Alex Thissen Weblog Build 1.15.10.1971

Revelations on Windows 8

2011-09-14T18:32:13Z

Today the //BUILD/Windows conference started with a day full of main sessions. A two and a half hour keynote followed by three “Big Picture” sessions after lunch introduced all present to the new Windows 8 OS and platform. Personally, I am still catching my breath over the amazing amount of information that was given to us. Lots of people have asked me since then what I thought of the first day. I have told them: “Fantastic”. Here’s why, in my words and with a personal interpretation of the information that is available to everyone.

Merging the web with Windows

What I saw Microsoft present today is the new vision for the Windows 8 operating system. Windows 8 merges with the web in terms of devices and applications. It also brings together all your devices and makes them a mesh that is constantly in sync with one another. This mainly goes for data, be it application data, application settings or identities. The Cloud (Windows Live in particular, complemented by Windows Azure) acts as the conduit to flow and store information across devices and online storage.

Web of applications

Equally important is the fact that all applications are not only interconnected with the OS and the cloud, but also with one another. Searching and exchanging data has become a smooth continuum across OS and applications alike. I like to think of it as a new opportunity to create Windows-based mashups, just like it has become common place for Web 2.0 applications. This style of creating applications will now come to native Windows applications. The possibilities will be endless. All you need to do is reimagine your apps, just like Microsoft has reimagined Windows.

A new family of applications

Windows 8 distinguishes two types of applications: Desktop apps and Metro style apps. The Desktop apps are best described as the applications that will run on earlier versions of Windows (7, Vista, …). The Desktop can be built using the well known variety of APIs, ranging from native Win32 in C/C++, to .NET or Silverlight with C# or VB and HTML with JavaScript for Internet Explorer hosted web applications. Metro style applications are easily identified from their styling. Behind that new appearance there is a whole new stack of frameworks and APIs to build and run applications. The Metro applications can interconnect with each other and the OS. There is deep integration through the new API.

Metro, great for users and developers

Metro applications use a new application model at system service level. This is the layer that runs on top of the Windows kernel. The application model also represents the way a Metro application lives in its eco-system, hooks into the operating system with its own execution environment and how it is packaged and deployed. On top of the app model you can build Metro apps with three new APIs: Data and Communication, Graphics and Media, Devices and Printers. You can choose from any kind programming interface, just like with the Desktop apps, boiling down to C++, managed languages and JavaScript. The first two use XAML to create the view layer. XAML has become a native part of the operating system.

Whether you are going for the XAML or HTML5 approach, Metro apps have the same distinct look and feel, backed up with styling guidelines. The Visual Studio 2011 development environment embraces Metro and offers a whole slew of templates to facilitate in creating the right Metro views for your app.

The Metro style will help users get a consistent feel across devices (desktop PC, tablet or phone) and form factors (small, medium, large). Whether they pick up a phone with WP7.5 or a tablet with Windows 8, it all looks and feels the same. For now, Metro style applications are built targeted at either Windows 8 or Phone 7.5

Opportunities for everyone

With all of this come great opportunities for everyone: users, designers, developers, architects and business, you name it. Since this is a developer conference, I would like to point out that the next couple of years will be very, very interesting for developers. The shift in programming paradigm from rich-client, high-end client applications to interconnected, cloud- and os-integrated applications are a new ball-game and a game changer to boot. This will give lots of change, chance and learning for all to enjoy.

The extra gift

As if all of this goodness and announcements weren’t enough there was the unexpected gift. Secretly anticipated and living up to speculation all attendees of //BUILD/Windows were giving a new Developer Preview Tablet: a Samsung tablet with amazing specs. The line for picking it up was unbelievable. I chose to wait until tomorrow to pick it up. I still need to do so. Everybody is excited about it. Check the specs to see why.

Getting ready to unwrap the big picture at BUILD

2011-09-13T05:47:11Z

Tomorrow is the first day of the //BUILD/Windows conference. BUILD is a highly anticipated conference and expectations are equally high. I thought it would be good to put some of my thoughts on my blog before the conference actually started. You see, BUILD is special in a way that most conference of the past years have not been: we know nothing about the announcements. Sure, there will most likely be information on Windows 8, HTML 5 and JavaScript, the developer roadmap and so on. But then again, this is only high over. Nobody knows anything about what will be announced, not even the average Microsoft employee.

The almost complete silence and accompanying secrecy is not what we have seen in the past couple of years. Microsoft has always been very open in its directions. The product teams have engaged with the community early on and gotten feedback from the developers, architects and so on. Now, we have heard nothing up front. And this leads to a lot of speculation, criticism, fear and doubt. People complain about this approach. Apple and Google have been working this way for a long time now. The big announcements and revelations are made on an important conference. So, how bad is it that Microsoft has taken the same path?

Taking a step back I feel spoiled. All these years we have had the luxury of knowing all upfront. It is like Christmas time (or Sinterklaas if you are Dutch), where you sent out a wish list to Santa Claus. Santa would tell you exactly what you would get. The unwrapping of the presents was fun to do, but there were hardly any surprises. This time is different. Tomorrow we will be given a lot of presents and we do not know what is in the boxes. Everyone will be thrilled to receive the gifts and find out what is inside. Best of all, there might even be presents that we hadn’t wished for. I am enjoying every moment of it. Because once the unwrapping is done, the nervousness and anxiety goes away and is replaced with the fun of playing with the new stuff. Still good, but different. Who knows how long it will be before we will have the experience of not knowing again?

The registration today went very smooth. It was not busy (yet). The self-service terminals made it easy to register. The badge, wristband (for the party on Wednesday) and booklet were all the things we got. There were no details on the sessions, other than that the first day will be general sessions only. These general sessions are called “Big picture” in the booklet. Sort of indicates what we will getting from those. The breakout sessions are from Wednesday till Friday. It will be four fantastic days without a doubt. I am looking forward to it!

