by community-syndication | Oct 7, 2012 | BizTalk Community Blogs via Syndication
One of the largest oil company in the world purchased BizTalk360 purely to stream line their BizTalk environments user access policy. We been working with this company for nearly last 11 months, with various meetings, demos and POC and finally they decided BizTalk360 will solve their current challenges and save them lot of time as […]
The post BizTalk Environments User Access Policy/Security Best Practices using BizTalk360 appeared first on BizTalk360 Blog.
Blog Post by: Saravana Kumar
by community-syndication | Oct 6, 2012 | BizTalk Community Blogs via Syndication
@omegar(Gareth Kavanagh) is one of my “long time followers” on Twitter and after my last blog post he had a question regarding scaling of hosts. In this blog post I would like to go through my best practices when it comes to this matter. So, BizTalk is built to handle, process, receive and sending data.
Blog Post by: Tord Glad Nordahl
by community-syndication | Oct 6, 2012 | BizTalk Community Blogs via Syndication
A lot of the information I share on my blog you can also find on the TechNetWiki, even some of the elements can only be found on the TechNetWiki. I really do belive the TechNet Wiki is a good area to share, as well as on my blog! I did an article about host throttling,
Blog Post by: Tord Glad Nordahl
by community-syndication | Oct 6, 2012 | BizTalk Community Blogs via Syndication
Long back I had written a blog post about Using Windows Server 2008 as a SUPER workstation OS that caused a lot of buzz
Server 2008: The Windows Workstation we always wanted
Review: Using Windows Server 2008 on a PC
I had my reasons to use a Server OS on my work laptop and have been doing it since Windows Server 2003. When I wrote that blog post I had a vision of Windows which I now think has become a reality.
After nearly 9 years I have made my switch to a desktop version of Windows. My work laptop now has Windows 8 (RTM).
And before you drift into the world of Touch and Apps. My laptop doesn’t have a Touch Screen. I am still a mouse and keyboard guy.
Search and Launch is way better than the Start Button
I am surprised at the number of hard core Start Button fans. The most common use of the Start Button was to launch apps. I had ditched the Start Menu long back for the Search Bar. Simply because my “All Programs” list had grown to three columns.
To launch any program I would just hit Start and type the first few characters of the program I wanted to run. Say you want to launch Paint Just hit the Windows button and type in “pa..” and hit Enter.
With Windows 8 it becomes better You can search Apps, Settings and Files in one place. You can also launch search within apps. Like search within the Store App.
I have seen a lot of people use Search to launch Apps than actually traversing the “All Programs” list.
And in case you can’t do without it here is a tip I learnt. You can create a Custom Toolbar and point it to C:\ProgramData\Microsoft\Windows\Start Menu\Programs. You will get a list similar to “All Programs”
Searching and Launching Apps is way faster than clicking the Start Button and traversing the list. And its not just for power users. Say you want to change the Sounds your computer makes. Now instead of knowing that you have to open the Control Panel you can just hit the Windows button and type in Sound. You will be given a list of Apps and Settings related to Sound. Go to the Settings section and you can now easily change the Sound Settings.
The most unexpected outcome of the new Start Screen for me Its strange but a Start Screen that covers the entire screen is something I didn’t realize I was missing all these days. There have been a lot of instances when I have been working on something confidential and a colleague walks by your desk. I am pretty sure a lot of people have been in this situation. You struggle to hit the Minimize button with your mouse or try to switch to some other app or hit Ctrl+M or (and I have seen this happen) just turn off the screen. Now I just hit the Windows Key and voila the entire screen is covered.
And the concept of Tiles which display updates is also very useful.
Virtualization ! Virtualization on my workstation is a must have for me. A lot of people think virtualization is not something meant for a client OS.
Fist it enables me to break and restore as many times as I need. I now have a Windows 2008 R2 server running virtualized on my Windows 8 machine. I can do all my risky experimentation on my VPC and even if I end up rendering the VPC unusable I can just restore back to an earlier snapshot.
Since the host machine can be networked to the virtual PCs you can partition your software. Move all your heavy software like SQL Server to a virtual PC and it can be access by the host machine like a regular networked machine. The advantage ? you can save /turn off the virtual PC releasing all the resources when not in use.
