As today we’re going to host our 3rd Microsoft Austria Interoperability Council, I thought that in addition to our existing results we’re presenting today, it’s a good time to publish an update of my Identity Interoperability Demos and samples I created earlier this year.

Furthermore, based on the feedback of members from our interop-council, I’d like to provide a few links with more information on Identity Interoperability between Microsoft Windows Identity Framework (WIF) and Active Directory Federation Services v2 (ADFS v2- both formerly codenamed Geneva Framework and Geneva Server).

The Foundation – OASIS Identity Metasystem

Primarily the foundation for all these interoperability thoughts is the Identity Metasystem vision originally started by Kim Cameron (Microsoft – see article on MSDN). More information on the official standards can be found on the following link:

http://docs.oasis-open.org/imi/identity/v1.0/identity.html

Sun Metro / WSIT Interoperability

The interop-identity PoC I’ve created demonstrates interoperability with Sun Metro / Web Services Interoperability Toolkit. For the PoC you need a Glassfish v2 application sever to host a Java-based Relying Party and integrate this RP with a .NET-based Security-Token-Service (STS) and a .NET-based client. The PoC shows, how you can integrate Java-based services in a Windows-based security-infrastructure based on standards.

Click here to download the lates version of my ID-Interop-PoC

Click here to view my previous blog-entry on how-to setup the PoC

Note, that the download package is a little big larger this time. You don’t need to download any additional bits. Everything including all Java-Pre-Requisites is included, except Microsoft Geneva Beta 2 (click here to download).

Interoperability with CA, Novell Access Manager, Sun Open SSO

While working with colleagues (Michael Steinböck, Dominik Paiha from Microsoft) on a proposal for a customer (who is also a member of the council) on identity interoperability, we’ve collected a number of additional resources on identity interoperability. First and foremost I would like to mention papers on interop between Sun Open SSO, Novell Access Manager and CA.

Click here to download Interop-Whitepapers for ADFS v2 (Geneva)

OpenID Interoperability with Microsoft ADFS v2 and WIF

Also a question continuously asked is the interoperability between the Microsoft-platform and OpenID. Of course OpenID can be used as a means of authentication on top of a WIF/ADFSv2-based STS.

Thanks to Matias Woloski who is working very close with Microsoft’s patterns & practices team, you can find more information and a conceptual view below (click image to enlarge):

Click to read Matias’ blog entry on OpenID integration

Click to get to DotNetOpenAuth, a library for .NET-OpenID-integration

Download .NET Open Auth here

Novell Bandit Project provides Information-Card Interoperability

In partnership with Microsoft, Novell is working on an initiative called “The Bandit Project”. This initative provides components and source code to implement a complete Identity Metasystem-based solution with STS, RP and even identity selectors (DigitalMe) for clients. To get these components to ensure complete interoperability of your Java- and browser-based components and end user experience on Linux, click the link below:

http://www.bandit-project.org/

Identity Interoperability with IBM Tivoli

At last year’s PDC 2008, Vittorio Bertocci and Kim Cameron demonstrated interoperability with IBM Tivoli access manager and ADFS v2 / Geneva Framework.

Take a look at Vittorio’s blog here for more details.

Click to view the session, directly, and get the info from live-demos.

Interoperability between Shibboleth and ADFS

Microsoft published a guide on interoperability between Shibboleth and the Microsoft platform for it’s previous version of Active Directory Federation Services, already. Of course this guide is still available.

Download Shibboleth – ADFS Interop here.

With ADFS v2, Microsoft is implementing the SAML 2 protocol in addition to the WS-* protocols which are available in both, ADFS v2 and the Windows Identity Framework. Having that said, interoperability will be given for Shibboleth and ADFS v2, as well. I’ve found the following references on this interoperability and I’ll continue my search to find or build more concrete step-by-step guides and samples on this kind of interoperability:

Geneva and SAML 2 from Don Schmidt of the identity-team

SAML 2 protocol and Shibboleth Interop-Announcement

Patterns & Practices Identity and Access Guide

Finally I wanted to share one last, extremely important resource. My friend Eugenio Pace from the Microsoft patterns and practices team in Redmond is currently working on a PnP-guide on identity and access management using ADFS v2 and WIF. This guide is currently under development and is published as a open project on www.codeplex.com. That means, feel free to start reading through the guide and provide the PnP team with feedback as much as you can and about all the things you would love to read there.