Using WCF and WIF to perform WS-Trust active claim requests

2011-07-18T14:07:39Z

The last week I have been working on a claim-based identity scenario that involves two separate instances of a Active Directory Federation Services (ADFS) 2.0 as Security Token Service (STS). The first STS is an identity provider STS (IP-STS) and the second a resource STS (R-STS) . The R-STS and IP-STS have a trust relationship in that the IP-STS is a trusted identity provider to the R-STS. Typically this setup is used with the passive profile for federation from browser clients. The web application (SharePoint 2010 for our scenario) would require authentication, redirect to the R-STS, which in turn would redirected (after IP selection) to the IP-STS. Here the end-user will authenticate, gets a identity claims from the IP-STS and is redirected back to the R-STS. The resource STS can augment claims from information stored in AD Lightweight Directory Services (AD-LDS) and issue the final claim token to the passively federated web application.

In our case we have a SharePoint 2007 application, which does not have its own STS to initiate the entire process. Also, business requirements demand that

the user interface is completely controlled
no redirects to other pages during authentication
authentication takes place from within a certain screen flow

These requirements made us investigate the active profile flow for the setup. In an active profile flow you will use the web services of ADFS 2.0 to communicate directly to the STS instances. You can use either the WS-Trust or WS-Federation protocol depending on your requirements. WS-Federation allows you to call the R-STS directly with the retrieval of the IP-STS claim performed under the covers. WS-Trust is used for the individuals steps. You can also leverage WS-Trust to take full control of the individual steps. To get acquainted with the entire active scenario we chose to the latter approach. Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF) provide ready-to-use channels for the WS-Trust protocol and WS-Federation protocol. The scenario will take several steps:

Acquire an identity claim from the IP-STS by using username/password authentication to authenticate.
The IP-STS will issue a claim token regarding our identity, sign and encrypt it and send it back to us.
Use the claim token from the IP-STS to authenticate against the R-STS and request a new claim token with additional claims from AD-LDS.
The R-STS will also issue the (augmented) claim, sign and (optionally) encrypt it and send it.
We need to decrypt the token, check its signature and issuer and convert the claim token to a principal object.

Note that we made some design choices, such as using username/password to authenticate against the IP-STS. You could make similar or different choices depending on your particular scenario.

Step 1: Acquiring an identity claims from an active STS

The first part of the process is the acquisition of a claim token from the IP-STS. We need one of the specialized WCF binding for a WS-Trust channel. Because we are using username and password to authenticate, this comes down to UserNameWSTrustBinding. We want to use transport security (an HTTPS connection) with credentials inside of the message (because Message security would mean that we need encryption and certificate exchange for this part). The endpoint at ADFS is https://identityadfs.company.com/services/trust/2005/usernamemixed to reflect our choices. The 2005 endpoint will use the newer WS-Trust 1.3 specification (as opposed to the February 2005 one).

var binding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);
var factory = new WSTrustChannelFactory(binding, "https://identityadfs.company.com/adfs/services/trust/13/usernamemixed")
  {
    TrustVersion = TrustVersion.WSTrustFeb2005,
  };
 
factory.Credentials.UserName.UserName = @"youraccount";
factory.Credentials.UserName.Password = @"abc123!";
factory.ConfigureChannelFactory();

We now have a configured channel factory to create an actual WS-Trust channel. Across that channel we want to send a Request Security Token (RST) message.

var rst = new RequestSecurityToken
  {
    RequestType = WSTrust13Constants.RequestTypes.Issue,
    AppliesTo = new EndpointAddress(http://resourceadfs.company.com/adfs/services/trust),
    KeyType = WSTrust13Constants.KeyTypes.Symmetric
  };

var channel = factory.CreateChannel();
return channel.Issue(rst);

As you can see this RST message indicates an issue request for the audience “http://sourceadfs.company.com/adfs/services/trust/active”, which is the identifier of the relying party (the IP-STS) administration in the R-STS . In other words: a identity claim token intended to be shown to the R-STS.

We also ask the IP-STS issuer to encrypt the claim token with a symmetric key. You will see why this is in a moment. In other situations you could have asked for a Bearer (unecnrypted) key type token, which would have allowed you to inspect the token.

Step 2: Issue token from IP-STS

The IP-STS will accept and validate our credentials against the Active Directory Domain Services identity store. When successfully authenticated, ADFS will use its claim rules to extract information from ADDS and build a claim token with the indicated claims. Next it will encrypt this claim token using a certificate with a public key. This public key belongs to a public/private key pair that the R-STS holds. The IP-STS can encrypt the token, where only the R-STS can decrypt it using its private key.

Step 3: Use claim token to authenticate and request augmented claim token

Now, we can use the issued identity claim token to authenticate against the R-STS. We will again use a WS-Trust channel, but now with issued token authentication.

var binding = new IssuedTokenWSTrustBinding();
binding.SecurityMode = SecurityMode.TransportWithMessageCredential;
binding.KeyType = SecurityKeyType.SymmetricKey;
 
var factory = new WSTrustChannelFactory(binding, 
  "https://resourceadfs.company.com/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256");
factory.TrustVersion = TrustVersion.WSTrust13;
factory.Credentials.SupportInteractive = false;
factory.ConfigureChannelFactory();

The configuration of the channel factory is similar to the first step. The key differences are that we now have an IssuedTokenWSTrustBinding and a symmetric key for the issued token. The reason for choosing the symmetric encrypted request in the first step is that the R-STS does not accept Bearer key tokens for authentication. They have to be (a)symmetrically signed for the R-STS to use them as an authentication means. Also, we suppress the Interactive support (meaning InfoCard c.q. CardSpace UI), as we are initiating a service request (hence, no user is available).

Next, we create another RST message and send it out to the R-STS.

var rst = new RequestSecurityToken
  {
    RequestType = RequestTypes.Issue,
    AppliesTo = new EndpointAddress("http://sp2007webapp.company.com"),
    KeyType = KeyTypes.Bearer
  };   var channel = factory.CreateChannelWithIssuedToken(token);
return channel.Issue(rst);

The RST now indicates an audience for the SharePoint 2007 application. Its key type can be Bearer or (A)Symmetric, depending on how you want the token to be transferred. Should you choose the Symmetric or Asymmetric key type, you will need to install a server certificate on the web application’s IIS server, extract the public key and install it on the R-STS server as the encryption certificate for the relying party (i.e. the SharePoint app) trust.

