All posts by : Brain.Save()

1 of 19 | Securely navigating SOAP intermediaries with WSE 2.0 - Mr. Tay (Softwaremaker) has tackled the rather sticky problem of securely traversing mutliple SOAP intermediaries and come up with this article over on MSDN. There`s a lot of good stuff to dig into here. The scenario William came up with reminded me of a few customer projects we had going on at Avanade before I left. We were starting to see customers interested in factoring out things like authentication and authorization into separate services that operated pretty much how William described it. Customers are definitely starting to look at multi-hop message paths -- with that in mind, you can see why Indigo puts such a focus on the end-to-end picture when it......

2 of 19 | Securely navigating SOAP intermediaries with WSE 2.0 - Mr. Tay (Softwaremaker) has tackled the rather sticky problem of securely traversing mutliple SOAP intermediaries and come up with this article over on MSDN. There`s a lot of good stuff to dig into here. The scenario William came up with reminded me of a few customer projects we had going on at Avanade before I left. We were starting to see customers interested in factoring out things like authentication and authorization into separate services that operated pretty much how William described it. Customers are definitely starting to look at multi-hop message paths -- with that in mind, you can see why Indigo puts such a focus on the end-to-end picture when it......

3 of 19 | RefProps vs RefParams - There’s a good little back-and-forth between Omri and DaveO on the subject of Reference Properties and Reference Parameters in WS-Addressing. I like to think that I understand the function and motivation for Reference Properties. Reference Properties are little blobs of state that you can include in an endpoint. Reference Properties contribute to the overall identity of an EPR, and are significant when it comes to determining EPR equality (if two EPR’s have different Reference Properties, they’re two different EPR’s). This feature allows services to dynamically construct groups of relate......

4 of 19 | Interoperable Kerberos tickets in WSE2 - Kirk Allen Evans has posted some sample code for a custom Kerberos token that works with WSE 2.0’s security system. If you’re interested in Kerberos, it’s worth checking out. It’s also a really good example on how to extend the WSE security token while still playing in the general realm of WS-Trust. ...

5 of 19 | Interoperable Kerberos tickets in WSE2 - Kirk Allen Evans has posted some sample code for a custom Kerberos token that works with WSE 2.0’s security system. If you’re interested in Kerberos, it’s worth checking out. It’s also a really good example on how to extend the WSE security token while still playing in the general realm of WS-Trust. ...

6 of 19 | More on routing - Jef Newsom is also taking a crack at building a transport-independent SOAP router using WSE. I have a couple of observations on his implementation. Using Pipeline.IsIntermediary = true. That sound you hear is me slapping my forehead going “why didn’t I think of that” Setting this should allow the incoming message to be resent using SoapSender.Send(), thereby eliminating the need to clone the full body of the message using SoapEnvelope.LoadXml(). I’ll have to test that one out. Pipeline.IsIntermediary has an interesting effect on the XML contents of a SoapEnvelope. When IsIntermediary is ......

7 of 19 | More on routing - Jef Newsom is also taking a crack at building a transport-independent SOAP router using WSE. I have a couple of observations on his implementation. Using Pipeline.IsIntermediary = true. That sound you hear is me slapping my forehead going “why didn’t I think of that” Setting this should allow the incoming message to be resent using SoapSender.Send(), thereby eliminating the need to clone the full body of the message using SoapEnvelope.LoadXml(). I’ll have to test that one out. Pipeline.IsIntermediary has an interesting effect on the XML contents of a SoapEnvelope. When IsIntermediary is ......

8 of 19 | Role-based security in a web services world - I had an abortive IM conversation with Benjamin stemming from this post over on Das Blonde. I was multi-tasking at work and he was at home typing one-handed with a baby on his knee, so our conversation didn’t get very far. So this is an attempt to put down a bunch of thoughts I’m having about per-user security and Web Services. (Note: now that I’ve written this piece, I realize that it ended up having very little to do with what I originally intended it to be about. I’ll have to come back to Michelle’s post later). The Scenario Let’s say that I have an ASP.NET front-end to a payroll system. This consists of......

9 of 19 | Role-based security in a web services world - I had an abortive IM conversation with Benjamin stemming from this post over on Das Blonde. I was multi-tasking at work and he was at home typing one-handed with a baby on his knee, so our conversation didn’t get very far. So this is an attempt to put down a bunch of thoughts I’m having about per-user security and Web Services. (Note: now that I’ve written this piece, I realize that it ended up having very little to do with what I originally intended it to be about. I’ll have to come back to Michelle’s post later). The Scenario Let’s say that I have an ASP.NET front-end to a payroll system. This consists of......

10 of 19 | Adventures in next-hop routing part 2: the return address rabbit-hole - My first post on SOAP routing with WSE2 detailed some of the issues I ran into while trying to build a transport-agnostic replacement for the SoapHttpRouter. Although I referred to these issues as “routing roadblocks” (I’m a sucker for alliteration), I found workarounds for all of them. The result was this small chunk of code. There are problems with this code as written though: it only operates on the forward path (the Destination address) and ignores the return path (the ReplyTo/FaultTo/From headers).  Consider a duplex communication scenario. There are two services, each with a transport-agnostic Address URI. The first service, Svc......