They are also working on a guidance on how-to implement BOTH, single-sign-on (which is available out-of-the-box in Geneva) and single-sign-off, which is a very special challenge, typically!"

Click here to get to the guides workspace on codeplex.

Click here to get to Eugenio’s blog.

Final thoughts

I think, these are some of the most important pieces of information, architects and developers need when it comes to thinking about identity interoperability. I personally strongly believe in all the parts of the identity metasystem vision and claims-based security. I also see, that most of the vendors are (slowly) moving towards this direction with their products and offerings.

So stay tuned, keep your eye on all these things.

Cheers
Mario

Today based on some customer project requirements, Max and I together created a very simple and easy-to-understand all-in-one demo to show, how-to integrate Internet Explorer 8 features into your own web sites.

Download the sample web site here!

As for us the localization of the content for our local audience was core, we published the whole documentation in German on our local team-blog including detailed explanations and code-snippets.

Take a look at the article in German on our team-blog here!

Generally speaking, in my opinion these new little gimmicks in IE8 are pretty cool for end users and are more than easy to be integrated into your web pages... and they do not disturb any other browsers, at all. So for me that’s just a win-win-situation...

My cousin wanted to update the registration-information specified while installing Microsoft Office 2007. When he asked me I realized, that for the default values of user name and the initials Office 2007 offers a UI – but it doesn’t provide a possibility to update the company name. Furthermore I realized, that PowerPoint reads the information from the Installer-Data registry-hive.

So I created a little tool for him to update all registration information to have the right default values for Word, Excel and PowerPoint (haven’t tested with the other tools;)).

Download the source code for the tool here.

Download the binary for executing the tool directly, here.

I know, it’s not an architect’s job writing such little tools... but almost too often I love doing these little things:)) ... little fun stuff:))

As some of you know I am the founder and owner of the Austrian Microsoft Interoperability Council. The council itself is a group of experts and influencers on the Austrian market that is working together with us for identifying interoperability challenges between the Microsoft-platform and other platforms based on local, regional and global standards.

One of the aforementioned local standards in Austria is the interface for programmatically accessing and using services offered by the Austrian National Insurance through their electronic health care card (e-card). These interfaces offer a variety of services that allows medical software to integrate with offerings from the Austrian National Insurance. Essentially these services are built as a set of web services that can be called from medical applications. Using these web services from the Microsoft-platform (and from other platforms) is essentially very easy - with two exceptions!

Two services allow uploading and downloading electronic documents as attachments to the actual SOAP-message. Examples are electronic referrals or Medication Approval Service (= special medication has to be approved by controlling doctors of health insurance institutions). These web-services use SOAP-With-Attachments for adding the electronic documents as attachments to the actual web service message. SOAP-With-Attachments is an older standard for attaching binary data to web service messages which is still valid. It gets replaced slowly by newer standards such as MTOM. Therefore the current version of WCF and future versions of WCF do not support SOAP-With-Attachments - WCF comes with an MTOM message encoder, only.

The missing encoder affects every doctor software and hospital software vendor of the Austrian market that builds his software on top of the Microsoft-platform incl. .NET. And most of the vendors are building their doctor software on top of the Microsoft-platform; therefore they are all affected if they don't want to parse messages manually.

Together with the company that is running and building the services for the Austrian National Insurance, SVC Chipkarten Betriebs und Errichtungsgesellschaft m.b.H., we organized an interoperability lab within our interoperability initiative to solve this problem for the Austrian doctor- and hospital-software vendors. For doing so, in this lab together we built a SOAP-With-Attachments message encoder sample for WCF and tested it against the affected services together with the e-card.

Of course, based on the principles of our interoperability council and initiative, we published the results of this interoperability lab as open source samples on the Microsoft codeplex-platform.

