Musings on Workflow Terminated and Exception Handling

When a workflow runs an activity and that activity throws some kind of unhandled exception you would notice that your workflow get terminated. I have see in many articles that explain how the termination happens. Now this is fine only for a rare set of hello world scenarios. When it comes to an enterprise application…

3

Durable Tokens Across Services - Share your tokens

There seems to be quite a number of time when you want to perform your authentication once and then you just go ahead the want to just call a service without performing the authentication again. What are some advantages of this ? 1. You get to manage your authentication independently. – Also results in a…

0

ServiceAuthorizationManager and PrincipalPermission

You may face a problem when trying to check for Principal permission and demand in the CheckAccessCore of the SerivceAuthorizationManager and you might see a security exception. This is primarily because the threads principal is not set when this demand check in the SAM happens.   You can however do a Principal Permission check within…

1

WSE Client - WCF service Interop

I wanted to put up this sample using the Feb CTP. Basically it uses WSE 3.0 and WCF to demostrate both AnonymousCertificate configuration and MutualCertificate configuration using the service custom binding Configuration and the WSE policy file. The point is that WSE uses MessageVersion.Soap11WSAddressingAugust2004 or MessageVersion.Soap12WSAddressingAugust2004 basically will need a custom binding for this. WSE…

0

Security at both Message and Transport Level

When using webservices we usually want the messages encrypted and also use SSL. This configuration as of now is not supported out of the box. We could use either tranport or message or a type called TransportWithMessageCredentials. The 3rd type does not encrypt the soap message at the Message level but only supplies the claims(credentials)…

1

Getting the X509Certificate Serial Number out of the ClaimSet

The ClaimSet is quite interesting and extracting the Serial number from the certificate was something that wasn’t that straight forward using FindClaims which takes the ClaimType Enumerator. For this you can cast the claim set into a X509CertificateClaimSet and get the Serial Number         public string GetCertificateSerialNumber()        {            foreach (ClaimSet cs in OperationContext.Current.ServiceSecurityContext.AuthorizationContext.ClaimSets)                if (cs is…

0

Script for setting up Certificates for WCF

I thought this script might be quite useful to set up certificates for testing with services hosted in IIS. This uses 3 tools present in the SDK folder. 1. makecert2. certmgr3. FindPrivateKeyYou can find these in the WCF samples.Note: Make sure you run this from the Windows SDK prompt and check the cert stores for…

1