locked
Samples for Worflow security pack RRS feed

  • Question

  • Hi.

    I aam not able to find any samples using the WF security pack. I am currently reading the document Microsoft WF Security Pack CTP 1 User Guide and some samples or training materials would be really useful. I have not worked much on the security fron hence i m struggling a bit here.

    Thanks

    Thursday, January 20, 2011 7:00 AM

All replies

  • You are right - we definitely need some samples.

    If you had just one sample what is the first thing you need to do?


    Sr. Program Manager, AppFabric Development Platform (WF/WCF) http://blogs.msdn.com/rjacobs http://www.twitter.com/ronljacobs
    Saturday, January 22, 2011 11:38 PM
  • I also agree, and moreover having answers on questions we could raise.

    I no more see the interest of putting this kind of libtrary on codeplex without any documentation or support.

    According codeplex support should be here....

    I have posted a request here months ago without any answer, it was related to calling from a  WF4 service an external asmx soap service (.net 2.0) which requests authentication.

     

    User's browser->WCF 4 Service-> soap .net 2.0 service requesting form authentication (login, pwd)  ?????

    Nobody never answered....

     

    Regards

    CS

    Monday, January 24, 2011 10:05 AM
  • Hi, CS ADNT

    ->"User's browser->WCF 4 Service-> soap .net 2.0 service requesting form authentication (login, pwd)  ?????"
    You can use C# to do Forms Authentication. see this:
    http://blogs.iis.net/ksingla/archive/2006/08/23/sample-forms-authentication-test-in-c.aspx

    You may also need to create your own customized activity to do authentication.

    Regards
    MSDN Community Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    This posting is provided "AS IS" with no warranties, and confers no rights. My Blog: http://xhinker.com
    Microsoft Windows Workflow Foundation 4.0 Cookbook
    Tuesday, January 25, 2011 6:13 AM
  • Thank you for answer.

    I know form authentication sionce years.

    Problem uis different under a WF Service thread where the thread identity is not the WCF identity, moreover I was expecting the security pack to be able to solve this problem.

    What is the usage of this security pack, anybody using it ?

    As far as I understand, sionce 8/2010 no documentation has been adde'd and no corrections implemented ?

    Why is Microsoft doing this: we spent hours to discover there is no support and no intention to evolve it ?

    Is MS trying to reduce the number of people using its technologies ?

    CS

    Tuesday, January 25, 2011 11:29 AM
  • Thank you for answer.

    I know form authentication sionce years.

    Problem uis different under a WF Service thread where the thread identity is not the WCF identity, moreover I was expecting the security pack to be able to solve this problem.

    What is the usage of this security pack, anybody using it ?

    As far as I understand, sionce 8/2010 no documentation has been adde'd and no corrections implemented ?

    Why is Microsoft doing this: we spent hours to discover there is no support and no intention to evolve it ?

    Is MS trying to reduce the number of people using its technologies ?

    CS


    I agree.  While WF4 is a great step forward compared to WF3.5, there is a lot to be desired.  There are practically no books out there that demonstrate real world scenarios, nothing out there that shows how to perform authentication in WF, communication between 2 WF services across a firewall running under different Windows accounts, etc.  Till date, I have not found answers to several weird issues.  The errors that are generated in WF4 are very vague and hard to debug and there is nothing on Google search!  Nada!  Till date, I have found nothing online that describes what each property of a Send or a Recieve activity in the designer actually do - nothing on MSDN either.  There is no metadata in VS2010 when you select a property either.  Come on MSFT, you can do better than this! 

    Good product but VERY poor documentation and support even in the forums.  It is quite frustrating!  I hope MSFT improves on this in SP1.

    Tuesday, January 25, 2011 4:54 PM
  • You are right - we definitely need some samples.

    If you had just one sample what is the first thing you need to do?


    Sr. Program Manager, AppFabric Development Platform (WF/WCF) http://blogs.msdn.com/rjacobs http://www.twitter.com/ronljacobs


    Ron, can you give a sample to this scenario please?

    Two WF services - A and B.  B installed and running as a Windows service on a server across the firewall.  This service B is running under the Windows account on that server (domain1\user1).  The other service, A, is running on another machine under a different account (domain2\user2). 

    A needs to call an operation on B using the Send activity and context correlation.  How can I tell A to impersonate the account that B is running under in the WF designer OR in the config file so that I do not get a security exception? 

    We have checked the firewall rules and two machines have two-way traffic allowed between them on port 4100 and 4101.  B is running on port 4100 on the server across the firewall and A is running on port 4101 on the dev machine.

    Thanks!

     

    Tuesday, January 25, 2011 5:05 PM
  • Hi,

    I definitely require some sample that could help in training on how to use the security pack activities. If anybody can share some small sample that would be very helpful for a kickstart :)

    Thanks!

    Thursday, January 27, 2011 6:40 AM