Posted An Example for comments

Question

All:

I posted my first example SSDS app today here:
http://amundsen.com/examples/ssds/

It has two parts:
- SSDS Proxy server app (C#.NET)
- Web Client (Ajax)

You can download the code (see link on the page).

I think this pattern (SSDS web proxy + clients) is going to be a pretty common model. It has the advantage of not requiring all clients to know the credentials for the SSDS repository. However, it has the disadvantage of using a proxy through which all requests are made (kinda kills the scalability a bit, eh?).

Free free to post comments/observations here or email me directly (see site) if you like.

---

Mike Amundsen [http://amundsen.com/blog/]

Answer 1

Interesting stuff Mike.

You raise an important point about SSDS authentication. If you build an app then you probably don't want people hitting the service directly cos you don't want to give out credentials but then if you have to build a proxy then you build in an extra layer - and that is overhead.

I'm very interested in users being able to authorise themselves to an authority, or even a container, rather than a service. So I provide an SSDS service and an app that utilises it - but each user gets their own dedicated container.

I'd like some feedback from the SSDS team on that scenario. And I'd like it to be something other than "We are evaluating all scenarios" or similar.

-Jamie

---

http://jamiethomson.spaces.live.com/ | http://blogs.conchango.com/jamiethomson

Answer 2

Seems like we'll need a way to manage user accounts (login, access rights, etc.) if we want to start granting authorization to existing containers/authorities.

Not heard any news on that front from MSFT yet.

---

Mike Amundsen [http://amundsen.com/blog/]

Answer 3

We are evaluating all scenarios

Sincerely yours,

The SSDS Team

 

LOL

Seriously, we hear you loud and clear. This is feedback we have been receiving from our early previews and we agree its a very important feature. You will see a much more robuest Authentication / Authorization story coming for SSDS. No, I can't be more vocal about the details, and before you comment regarding it, not being able to communicate all of this to the community is killing the team.

Part of the 8 week sprint model we use allows us to be extremely agile and to roll new features every 8 weeks. In a week or two we will be rolling out this Sprints features which will keep everyone busy for quite some time, I promise. Great stuff is coming.

in fact, Jeff Currier has started to talk about some if it here...

Answer 4

David Robinson - MSFT said:

Part of the 8 week sprint model we use allows us to be extremely agile and to roll new features every 8 weeks. In a week or two we will be rolling out this Sprints features which will keep everyone busy for quite some time, I promise. Great stuff is coming.

in fact, Jeff Currier has started to talk about some if it here...

I'm really looking forward to the ETag stuff Jeff talked about in the post.

---

Mike Amundsen [http://amundsen.com/blog/]

Answer 5

David Robinson - MSFT said:

We are evaluating all scenarios

Sincerely yours,

The SSDS Team

 

LOL

Seriously, we hear you loud and clear. This is feedback we have been receiving from our early previews and we agree its a very important feature. You will see a much more robuest Authentication / Authorization story coming for SSDS. No, I can't be more vocal about the details, and before you comment regarding it, not being able to communicate all of this to the community is killing the team.

Part of the 8 week sprint model we use allows us to be extremely agile and to roll new features every 8 weeks. In a week or two we will be rolling out this Sprints features which will keep everyone busy for quite some time, I promise. Great stuff is coming.

in fact, Jeff Currier has started to talk about some if it here...

Great to hear, thanks David.

Just keep engaging with us and you won't find us moaning too loudly :)

---

http://jamiethomson.spaces.live.com/ | http://blogs.conchango.com/jamiethomson

Answer 6

Hey Mike,

One thing that I plan to start pushing is building a community around SSDS, part of which will contain code samples and such. Any chance on you moving your example over to CodePlex and tagging it with SSDS?

Thanks
Dave

Answer 7

I haven't used Codeplex (fell off the wagon when the 'dot net' source code site closed down [g]).

I'll check into it and will ping you if I have any questions.

---

Mike Amundsen [http://amundsen.com/blog/]

Answer 8

David:

I created a project @ codeplex (http://www.codeplex.com/ssdsexamples) and will post my SSDS stuff there. The project is still in "unpublished" mode, but I should have the initial code loaded this weekend.

I'll post here when it's open.

Feel free to give me any feedback you like about how to go about this in a way that's most helpful/accessible for the SSDS community.

---

Mike Amundsen [http://amundsen.com/blog/]

Answer 9

We are looking into making the CodePlex projects area on DevCenter live, as in pull the recent SSDS CodePlex projects and push them up there, similiar to the way the recent forums posts work. I will post more details once we have it all worked out, but in the mean time, just tag the project with "SSDS" so we can programmatically pull them...

Thanks,
Dave

Answer 10

Hmm, I know I'm pushing it, but can't we at least have a "yes or no" answer to the following question...

"Will we be able to allow client apps to securely make SSDS requests on Authorities that we as app providers, own?" :)

It's an important question in the sense that it pretty much defines how we architect our apps today. If you answered "yes" to this question without even going into details, I'd very happily scrap all my current source code and start over.

Pretty please?

Answer 11

Senkwe Chanda:

I agree it's an important question. I suggest starting a new thread/topic to make sure everyone gets to see your post. I have some comments on this question, but will hold off until you have the opportunity to start the new thread.

Cheers.

---

Mike Amundsen [http://amundsen.com/blog/]