Claims-Based Authorization with Windows Identity Foundation
Collaborative Workflow Improvements in SharePoint 2010
AD FS 2.0 in Identity Solutions:
Using Active Directory Federation Services 2.0 in Identity Solutions
This article explains how you can use Active Directory Federation Services (AD FS) 2.0 to claims-enable Windows Communication Foundation (WCF) services and browser-based applications. The focus is on the token issuance functionality in AD FS 2.0. You’ll find out how to use AD FS 2.0 as an identity provider; set up an AD FS 2.0 security token service (STS) to interact with WCF; federate AD FS 2.0 with your custom STS or another AD FS 2.0; enable Web single sign-on and federation with WS-Federation and SAML 2.0 protocols; and externalize authentication logic through Visual Studio. You’ll come away appreciating how AD FS 2.0 and Windows Identity Foundation make programming identity solutions in Windows less of a chore.
Application Guidelines on Digital Signature Practices for Common Criteria Security
This article is an overview of digital signature practices and user considerations necessary to write applications in compliance with ISO/IEC 15408 Common Criteria security. Signing categories are described, including those that are a potential risk to the implied trust association that goes with a digital signature.
N-Tier Apps and the Entity Framework:
Building N-Tier Apps with EF4
This article is the third in a series about n-tier programming with the Entity Framework, specifically about building custom Web services with the Entity Framework and WCF. This article looks at features coming in the second release of the Entity Framework (EF4) and how you use them to implement the Self-Tracking Entities and Data Transfer Objects (DTOs) n-tier patterns.
Developing, Deploying and Monitoring Sandboxed Solutions in SharePoint 2010
The challenge in SharePoint development has always been the balance between creating and deploying solutions that you can trust not to damage or impair a SharePoint farm. A new feature in SharePoint 2010, called Sandboxed Solutions, enables farm administrators to feel comfortable that the SharePoint farm is safe, gives site collection administrators the authority to manage applications in their site collection, and provides developers with the flexibility to create solutions they know will be deployed in a safe and rapid manner.
Database Documentation, API for Pre- and Post-Conditions, Blogs and More
In this month's column, Scott explores one-click database documentation, covers an API for pre- and post-conditions, takes a look at an interesting blog, and reviews the latest book about the ASP.NET MVC Framework. Scott Mitchell
CLR Inside Out:
Exploring the .NET Framework 4 Security Model
The .NET Framework 4 introduces many updates to the .NET security model that make it much easier to host, secure and provide services to partially trusted code. This article dives into the many features and benefits of the .NET security model.
Conditional Rendering in ASP.NET AJAX 4.0
Last month, Dino covered the basics of the new DataView client control and the binding techniques most commonly used. In this article, he goes one step further and covers conditional template rendering. Dino Esposito
XML Denial of Service Attacks and Defenses
This article reviews what makes XML vulnerable to denial of service attacks and how to mitigate these attacks. Bryan Sullivan
Under the Table:
Visualizing Spatial Data
In this article, the author shows you three new arrivals on the SQL Server spatial visualization scene: the map control in SQL Server 2008 R2 Reporting Services (SSRS), the ESRI MapIt product, and the MapPoint Add-In for SQL Server 2008. Bob Beauchemin
Workflow Services for Local Communication
This month’s column describes how to use WCF for communication between a workflow and a host application in Windows Workflow Foundation 3. This knowledge should help developers with their efforts using WF3 and prepare them for WF4, where WCF is the only abstraction over queues (referred to as “bookmarks" in WF4) that ships with the framework. Matthew Milner
Windows with C++:
Windows Web Services
With the introduction of the Windows Web Services (WWS) API, C++ developers no longer have to think of themselves as second-class citizens in the world of Web Services. In this article, the author explores the features and benefits that the WWS API has to offer. Kenny Kerr
Usability in Practice:
Search Is Key to Findability
In this column, Ambrose Little and Charlie Kreitzberg discuss best practices, design patterns, and other considerations related to implementing a search feature. Ambrose Little; Charles B. Kreitzberg
Inside Microsoft patterns & practices:
Dependency Injection in Libraries
This article discusses how to write a library or framework that uses the Dependency Injection pattern and how the change in focus affects the usage of the pattern. Chris Tavares