Finally, using an extension method from WIF we create a channel from the factory that can convey the token as an authentication means. Lastly, we send out the RST message and return the token to the caller after step 4 has completed.

Step 4: Issuing an augmented claim

Once the issued token arrives at the R-STS, ADFS will decrypt the token using its public/private keypair. If it is a valid token, the R-STS will believe its trusted IP-STS that the credentials originally provided where correct. According to the configured claim rules the R-STS will create new and/or additional claims (called claim augmentation) to the new claim token. It will include the audience, sign it, encrypt it if you indicated so in the RST, and send out the RST response (RSTR).

Step 5: Check claim token and create principal

The last step is back on the SharePoint application.

GenericXmlSecurityToken augmentedToken = AugmentClaims(issuedToken);
var tokenReader = new StringReader(augmentedToken.TokenXml.OuterXml);
var reader = XmlReader.Create(tokenReader);

The issuedToken variable contains the token received from step 1 and 2. The AugmentClaims method is the implementation shown in step 3. When the R-STS returns the augmented claim, it will surface as a GenericXmlSecurityToken. We set up an XmlReader to start reading the token.

Remember that to read the token we need to decrypt it, check its signature, audience and issuer. This checking is taken care of by a set of token handlers

SecurityTokenHandlerCollection handlers = 
  SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection();

The default security handlers are some eight handlers for various types of tokens. They all use the configuration defined at the SecurityTokenHandlerCollection. First, we will add our public/private keypair as the certificate that the token resolver should use for decryption. The SecurityTokenResolver will use the thumbprint as a reference to the certificate

X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certificates = store.Certificates;
X509Certificate2 certificate = certificates.Find(
  X509FindType.FindByThumbprint, 
  "ThumbprintForWebAppPubPrivCertificateAllCapitals", true)[0];
 
List<SecurityToken> serviceTokens = new List<SecurityToken>();
serviceTokens.Add(new X509SecurityToken(certificate));
SecurityTokenResolver serviceResolver = 
  SecurityTokenResolver.CreateDefaultSecurityTokenResolver(
  serviceTokens.AsReadOnly(), false);
handlers.Configuration.ServiceTokenResolver = serviceResolver;

You will only need the code fragment for the token resolver above if you indicated an encrypted token. We did not, so these 8 lines of code are not necessary.

Next, we will add a certificate store for the issuer resolution. The token handlers will look up the issuer’s certificate thumbprint in the Personal certificates store of Local machine (not a user’s store).

SecurityTokenHandlerCollection handlers = 
  SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection();
X509CertificateStoreTokenResolver certificateStoreIssuerResolver = 
  new X509CertificateStoreTokenResolver(StoreName.My, StoreLocation.LocalMachine);
handlers.Configuration.IssuerTokenResolver = certificateStoreIssuerResolver;

var registry = new ConfigurationBasedIssuerNameRegistry();
registry.AddTrustedIssuer("ThumbPrintForResourceADFSPubSigningAllCapitals", 
  http://resourceadfs.company.com/adfs/services/trust);

handlers.Configuration.IssuerNameRegistry = registry;
handlers.Configuration.AudienceRestriction.AllowedAudienceUris.
  Add(new Uri(http://sp2007webapp.company.com));

With all this setup, all that remains it to actually read (decrypt) the token and to check its signature, issuer and audience. The set of identities that is included will contain 1 IClaimsIdentity derived object containing our identity with corresponding claims.

var samlToken = handlers.ReadToken(reader);
IClaimsIdentity identity = handlers.ValidateToken(samlToken)[0];

All done

At this point we have a ClaimsIdentity that we can use to construct a claim principal and start reading claims for authorization inside our application. You might want to have the claims principal set to the current thread Thread.CurrentPrincipal and the HTTP context via HttpContext.Current.User. Inside the identity you can see the initial authentication type (username/password in our case) and for each claim the issuer (R-STS) and the original issuer (IP-STS, only when you passed through the original IP-STS claim as a R-STS claim).

All steps assume a happy flow, but you will need to include the usual exception handling for Timeout-, Communication-, ObjectDisposedException and other exceptions that may occur.

Hope this helps.

Portable Libraries for Visual Studio 2010 SP1

2011-07-07T21:47:03Z

The Microsoft BCL team recently released the RTM version of Portable Libraries (PL). This PowerTool for Visual Studio 2010 SP1 allow you to develop managed assemblies for more than one target .NET framework. It will let you aim your code at both the full .NET Framework, Silverlight, Silverlight for Windows Phone 7 and/or Xbox 360. By using the Portable Libraries you can control which targets you are aiming for and compile a single assembly that will work on all targets you selected.

The Portable Libraries has features that are close to, yet different from another piece of functionality in Visual Studio: multitargeting. It is similar in that it will help you find the allowed subset of functionality in the .NET Framework given the combination of targets you select. It is different, because it will let you have a single project where you would normally have multiple projects for class libraries targeting .NET FX (versions 2.0 to 4.0, with full or client profile) and Silverlight. For Xbox 360 you have the Xbox 360 Game Library which comes close, but is a different thing altogether. PL projects are class libraries which can host reusable managed code over all of the previously mentioned.

You can install the tooling for PL from here. Once you have done that, a new library project is available:

A Portable Library project has its own project template. The main difference from a regular class library is in the AssemblyInfo.cs file. The contents are trimmed, because ComVisibleAttribute and GuidAttribute do not make sense for Silverlight and Xbox and are not allowed. The other difference is an extra tab on the Project Properties page. It allows you to specify the targets for your library.

In the screenshot below you can see a Class Library project converted to a Portable Library. The references to assemblies that are not part of the allowed assemblies for the targets are indicated with exclamation marks, just as when you had selected a not allowed assembly for the .NET Target Framework in a normal Class Library.

The Portable Libraries have a different build target, which further distinguishes them from regular class libraries.

