|
|
Browse by Tags
All Tags » Announcements » Indigo (RSS)
-
One last bit of Orcas news for this week. PluralSight will be providing a weekly screencast throughout the year on using WF and WCF. They're focusing on the capabilities of Orcas but will be starting from the basics so you don't need to have any background going into these. The first screencast is by Aaron Skonnard and covers contracts and creating services. Creating Your First WCF Service Read More...
|
-
The first service pack for .NET Framework 3.5 came out yesterday, primarily focusing on fixing bugs and performance issues. There are some new features, notably around improving the support for REST based services and around serialization. Microsoft .NET Framework 3.5 Service Pack 1 Microsoft .NET Framework 3.5 Service Pack 1 (SP1) Readme Microsoft Visual Studio 2008 Service Pack 1 Visual Studio 2008 Team Foundation Server Service Pack 1 Here are some known issues related to WCF in this release. Authentication failure when Windows authentication is used over certain transports WCF now specifies a default domain target name in Windows authentication scenarios. When upgrading, the client may see an authentication failure when the following conditions exist: The scenario uses ClientCredentialType.Windows, which specifies the Negotiate authentication scheme. The scenario uses http, https, or net.tcp. The service runs under a non-domain account. An example of the authentication failure is "System.ComponentModel.Win32Exception The target principal name is incorrect" To resolve this issue: The client must override the default domain target name by specifying the Service Principal Name of the server in the SpnEndpointIdentity class, or User Principal Name in the UpnEndpointIdentity class, and then passing the identity to the EndpointAddress. If the client uses Https and requires X509CertificateEndpointIdentity, the client must still specify the SpnEndpointIdentity or UpnEndpointIdentity. The X509CertificateEndpointIdentity enables validation of thumbprints. The client can work around the loss of validation by registering for the System.Net.ServicePointManager.ServerCertificateValidationCallback and performing thumbprint validation manually. Breaking changes in the SspiNegotiatedOverTransport authentication mode When WSHttpBinding, WS2007HttpBinding, or NetTcpBinding is used with SecurityMode = TransportWithMessageCredential and a client credential type of Windows, clients that previously authenticated to a service by using NTLM will now fail to authenticate, with the following error: "System.ComponentModel.Win32Exception: Security Support Provider Interface (SSPI) authentication failed. The server may not be running in an account with identity 'host/<hostname>'. If the server is running in a service account (Network Service for example), specify the account's ServicePrincipalName as the identity in the EndpointAddress for the server. If the server is running Read More...
|
-
If you've been following along, I have mentioned the WCF security guide project being worked on in the patterns and practices team a few times now. After months of drafts and betas, the complete guide is now ready for official release. The WCF security guide is available as a free download. Read More...
|
-
The .NET StockTrader was an end-to-end sample application released last year to demonstrate WCF and web service programming. A new version of StockTrader has been released to update the application with some of the new features in Orcas and Windows Server 2008. You can get StockTrader from MSDN. StockTrader 2.01 StockTrader 2.0 Overview StockTrader Configuration Service Overview Read More...
|
-
A few weeks ago Eyal Vardi left a comment on an article about tools mentioning his WCF debugger visualizers. A debugger visualizer is an extension to Visual Studio that drops in a custom user interface for visualizing types. These custom interfaces can often be a lot easier to work with than the standard property grid interface. Eyal has visualizers for bindings, messages, operation contexts, proxy objects, and other commonly used WCF types. You can get the WCF Visualizers collection from CodePlex. Read More...
|
-
Four more webcasts are coming this month to talk about some of the new web service features in Orcas. Each webcast is aimed at developers and lasts 60-90 minutes. Transactional Windows Communication Foundation Services with Juval Lowy (Level 200) Monday, July 07, 2008 10:00 AM Pacific Time Transactions are the key to building robust, high quality service-oriented applications. Windows Communication Foundation (WCF) provides a simple, declarative transaction support for service developers, enabling you to configure parameters such as enlistment and voting, all outside the scope of your service. In addition, WCF allows client applications to create transactions and to propagate transactions across service boundaries over a variety of transports. In this webcast, we explain how to configure transaction flow at the binding, contract, and service level, local versus distributed transactions, setting of service transactions, declarative voting, and the available configurations that best fit various application scenarios. Using Windows Workflow Foundation to Build Services with Jon Flanders (Level 300) Wednesday, July 09, 2008 10:00 AM Pacific Time Windows Workflow Foundation (WF) is a programming model, set of tools, and runtime environment which allows you to write declarative and reactive programs for Windows operating systems. WF is part of the Microsoft .NET Runtime, and it first appeared in Microsoft .NET 3.0. Windows Communication Foundation (WCF) is also a programming model, set of tools, and a runtime that first appeared in .NET 3.0. WCF is a framework for building applications that can communicate with each other over varied network protocols. In .NET 3.5, these programming models came closer together to allow easy integration, including allowing WF instances to use WCF to communicate to remote endpoints and allowing WF instances to become the service implementation for WCF endpoints. This is accomplished by two new Activities: ReceiveActivity and SendActivity as well as a new hosting infrastructure for service endpoints. In this webcast, we look at both sides of this integration to give you an overview of how to build WF/WCF applications. WCF Extensibility Deep Dive with Jesus Rodriguez (Level 400) Friday, July 11, 2008 10:00 AM Pacific Time Windows Communication Foundation (WCF) provides a rich messaging framework that extends beyond its capabilities for modeling and implementing services. One of the aspects where WCF really shines when compared with competitive Read More...
