So I’ve been quite busy during this TechEd, both preparing for my session, and attending the Developer Tools booth answering questions about .NET development. But I was able to attend a couple of nice sessions here and there.
INTRODUCING: The Future of .NET on the Server
DEEP DIVE: The Future of .NET on the Server
I also sat down for the first 30 minutes of the Deep-Dive session Scott H. had with David Fowler (http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/DEV-B411) but I had to leave early for my booth duty. I suggest watching this session in high-speed (you’ll understand…)
Building Web Apps and Mobile Apps Using Microsoft Azure Active Directory for Identity Management
I also sat down for the first 30 minutes of this session (again, staff duty). I really enjoy hearing Vittorio talk about identity management, explaining all the differences between OAuth and OpenID Connect. It was a great session, and I wish I could have stayed for the whole duration of it, but that’s what Channel9 is for. At least I managed to catch him in the Azure booth later to question him about some problems (bugs?) in the AAD Graph API (“it’s a known issue – probably fixed in the next couple of months”).
My staff duty was great. I had 2-hour shifts, four times during the conference (originally had 3 but volunteered to replace one of the other speakers).
Lots of people came to ask questions about .NET development. I helped a bunch of people with questions about Entity Framework, IIS, ASP.NET, WCF, and of course the perpetual question – “Should I use WCF or Web API?”.
My session – Securing ASP.NET Applications and Services
(Not on Channel9 yet, will publish a link once it’s there)
So my session was about all the things you need to know about securing ASP.NET web apps:
- The new ASP.NET Identity system (active/passive protocols with OWIN middleware, customized persistency layer, support for social logins)
- The new features of ASP.NET Identity 2.0 (2 factor authentication, email confirmation, password reset, account lockout, custom password hasher, etc.)
- The new WS-Fed OWIN middleware for ADFS and Azure AD
- Authentication and authorization in MVC, Web API, and SignalR (no Web Forms demo, but it works all the same)
- Role and claim-based authorizations, and claims handling with ASP.NET Identity, external providers, and AAD
The session went well, had about 240 people in the crowd, and I spent an additional 30 minutes afterwards answering questions. I only wish I had more time to show all the different code parts and the generated database. However, I did upload all the code and added “TODO” comments (with implementation) of all the custom code I wrote. Just go to http://1drv.ms/1kDVjEt and download the presentation and code samples. To see the custom code, open the solution, and look at the TODO comments in the Tasks window.
As I mentioned in my previous blog post, Gil and myself just finished a book about SPA development where I wrote the chapters about Web API backend development and performance of web apps. So the book got published last week, and Apress (the publishers) brought a few books for me to sign and give away.
That’s it for TechEd North America 2014. It was lots of fun, great talks by great speakers, and a really great audience. Hope to get there again for TechEd NA 2015.