The allowed set of assemblies is listed here, but to give you an idea, it is limited:

mscorlib.dll
System.dll
System.Core.dll
System.Xml.dll
System.ComponentModel.Composition.dll (MEF)
System.Net.dll
System.Runtime.Serialization.dll
System.ServiceModel.dll
System.Xml.Serialization.dll
System.Windows.dll (from Silverlight)

This set is the largest possible if you are only targeting .NET Framework 4. For Silverlight and Phone 7 you cannot use MEF (System.ComponentModel.Composition), and for Xbox 360 you can only use the bold assemblies.

The use of the Portable Class Library project will pay of in finding which classes you can use and which not. If you are in doubt, you can check the MSDN documentation and make sure. Here is an example for the System.Runtime.InteropServices.StructLayoutAttribute class:

In the type’s members you can see whether a particular member is supported (when the type itself is):

The small project icon in the left column means it is supported.

An example scenario

Let’s say you have a piece of C# code that can be reused in an application or game for Windows, Phone and Xbox 360. Normally (without Portable Libraries), you would need to set up several projects:

Each of the ReusableGameCore libraries contain the same code, but have a different target. They are referenced by the corresponding game (or application) version for Windows, Phone and Xbox.

You need to do so, because the build target need to be different for the various consumers of your reusable code. For example, referencing a normal Class Library project in an XNA Game Studio 4.0 project for Xbox 360 will get you compile errors. It will complain about the “wrong” target framework being selected, even though you have changed it to .NET 4 Client Profile (or something else).

As you can see in the screenshot the code in the Silverlight and Xbox360 library projects is linked from the Windows version. You will only have one version of the code, but having three project is not ideal.

The alternative is offered by Portable Libraries. In that case the three libraries can be combined into a single one. Your solution will look like this:

The three other projects each reference the single portable class library. Quicker to set up and easier to maintain. Moreover, you can install additional frameworks, which allows you to target other or more from the same library.

Converting a Class Library to a Portable Class Library

It could very well be that you have a Visual Studio solution that holds class libraries which you would like to be Portable. One option is to create a new Portable Library project and transfer the files from the class library to the new Portable project. This should be the normal way to go. I tried whether it is possible to convert the class library project into a portable one. Turns out that it can be done. Here’s how:

Unload the Class Library project. Right-click the project and select Unload Project from the context menu to do so.
Edit the .csproj or .vbproj file. Pick the option from the context menu.

Add the following fragment to the first <PropertyGroup> under the <Project> root element:

C#:

<ProjectTypeGuids>{786C830F-07A1-408B-BD7F-6EE04809D6DB};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids>
<TargetFrameworkProfile>Profile1</TargetFrameworkProfile>

Visual Basic:

<ProjectTypeGuids>{14182A97-F7F0-4C62-8B27-98AA8AE2109A};{F184B08F-C81C-45F6-A57F-5ABD9991F28F}</ProjectTypeGuids>
<TargetFrameworkProfile>Profile2</TargetFrameworkProfile>

Remove the <ProductVersion> and <SchemaVersion elements:

<ProductVersion>8.0.30703</ProductVersion>
<SchemaVersion>2.0</SchemaVersion>
Change the <Import> element just before the closing tag of the <Project> element to the .

In C# replace

<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />

with

<Import Project="$(MSBuildExtensionsPath32)\Microsoft\Portable\$(TargetFrameworkVersion)\Microsoft.Portable.CSharp.targets" />

In Visual Basic replace

<Import Project="$(MSBuildToolsPath)\Microsoft.VisualBasic.targets" />

with

<Import Project="$(MSBuildExtensionsPath32)\Microsoft\Portable\$(TargetFrameworkVersion)\Microsoft.Portable.VisualBasic.targets" />

Remove the following code from AssemblyInfo.cs (or the equivalent from AssemblyInfo.vb)

// Setting ComVisible to false makes the types in this assembly not visible 
// to COM components.  If you need to access a type in this assembly from 
// COM, set the ComVisible attribute to true on that type.
[assembly: ComVisible(false)]
 
// The following GUID is for the ID of the typelib if this project is exposed to COM
[assembly: Guid("1e49a9ca-89db-46d1-9704-b76e10897ffb")]

Reload the project by right-clicking the project and selecting the menu item

Please note that this is not an official and therefore not supported migration. No guarantees and make sure you have backups, checkins et cetera before you undertake this conversion.

SDN Event June 2011: ASP.NET Web Pages Framework for ASP.NET developers

2011-06-20T05:43:22Z

Last Friday saw another edition of a Software Development Network Event. A number of great sessions were on the list. I got to see Marcel de Vries’s session on combined development for Windows Phone 7, Android and iOS. I must say I was impressed with the state of tooling for Mono for Android and MonoTouch (for iOS).

My session for the SDN Event was on the ASP.NET Web Pages Framework. In it I show

what this new framework is,
how it relates to ASP.NET WebForms, MVC and WebMatrix
how to build applications with it
introduction to Razor (see also my DevDays 2011 session on “Introduction to Razor” for more information on Razor)
what the new concepts like “page hierarchies”, UrlData and PageData are
working with models and model state (and how this is different than the model from MVC)
automatic routing
some more

If you couldn’t make it, feel free to take a look at the slides and the demos. Thanks everyone who attended the session. Hopefully you found it useful.

I missed the session of Pepijn Sitter on XNA Game development for the Windows Phone 7, because he shared the timeslot with my own session. Luckily for me I had a chance to meet him before his session. We had a very enthusiastic talk on games, game development, the fun of it all and his Ms. Pacman implementation with XNA for XBox360 and Windows Phone 7. Brilliant stuff.

Choosing from all the great sessions at the Dutch Developer Days 2011

2011-04-19T05:44:37Z

The organization of the Microsoft Developer Days has an outstanding reputation for selecting excellent speakers from abroad and both new and well known speakers in The Netherlands. This year I intend to go see more sessions than in previous years. It is hard to choose from all of the sessions that are listed. Instead of randomly picking from that list, I first came up with a strategy to select them. It turned out to be a criteria list that should help prioritize sessions.