Click here to go to the Codeplex workspace and download the sources.

Please note that these components are sample-components, therefore using and building on-top of these components is at one's own risk and there will be no official support by SVC or Microsoft.

Using the Encoder

Using the encoder is pretty simple. First of all you need to add a reference to the encoder project we're providing in this workspace. After you've done that you can configure your WCF-service to use the encoder. Note that both ends, the service and the client, need to use the same encoder! Here is some sample configuration

   1: <configuration>

   2:   <system.serviceModel>

   3:     <extensions>

   4:       <bindingElementExtensions>

   5:         <add name="swaMessageEncoding"

   6:              type="Microsoft.Austria.WcfHelpers.SoapWithAttachments.SwaMessageEncodingElement, 

   7:                    Microsoft.Austria.WcfHelpers.SoapWithAttachments" />

   8:       </bindingElementExtensions>

   9:     </extensions>

  10:     <bindings>

  11:       <customBinding>

  12:         <binding name="SwaTestBinding">

  13:           <swaMessageEncoding innerMessageEncoding="textMessageEncoding">

  14:           </swaMessageEncoding>

  15:           <httpTransport maxBufferSize="62914560"

  16:                          maxReceivedMessageSize="62914560"

  17:                          authenticationScheme="Anonymous"

  18:                          proxyAuthenticationScheme="Anonymous"

  19:                          useDefaultWebProxy="true" />

  20:         </binding>

  21:       </customBinding>

  22:     </bindings>

  23:     <client>

  24:       <endpoint address="http://localhost/fakeservice/"

  25:                 binding="customBinding"

  26:                 bindingConfiguration="SwaTestBinding"

  27:                 contract="IMyContract" name="MyServiceEndPointName" />

  28:     </client>

  29:   </system.serviceModel>

  30: </configuration>

After you have done that you can leverage the OperationContext of WCF to attach binaries to outgoing messages or retrieve binaries received by incoming messages. The most important for clients is, that you need to setup an operation-context before calling a service with your generated proxy as follows:

   1: using (OperationContextScope Scope = 

   2:         new OperationContextScope(Client.InnerChannel))

   3: {

   4: }

Note that these lines-of-code are necessary for clients, only, as in your services you usually have an OperationContext available, already. After you have your operation context, it is as simple as follows to attach binaries to outgoing messages or get binaries from incoming messages:

   1: // Add outoing attachment

   2: OperationContext.Current.OutgoingMessageProperties

   3:                          [SwaEncoderConstants.AttachmentProperty] = ZipContents;

   4:  

   5: // Receive incoming attachment

   6: byte[] b = (byte[])OperationContext.Current.IncomingMessageProperties[

   7:                                          SwaEncoderConstants.AttachmentProperty];

Note, that my implementation currently supports single attachments, only. But of course as this is an open source sample feel free to download the source code and extend it as you need it.

Final Words

In my opinion this is a great result that can be achieved simply through an open discussion and by exchanging experience, idea and knowledge in our interoperability council. This work was an exceptional partnership that (hopefully) helps hundreds of medical software vendors - this is the kind of impact I love to see out of the interop-initiative we're running in Austria - results that help a large part of the local software market!

Maybe some of you have read the Whitepaper I’ve written together with two architects from Frequentis AG (Ulrich Hüttinger and Stefan Domnanovits) a few months ago. At the DevCamp 2009 Conference I baked that into a session now!

Download the paper by clicking here if you haven’t read it, yet.

Finally after giving a presentation at TechReay, Microsoft’s internal conference for technical and strategic education, I managed to give a “fine-tuned” version of the session for the first time in Europe – at our local Developer Camp 2009 conference organized by key-partners of Microsoft in Austria.

If you’re interested in seeing the concepts of the paper in action using .NET 4.0 Task Parallel Library, then check out the presentation material and the running demo solution.

Download the Demo and Presentation here!!

The demo solution isn’t an easy thing, it’s really a little prototype to show the job/queue/command pattern using Task parallel library in an end-2-end-fashion:

• client doing his tasks with Jobs in the background to be always responsive
• little service bus example sitting in the middle coordinating the communication between all working positions and a few back end services.
• back end services leveraging the “job-pattern” as well for asynchronous and scalable processing of incoming requests.

