Tuesday, March 29, 2011

WCF : Testing your web service

Back in the day (before WCF), you could use "Web Service Studio". This was a web service client tool that could import your web service's WSDL and allow you to test the service's methods without having to roll your own test client.

However, this doesn't work with WCF. It imports the WSDL no problem but doesn't show any methods to test.

You can also direct your browser to the web service e.g.

http://localhost:8000/ServiceModelSamples/Service


and you get a test page starting "You have created a service".

It shows you how to run svcutil on the command line e.g.

svcutil.exe http://localhost:8000/ServiceModelSamples/Service?wsdl


"This will generate a configuration file and a code file that contains the client class. Add the two files to your client application and use the generated client class to call the Service."

But - roll of drums and enter stage left Windows Communication Foundation (WCF) Test Client (WcfTestClient.exe)
.

"You can also invoke the WCF Test Client (WcfTestClient.exe) outside Visual Studio to test an arbitrary service on the Internet. To locate the tool, go to the following location:

C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\ "


Very neat!

Enjoy!

Friday, March 11, 2011

Windows Identity and Active Directory Federation Services : My links

Just some links that I use on a regular basis.

WIF

Windows Identity Foundation Simplifies User Access for Developers - Home page

Windows Identity Foundation - MSDN Library

Identity Developer Training Kit - Read the System requirements

The Id Element - Identity and Access Management videos

AFDS

Active Directory Federation Services 2.0 - Home page

AD FS 2.0 Step-by-Step and How To Guides - Includes a number of federation guides e.g. PingFederate, Oracle Identity Federation

Blogs

Vibro.NET - Vittorio Bertocci's blog

Steve on Security blog - Good code examples

dominick baier on .net, security and other stuff - The man behind Thinktecture and StarterSTS

Claims-Based Identity Blog - Some good examples of federation with other systems

Eugenio Pace - Examples, architecture and interoperability

Matias Woloski - The guy behind the OpenId bridge

Travis Nielsen - Federation and SharePoint 2010

Alik Levin - Lots of Windows Azure AppFabric Access Control Service (ACS)

Steve Peschka - Special emphasis on Sharepoint 2010

Forums

Claims based access platform (CBA), code-named Geneva - Worth keeping an eye on

Of course, Stackoverflow:

ADFS

ADFS v2.0

WIF

Portals

Essentially collections of links - like this one!

TechNet Wiki Windows Identity Foundation (WIF) and Azure AppFabric Access Control Service (ACS) Survival Guide

Windows Identity Foundation (WIF) Fast Track

Windows Identity Foundation (WIF) SDK Help Overhaul

Windows Identity Foundation (WIF) Questions and Answers

Tools

StarterSTS - StarterSTS is a compact, easy to use security token service that is completely based on the ASP.NET provider infrastructure. It is built using the Windows Identity Foundation and supports WS-Federation., WS-Trust, REST, OpenId and Information Cards.

StarterRP - A relying party for StarterSTS

SelfSTS - SelfSTS is a simple utility which exposes a minimal WS-Federation STS endpoint. SelfSTS can be used as a test STS when developing web sites secured with Windows Identity Foundation. Allows you to quickly generate combinations of claims.

SelfSSL7 - Self signing certificates for IIS7. Generates and stores them. Refer my blog entry WIF : Self signed certificates for instructions.

Protocol bridge claims provider - An implementation of a bridge that talks WS-Federation and SAML tokens on one side and OpenID, OAuth or any other protocol on the identity provider side using Windows Identity Foundation.
Documentation here

Fiddler Inspector for Federation Messages - An inspector for typical federation messages for WS-Federation. Also has support for SAML 2.0P request / response messages.

Security Token Visualizer Control - A simple ASP.NET server control which displays in a compact layout useful information about claims-based identity in a web site secured with Windows Identity Foundation. Just get it!

Online books

A Guide to Claims–based Identity and Access Control - Just read it - cover to cover - twice!. By Eugenio Pace, Dominick Baier, Vittorio Bertocci, Keith Brown, and Matias Woloski. See their blogs above.

Enjoy!

Visual Studio : Automatically generate interface properties and methods

Cam across a neat trick to save you a heap of pain.

If you want to instantiate an interface you need to create a physical "copy".

e.g.


class Dummy : IClaimsIdentity
{
}


IClaimsIdentity is the interface and Dummy is the physical copy. If you try and compile this, the compiler will complain that you haven't defined all the mandatory methods etc.

You could go through the compiler errors one by one or you could right-click on IClaimsIdentity and select Implement Interface / Implement Interface Explicitly.

This generates:


class ICII : IClaimsIdentity
{
IClaimsIdentity IClaimsIdentity.Actor
{
get
{
throw new NotImplementedException();
}
set
{
throw new NotImplementedException();
}
}

SecurityToken IClaimsIdentity.BootstrapToken
{
get
{
throw new NotImplementedException();
}
set
{
throw new NotImplementedException();
}
}

ClaimCollection IClaimsIdentity.Claims
{
get { throw new NotImplementedException(); }
}

IClaimsIdentity IClaimsIdentity.Copy()
{
throw new NotImplementedException();
}

string IClaimsIdentity.Label
{
get
{
throw new NotImplementedException();
}
set
{
throw new NotImplementedException();
}
}

string IClaimsIdentity.NameClaimType
{
get
{
throw new NotImplementedException();
}
set
{
throw new NotImplementedException();
}
}

string IClaimsIdentity.RoleClaimType
{
get
{
throw new NotImplementedException();
}
set
{
throw new NotImplementedException();
}
}

string System.Security.Principal.IIdentity.AuthenticationType
{
get { throw new NotImplementedException(); }
}

bool System.Security.Principal.IIdentity.IsAuthenticated
{
get { throw new NotImplementedException(); }
}

string System.Security.Principal.IIdentity.Name
{
get { throw new NotImplementedException(); }
}
}


Much easier to fill in the blanks!

Enjoy!

Friday, March 04, 2011

Stackoverflow : Rep standing

With the new Stackoverflow users changes, you can see how you rate worldwide.

Pleased to say, I'm in the top 10%.

Home James and pass the port.





Enjoy!

ASP.NET : HTTP Error 407 Proxy authentication error

If you have to develop behind a proxy, (I hate the @#$% things) you are pretty much guaranteed to get this error.

The solution is to add the following to the web.config.

<configuration>
  <system.net>
    <defaultproxy enabled="true" usedefaultcredentials="true">
      <proxy bypassonlocal="True" usesystemdefault="True">
    </proxy></defaultproxy>
  </system.net>
</configuration>

This specifies that there is a proxy, it uses your default Windows credentials to authenticate, bypasses the proxy for local addresses and uses the standard IE proxy defaults.

Problem solved.

Enjoy!