Posted An Example for comments
- All:
I posted my first example SSDS app today here:
http://amundsen.com/examples/ssds/
It has two parts:
- SSDS Proxy server app (C#.NET)
- Web Client (Ajax)
You can download the code (see link on the page).
I think this pattern (SSDS web proxy + clients) is going to be a pretty common model. It has the advantage of not requiring all clients to know the credentials for the SSDS repository. However, it has the disadvantage of using a proxy through which all requests are made (kinda kills the scalability a bit, eh?).
Free free to post comments/observations here or email me directly (see site) if you like.
Mike Amundsen [http://amundsen.com/blog/]
All Replies
- Interesting stuff Mike.
You raise an important point about SSDS authentication. If you build an app then you probably don't want people hitting the service directly cos you don't want to give out credentials but then if you have to build a proxy then you build in an extra layer - and that is overhead.
I'm very interested in users being able to authorise themselves to an authority, or even a container, rather than a service. So I provide an SSDS service and an app that utilises it - but each user gets their own dedicated container.
I'd like some feedback from the SSDS team on that scenario. And I'd like it to be something other than "We are evaluating all scenarios" or similar.
-Jamie
http://jamiethomson.spaces.live.com/ | http://blogs.conchango.com/jamiethomson - Seems like we'll need a way to manage user accounts (login, access rights, etc.) if we want to start granting authorization to existing containers/authorities.
Not heard any news on that front from MSFT yet.
Mike Amundsen [http://amundsen.com/blog/] We are evaluating all scenarios
Sincerely yours,
The SSDS Team
LOL
Seriously, we hear you loud and clear. This is feedback we have been receiving from our early previews and we agree its a very important feature. You will see a much more robuest Authentication / Authorization story coming for SSDS. No, I can't be more vocal about the details, and before you comment regarding it, not being able to communicate all of this to the community is killing the team.
Part of the 8 week sprint model we use allows us to be extremely agile and to roll new features every 8 weeks. In a week or two we will be rolling out this Sprints features which will keep everyone busy for quite some time, I promise. Great stuff is coming.
in fact, Jeff Currier has started to talk about some if it here...- David Robinson - MSFT said:I'm really looking forward to the ETag stuff Jeff talked about in the post.
Part of the 8 week sprint model we use allows us to be extremely agile and to roll new features every 8 weeks. In a week or two we will be rolling out this Sprints features which will keep everyone busy for quite some time, I promise. Great stuff is coming.
in fact, Jeff Currier has started to talk about some if it here...
Mike Amundsen [http://amundsen.com/blog/] - David Robinson - MSFT said:
We are evaluating all scenarios
Sincerely yours,
The SSDS Team
LOL
Seriously, we hear you loud and clear. This is feedback we have been receiving from our early previews and we agree its a very important feature. You will see a much more robuest Authentication / Authorization story coming for SSDS. No, I can't be more vocal about the details, and before you comment regarding it, not being able to communicate all of this to the community is killing the team.
Part of the 8 week sprint model we use allows us to be extremely agile and to roll new features every 8 weeks. In a week or two we will be rolling out this Sprints features which will keep everyone busy for quite some time, I promise. Great stuff is coming.
in fact, Jeff Currier has started to talk about some if it here...
Great to hear, thanks David.
Just keep engaging with us and you won't find us moaning too loudly :)
http://jamiethomson.spaces.live.com/ | http://blogs.conchango.com/jamiethomson - Hey Mike,
One thing that I plan to start pushing is building a community around SSDS, part of which will contain code samples and such. Any chance on you moving your example over to CodePlex and tagging it with SSDS?
Thanks
Dave - I haven't used Codeplex (fell off the wagon when the 'dot net' source code site closed down [g]).
I'll check into it and will ping you if I have any questions.
Mike Amundsen [http://amundsen.com/blog/] - David:
I created a project @ codeplex (http://www.codeplex.com/ssdsexamples) and will post my SSDS stuff there. The project is still in "unpublished" mode, but I should have the initial code loaded this weekend.
I'll post here when it's open.
Feel free to give me any feedback you like about how to go about this in a way that's most helpful/accessible for the SSDS community.
Mike Amundsen [http://amundsen.com/blog/] - We are looking into making the CodePlex projects area on DevCenter live, as in pull the recent SSDS CodePlex projects and push them up there, similiar to the way the recent forums posts work. I will post more details once we have it all worked out, but in the mean time, just tag the project with "SSDS" so we can programmatically pull them...
Thanks,
Dave- Edited byDave Robinson - SQL AzureMSFT, OwnerThursday, June 26, 2008 3:03 AMgrammatical errors
- Hmm, I know I'm pushing it, but can't we at least have a "yes or no" answer to the following question...
"Will we be able to allow client apps to securely make SSDS requests on Authorities that we as app providers, own?" :)
It's an important question in the sense that it pretty much defines how we architect our apps today. If you answered "yes" to this question without even going into details, I'd very happily scrap all my current source code and start over.
Pretty please? - Senkwe Chanda:
I agree it's an important question. I suggest starting a new thread/topic to make sure everyone gets to see your post. I have some comments on this question, but will hold off until you have the opportunity to start the new thread.
Cheers.
Mike Amundsen [http://amundsen.com/blog/]