11 of 19 | Adventures in next-hop routing part 2: the return address rabbit-hole - My first post on SOAP routing with WSE2 detailed some of the issues I ran into while trying to build a transport-agnostic replacement for the SoapHttpRouter. Although I referred to these issues as “routing roadblocks” (I’m a sucker for alliteration), I found workarounds for all of them. The result was this small chunk of code. There are problems with this code as written though: it only operates on the forward path (the Destination address) and ignores the return path (the ReplyTo/FaultTo/From headers).  Consider a duplex communication scenario. There are two services, each with a transport-agnostic Address URI. The first service, Svc......

12 of 19 | Adventures in Next-Hop Routing (part 1 of n) - I’ve been playing around a bit with the routing samples included with WSE2. Since WS-Routing has now been subsumed by WS-Addressing, I wanted to see what the changes were to the routing story in WSE2. If you’re interested in doing the same thing, the best place to start is to look at the Routing sample that ships with WSE2. This sample is pretty good if you’re only interested in routing to HTTP endpoints. Routing to non-HTTP transports does not seem to be supported by the SoapHttpRouter (apparently, it’s called the SoapHttpRouter for a reason). Given that I’ve been working with custom (non-HTTP) transports, I th......

13 of 19 | Adventures in Next-Hop Routing (part 1 of n) - I’ve been playing around a bit with the routing samples included with WSE2. Since WS-Routing has now been subsumed by WS-Addressing, I wanted to see what the changes were to the routing story in WSE2. If you’re interested in doing the same thing, the best place to start is to look at the Routing sample that ships with WSE2. This sample is pretty good if you’re only interested in routing to HTTP endpoints. Routing to non-HTTP transports does not seem to be supported by the SoapHttpRouter (apparently, it’s called the SoapHttpRouter for a reason). Given that I’ve been working with custom (non-HTTP) transports, I th......

14 of 19 | soap.smtp:// - I finished up my sample implementation of an SMTP transport for Wse2. Thanks to the power of WSE, you can now easily call Web Services via email :) The code is attached to this message. Instead of writing up a full article on the implementation, I peppered the code extremely liberally with comments. As a result, the explanation of the code is interleaved with the code itself. I’ll probably write more in depth about specific parts of the implementation, but hopefully the comments in the code should suffice for now. Thanks to Pawel Lesnikowski for the excellent POP3 library. You can find that implementatio......

15 of 19 | soap.smtp:// - I finished up my sample implementation of an SMTP transport for Wse2. Thanks to the power of WSE, you can now easily call Web Services via email :) The code is attached to this message. Instead of writing up a full article on the implementation, I peppered the code extremely liberally with comments. As a result, the explanation of the code is interleaved with the code itself. I’ll probably write more in depth about specific parts of the implementation, but hopefully the comments in the code should suffice for now. Thanks to Pawel Lesnikowski for the excellent POP3 library. You can find that implementatio......

16 of 19 | Transports, channels, and the office mailroom - I work in a fairly large office building with a central mailroom. The existence of this mailroom greatly simplifies life for both me and the postal service employee who delivers mail to my building. I have a centralized place to pick up my mail, and the mail carrier doesn’t have to hunt around the entire building looking for every individual office. Instead, there’s one guy at my company whose job is to take the bundle of incoming mail and distribute it to the mailboxes of each person in the building. In this way, large numbers of messages can be delivered to their appropriate recipients quickly, with minimal work on everyone’s pa......

17 of 19 | Transports, channels, and the office mailroom - I work in a fairly large office building with a central mailroom. The existence of this mailroom greatly simplifies life for both me and the postal service employee who delivers mail to my building. I have a centralized place to pick up my mail, and the mail carrier doesn’t have to hunt around the entire building looking for every individual office. Instead, there’s one guy at my company whose job is to take the bundle of incoming mail and distribute it to the mailboxes of each person in the building. In this way, large numbers of messages can be delivered to their appropriate recipients quickly, with minimal work on everyone’s pa......

18 of 19 | WSE 2.0 Messaging - WSE2 is finally out, so I’m finally out from underneath an NDA. Phew, I feel like I can breathe again… Most of my work with WSE2 thus far has been dealing with the core messaging model and transport system. I’ve learned a lot from working with it, and I’ll be blogging about some of the interesting things I’ve noticed. However, before I dive into the gory details, it’s best to describe an overview of the WSE2 messaging architecture. WSE 2.0 offers three different layers of abstraction for dealing with messaging. Which layer you choose to program against depends largely on who you are and what you’re trying to a......

19 of 19 | WSE 2.0 Messaging - WSE2 is finally out, so I’m finally out from underneath an NDA. Phew, I feel like I can breathe again… Most of my work with WSE2 thus far has been dealing with the core messaging model and transport system. I’ve learned a lot from working with it, and I’ll be blogging about some of the interesting things I’ve noticed. However, before I dive into the gory details, it’s best to describe an overview of the WSE2 messaging architecture. WSE 2.0 offers three different layers of abstraction for dealing with messaging. Which layer you choose to program against depends largely on who you are and what you’re trying to a......