Configuration for Windows Identity Foundation The topics in this section explain how to configure a Windows® Identity Foundation (WIF) relying party (RP) application using a configuration file.
I am testing another approach of carrying out main messages of what ACS is about. Here is a short video I recorded.
There are a number of factors that can affect the performance of your enterprise application that uses MSMQ with WCF. Nicholas Allen discusses some of these design decisions in his Optimizing MSMQ article
I am posting this article on behalf of my teammate Lyudmila. A new tool to help investigate ‘Login Failed’ errors in SQL Server has been recently implemented and published on CodePlex: http://ssat.codeplex.com/ The tool is implemented in C# and uses xEvents to capture “Login Failed” errors. It also uses security ring buffer information (from sys
Check out the SharePoint SPIdentity Team Blog to read up on how Identity was implemented in SharePoint 2010. There, aside from an introductory post , you’ll find the first to parts to a series of blog articles that talk about configuring claims-based authentication: Claims-based authentication “Cheat Sheet” Part 1 : Forms based authentication and anonymous access Claims-based authentication “Cheat Sheet” Part 2 : Configuring a SAML based sign-in – Lionel Robinson, Program Manager
In my previous post, I noted that rustock had started sending us a whole pile of spam over the TLS protocol. The question now is why do it at all? I mentioned in my post that this is clever behavior and one of my readers posted in a comment “What makes this so clever?” The issue of authentication, reputation and security is one that comes round and round in the world of email. Why do we authenticate? And what does it buy you? There are plenty of reasons to send authenticated mail, here are three: It allows you to track abusive behavior. If an organization is sending outbound spam, then determining who is responsible for it allows that organization to track down who is sending it and shut them down. This, of course, presumes that organizations want to do the right thing. But if you are taking responsibility for the quality of what you send, then identification of your users is done using authentication. It allows you to combat fraud.
On Friday, the team at Microsoft that’s driving our End to End Trust initiative launched a new web site that provides an update on the End to End Trust vision for a more trustworthy and accountable Internet.
If you site works in Internet explorer 7 but not with Internet Explorer.8.0 Add the following meta tag in your master page :- <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" />…( read more )
If you are using the WCF RIA Services PDC bits and your app is using windows authentication with ASP.NET built-in user management system, make sure you do the following steps to your hosting server: 1. Open IIS manager, browse to the vitual directory of your app, disable all other authentication modes except Windows Authentication mode 2. Set the application pool identity to NETWORK SERVICE 3. Browse to the physical folder for your app, make NETWORK SERVICE have full control over that folder
IIS 7 allows isolation of web application pools from each other by providing the ability to run application pools as separate identities. The identity of an application pool is the name of the service account under which the application pool’s worker process runs. Running an application pool under an account that has high-level user rights is a serious security risk.
This story is (mostly) fiction. But it’s quite entertaining if you use your imagination. And who knows? It could have been true.
Guys, as promised, this is my second post in same day because I got to resolve one of the very weird and unique case recently.
Copyright © Anith Gopal 2009. All Rights Reserved.
A proud member of the 
family