Strategic initiative from Microsoft
If there is a session on Windows Azure, Windows Phone or the next version of some product
Practice over theory
I guess that you can go a long way by following the training kits, blogs and documentation on new platforms, frameworks and technologies. The lessons learned by using these in real-life/business scenarios is a lot harder to come by.
New and broad information over in-depth information (on topics that are known already)
Learning new things gets preference over going deeper into topics I already feel comfortable with
Speaker reputation
Some speakers are a delight to go see. If none of the above make a difference or end in a tie, I will decide based on the speaker. This can be based on entertainment value, technical accuracy or experiences in the past.

Developer Days - 1

9:15 – 10:45	The easiest timeslot to choose a session: the keynote
11:05 – 12:20	What's New in SQL Server "Denali" for Developers?, Paul van Wingerden. New technology and I’m very rusty on the developer side of SQL Server. Catching up required. Windows Phone 7 (title to be disclosed after MIX), Ben Riga: Summary of WP7 as discussed at Mix 2011. Should save a lot of time viewing this session instead of the recorded videos at Channel 9 MVC 3 – 101, Scott Hanselman Guaranteed fun and overview of MVC3 to boot
13:30 – 14:45	Reactive Extensions for .NET for the Rest of Us, Mike Taulty Mike is an excellent speaker with loads of high-speed demos and more information than a human could handle in one hour. Windows Azure AppFabric: Building, Managing, and Connecting High-Density, Multi-Tenant Cloud Applications , Clemens Vasters Clemens is Mr. ServiceBus and the authority on this part of AppFabric. De Locatie Centraal met Windows Phone 7, Marco Wagemakers Lower on the list as Achmea is also using ArcGIS and it should be close to home.
15:05 – 16:20	Produceer Betere Product Kwaliteit door Gebruik te Maken van de Ultimate Test Tools, Marcel de Vries It’s been a long time since I saw Marcel speak. I also need some better overview of the test tooling Taking Control of your World with the .NET Micro Framework, Rob Miles Great speaker who could easily have been standup comedian. I’m curious what the .NET Micro Framework will bring us in the future.
16:30 – 17:45	What's New in Silverlight 5, Jeff Prosise What can I say: Jeff Prosise of Windows and MFC fame to tell us about the new things in SL5. A must see. Visual Studio LightSwitch - Beyond the Basics, Beth Massi I saw a LightSwitch session by Stefan Kamphuis at the Dutch CodeCamp a couple of weeks ago. I looks very promising as a new tool and I want to know more about the developer potential of this tool.

Developer Days - 2

9:15 – 10:30	HTML 5 - That's What You Need to Know Today!, Ingo Rammer Ingo Rammer is famous for his book and knowledge on .NET Remoting. HTML 5 is going to make an impact over the next couple of years. Better not to stay behind. Identity & Access Control in the Cloud, Vittorio Bertocci What can I say: the next generation security combined with the cloud. If it weren’t for my involvement in a project that goes deep into claims and identity, I would go see this one. Improving Legacy .NET Code, Thomas Huijer Something we all have to deal with: legacy code. I wonder what Thomas’s insights are in improving this.
10:50 – 12:05	Demystifying the .NET Asynchronous Programming Landscape, Bart de Smet Bart has been involved in Linq and other language features at the source in Redmond. This will give a great insight into the async options and the upcoming VB and C# support. Real World Architecture with ASP.NET MVC, Hadi Hariri Real World Windows Azure Development: Tips & Tricks, Wade Wegner Hard to choose between number 2 and 3. If it comes down to one of these, I think I’ll toss a coin. (I’ve done so before, ask Dennis)
13:15 – 14:30	Windows Azure AppFabric Access Control Service: Deep Dive, Vittorio Bertocci Advanced Debugging with Visual Studio 2010, Ingo Rammer Just yesterday I did some low level debugging with WinDbg and DotTrace to track down a memory leak in an ASP.NET application. Ingo will be able to tell more on the topic.
14:50 – 16:05	I’ll be at my own session. Come see this if you are interested in finding out more on Razor and the Web Pages framework surrounding it.
16:15 – 17:30	Developing SaaS Solutions with the Windows Azure Platform, Vittorio Bertocci Web Services Interoperability tussen WCF en Java, Edwin van Wijk en Bert Erman WCF Data Services Introductie - De Serverkant, Erno de Weerd At the end of the conference I have no idea what I think is a nice roundup. These three seemed to come to mind. We’ll see.

Hopefully this list or the criteria will help you select from all of the sessions, if you are in doubt. Whichever way, the DevDays 2011 should be a great event. Have fun and see you there!

A new role: Microsoft Regional Director

2011-04-04T20:49:27Z

Since early March I have been given a new role as Microsoft Regional Director (RD). In The Netherlands there are two positions for RD, and for the past few years Marcel de Vries and Anko Duizer have fulfilled both. Last year Anko rejoined the ranks of Microsoft and automatically stopped being an RD. August last year I was contacted by Microsoft NL to talk about the RD program. I happily accepted the invitation to become the new RD.

I’ve waited for a good moment to announce my new role and finished some other work, in order to be able to spend more time on the RD program. The appearance of the RD column that Marcel and myself wrote for the the last issue of the Dutch DotNetMagazine seemed like a good time. I am very enthusiastic about the program and the part I can play in it. I really believe that RDs can serve as an intermediate between Microsoft and the community at large (being the .NET community, end users and businesses). Very soon Marcel and myself will start building an “attack plan” to maximize the impact we can make as RDs. Stay tuned.

Next up will be a translation of the RD column in English, because I think that it explains the purpose of the Regional Director program from a different angle. I’ve named it “Regional Directors: the antennas for Microsoft and the community”.

If you are interested to read more on the Regional Director program, you can take a look at the TheRegion.com. Also, there is a nice blog post by Jeffrey Pallermo that has some frequently asked questions on “who are the Regional Directors?”.

Vacature “Microsoft Technisch consultant” bij Nokavision

2010-11-29T13:55:26Z

Het bedrijf Nokavision uit ‘s-Hertogenbosch heeft een interessante vacature beschikbaar. Ben je op zoek naar een nieuwe uitdaging in het zuidelijke deel van Nederland, lees dan de beschrijving eens door.