Note that the sample also includes a CCR-based implementation. If you don’t have CCR/DSS installed on your machine, just comment-out the CcrManager-class in the JobLibrary-assembly.

As promised I will provide the back-port to Visual Studio 2008 containing just the CCR-based implementation so that those who don’t have Visual Studio 2010, yet, will have a chance to take a look at the sample, as well!

If you have any questions, feel free asking me!!!

It was a great pleasure for me to be part of the opening key note at our 3rd Developer Camp conference organized by some of our key partners in Austria (Techtalk, Cubido, CSS and Kentiko).

During this key note we introduced the Windows Azure platform to about 170 developers. Note that I also have a detailed description baked into the slides including screen shots to show you, how you can get access tokens for Windows Azure to test out the platform before the billing starts after PDC this November.

You can download the key note material incl. demos here.

Below are the direct URLs for requesting tokens for Windows Azure and SQL Azure:

Step 0: Register for Microsoft Connect if you haven’t done, yet
https://connect.microsoft.com/profile.aspx

Step 1: Fill out the sourvey “Register for Azure Services” on connect
http://go.microsoft.com/fwlink/?LinkID=129453
Note that for each Live-ID you can fill-out the survey just one time.

Step 2: Register for SQL Azure
http://go.microsoft.com/fwlink/?LinkID=149681&clcid=0x09

Step 3: Usually it takes about 48 – 72 hours before you get the confirmation (depending on the interest of users it might take longer).

Step 4: After you’ve received the keys, sign-in to Windows Azure
http://lx.azure.microsoft.com/fs

Step 5: Activate your Azure Account with the tokens by clicking on the account tab or navigate to it directly and enter your tokens:
https://windows.azure.com/cloud/account.aspx

Step 6: Activate Your SQL Azure Account with the token received by navigating to the SQL Azure homepage
https://sql.azure.com/InvitationCode.aspx

Yesterday we had our Austrian version of the Re-MIX conference in the Hilton Hotel at Stadtpark in Vienna. It was a great conference combined with a superb architect forum together with Simon Guest, who unveiled his thoughts on cloud computing… but more on that in a separate post, this one is about the ASP.NET MVC session I delivered in the late afternoon in the web dev track!

An ASP.NET MVC Walkthrough & Updating object hierarchies…

In my session “Introducing the ASP.NET MVC Web Development Framework” inspired by Phil Haack’s session at the last MIX-conference I demonstrated, what development with the ASP.NET MVC framework looks like.

Download the sample here

Download the slides here

In the session I created a simple application for displaying, modifying and adding events with event deliveries, from scratch. The following graphic shows the entity data model we’ve been working with:

As you can see, a single Event has multiple deliveries at different locations. While implementing the controller actions for adding new events and modifying existing events I was challenged by the question, “how the model binder updates object hierarchies”. And the point is – it doesn’t, automatically…

Based on Phil Haack’s tip on binding collections on his blog and based on a posting from Graham O’Neale here I completed my idea in this example. Below are the steps for combining the concepts from the previously mentioned blog entries:

1.) In my views for Editing and Adding events, add HTML and script - a table that will be dynamically expanded with new items through JavaScript for each new child-item I want to create (event delivery in my case – the parts in red are the important ones in the view):

<fieldset>
    <legend>Fields</legend>
    <p>
     <label for="Title">Title:</label>
     <%= Html.TextBox("Title") %>
     <%= Html.ValidationMessage("Title", "*") %>
    </p>
    <p>
     <label for="Description">Description:</label>
     <%= Html.TextBox("Description") %>
     <%= Html.ValidationMessage("Description", "*") %>
    </p>
</fieldset>

<table id="DeliveryTable">
    <tr>
        <th>
            Delivery Begin Date
        </th>
        <th>
            Delivery End Date
        </th>
    </tr>
</table>

<p>
    <input type="button" value="Add Delivery"
           onclick="javascript:AddDelivery()" /> <br />
    <input type="submit" value="Create" />
</p>

