MohamedG's Log

TW9oYW1lZCBFbC1HZWlzaA==

DefaultNetworkCredentials in Windows Store Apps

Disclaimer: I’m still getting acquainted with Windows Store Apps, so I could be totally wrong; proceed with caution. It’s been a while since I last wrote a blog post, and it’s 4 AM right now, this may give you an idea why I had to get this out. Hopefully I may save poor souls that… Read more

Deny: Revisited

In a previous post, I talked about the deny option and how it’s evaluated. The documentation on MSDN is talking about conflicting permissions on the same level, however, in TFS2008 SP1, permissions are evaluated bottom up and the first match wins. If a user, Eve, is denied read on $/ but is a member of… Read more

Thoughts on Setting Permissions on Non-existent Items

Permissions in TFS are namespace based. The namespace doesn’t have to exist to set a permission on. I can think of some scenarios when this is actually a requirement: You may like to set permissions on future items so that the permissions are effective whether the items exist or not: The users may add the… Read more

TFS and HTTPS

Here’s a walkthrough to setup TFS with HTTPS. There are some tips that you may find useful: You may want to avoid using common port numbers like 444 and 445 for TFS website and WSS admin website as other websites may be using them already You may want to configure the SSL port for the… Read more

Deny

Some thoughts about permissions, especially deny. Why deny? Because deny is the best way to apply the principle of least privilege. When a permission is set, it shouldn’t matter what client is used to access TFS, the permissions are evaluated according to the credentials supplied. Permissions are namespace-based and not temporal, i.e. when you set… Read more