|
-
Five webcasts are coming this month to talk about some of the new web service features in Orcas. Each webcast is aimed at developers and lasts 60-90 minutes. Beyond the Endpoints with Windows Communication Foundation with Juval Lowy (Level 100) Wednesday, June 18, 2008 10:00 A.M.-11:30 A.M. Pacific Time Windows Communication Foundation (WCF) is more than just the next-generation platform for building connected systems. In many respects, WCF is the next development platform for Windows-based applications, providing system features that are presently crafted by hand on top of the Microsoft .NET Framework and the Windows operating system. In this webcast, we describe the power and productivity of WCF and demonstrate how it is a "better .NET Framework." We focus on the key system features of WCF so you can make educated decisions on aligning your product road map with WCF and assess the advantages of using WCF. We begin the webcast with a brief overview of WCF and the WCF architecture, and then we demonstrate data contract tolerance, instance management, transaction propagation, automatic synchronization, queued calls, and automatic security. geekSpeak: Workflow Services in .NET 3.5 with Jon Flanders (Level 200) Wednesday, June 18, 2008 12:00 P.M.-1:00 P.M. Pacific Time Windows Communication Foundation (WCF) and Windows Workflow Foundation (WF) are powerful technologies that were first introduced in the Microsoft .NET Framework 3.0. In release 3.5 of the .NET Framework, these two technologies work even better together. In this installment of geekSpeak, Jon Flanders from Pluralsight introduces you to workflow services , and he describes how workflow services unites WCF and WF and provides great new features for building solutions. Your hosts for this geekSpeak are Lynn Langit and Glen Gordon. Calling Services from Silverlight 2.0 with Jon Flanders (Level 300) Monday, June 23, 2008 9:00 A.M.-10:00 A.M. Pacific Time Microsoft Silverlight 2.0 browser plug-in provides an environment for building rich Internet applications (RIAs). Traditionally, these types of applications relied heavily on services such as Asynchronous JavaScript and XML (AJAX) for their functionality. In this webcast, we look at the facilities built into Silverlight 2.0 for calling services, and we discuss the options for implementing these services. Windows Communication Foundation and Windows Workflow Foundation Integration in Depth with Jesus Rodriguez (Level 400) Wednesday, June 25, 2008 10:00 Read More...
|
-
A promised Beta 2 was released later last week. In this case, later meant Friday after everyone went home so I updated the original article with a link to the download over the weekend. That means this doesn't count as the post for today. Scott Guthrie has a more detailed release announcement for the beta if you're interested. Read More...
|
-
The WCF Security Guide content that I've mentioned a few times before is now done with early drafts and has been rolled up into a beta release of the full book. There's a ton of content in the real thing on top of what you've been seeing in the drafts. You can download the beta of the full security guide from CodePlex now. If you want to know what I think about the guide, here's the foreword I wrote for them: The computer industry has come to a realization – based on many years of slowly learning from painful experiences – that computer networks are hostile environments. Nevertheless, computer users demand as part of their basic expectations that applications take advantage of the ubiquitous and continuously available connectivity at their disposal to deliver a rich connected experience. It is now your task to design and assemble the loosely coupled service components that you have available in a way that blunts threats and thwarts attacks on the user’s precious assets. Your applications must withstand the hazards of living in a hostile networked environment. To make that possible, you must understand the risks that your applications face and you must be certain that the remedies you put in place properly mitigate the dangers of those risks. As someone who has been through several rounds of security and threat modeling for Windows Communication Foundation, I can say without hesitation that knowledge and experience are your greatest assets for designing secure Web service applications. The trick is to gain as much of that knowledge as possible from the painful experiences of other people rather than painful experiences of your own. J.D. Meier and team have done a fantastic job of assembling and digesting countless practical experiences into a convenient and centralized resource. Practitioners of service-oriented development with WCF will want to use this guide as both a means of learning about the fundamentals of Web service security and a reference for getting specific, step-by-step instructions for dozens of the most common security problems. I enjoy that this guide collects together several different approaches for learning about and implementing security solutions. By combining a variety of formats – scenarios, how-to articles, and guidelines are only a sample of the offered modes – solutions are both reinforced and made more easily discoverable through different entry points. The reason that I’m so excited to see Improving Web Services Security: Scenarios Read More...
|
-
At TechEd yesterday the next beta release of Silverlight 2 was announced to come out later this week. In Beta 2 you'll be much closer to seeing the complete subset of WCF that has been ported to the Silverlight platform. In particular, the work we've done around JSON, configuration, extensibility, and adherence to the general WCF client programming model will be ready for you to play with. All of this functionality has been packed down into an extremely small download size to meet the goals of Silverlight. You'll also be getting a better WCF experience thanks to improvements to the underlying network stack that we've been able to take advantage of. Check back later for an update when the downloads are actually available. Read More...