<script type="text/javascript" language="javascript">

function AddDelivery() {

    // Add a row to the table
    var DeliveryTableBody = 
     document.getElementById(
      "DeliveryTable").getElementsByTagName(
        "tbody").item(0);
    var ItemCount =
       DeliveryTableBody.childNodes.length - 1;

    var newChild = document.createElement("tr");
    var col1 = document.createElement("td");
    col1.innerHTML = 
        "<input type='text' 
         name='Event.Deliveries[" 
          + ItemCount + "].BeginDate' />";
    var col2 = document.createElement("td");
    col2.innerHTML = "<input type='text' 
         name='Event.Deliveries[" + ItemCount + 
         "].EndDate' />";
    newChild.appendChild(col1);
    newChild.appendChild(col2);
    DeliveryTableBody.appendChild(newChild);
}

</script>

2.) In my action method for adding events in the EventController I simply was required to update the signature of the action-method with the Form-postback-collection and a separate call to update model as shown below:

[Authorize]
[AcceptVerbs(HttpVerbs.Post)]
public ActionResult Add(
       [Bind(Exclude="EventId")] Event ev,
       FormCollection postValues)
{
    //
    // Validate incoming stuff
    //
    if (string.IsNullOrEmpty(ev.Title))
        ModelState.AddModelError("Title",
                    "Title cannot be empty!");
    if (string.IsNullOrEmpty(ev.Description))
        ModelState.AddModelError("Description",
        "Please enter a description for your event!");
    //
    // Validation succeeded?
    // If yes, add the event, otherwise
    // return to the view
    //
    if (ModelState.IsValid)
    {
        DataContext.AddToEvent(ev);
        UpdateModel<IEnumerable<EventDelivery>>(
             ev.Deliveries, "Event.Deliveries");
        DataContext.SaveChanges();

        return RedirectToAction("Index");
    }
    else
    {
        return View();
    }
}

3.) When modifying existing items, the whole thing gets more tricky when working with the ADO.NET Entity Framework. Why? Simply because the ASP.NET MVC default model binder, when updating collections, unfortunately clears them and re-fills them with the items posted back in the Form postback-collection. That breaks the ADO.NET Entity Framework association set (the ASP.NET MVC model binder does not know about associations). Now you have two possibilities, either modify the source code of ASP.NET MVC (if possible I would stay with the thing as it gets delivered) or apply a little trick as I did. I just created a temporary Event, filled it from scratch with the postback-parameters and then copied the values to the existing and to new items as below. Of course the whole thing needs refinement (especially when mapping to existing items in collections), but I think it’s at least a starting point!

[Authorize]
[AcceptVerbs(HttpVerbs.Post)]
public ActionResult Edit(int eventId,
                 FormCollection postValues)
{
    Event CurrentEvent = 
    (from e in DataContext.Event.Include("Deliveries")
     where e.EventId == eventId
     select e).FirstOrDefault();

    if (CurrentEvent != null)
    {
        Event Temp = new Event();
        UpdateModel(Temp, "Event", 
           new string[] { "Title",
                          "Description" });
        UpdateModel(Temp.Deliveries, 
          "Event.Deliveries", 
          new string[] { "BeginDate",
                         "EndDate" });
        CopyEvent(CurrentEvent, Temp);

        DataContext.SaveChanges();

        return RedirectToAction("Index");
    }
    else
    {
        ModelState.AddModelError("General", "...");
        return View();
    }
}

I hope that’s a helpful posting for anyone who’s facing the same challenges when working with MVC:) Nevertheless, for those who want to have full control over HTML and want to have better testing possibilities, this framework is the right choice. If you’re rather the “productivity-kind-of-developer”, sticking with web forms might be the more convenient solution...

Today in the morning I gave a presentation at Microsoft’s largest internal conference for employees in Seattle, WA (called TechReady, about 5000-6000 Micorsoft employees are there on technical education).

The presentation I gave is essentially based on the whitepaper I’ve written and we’ve published a few weeks ago together with Frequenits AG on always responsive and scalable apps and services. You can find more details as well as the paper for download here.