You no longer have to deal with the limitations of Virtual PC or Virtual Box you get Hyper V with Windows 8.
One problem with enabling Hyper V on Windows 2008 R2 was that the machine would no longer Sleep or Hibernate. With Windows 8 there are no such restrictions. I can just close my laptop lid and even with Virtual Machines running, the laptop goes into Sleep mode. You lift the lid and your virtual machines are up and running where you left them.
For Hyper V you would need the Pro / Enterprise edition and a machine with SLAT.
Apps are not just for phones and tablets Initially you might be averse to Apps, the concept of having two different types of applications might sound a bit strange. For me the concept of Apps is simple its controlled software. The last time you installed a game from the internet did you bother to check if it used your location information or connected to the network ? Not really right now think of all the consequences because of that. When you download an app from the Store it clearly warns you about what the app can access like use your internet connection. The Apps run in a Sandbox and that way are very safe. We all download small apps like games or utilities from unknown sources doing it from the Store is safer as all Apps in the Store are verified.
For me the most used App is the Reader. You no longer have to install a software for reading PDFs. I no longer have to choose between Adobe and FoxIt I love the simplicity of the Reader.
Multitask Without InterruptionsThe Snap View is very useful for multitasking. You can keep an eye on the stock market while doing you regular work on your Desktop.
The Duplicates One thing that you might find strange is that you now have two Internet Explorers. But what I have seen is that depending on who uses the computer eventually one will take over. For me the Desktop IE is the preferred choice because some of our corp websites require ActiveX plugins. But on my home PC the new IE gets used a lot. The new IE is better both in terms of presentation and safety. Having duplicates is not a big deal a lot of people install multiple browsers and media players on their desktop but eventually.
The simple things like Using Corners instead of button clicks saves you a lot of time. And its doesn’t take long to adapt to it.
One feature I always missed was the ability to mount ISOs. Now with Windows 8 you can mount ISO files and VHDs easily.
Windows 8 has a lot of features in it for both the power user and a normal user.
Its Smarter than you think I was pleasantly surprised by what Windows 8 does in the background. I have been using Windows 8 for nearly two months now and my disks have 0 fragmentation which basically means better performance. The best part is I never knew when it defragmented those disks (until of course I looked at the Last Run column) because it never interrupted my work and carried out this maintenance work when the machine was idle.
Even without all the Touch goodness Windows 8 still puts on a great show.
Blog Post by: Shinva
by community-syndication | Oct 6, 2012 | BizTalk Community Blogs via Syndication
In the last few months I have heard this question at least dozen times from existing customers and new prospects. I replied back to them via email and in person during presentations. I’m sure there are lot of people out there with the same question in mind. So, I thought I’ll write down my views […]
The post BizTalk360 and future of SilverLight appeared first on BizTalk360 Blog.
Blog Post by: Saravana Kumar
by community-syndication | Oct 5, 2012 | BizTalk Community Blogs via Syndication
Codit attended the Windows Server 2012 Launch Event in Antwerpen. Some feedback on the new UI of Windows Server 2012 and some interesting thoughts on Azure and the .NET framework.
by stephen-w-thomas | Oct 5, 2012 | Stephen's BizTalk and Integration Blog
Recently I was looking at a forum question of someone trying to add a disk to the Azure Virtual Machines using the Windows Azure REST API.
You have two types of Disks. You have a Data Disk that do not have an operating system and are used to store user files. You also have OS Disks. The OS Disks contain the operation system and is the main disk used when creating an Azure Virtual Machine.
These can be created using the REST API, PowerShell, or the Management Portal.
The REST API documentation outlines the following body for the post to create a new disk.
<Disk xmlns="http://schemas.microsoft.com/windowsazure" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<HasOperatingSystem>true|false</HasOperatingSystem>
<Label>disk-description</Label>
<MediaLink>uri-of-the-containing-blob</MediaLink>
<Name>disk-mame</Name>
<OS>Linux|Windows</OS>
</Disk>
.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }
.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }
While these are the right items to send to create the Disk, the order matters if you want to create an OS Disk. I found that the OS Element needed to be first in order to create an OS Disk vs. a Data Disk.
