Browse by Tags
All Tags »
dev (
RSS)
I worked on a customer machine and used the identity and access tool to enable Identity Federation. When I looked at the config that was produced by the tool I saw something strange. Instead of the good old configuration: < issuerNameRegistry type = " System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 " > < trustedIssuers > < add thumbprint = " 9B74CB2F320F7AAFC156E1252270B1DC01EF40D0...
Today I spoke about web identities and about Azure data sync. In the web identities talk I spoke about the identity concept and about the open ID, SAML and OAuth standards. In the Azure data sync talk I spoke about the value of sync, the Microsoft synchronization framework (MSF) and the Azure data sync service (which is based on MSF) Tomorrow I will speak about cryptography in .Net and explore different types of encryption algorithms and signing APIs. You can find the slide deck here: Web Idenytities...
Until recently, you could only sign up for a new Windows Azure subscription using your Microsoft account (LiveID) It means that your administration account is governed by a private user account. This is a major security threat. The account credentials are simple user name and password (which could be easily stolen) No “Multi factor authentication” is possible No policy and management is enforced on the administration identity All this is changing now with Windows Azure Active Directory ( WAAD ) Now...
It is common to upload / transfer certificates as base64 strings. A common example is Azure Management API Add Service Certificate . To encode a certificate all you have to do is simply encode the certificate file. var encodedClientCert = Convert .ToBase64String( File .ReadAllBytes( "Client.Cer" )); To create a certificate out of base64 string is as easy: string str = "base64string representing a certificate" ; string psw = "password for certificates with a private key"...
It you will try to upload a large file (2Mb and larger) to blob storage it is likely that you will get the following timeout exception: “StorageServerException : Operation could not be completed within the specified time.” The solution is to do things in parallel. Fortunately blob storage has a simple API for parallel upload. blobClient.ParallelOperationThreadCount = 20; To use it it is required to open the max number of outgoing connection using ServicePointManager .DefaultConnectionLimit The following...
I wrote a nice helper class that helps me find certificates installed on my machine. Here is the code: Code Snippet public static class CertificateHelper { public static X509Certificate2 FindCertificateByThumbprint( string certificateThumbprint) { var res = FindCertificateByThumbprint(certificateThumbprint, new X509Store ( StoreName .My, StoreLocation .CurrentUser)) ?? FindCertificateByThumbprint(certificateThumbprint, new X509Store ( StoreName .My, StoreLocation .LocalMachine)); if (res == null...
On December 21th Microsoft released important improvements for its Azure services which include the following: Mobile Services: Job scheduler support, Europe Region Support, Command Line Support Web Sites: Ability to scale up to 6 shared instances and 10 reserved VMs, integrated source control in custom create wizard SQL Data Sync: Now supported in the new HTML portal ACS Management: Now supported in the new HTML portal Media Services: New job and task management, blob storage support, reserved compute...
Visual Studio has an Identity and Access tool extension which enables simple integration of claim based identity authentication into a web project (WCF and ASP.Net) It turns out that the tool depends on Windows Identity Framework (WIF) 4.5 which was integrated into the .Net framework and is not compatible with WIF 4.0. For .Net 4.5 only applications you will see the following when you right click the project. “ Enable Windows Azure Authentication ” integrate your project with Windows Azure Active...
I wanted to run a concurrency profiling on my app so I activated the performance wizard and chose the last option (concurrency) but the results where nothing like I expected. The report I got looked similar to the sampling report presenting information about contention. I looked around and found that the good old concurrency profiling is now called “Concurrency Visualizer”. Click it and you’ll get all the concurrency reports. Enjoy Manu
Unit testing is not easy. One of the greatest challenges is to identify external dependencies and provide mock objects and behaviors. Few years ago Microsoft Research came out with an infrastructure called “ moles ” designed to solve this problem. With moles is was extremely easy to inject mock behavior and functionality to existing code (including code we don’t own such as the .net framework itself) Well In Visual Studio 2012 moles was adopted and introduced as the “Fake” feature. Now all we need...
A customer asked me if it is possible to connect cloud services to azure virtual network. When creating a new virtual machine we specify the network to be used but when creating a new cloud service the portal does not provide a method to connect the new cloud service to an existing virtual network. Well It is possible !!! Michael Washam wrote a nice blog about it. The Idea is to put NetWorkConfiguration in the config file (.cscfg) of your deployment. Enjoy Manu
When running in a multi server environment like windows azure it is required to make sure the cookies generated by WIF are encrypted with the same pair of keys so all servers can open them. Encrypt cookies using RSA In Windows Azure, the default cookie encryption mechanism (which uses DPAPI) is not appropriate because each instance has a different key. This would mean that a cookie created by one web role instance would not be readable by another web role instance. This could lead to service failures...
I gave a debugging course today and one of my students asked for recommended resources so I did some searching and I found this series of videos: .NET Debugging Starter Kit for the Production Environment, Part 1 .NET Debugging Starter Kit for the Production Environment, Part 2 .NET Debugging Starter Kit for the Production Environment, Part 3 . NET Debugging Starter Kit for the Production Environment, Part 4 .NET Debugging Starter Kit for the Production Environment, Part 5 .NET Debugging Starter Kit...
When using Windows Azure's Access Control Service (ACS) to perform user authentication against an Active Directory Federated Service (ADFS) endpoint everything works well when using IE However, when using Chrome or Firefox the site continually prompts for credentials over and over again. Why? Turns out, the ADFS website that performs authentication of users (this website gets setup in IIS during the installation of ADFS v2.0) is by default configured for Integrated Windows Authentication (IWA...
I want asked by a client how to upload a blob (Put blob) to a SAS (Shared Access Signature) blob using the REST Api. Here is a simple code snippet demonstrating that using WebClient. class Program { private static CloudBlobContainer m_container; static void Main( string [] args) { try { var m_StorageAccount = CloudStorageAccount .DevelopmentStorageAccount; var m_BlobClient = m_StorageAccount.CreateCloudBlobClient(); m_container = m_BlobClient.GetContainerReference( "myContainer" ); m_container...
More Posts
Next page »