Additional resources for CardSpace, AJAX Client Library and AJAX best practices MSAM MSDN events for April-June 2007

First and foremost, make sure to thoroughly review the 2 DVDs you received for attending.  They include working samples of the demos I showed, as well as links to more samples, webcasts and virtual labs.

CardSpace

**watch for more updates here**

Basic

• introductory video on Channel 9 - https://channel9.msdn.com/ShowPost.aspx?PostID=291878 
• Detecting cardspace support https://www.fearthecowboy.com/2006/12/detecting-cardspace-support-including.html
• Kim Cameron Identity blog https://www.identityblog.com/
• Cardspace on MSDN https://msdn2.microsoft.com/en-us/winfx/aa663320.aspx

Advanced

• from Michele Bustamante - here is a demo that shows associating cards with ASP.NET membership in the comments field for the user. And it relies on the email address to associate the card to a user uniquely. See the CardSpace sample in this post:https://www.dasblonde.net/2007/03/23/SDWest2007SessionResourcesAndCode.aspx.  It also includes a WCF sample, simple, using wsFederationHttpBinding
• Michele's article on MSDN https://msdn.microsoft.com/msdnmag/issues/07/04/Identity/default.aspx

AJAX

**watch for more updates here**

basic

what is JSON?                                    https://www.json.org/
ASP.NET AJAX Documentation            https://ajax.asp.net/docs/
ASP.NET AJAX Tutorials                     http:/ajax.asp.net/docs/tutorials/
Unobtrusive Coding                              https://en.wikipedia.org/wiki/Unobtrusive_JavaScript
Accessibility                                       https://www.maxkiesler.com/index.php/weblog/comments/how_to_make_your_ajax_applications_accessible/lkkjsdlfkjslkjlksf
HIJAX                                                https://en.wikipedia.org/wiki/Hijax, https://ajaxian.com/archives/hijax-graceful-degration
Micro Caching                                    https://aspalliance.com/251_ASPNET_Micro_Caching_Benefits_of_a_OneSecond_Cache
Security                                             https://www.net-security.org/article.php?id=949&p=1

advanced

• client reference (by Namespace, i.e. Sys, Sys.Net, etc..)  https://ajax.asp.net/docs/ClientReference/Global/default.aspx
• server reference (by Namespace, i.e. Sys.Web.Handlers, Sys.Web.UI, etc...) https://ajax.asp.net/docs/mref/R_Project.aspx
• extender control tutorial (with sample code) https://ajax.asp.net/docs/tutorials/ExtenderControlTutorial1.aspx
   

Threat Modeling Books
• Hacking Web Applications Exposed, Second Edition. Joel Scambray, Mike Shema, and Caleb Sima. McGraw Hill. Provides an excellent overview of Web Application Security – including common attack vectors and mitigation strategies.
• Writing Secure Code, Second Edition. Michael Howard and Davie LeBlanc. Microsoft Press. Security Best Practices including input validation and target hardening.
• AJAX In Action. Dave Crane, Eric Pascarello, with Darren James. Manning Publications. A comprehensive overview of AJAX programming from a best-practices perspective.