Category Archives: Programming

Securing Your Apps and Web Services with the Geneva Framework Videos

I’ve just finished a six-part video series titled; “Securing Your Apps and Web Services with the Microsoft Geneva Framework”. I’ve posted them on my new video blog at Check them out and leave me a comment.

Securing Your Apps and Web Services with the Geneva Framework

I was fortunate enough to be invited to speak at the DFW Connected System Users Group Meeting for the month of March. I agreed to provide the group with an overview of Microsoft’s Geneva Framework which allows you to secure your applications and web services using a claims-based model.

So, to provide the best presentation I could I spent some time going through the PDC 2008 Geneva presentations and compiled a slide deck that provides a good high-level guide to how you can secure your apps and services with Geneva.

I also decided that instead of just going over the samples provided with the Geneva CTP, I would build a sample of my own that showed a couple of things that aren’t quite apparent from the samples and documentation. It consisted of an Active Security Token Service, a Passive Security Token Service, an ASP.NET Web application that uses web based single sign-on to authenticate and authorize users, and a web service that uses identity delegation to authenticate and authorize users.

I felt the presentation went pretty well and from the feedback I received from the group, I think they liked it quite a bit as well.

I want to thank those that attended for the great questions and participation and I hope I get a chance to present again in the future. As promised, below is my slide deck and source code. Please contact me if you have any questions, I’d be happy to help you out.

Securing Your Applications Slide Deck

Sample Source Code

What is it with Devs and Firewalls?

I’ve only found one Twitter client that works properly from behind an Internet proxy. What is it with Devs today? Do they not know that there is a large population out on the Internet that would love to use their programs at work? And that most corporations do not allow direct access to the Internet?


So that every .NET Dev out there will know how to incorporate Internet proxy authentication into their code, I thought I would post the following simple steps:


1. Add 4 settings to your App.Config file:


UseProxy – Boolean, turns on and off the proxy code

ProxyUri – String, the URL to the proxy server formatted as http://proxyserver:port

ProxyUsername – String, the User Name to use to authenticate with the proxy server

ProxyPassword – String, the Password to use to authenticate with the proxy server


2. Add the following code to your Get or Post code to create a WebProxy and add it to the WebClient:


if (Properties.Settings.Default.UseProxy)
    WebProxy proxy = new WebProxy(Properties.Settings.Default.ProxyUri);
    proxy.Credentials = new NetworkCredential(Properties.Settings.Default.ProxyUsername,
    client.Proxy = proxy;


That’s all there is to it! Not hard, pretty simple really, if you think about it. So with four application settings and no more than 7 lines of code, your too can incorporate Internet proxy authentication into your web-based Windows Form or WPF application.



Posted: Industry Vertical Episode 001

I am proud to present the first episode of Industry Vertical the twice monthly net cast about industrializing software development with Software Factories, Guidance Automation and Domain Specific Languages at This episode starts out with the basics of Software Factories and trys to answer the question “What is a Software Factory”.

Industry Vertical Pre-Production Begins

I’ve decided to try my hand at webcasting. I’m in the stages of preparing a webcast series around using software factories, guidance automation and domain-specific languages called Industry Vertical. I’m planning on taking it slow starting out by providing some introductory material around what software factories are, their benefits and their life-cycle. Then I’ll take everyone step by step building out a software factory from the ground up. I’m hoping this will help everyone out there get started in industrializing software development.


So far, I’ve spent the last month getting my scripts together, creating graphics, setting up a new web site, purchasing audio equipment and I just found a great deal on a Sony HVR-A1 High Definition Camcorder, so once it arrives I’ll be ready to get down to business and start recording the first episode.


Hopefully, my busy work schedule will stay out of the way long enough to keep releases to a regular interval, but we’ll just have to wait and see what happens.


So Why Doesn't Anyone Provide HTTP Proxy Support?

So, I want to follow Twitter at work on my desktop, however there is a proxy between me and the Twitter servers and all of the Twitter clients I find blow chunks when I try to connect. Am I one of the few users in the world behind a proxy? This can’t be! I know there have to be a lot of people in the same situation.


Its not only Twitter clients that I run into that do not support proxies, I’m finding it to be the norm not the exception. We’re not talking about anything big, all a developer needs to do is provide the option and provide the proxy credentials prior to making the call.

How to Create a Custom Editor for a Domain Model Element Property

Sometimes when defining a property for a domain model element you may need to use a complex type that has more than one property or can’t easily be displayed using a single text field or drop down in the property editor. A good example might be a class that holds a list of strings for a GUI interface or a Rich Text editor for a custom text field required by your framework.


To resolve this you can create a custom editor and hook it into your domain model that will provide a proper user interface to specify information for your property.