Ik ken Nokavision als een bedrijf dat graag bezig is met nieuwe Microsoft technologien. Ze hebben een sterk verleden met document management en document stromen en business process management in organisaties. Om meer te weten te komen over Nokavision, kun je natuurlijk hun website bezoeken. Daar vind je onder andere case studies van eerdere klanten, hun producten (o.a. Skelta, StreamServe en Captaris producten) en de diensten die ze bieden.

Hieronder de vacaturetekst. Ben je geinteresseerd, neem dan contact op met Rob Steenvoorden. De contactgegevens staan onderaan.

Microsoft Technisch consultant

Doel van functie

Als Consultant maak je deel uit van een professioneel team dat als standplaats Den Bosch heeft. Onze werkzaamheden vinden plaats aan oplossingen die als product in de markt worden gezet. Je werkt aan de ontwikkeling, uitbreiding en beheer van Microsoft oplossingen. Je werkt met professionele collega’s met diverse ideeën, achtergronden en werkwijzen. Je wordt aangemoedigd je technische vaardigheden uit te breiden en je thuis te voelen in een “lerende” cultuur.

Verantwoordelijkheden en taken

Je bent verantwoordelijk voor de ontwikkeling, oplevering en onderhoud van nieuwe en bestaande producten op basis van Microsoft technologieën. Je werkt met de modernste Microsoft technologieën waaronder C#, .NET 4, Silverlight 4, WCF RIA Services, Entity Framework, Enterprise Library, SQL Server. Tevens maken we gebruik van Workflow technologie die .NET gerelateerd is.

Ideale profiel

Ervaring met C# en .NET
Junior/Medior software ontwikkelaar
Je bent accuraat en hebt een actieve houding
Belangstelling voor complexe bedrijfskundige en technische omgevingen
Gewend om volgens methodieken te werken

Een pré is:

Kennis van UML & Design Patterns
Kennis van en ervaring met Silverlight en/of WPF

Arbeidsvoorwaarden

Nokavision is een zeer sociaal bedrijf. Nokavision biedt uitstekende primaire/secundaire arbeidsvoorwaarden. De opleidingsmogelijkheden zowel intern als extern zijn uitstekend. Daarnaast besteden wij veel tijd en energie aan persoonlijke groei en ontwikkeling.

Wil je meer weten of reageren: stuur je bericht met CV naar r.steenvoorden@nokavision.com of bel met 073-6408490.

Two exam opportunities

2010-10-16T20:46:48Z

Quick post on two beta Microsoft exams that you are allowed to participate in. Gerry o’Brien posted that the exams:

are now available to take. The beauty is that if you manage to pass the qualifying score on the beta exam, you also pass the exam as soon as it is released. Of course, it is also a good challenge for your brain and a test of your knowledge on the topic of the exam. When you’re into the business of training, coaching or other knowledge transfer areas, this is a great opportunity to find out which training, books and e-learning material is needed to prepare for this exam.

The Microsoft Learning website lists extra information on the exams 70-583 and 70-506. The exams seem to be the one exam to pass to acquire either the “MCPD: Windows Azure Developer 4” or “MCTS: Silverlight 4, Development” certifications.

You can take these exams for free if you use the promotion codes AZPRO and SL410 respectively. You need to enter these code at the Payment Information screen.

Time is limited, so be sure to register immediately at Prometric.

Microsoft Most Valuable Professional for 2010

2010-07-02T14:59:32Z

Yesterday I received mail from Toby Richards with the title “Congratulations 2010 Microsoft MVP!”. This means that Microsoft grants me this title as a Microsoft community contributor for another year.

The mail is pretty flattering: “This award is given to exceptional technical community leaders who actively share their high quality, real world expertise with others.” I do hope people like the presentations I give at the various Dutch conferences. That’s my main place to share.

Thanks Microsoft. Thanks community. Hope to meet you again soon.

Extracting files from an MSI package

2010-06-17T09:03:19Z

Reminder to self, as I have searched for this too many times:

How to extract files from an MSI file without actually installing it:

msiexec /a c:\downloads\WCFRestStarterKit.msi /qb TARGETDIR=c:\RESTStarterKit

Run this from an elevated command prompt. The target directory does not have to be created beforehand.

WCF Extensibility part 5: Make your endpoints behave

2009-08-25T06:36:00Z

In the previous post we looked at an operation behavior that applied the operation formatter to a particular operation description. Because this is default behavior for all operations in the interface defined, we will make life a little easier on us to have the operation behaviors applied automatically. A WCF endpoint consists of address, binding and contract. The latter is represented by the [ServiceContract] annotated interface, in our case IRcon and the target of our exercise.

The extensibility point that the WCF runtime provides is an endpoint behavior. Endpoint behaviors allow you to manipulate an endpoint’s definition. To create an endpoint behavior you need to implement the System.ServiceModel.Description.IEndpointBehavior interface:

public interface IEndpointBehavior
{
    void AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection bindingParameters);
    void ApplyClientBehavior(ServiceEndpoint endpoint, ClientRuntime clientRuntime);
    void ApplyDispatchBehavior(ServiceEndpoint endpoint, EndpointDispatcher endpointDispatcher);
    void Validate(ServiceEndpoint endpoint);
}

This should look pretty familiar to you if you have read the previous part in this series. Again, you can apply your behavior both on the client and service side. There’s another validation moment in the Validate method and you can add binding parameters to the binding context for later use.

The implementation of ApplyClientBehavior is the most interesting one. Here we will apply the operation behavior to each of the endpoint’s operations.

public void ApplyClientBehavior(ServiceEndpoint endpoint, ClientRuntime clientRuntime)
{
    if (endpoint.Binding is SourceRconTcpBinding)
    {
        foreach (OperationDescription description in endpoint.Contract.Operations)
        {
            ApplyFormatterBehavior(description, endpoint);
        }
    }
}

private void ApplyFormatterBehavior(OperationDescription operationDescription, ServiceEndpoint endpoint)
{
    if (operationDescription.Behaviors.Find<SourceRconOperationFormatterBehavior>() == null)
    {
        SourceRconOperationFormatterBehavior formatterBehavior = new SourceRconOperationFormatterBehavior();
        operationDescription.Behaviors.Add(formatterBehavior);
    }
}

Inside the implementation a simple loop over the operation descriptions in the contract is enough to get things going. The helper method ApplyFormatterBehavior makes sure that the SourceRconOperationFormatterBehavior behavior is applied only once.