|
-
I'm a big fan of using service virtualization to solve a variety of problems with developing and managing web services. The Managed Services Engine is a solution built on top of WCF to supply a repository-based runtime and management tool for service virtualization. I hope to someday put the solutions team out of business by making service virtualization easier to do in the product. For now though, the Managed Services Engine is one of the better web service virtualization systems that I've seen. You can get their new June CTP on CodePlex , which replaces the previous beta release from last October. Read More...
|
-
Yesterday, a beta version of the first service pack for .Net Framework 3.5 was released including fixes and new features for WCF. The new features are primarily around serialization and tooling although there are enhancements scattered throughout many features. All of the files are available for public download. Microsoft .NET Framework 3.5 Service Pack 1 Beta Microsoft .NET Framework 3.5 Service Pack 1 Beta Readme In addition to not being compatible with the previously released Silverlight SDK, there are two known issues for the beta. HTTP POX is not composable with One-way The OneWayBindingElement class is designed to create client-side channels that expect null messages as responses; otherwise, it fails with a ProtocolException error. Standard message encoders return messages that have a non-empty message body. However, in a POX/REST scenario, you may want to process messages based solely on the contents of HTTP headers (for example, 200 for success; otherwise, failure), rather than the message body. Because message encoders do not let you return null messages based on HTTP headers in these scenarios, it is not possible to use OneWay contracts on the client side. To resolve this issue: In the channel stack configuration, add a filter channel between OneWayBindingElement and HttpTransportBindingElement that checks the HTTP response status code. If the code indicates success, it returns null; otherwise, it returns the original response message. The final configuration appears as follows, with a custom binding element that filters the responses. CustomBinding binding = new CustomBinding( new OneWayBindingElement(), new MyMessageFilterByHttpHeaders(), new TextMessageEncodingBindingElement(), new HttpTransportBindingElement() ); binding.Elements.Find<MessageEncodingBindingElement>().MessageVersion = MessageVersion.None; Windows XP issue when AllowNtlm is set to false In WCF, if you specify the clientCredentialtype property as Windows and negotiate the client credentials, you can enable NTLM to be used as a negotiation package. The default behavior for WSHttpBinding and WS2007WttpBinding is to negotiate Windows client credentials. You can control this behavior in WCF by modifying the allowNtlm property. In the .config file, put the clientCredentials tag in an endpointBehavior tag. In the code, set a property on WindowsClientCredentials. There is a behavior change in SP1 that affects WCF running on all versions of Windows later than Windows XP. When allowNtlm Read More...
|
-
I haven't had nearly as much time as I wanted to write about our efforts porting WCF to the Silverlight platform or tell you about what we've managed to build. I'm still planning to do feature highlight posts along the way but your best source of day-to-day information is going to be the WCF Silverlight team blog . Read More...
|
-
After the first announcement for the WCF Security Guidance Project , the amount of content has grown tremendously. Here's a summary of what's new over the last month. Seven new application scenarios: Intranet - Web to Remote WCF Using Transport Security (Trusted Subsystem TCP) Intranet - Web to Remote WCF Using Transport Security (Trusted Subsystem, HTTP) Intranet - Web to Remote WCF Using Transport Security (Original Caller, TCP) Intranet - Windows Forms to Remote WCF Using Transport Security (TCP) Internet - Web to Remote WCF Using Transport Security (Trusted Subsystem) Internet - Windows Forms Client Calling WCF Using Message Security Internet - WCF and ASMX Client to Remote WCF Using Transport Security (HTTP) More than eighty annotated guidelines . Six new how-to guides: How To - Perform Input Validation in WCF How To - Perform Message Validation with Schemas in WCF How To - Use basicHttpBinding with Windows Authentication and TransportCredentialOnly in WCF from Windows Forms How To - Use Certificate Authentication and Message Security in WCF calling from Windows Forms How To - Use netTcpBinding with Windows Authentication and Message Security in WCF from Windows Forms How To - Use wsHttpBinding with Username Authentication and TransportWithMessageCredential in WCF calling from Windows Forms Answers to more than one hundred security questions . Read More...
|
-
At their user conference in San Francisco yesterday, TIBCO announced two integration initiatives to bring the TIBCO and Microsoft platforms closer together. TIBCO is developing a TIBCO EMS transport channel for WCF. Although Microsoft doesn't have a formal certification process for releasing third-party WCF components, I got to do some code and design reviews over the last few months with the TIBCO developers to understand the work that they are doing. I am very pleased that it was possible to make TIBCO EMS fit naturally into the WCF model. This integration work benefits both Microsoft and TIBCO customers by expanding the reach of applications on each platform. I fully support the partner ecosystem in delivering WCF components and connectivity options that go beyond what Microsoft provides in the framework. TIBCO is also going to be making use of Silverlight for development and deployment of Internet applications. Silverlight allows developers to reuse much of the tooling and knowledge that they have from desktop development when creating browser-based applications. Read More...
|
|
|
|