As promised in my events, here are some pointers about the topics that we discussed today – CardSpace, Microsoft AJAX Client Libraries & AJAX Best Practices :
· First and foremost be sure to check out the 2 DVD’s (MSDN Events Resource Kit) that you received at the event! They include working samples of the demos I showed, as well as links to more samples, webcasts and virtual labs.
· Event Slides, Demos and Demo Code – Posted HERE
o Microsoft AJAX Client Libraries
o AJAX Best Practices
· Webcasts – Posted HERE
o Rob Bagby does an awesome webcast on – AJAX Client Libraries – Must WATCH!
· Other Useful resources – (Thanks to my awesome colleague Lynn! Be sure to buy her book from HERE!)
§ introductory video on Channel 9 - https://channel9.msdn.com/ShowPost.aspx?PostID=291878
§ Detecting cardspace support http://www.fearthecowboy.com/2006/12/detecting-cardspace-support-including.html
§ Kim Cameron Identity blog http://www.identityblog.com/
§ Cardspace on MSDN http://msdn2.microsoft.com/en-us/winfx/aa663320.aspx
§ from Michele Bustamante - here is a demo that shows associating cards with ASP.NET membership in the comments field for the user. And it relies on the email address to associate the card to a user uniquely. See the CardSpace sample in this post:http://www.dasblonde.net/2007/03/23/SDWest2007SessionResourcesAndCode.aspx. It also includes a WCF sample, simple, using wsFederationHttpBinding
§ Michele's article on MSDN http://msdn.microsoft.com/msdnmag/issues/07/04/Identity/default.aspx
§ what is JSON? – http://www.json.org/
§ ASP.NET AJAX Documentation – http://ajax.asp.net/docs/
§ ASP.NET AJAX Tutorials – http://ajax.asp.net/docs/tutorials/
§ Security – http://www.net-security.org/article.php?id=949&p=1
§ Client reference (by Namespace, i.e. Sys, Sys.Net, etc..) http://ajax.asp.net/docs/ClientReference/Global/default.aspx
§ Server reference (by Namespace, i.e. Sys.Web.Handlers, Sys.Web.UI, etc...) http://ajax.asp.net/docs/mref/R_Project.aspx
§ Extender control tutorial (with sample code) http://ajax.asp.net/docs/tutorials/ExtenderControlTutorial1.aspx
o Threat Modeling Books
§ Hacking Web Applications Exposed, Second Edition. Joel Scambray, Mike Shema, and Caleb Sima. McGraw Hill. Provides an excellent overview of Web Application Security – including common attack vectors and mitigation strategies.
§ Writing Secure Code, Second Edition. Michael Howard and Davie LeBlanc. Microsoft Press. Security Best Practices including input validation and target hardening.
§ AJAX In Action. Dave Crane, Eric Pascarello, with Darren James. Manning Publications. A comprehensive overview of AJAX programming from a best-practices perspective.
Please let me know if you need anything else! I enjoyed talking to you guys n gals!! Thank you!