While the presentation is strictly confidential, I can publish the demo scenarios. Therefore click the link below if you are interested in a complete scenario that shows asynchronous processing within clients and services as well as across services… of course I do not cover all possible “exceptions”, but it’s a starting point.

Click here to download the demo
(for Visual Studio 2010 Beta 1, only, I will provide a VS 2008 version with CCR-only implementations soon)

The demo scenario supports a few arguments discussed in my whitepaper as well as the presentation:

• Performance comparison between Peer-2-Peer and Service-bus based communication metaphors.
• Base classes for implementing the Command/Job/Queue patterns discussed in the whitepaper.
• And finally – a mapping of these patterns to .NET Framework technologies that definitely help implementing the patterns themselves. I include two implementations, one that uses the Concurrency and Coordination Runtime from the Microsoft Robotics Studio and another one that uses the .NET Framework Task Parallel Library that we are going to publish with the .NET Framework 4.0. To switch between those two implementations, just modify the JobManagerFactory in the AsyncDemo.JobLibrary project to use one or the other implementation.

The project with Frequentis definitely showed me, that Asynchronous programming and thinking is not just for the sake of performance, it’s also for “responsiveness” and “availability”. The neat thing is, that simply by keeping a few things in mind, these things can go hand-in-hand.

Nevertheless, it was very special for me delivering this session at TechReady. Seven years ago, right before I started working for Microsoft in October 2002, Seattle was the place where I attended the first Microsoft conference of my life (and the first conference in the US, at all). And it was in the very same location as TechReady this year – in the Washington State and Convention Center, in the Sheraton Hotel and Hyatt Hotel in Seattle.

My session was in one of the Grand Ball Rooms in the Sheraton with about 100 attendees… and back in August 2002 I had my room in the Sheraton at the Windows .NET Server 2003 conference… at that time I would have never thought that I will hold a session in the same location at any time:) So this was special for me! And I hope it was not for the last time!

While being here in Redmond with customers at our Lead Enterprise Architect Conference I realized that I still owe students from a lecture I gave last week the presentation and demo-downloads. Therefore I am catching up with this now;)

During the lecture I introduced ASP.NET foundational concepts such as the architecture of the runtime (Modules, Handlers...), Server Controls and the Web Forms programming model as well as ASP.NET AJAX and the latest release of the AJAX control toolkit.

You can download the presentation and the source code for this little sample application from the link below. For successfully testing the application you need the following bits installed on your machine:

• SQL Server 2008 (or 2005) Express Edition
• Visual Web Developer Express Edition
• ASP.NET AJAX Control Toolkit (open source)

That’s essentially it, after you’ve these running you need to execute the included database script (Database.sql creates the tables, only, Database_withData.sql creates the tables with some sample data), modify the connection strings in the web.config file to point to your SQL Server instance and database. If you have SQL Server Express Edition installed you can leave all settings in your web.config as they are because SQL Server Express Edition by default installs with the “(local)\SQLEXPRESS” instance name.

Click here to download the source code and presentation!

Have much fun, if you have any questions feel free getting in touch with me through this blog!

Mario

The .NET Client Profile is a very interesting extension made available with the release of .NET Framework 3.5. If you’re interested into more details, follow these link to the official documentation!

As a subset of the full .NET Framework package containing client-side functionality, only, it should make the deployment of the .NET Framework for client-only applications in corporate networks easier (30 MB are easier to deploy, maintain and patch than the full Framework with a footprint of more than 100 MB).

So far I was not really challenged with reasons for using the .NET Client Profile from customers – but now it has been the case three different times in series where the deployment of the full framework was a problem for client-only based applications.

Of course one of the first questions customers are asking is: “Which assemblies are included in the client profile and are therefore available for client developers?”

