Microsoft .NET Services November CTP Release

A few weeks ago, we outlined what you could expect from the next update to the Microsoft .NET Services CTP. Throughout the CTP process, tens of thousands of developers signed up for the services and provided us with feedback. You will see much of that feedback incorporated into the latest version of Service Bus and Access Control Service. Today, we are excited to announce our November CTP, which represents the complete feature set that will be available at Microsoft’s PDC conference from both the Service Bus and Access Control Service when the Windows Azure platform becomes commercially available early next year.

For those who are new to the conversation, Service Bus and Access Control Service make it easier to connect applications and services in the cloud and on-premises. The Service Bus helps applications and services communicate across network and organizational boundaries, and the Access Control Service helps create secure authorization for your apps, services and users. Built on Windows Azure, the Service Bus and Access Control Service provide secure connectivity as a cloud service to complement the compute, storage, and database services available on the Windows Azure platform. In the same way that Microsoft® .NET Framework provides higher-level libraries to make developers more productive, Service Bus and Access Control Service help developers focus on their application logic rather than deploying and managing their own cloud-based infrastructure.

Below is an overview of the launch features we will deliver at PDC. As we outlined last week, PDC marks the beginning of our transition from a CTP to a business. The Windows Azure platform CTP will remain open through December 31st, allowing you to experiment with the full feature platform and to give us any feedback. We won’t start charging customers for using the Windows Azure platform until February 1, 2010.

Please continue to let us know what you think about the product, what you are building with the Windows Azure platform, and how we can continue to deliver product improvements that simplify your projects and please our joint customers!


Access Control Service Feature-Complete Capabilities

The Access Control Service provides an easy way to control access to REST web services and Service Bus communications while integrating with standards-based identity providers, including enterprise directories and web identity systems such as Windows Live ID. Authorization decisions can be pulled out of the application and put into a set of declarative rules hosted in Windows Azure that can transform incoming security claims into developer-defined claims that web services can consume directly.

·         Cloud-based federated authorization management service

o    Claims Transformation Engine: Transform input claims to output claims using configurable rules

o    Security Token Service: Package and transit output claims using REST tokens

·         Setup Issuer trust with a simple Web interface or programmatically through APIs

·         Supports Active Directory and other identity infrastructures, with minimal coding

·         Support for multiple credentials, including Windows Live IDs, and X.509 certificates

·         Two token-exchange endpoints addressable using standard HTTPS POST requests:

o    REST with symmetric key: Makes it easy for developers on any platform to package claims for the Access Control Service

o    REST with SAML Extension will work with tokens issued by ADFS V2

·         Support for standard protocols including REST

·         Applications that run inside and outside the organizational boundary can rely on the service


Service Bus Feature-Complete Capabilities

The Service Bus makes it easy to connect applications together over the Internet. Services that register on the Service Bus can easily be discovered and accessed, across any network topology. The Service Bus provides the familiar Enterprise Service Bus application pattern, while helping to solve some of the hard issues that arise when implementing this pattern across network, security, and organizational boundaries, at Internet-scale.

·           Services discovered through a stable, internet-accessible URL, irrespective of location

o    Enable tree hierarchical based service naming system

o    Service Naming Registry enables opt-in service public discoverability

·           One-way messaging between sender and listener supports unicast and multicast datagram distribution

o    Provide a FIFO data structure within the namespace and exist independent of any presence of active listeners

·           Full-duplex, connection-oriented session between sender and listener support bi-directional communication

·           Full-duplex, connection-oriented peer-to-peer session with network-boundary traversal create direct end-to-end connectivity through NAT

o    Service Bus endpoint is secured by Access Control Service

·           Multiple publishers and multiple subscribers can simultaneously use the services’ top management and event distribution system

·           Support for REST and HTTP Access from non-.NET platforms

·           Global hierarchical namespaces that are DNS- and transport-independent

·           Anonymous access to services is supported only if you permit it.

If you have any questions or need further information, please visit our Technical Discussion Forum.  


You can –

-       download the latest SDK at,

-       visit the Developers Center at, and

-       follow us on Twitter @dotnetservices.




The Service Bus and Access Control Service Team


Comments (0)

Skip to main content