The correct body for the post to create an OS Disk should be:
<Disk xmlns="http://schemas.microsoft.com/windowsazure" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<OS>Linux|Windows</OS>
<HasOperatingSystem>true|false</HasOperatingSystem>
<Label>disk-description</Label>
<MediaLink>uri-of-the-containing-blob</MediaLink>
<Name>disk-mame</Name>
</Disk>
Hope this helps someone out. More to come in the next few days on working with the Windows Azure REST API.
by community-syndication | Oct 4, 2012 | BizTalk Community Blogs via Syndication
Having recently been involves in the Windows Server Service Bus TAP and also working on a project using Azure Service Bus I thought it would be useful to bring together some of the excellent community resources which are available into the technet wiki to help people have a single place to access most of the material.
I thought something like the excellent job done with the BizTalk part of technet wiki would be ideal.
The links are below:
Azure Service Bus – http://social.technet.microsoft.com/wiki/contents/articles/13825.windows-azure-service-bus-resources.aspx
Windows Server Service Bus – http://social.technet.microsoft.com/wiki/contents/articles/13824.service-bus-for-windows-server-resources.aspx
If you come across any content which you think should be added please do so.
by community-syndication | Oct 4, 2012 | BizTalk Community Blogs via Syndication
This is the second in the IPASBR series, see also:
- Integration Patterns with Azure Service Bus Relay, Part 1: Exposing the on-premise service
- Integration Patterns with Azure Service Bus Relay, Part 2: Anonymous full-trust .NET consumer
As the patterns get further from the simple .NET full-trust consumer, all that changes is the communication protocol and the authentication mechanism. In Part 3 the scenario is that we still have a secure .NET environment consuming our service, so we can store shared keys securely, but the runtime environment is locked down so we can’t use Microsoft.ServiceBus to get the nice WCF relay bindings. To support this we will expose a RESTful endpoint through the Azure Service Bus, and require the consumer to send a security token with each HTTP service request.
Pattern applicability
This is a good fit for scenarios where:
- the runtime environment is secure enough to keep shared secrets
- the consumer can execute custom code, including building HTTP requests with custom headers
- the consumer cannot use the Azure SDK assemblies
- the service may need to know who is consuming it
- the service does not need to know who the end-user is
Note there isn’t actually a .NET requirement here. By exposing the service in a REST endpoint, anything that can talk HTTP can be a consumer. We’ll authenticate through ACS which also gives us REST endpoints, so the service is still accessed securely. Our real-world example would be a hosted cloud app, where we we have enough room in the app’s customisation to keep the shared secret somewhere safe and to hook in some HTTP calls. We will be flowing an identity through to the on-premise service now, but it will be the service identity given to the consuming app – the end user’s identity isn’t flown through yet.
In this post, we’ll consume the service from Part 1 in ASP.NET using the WebHttpRelayBinding. The code for Part 3 (+ Part 1) is on GitHub here: IPASBR Part 3.
Authenticating and authorizing with ACS
We’ll follow the previous examples and add a new service identity for the namespace in ACS, so we can separate permissions for different consumers (see walkthrough in Part 1). I’ve named the identity partialTrustConsumer. We’ll be authenticating against ACS with an explicit HTTP call, so we need a password credential rather than a symmetric key – for a nice secure option, generate a symmetric key, copy to the clipboard, then change type to password and paste in the key:
We then need to do the same as in Part 2 , add a rule to map the incoming identity claim to an outgoing authorization claim that allows the identity to send messages to Service Bus:
Issuer: Access Control Service
Input claim type: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier
Input claim value: partialTrustConsumer
Output claim type: net.windows.servicebus.action
Output claim value: Send
As with Part 2, this sets up a service identity which can send messages into Service Bus, but cannot register itself as a listener, or manage the namespace.
