Book review: Silverlight 4 in Action

Some weeks ago I received a review copy of Silverlight 4 in Action by Pete Brown. Reviewing this book took some time as it weighs in at a hefty 798 pages, who ever said that Silverlight was a small products? That is a lot of material but then the book doesn’t assume any prior knowledge of Silverlight at all.   The book is divided into 25 chapters in 3 different sections. The first part, consisting of 10 chapters, is titled "Introducing Silverlight". As the name suggests this covers the basics of Silverlight development. This section is mostly targeted at developers … Continue reading Book review: Silverlight 4 in Action

Limiting which user can access service using the Windows Identity Foundation

In my previous blog post I demonstrated how to secure a workflow service using the Windows Identity Foundation. With this in place we only allow users that are trusted by the STS Dominick Baier wrote. That is nice but in some cases we might not want all users to be able to perform all actions.   How can we check for individual users against a specific action? Using an STS we don’t get the user credentials from the client application but we do get a lot of information in the form of security tokens from the STS my means of … Continue reading Limiting which user can access service using the Windows Identity Foundation

Securing a Workflow Service using Windows Identity Foundation

The way security is often still handled these days with each application keeping track of their own users is somewhat dated. Some form of Federated security, where a single separate server is responsible for the security of a whole series of applications, is the way to go. On the internet there are plenty of examples of this with applications using things like OAuth and leaving their security to others. In windows the preferred form of federated security is through Windows Identity Foundation and it is real easy to secure an ASP.NET site or WCF service using Windows Identity Foundation.   … Continue reading Securing a Workflow Service using Windows Identity Foundation

Using the WCF OperationContext from a Receive activity

The WF4 Receive activity shields you from a lot of the WCF pipeline. Normally that is a good thing but there are occasions where you want to know more about the incoming WCF request. Normally you can use the WCF OperationContext.Current to get at this information but with a workflow service this doesn’t work as it is null. The reason is that the workflow executes on a different thread.   So how do you get at the OperationContext? The trick is to add a class implementing the IReceiveMessageCallback interface to the NativeActivityContext.Properties while the receive is executing and this will … Continue reading Using the WCF OperationContext from a Receive activity