There are three steps you need to take in order to wire your domain property to display a custom editor:


1. Create a class derived from System.Drawing.Design.UITypeEditor that will launch the custom dialog box as below:


   2: using System;
   3: using System.Collections.Generic;
   4: using System.Text;
   6: // Need to add a reference to System.Drawing DLL.
   7: using System.Drawing.Design;
   8: using System.Security.Permissions;
   9: using Microsoft.VisualStudio.Modeling;
  10: using Microsoft.VisualStudio.Modeling.Design;
  12: namespace XXX.UIProcessDesigner.UIEditors
  13: {
  15:     // FxCop rule: must have same security demands as parent class
  16:     [PermissionSet(SecurityAction.LinkDemand, Name = "FullTrust"),
  17:         PermissionSet(SecurityAction.InheritanceDemand, Name = "FullTrust")]
  18:     public class FormPromptUITypeEditor : System.Drawing.Design.UITypeEditor
  19:     {
  21:         /// <summary>
  22:         /// Overridden to specify that our editor is a modal form
  23:         /// </summary>
  24:         /// <param name="context"></param>
  25:         /// <returns></returns>
  26:         public override UITypeEditorEditStyle GetEditStyle(System.ComponentModel.ITypeDescriptorContext context)
  27:         {
  28:             return UITypeEditorEditStyle.Modal;
  29:         }
  32:         /// <summary>
  33:         /// Called by VS whenever the user clicks on the ellipsis in the 
  34:         /// properties window for a property to which this editor is linked.
  35:         /// </summary>
  36:         /// <param name="context"></param>
  37:         /// <param name="provider"></param>
  38:         /// <param name="value"></param>
  39:         /// <returns></returns>
  40:         public override object EditValue(
  41:             System.ComponentModel.ITypeDescriptorContext context,
  42:             IServiceProvider provider,
  43:             object value)
  44:         {
  46:             // Get a reference to the underlying property element
  47:             ElementPropertyDescriptor descriptor = context.PropertyDescriptor as ElementPropertyDescriptor;
  48:             ModelElement underlyingModelElent = descriptor.ModelElement;
  50:             // context.Instance also returns a model element, but this will either
  51:             // be the shape representing the underlying element (if you selected
  52:             // the element via the design surface), or the underlying element 
  53:             // itself (if you selected the element via the model explorer)
  54:             ModelElement element = context.Instance as ModelElement;
  56:             FormPromptUITypeEditorForm theForm = new FormPromptUITypeEditorForm();
  58:             theForm.Value = (string)value;
  60:             if (theForm.ShowDialog() == System.Windows.Forms.DialogResult.OK)
  61:             {
  62:                 value = theForm.Value;
  63:             }
  65:             return value;
  66:         }
  68:     }
  70: }


2. Create a Windows Form dialog that will be displayed when the editor is invoked, such as the one below:




3. Set the Custom Attributes for the Domain Property to reference the UITypeEditor class you have created.


The text is as follows: [System.ComponentModel.Editor(typeof(XXX.UIProcessDesigner.UIEditors.FormActionTypeUITypeEditor),typeof(System.Drawing.Design.UITypeEditor))]


The bold faced text is the full namespace of your class that derives from UITypeEditor.




I normally store all code that I add to a DSL Designer in various folders such as; CustomCode, UIEditors, Validators, etc. That way it is easy to find when I am trying to reference it.


Also, you can debug the UITypeEditor and Dialog by setting breakpoints in the code before you start debugging.



Monthly Dallas VSTS User Group Meeting

I just got back from attending my first Dallas VSTS User Group Meeting. Vince Blasberg gave a presentation titled “Reporting in Visual Studio Team System.” He gave a great deep dive into the database architecture around TFS, the Data Warehouse and the OLAP Services. Vince also had some great tips on how custom work item field attributes can affect reporting as well as learning resources around building TFS Reports.


I’m hoping we do a deep dive around mining the Data Warehouse for dashboard data reporting. It was great first experience with the group.


Turns out that Vince and I worked together at CLR/FAST-TAX back in the mid 90s. We spent some time after the meeting chatting about old friends and the old days of working 18 hours days getting ready for tax season.


You can learn more about the Dallas VSTS User Group at

Adventures in Extending the Service Factory – Part 2

Here’s a handy tip when you are trying to learn how the components of the Service Factory works. I’ve found it very useful over the last couple of weeks.


Since the Service Factory now gets registered under the Visual Studio Experimental Hive you can configure the solution so you can debug it. If you are familiar with debugging DSLs, this should be nothing new. Just follow the steps below:

  1. 1. Set the Service Factory Guidance Package as the Start-Up Project by right-clicking on the project and selecting “Set as Start-Up Project”.
  2. 2. Change the Service Factory Guidance Package Project’s debug settings to launch Visual Studio under the Experimental Hive:
      1. a. Right click on the Service Factory Guidance Package Project and select “Properties”.
    1. b. Select the Debug Tab
    2. c. Configure the Start Action to Start External Program and C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\devenv.exe or where ever you have installed Visual Studio for the program.
    3. d. Set the Start Options, Command Line Arguments to /rootsuffix Exp


Now you can set breakpoints in the Service Factory code and press F5 to walk through the code in the debugger.