The answer: you can find a list of client-profile assemblies for each version, .NET 2.0, .NET 3.0 and .NET 3.5, in files called “Client.xml” in the following directories on your system:

%windir%\Microsoft.NET\Framework\v2.0.50727\SubsetList\Client.xml

%programfiles%\Reference Assemblies\Microsoft\Framework\v3.0\SubsetList\Client.xml

%programfiles%\Reference Assemblies\Microsoft\Framework\v3.5\SubsetList\Client.xml

Furthermore you can tell Visual Studio 2008 to check your project-references at compile-time by enabling the “Client-only Framework subset” option in the project-properties dialog. In that case Visual Studio comes up with a compiler warning for each assembly you’ve referenced that is not available in the client profile as you can see below:

To get more details on how-to deploy .NET Client Applications using the client-profile just take a closer look at this MSDN-documentation for the .NET Client Profile!

Hope that’s something useful…

Hint: technical presentations about this project as download in the link list at the end of this post!!

This year the Austrian medical association together with the medical associations of the different federal states in Austria as well as one of our Gold-certified partners, Anecon Software Design und Beratung GmbH., completed a project we (Microsoft Austria) started together on the country-wide management of data for medical practitioners and their ordinations.

The management of this data is prescribed by the Austrian law and is used for several scenarios such as sponsorships of medical practitioners, promotions, payments, traceability or even for support in lawsuits and is therefore mission-critical!

Attached to this blog-entry you will find two presentations with technical information on how we architected the solution. While the first presentation (Part1.pdf) contains shows some of the most important requirements within the environment, usage-scenarios of technologies as well as some really cool screen-shots of parts of the application, the second presentation (Part2.pdf) is based on an architectural specification I’ve written for the project on where and how-to apply which technologies of the .NET Framework 3.x in the application architecture.

Understanding the political and technical environment

Austria’s health care environment is one of the most complex political environments in Europe – and the most complex political environment in the country itself. The environment is organized in a federal way, that means each federal state of Austria (we have 9 of them) is treated as an autonomous unit.

Therefore each federal state has its own state-medical association with its own responsibilities and duties. Many of these responsibilities and duties are self-managed by these medical associations for a federal state, but on the other hand many of them are prescribed by a country-wide medical association which is the Austrian medical association.

Having these autonomous associations’ leads to the fact that each association manages both, a common set of information on medical practitioners which is prescribed by the Austrian medical association as well as its own, additional set of information they want to and need to manage for the federal state they’re acting in. That means that the application of discussion of this web blog as well as the attached presentations need to be deployed in each federal association with their own data storage, their own service instances and client applications while on the other hand they need to synchronize the common set of data between the federal associations to be able to manage and process data on medical practitioners having ordinations in multiple federal states.

Finally that means we are talking about federated data and federated services from a technical point-of-view with medical associations in the states within Austria as well as one overall organization which is the Austrian medical association. Technologies such as workflows for synchronization using SQL Server Service broker for data-synchronization transactions with “transformation”-rules in between are core in the application architecture.

The role of the medical association, Anecon and Microsoft in the project

Requirements as well as the underlying data model haven been defined by a working group defined by the Austrian medical association that consisted of several representatives of the different medical associations from the federal states. Our partner, Anecon, was responsible for the design, implementation and test of the overall solution based on latest Microsoft technologies. We from Microsoft acted as a trusted advisor for the Austrian Medical association: Robert John, our business development manager ensured getting the right support from the Area and Microsoft Corp. while I helped creating the overall architecture for the system together with Anecon and the representatives of the medical association.

Download the presentation

Requirements, usage-scenarios of technologies and screen-shots from Anecon

Core technical architecture recommendations from Microsoft / Mario Szpuszta

Involved technologies, links and further resources

.NET Framework 3.5 (incl. Service Pack 1)

Windows Presentation Foundation

Windows Workflow Foundation

Windows Communication Foundation

SQL Server 2005 and SQL Server 2008 (for newer deployments)

SQL Server Service Broker

Microsoft Patterns & Practices Home

Microsoft Patterns & Practices Application Architecture Blueprint

Yesterday Max and I had the last delivery of our .NET Web Developers Road Show. Again we applied our new concept of building a complete application in a whole day. This time we built the event management application using...