An endpoint behavior needs to be added to the Behaviors collection of an endpoint to make it do its work. Given the client-side interface definition IRconProxy (which derives from both IRcon and IClientChannel) you can create a channel factory. The factory holds the the definition of the endpoint, provided by the implicit ABC in line 1 (address and binding are obvious, the generic <T> of the ChannelFactory represents the contract).

ChannelFactory<IRconProxy> factory = new ChannelFactory<IRconProxy>(binding, new EndpointAddress(uri));
factory.Endpoint.Behaviors.Add(new SourceRconEndpointBehavior());
factory.Open();

Line 2 adds the behavior to the Behaviors collection of the endpoint. When the factory opens, the behavior gets applied. The operation formatters get applied at that moment as well. The operation formatters are used when the actual calls through the channel are made.

Side note: if you were to use a ClientBase<T> derived proxy, you would need to drill down into the proxy.ChannelFactory.Endpoint.Behaviors to get at the Behaviors collection, or use the proxy.Endpoint property for easier access.

To summarize, an endpoint behavior allows you to manipulate your endpoint. Behaviors are an opt-in, so it is your choice whether to apply them or not.

WCF Extensibility part 4: Applying formatting to operations

2009-08-21T20:11:00Z

In the previous part we inspected the way you can influence the transition from a service operation to a WCF Message object. This was accomplished with an implementation of the IClientMessageFormatter interface, in our case the SourceRconOperationFormatter class. Now it’s time to look at how to apply this message formatter to the client channel stack.

The message formatting happens based on the formatter that is specified as part of the description of an operation. This means that in theory you could change the formatter from operation to operation. In order to get the formatter in place you need to change the Formatter property of the System.ServiceModel.Description.OperationDescription for the operation of your choice. Obviously this has to be done before the first method call is made. The extensibility point that allows you define which formatters are used for client and service operations is an operation behavior. When applied an operation behavior will influence the way an operation behaves when called. Hence the name.

Operation behaviors must implement the System.ServiceModel.Decription.IOperationBehavior interface. First of all look at that interface definition:

public interface IOperationBehavior
{
    void AddBindingParameters(OperationDescription operationDescription, BindingParameterCollection bindingParameters);
    void ApplyClientBehavior(OperationDescription operationDescription, ClientOperation clientOperation);
    void ApplyDispatchBehavior(OperationDescription operationDescription, DispatchOperation dispatchOperation);
    void Validate(OperationDescription operationDescription);
}

As you can see it has two methods to apply the specifics of your behavior to an operation description: one for client-side and one for service-side operations. We need to fill in the client-side proxy part of it only. Furthermore, the behavior can validate the operation to which it is applied. More on this in a moment. And finally, should the behavior need to add specific parameters to the entire binding (which can be accessed later on from the binding context) it is free to do so in the AddBindingParameters method.

The SourceRconOperationFormatterBehavior class explicitly implements the IOperationBehavior interface. There is no point to have public method as it is unlikely that the implementation will be called other than via the interface.

public class SourceRconOperationFormatterBehavior: IOperationBehavior
{
    #region IOperationBehavior Members

    void IOperationBehavior.AddBindingParameters(OperationDescription operationDescription, BindingParameterCollection bindingParameters)
    {
        // Nothing for us to do
    }

    void IOperationBehavior.ApplyClientBehavior(OperationDescription operationDescription, ClientOperation clientOperation)
    {
        // Apply our own formatter
        clientOperation.Formatter = new SourceRconOperationFormatter(operationDescription);

        // This behavior takes care of both request and replies at client
        clientOperation.SerializeRequest = true;
        clientOperation.DeserializeReply = true;
    }

    void IOperationBehavior.ApplyDispatchBehavior(OperationDescription operationDescription, System.ServiceModel.Dispatcher.DispatchOperation dispatchOperation)
    {
        // Client-side only
        throw new NotImplementedException();
    }

    void IOperationBehavior.Validate(OperationDescription operationDescription)
    {
        // Always valid?
        // In our case we cannot have ref or out parameters
        // We could check that parameters are primitive types
    }

    #endregion
}

The ApplyClientBehavior method set the Formatter property of the client operation to which the behavior is applied. It also expresses that the client operation will serialize and deserialize both request and reply messages.

Inside the Validate method we could check whether the operation is compatible with the behavior. For example, we should check that there are no ref or out parameters. We could check that the parameters are either representable as a string, and whether the return value is either of type string (the reply messages always contain string data) or that it is deserializable from a string. I have not been able to get the validate method to be triggered and all implementations of IOperationBehavior inside the framework have an empty method body. With Reflector you can see that the client validations on behaviors should go off when the ChannelFactory is opening. I’m not sure why it does not fire.

You can go the extra mile and have your behavior derive from Attribute:

[AttributeUsage(AttributeTargets.Method)]
public sealed class SourceRconOperationFormatterBehaviorAttribute : Attribute, IOperationBehavior

so it can be used as an attribute above a method:

[ServiceContract]
public interface IRcon
{
    [OperationContract(Action = "status")]
    [SourceRconOperationFormatterBehavior]
    string GetStatus();

You would probably want to change the name of the behavior/attribute class to something like SourceRconOperationAttribute so it looks like [SourceRconOperation]. This makes more sense. In our case the behavior is not really optional as we need to apply the operation formatter for every operation in a service contract to make things work. Having an interface that is only partially usable for remote control seems weird.

Having made the remarks above on how behaviors are non-optional, the next topic will be about a streamlined way to accomplish that all operations in a service contract will have the operation formatter behavior applied.

WCF Extensibility part 3: Formatting operations

2009-08-20T22:00:00Z

Time to get serious and drill down into the first area of the big picture. We are going to take a look at “operation formatting”, which is roughly located in the highlighted area.

