What to do When IIS MMC doesn’t do the work

for example- if you want to use WCF and windows integarted security you will need to conifgure the IIS for windows integrated authentication. even when you do that you can get an execption like: System.ServiceModel.ServiceHostingEnvironment+HostingManager/27836922  Exception: System.ServiceModel.ServiceActivationException: The service ‘/internetbanksignon.svc’ cannot be activated due to an exception during compilation.  The exception message is: Security settings…


WCF Security References

WCF security http://msdn2.microsoft.com/en-us/library/ms732362.aspx WCF with x509 http://msdn2.microsoft.com/en-us/library/ms733137.aspx Using client credentials http://www.theserverside.net/tt/articles/showarticle.tss?id=SecuringWCFService Delegation and Impersonation with WCF http://msdn2.microsoft.com/en-us/library/ms730088.aspx   Specifying the Identity of a Service for Authentication  http://msdn2.microsoft.com/en-us/library/ms733130.aspx   X509 – http://blogs.msdn.com/suwatch/default.aspx client certificates – http://msdn2.microsoft.com/en-us/library/ms731899.aspx wcf and x509 – http://blogs.msdn.com/suwatch/archive/2007/04/06/x509-and-wcxf-security.aspx x509 between services : http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=164756&SiteID=1 WCF team blog – http://wcf.netfx3.com/blogs/wcf_team_bloggers/ IIS certificate authorization – http://staff.newtelligence.com/sergeys/WCFIISCertificatesAuthorization.aspx…


The Silverlight Security Model

Since the v1.1 release of Silverlight includes a slimmed down version of the CLR, you might be wondering what the managed security story for Silverlight is and how it compares to CAS on the desktop version of the CLR. read more here: http://blogs.msdn.com/shawnfa/archive/2007/05/09/the-silverlight-security-model.aspx  

Where is my private key ?

A lot of errors are coming up while working with X509. there is a lot of confusion of where do I need to store the certificate ? where is my private key ? the common error is that developers installs the private key to a location that the program not allowed to access. It can be…


Developing Applications to Use Group Policy

are we at the time when IT pro’s will start talking to the dev team about security ?it’s seems like now dev teams and IT pro’s CAN and hopefully WILL work together. Applications can be developed to take advantage of the most common type of policy setting, namely registry-based policy. For example, a programmer can…

How to report a bug for WCF, WF and .NET 3

you can effect the way that .NET 3.0 will be. you have three main spots where you can report a bug or even report a wish list. .NET Framework 3.0 WCF: http://connect.Microsoft.com/wcf/Feedback WF: http://connect.Microsoft.com/wf/Feedback Visual studio: https://connect.microsoft.com/visualstudio/feedback those places are completely open to the public and all feedback items go straight into our the product studio…

X509 specifications for those who need the low level info.

You might will be interest to read this RFC if you need to develop applications that need to handle encryption. for an example if you have a legacy system (e.g. MF) and you need to write your own low level procedures to handle encryption then this RFC is for you.(RFC2527)  

February 2007 CTP of Enterprise Library 3.0.

Includes a preview of the new Policy Injection Application Block, and release candidate of all other application blocks. can be downloaded here: http://www.codeplex.com/entlib/Release/ProjectReleases.aspx?ReleaseId=2081  

WCF Supporting Tokens

The Supporting Tokens sample demonstrates how to add additional tokens to a message that uses WS-Security. The example adds an X.509 binary security token in addition to a username security token. The token is passed in a WS-Security message header from the client to the service and part of the message is signed with the…