks. For example: If you want a timer to live for a long time and periodically send triggers the application pool must not recycle. The other day I read a blog post by Steve marx that describe how easy it is to make sure the application pool...
SAS (Shared Access Signature) has been added to Azure Storage, which is really cool: http://blogs.msdn.com/b/windowsazurestorage/archive/2012/06/12/introducing-table-sas-shared-access-signature-queue-sas-and-update-to-blob-sas.aspx Now it is possible to keep data in table storage and to let customer consume it without exposing the storage keys. This is a major improvement provided in the new SDK 1.7. Enjoy Manu
I notices that blob names are case sensitive, yet NTFS and general web url are not. (Linux is…) I spoke to several friends and they told me that the http standard define url as case sensitive but in the real world no one implements that. The fact that blobs are case sensitive makes the task of exporting NTFS content to the cloud complicated because you know that your clients (who will access the blobs) will not assume that blobs as case sensitive. I heard explanations such as: "The distinction...
The Windows Azure SDK for Java provides client libraries and tools to allow Java developers to quickly and easily create applications that run on Windows Azure or leverage Windows Azure services such as Windows Azure Storage or Service Bus. Downloading and Installing the Windows Azure SDK To get started with Java on Windows Azure, you need two major components: - Windows Azure Emulator and Eclipse Tooling - Windows Azure Client Libraries for Java You can install the Windows Azure Emulator and Eclipse...
From SDK 1.7 compute emulator for web roles are running on IIS express and not on IIS like in previous versions of the Azure SDK . To see the deployment we need to use some UI for IIS express but unfortunately IIS express does not have one. Fortunately LordAmit built a simple UI that can be found here . Now we can simply see the web roles deployments running on IIS express. Enjoy Manu
More Posts
Next page »