One of the crucial parts of the WCF channel layer is the way that method invocations get transformed into WCF messages. This capability allows the end-programmer to work with the object-oriented paradigm. This means you call methods on proxy objects, instead of having to fiddle with the messages going back and forth between a client and service yourself.

Let’s say we have a proxy that was created like so:

[ServiceContract]
public interface IRcon
{
    [OperationContract(Action = "kick")]
    string Kick(string steamID);
}

public interface IRconProxy : IRcon, IClientChannel { }

class Program
{
    static void Main(string[] args)
    {
        SourceRconTcpBinding binding = new SourceRconTcpBinding("abc123");
        string uri = "raw.tcp://192.168.100.101:27015";
        IRconProxy proxy = null;
        ChannelFactory<IRconProxy> factory = new ChannelFactory<IRconProxy>(binding, new EndpointAddress(uri));
        factory.Endpoint.Behaviors.Add(new SourceRconEndpointBehavior());
        factory.Open();

        proxy = factory.CreateChannel();

        string reply = proxy.Kick("1:0:1337");

Take a look at the last line. There you can see a method call being made on the proxy that was created with a call to ChannelFactory<IRconProxy>.CreateChannel. We want to influence the way this method call gets transformed into a specialized System.ServiceModel.Messaging.Message class, called SourceRconMessage. The regular transformation would change a method call into normal Message objects. Our message object holds the spcifics for the Source rcon protocol. Here is the shape of the class, corresponding to the elements of the rcon protocol:

public class SourceRconMessage : Message
{
    public int RequestID { get { ... } }
    public ServerData ServerData { ... } }
    public string String1 { get { ... } }
    public string String2 { get { ... } }
}

We will get back to the specifics of the message in a later post.

The process of changing a method invocation to a message and vice versa is called operation formatting. The key interfaces for all classes that performs this task are System.ServiceModel.Dispatcher.IClientMessageFormatter and IDispatchMessageFormatter. They are essentially the same but mirrored, because they represent the formatting that will happen at the client and service respectively.

public interface IClientMessageFormatter
{
	object DeserializeReply(Message message, object[] parameters);
	Message SerializeRequest(MessageVersion messageVersion, object[] parameters);
}

We will only look at the client message formatter, since we are building a client-side only implementation of the channel stack. The service’s side would have DeserializeRequest and SerializeReply, mirroring the direction requests and replies are sent and received.

Let’s look at each of the implementations of the two methods of the IClientMessageFormatter interface:

// Changes a list of parameters and operation description into a SourceRconMessage
public Message SerializeRequest(MessageVersion messageVersion, object[] parameters)
{
    SourceRconMessage message = new SourceRconMessage(operationDescription.Messages[0].Action, parameters);
    message.Headers.MessageId = new UniqueId(message.RequestID.ToString());

    return message;
}

No rocket science here. The process of changing the action and parameters of the method call into a message is performed by a custom-built constructor on the SourceRconMessage class. The one thing to remember for later though is the mysterious property of MessageId in the Headers of the message that we set. This will be revisited at a later stage.

// Goes from SourceRconMessage to return value and parameter list
public object DeserializeReply(Message rawMessage, object[] parameters)
{
    // Deserialize message and return value
    object returnValue = null;
    SourceRconMessage message = (SourceRconMessage)rawMessage;

    // TODO: Use returnParameter.ParameterType to get the type of return parameter
	// and deserialize to that type from string
    returnValue = message.String1;

    return returnValue;
}

The DeserializeReply method will get a deserialized reply message that was handed from the channel stack. This should be a SourceRconMessage object (which we should probably check for to be sure it really is). Right now we only extract the single valuable piece of information from the message: the String1 property. It is passed back as the return value, which will work as long as the return value is of type string. Notice how there is no type information available for the return value and parameters.

The two methods above go into the SourceRconOperationFormatter class.

public class SourceRconOperationFormatter: IClientMessageFormatter
{
    // Goes from SteamRconMessage to return value and parameter list
    public object DeserializeReply(Message rawMessage, object[] parameters) { ... }

    // Changes a list of parameters and operation description into a SteamRconMessage
    public Message SerializeRequest(MessageVersion messageVersion, object[] parameters) { ... }
}

The class can contain much more. A later and improved version will have a special constructor to hold the operation description details to be able to have type information on the parameters and return value for the sake of DeserializeReply.

WCF Extensibility part 2: The big picture

2009-08-20T21:20:36Z

Before I drill down into each of the smaller parts of the client-side channel stack implementation, I want to sketch out an overview of some of the moving parts of the channel layer. This picture is by no means complete, and I will probably revisit it several times over the next couple of posts. It should however provide you with a better understanding of what we are trying to accomplish in what part of the channel layer. And remember, this picture is a sketch and may not be 100% exact or correct.

What you see in the picture is the client-side of the WCF channel layer. I am trying to convey here that from the method call to the actual transport several things happen along the way.

First of all, when you call a service (or something else at the other end of the transport) you make a method invocation on a proxy. This might be

a raw transparent proxy like we created in the first part of the series with a call to ChannelFactory<T>.CreateChannel.
a ClientBase derived proxy, like the one you get when you use Add Service Reference (ASR). This proxy uses the same transparent proxy on the inside.

This method call is translated to a message object representing the method call. This message is dropped into a stack of channels that will massage the message every which way. The different channels in the stack all have their specific purpose, such as security, reliable sessions, or transport. The last channel in the stack is always the transport channel. The final transport channel will encode the message using an encoder and will serialize the bytes across the transport, whatever that may be (HTTP, MSMQ, TCP, UDP, email, …).

For Request/Reply message exchange patterns there will come a stream of bytes in response. The stream will be decoded by the message encoder, which gives another message object. The same holds true for duplex messaging, but for duplex the incoming request stream might be initiated by the service, without a previous message from us, the client. We will not encounter duplex/callback messages. Finally, the response message will be turned into the completion of the method call by yielding the return value and ref or out parameters. The method call returns to the caller. You may have guessed that this is for synchronous method calls on the proxy and you are absolutely correct. For now, we will leave asynchronous operations out of scope.

For each of the following posts I will highlight the area that we focus upon. Any feedback is welcome.