RESTfully exposing the on-premise service through Azure Service Bus Relay
The part 3 sample code is ready to go, just put your Azure details into Solution Items\AzureConnectionDetails.xml and “Run Custom Tool” on the .tt files. But to do it yourself is very simple. We already have a WebGet attribute in the service for locally making REST calls, so we are just going to add a new endpoint which uses the WebHttpRelayBinding to relay that service through Azure. It’s as easy as adding this endpoint to Web.config for the service:
<endpoint address=”https://sixeyed-ipasbr.servicebus.windows.net/rest”
binding=”webHttpRelayBinding”
contract=”Sixeyed.Ipasbr.Services.IFormatService”
behaviorConfiguration=”SharedSecret”>
</endpoint>
– and adding the webHttp attribute in your endpoint behavior:
<behavior name=”SharedSecret”>
<webHttp/>
<transportClientEndpointBehavior credentialType=”SharedSecret”>
<clientCredentials>
<sharedSecret issuerName=”serviceProvider”
issuerSecret=”gl0xaVmlebKKJUAnpripKhr8YnLf9Neaf6LR53N8uGs=”/>
</clientCredentials>
</transportClientEndpointBehavior>
</behavior>
Where’s my WSDL?
The metadata story for REST is a bit less automated. In our local webHttp endpoint we’ve enabled WCF’s built-in help, so if you navigate to:
http://localhost/Sixeyed.Ipasbr.Services/FormatService.svc/rest/help
– you’ll see the uri format for making a GET request to the service. The format is the same over Azure, so this is where you’ll be connecting:
https://[your-namespace].servicebus.windows.net/rest/reverse?string=abc123
Build the service with the new endpoint, open that in a browser and you’ll get an XML version of an HTTP status code – a 401 with an error message stating that you haven’t provided an authorization header:
<?xml version=”1.0″?><Error><Code>401</Code><Detail>MissingToken: The request contains no authorization header..TrackingId:4cb53408-646b-4163-87b9-bc2b20cdfb75_5,TimeStamp:10/3/2012 8:34:07 PM</Detail></Error>
By default, the setup of your Service Bus endpoint as a relying party in ACS expects a Simple Web Token to be presented with each service request, and in the browser we’re not passing one, so we can’t access the service. Note that this request doesn’t get anywhere near your on-premise service, Service Bus only relays requests once they’ve got the necessary approval from ACS.
Why didn’t the consumer need to get ACS authorization in Part 2?
It did, but it was all done behind the scenes in the NetTcpRelayBinding. By specifying our Shared Secret credentials in the consumer, the service call is preceded by a check on ACS to see that the identity provided is a) valid, and b) allowed access to our Service Bus endpoint. By making manual HTTP requests, we need to take care of that ACS check ourselves now.
We do that with a simple WebClient call to the ACS endpoint of our service; passing the shared secret credentials, we will get back an SWT:
var values = new System.Collections.Specialized.NameValueCollection();
values.Add(“wrap_name”, “partialTrustConsumer”); //service identity name
values.Add(“wrap_password”, “suCei7AzdXY9toVH+S47C4TVyXO/UUFzu0zZiSCp64Y=”); //service identity password
values.Add(“wrap_scope”, “http://sixeyed-ipasbr.servicebus.windows.net/”); //this is the realm of the RP in ACS
var acsClient = new WebClient();
var responseBytes = acsClient.UploadValues(“https://sixeyed-ipasbr-sb.accesscontrol.windows.net/WRAPv0.9/”, “POST”, values);
rawToken = System.Text.Encoding.UTF8.GetString(responseBytes);
With a little manipulation, we then attach the SWT to subsequent REST calls in the authorization header; the token contains the Send claim returned from ACS, so we will be authorized to send messages into Service Bus.
Running the sample
Navigate to http://localhost:2028/Sixeyed.Ipasbr.WebHttpClient/Default.cshtml, enter a string and hit Go! – your string will be reversed by your on-premise service, routed through Azure:
Using shared secret client credentials in this way means ACS is the identity provider for your service, and the claim which allows Send access to Service Bus is consumed by Service Bus. None of the authentication details make it through to your service, so your service is not aware who the consumer is (MSDN calls this “anonymous authentication”).
by community-syndication | Oct 4, 2012 | BizTalk Community Blogs via Syndication
Greetings and welcome to the 43rd interview in my series of chats with thought leaders in the “connected technologies” domain. This month, I’m happy to have Hammad Rajjoub with us. Hammad is an Architect Advisor for Microsoft, former Microsoft MVP, blogger, published author, and you can find him on Twitter at @HammadRajjoub. Let’s jump in. […]
Blog Post by: Richard Seroter