• a data access layer with the ADO.NET Entity Framework
• an ADO.NET Data Service for making the data available filtered through some simple business rules.
• ASP.NET for the web front facing application that allows users to search and register for events incl. ASP.NET AJAX.
• Silverlight for two separate use cases:
• a little Events-Photos RIA integrated into the ASP.NET web site
• and a full Silverlight application for viewing event statistics and timelines.

Again it was a great pleasure travelling with Max through our country and delivering these sessions together. You can download the complete solution from Codeplex at

http://webdevroadshow.codeplex.com/ 

including the source-code and the presentation material. Interesting that the presentation is much larger than the source code although we spend most of the time during the events in Visual Studio typing code:)

Have much fun with trying the application and analyzing the source code... but also note that this is a demo application, only, where we made some drawbacks and simplifications in the architecture, of course.

Mario

I am delighted to publish a whitepaper of one of the most interesting engagements I’ve been part of so far – together with Frequentis AG.

Together with the architects from Frequentis, Ulrich Hüttinger and Stefan Domnanovits, we’ve been writing this whitepaper I am publishing now with this blog-entry. In this paper you can read about some of the most important (not all!!) architectural approaches and design decisions Frequentis made for building always responsive clients and services in the mission critical area of ship-vessel traffic management.

Frequentis is building the newest applications in this area with .NET Framework 3.5 SP1, primarily Windows Presentation Foundation (WPF) and Windows Communication Foundation (WCF).

Topics we’ll cover in this paper are:

• Understanding the environment of the tracking and tracing solution and its technical requirements.
• Discussing some decisions Frequentis had to make on their message bus infrastructure based on these requirements.
• Implementing a reliable message bus infrastructure for smaller havens/ports and large havens/ports with WCF at the same time.
• Putting job-, queue- and command-patterns together for always responsive applications on clients and in services.
• Combining patterns such as the presentation model pattern on the front-end in WPF and understanding the communication-flow between the presentation model and the business logic that uses queues, commands and jobs on the backend.

I hope you find this paper interesting and the information in it useful!

Mario

Yesterday we had the last delivery of our BigDays road show for 2009. It was a pleasure participating for me being a part of this largest road show through Austria, again.

This year I delivered two sessions, one on Windows Communication Foundation and one on ASP.NET web development (the second one together with Alex Duggleby from Security Research). The presentations are available for download under the following two links:

• Session on Windows Communication Foundation
• Session on ASP.NET Web Development

Both sessions were part of an idea Max and I had on developing a complete scenario demo application through all sessions of the track.

Btw. Max delivered great sessions in all developer tracks around the conference - for details take a look at his blog entry;)

The Rent-A-Worker Demo Application

The demo-scenario application was the Rent-A-Worker demo application. We published the whole application as an open-source project on codeplex:

Click here to get to the Rent-A-Worker project!

It is supposed to be used for finding workers and machines and renting them for your own building projects. The application was architecturally built with the following layers in mind. Each session in the track was dedicated to a single layer of the application:

Which technologies did we use for implementing Rent-A-Worker?

This year's BigDays were - based on the feedback from customers last year - focused towards released technologies and not any future technologies. Therefore we built our demo scenario with .NET Framework 3.5 Service Pack 1 in all layers (released in 2008). Below you find the technologies incl. links to downloads for the pre-requisites you need to run, test and extend the Rent-A-Worker demo application:

Visual Studio 2008 Professional Edition or higher

Visual Studio 2008 Service Pack 1

.NET Framework 3.5 and .NET Framework 3.5 Service Pack 1

SQL Server 2008 Express Edition or higher

Microsoft ASP.NET AJAX Control Toolkit

Microsoft ASP.NET MVC (we did not present it, but we included parts)

Microsoft Silverlight Tools and Silverlight SDK

Microsoft Composite WPF Application Guidance

Feedback, Questions?

If you have any feedback to the track, to Rent-A-Worker or the content itself feel free getting in touch with Max and me through our blogs. We would be more than happy about feedback on the whole track, our sessions, demos, contents, about what we should keep doing and what we should stop doing etc.

Cheers
Mario

By "accident" I've found two older articles on some extensions and tools for Internet Information Services 7.0 and web developers in general that help improving security of web applications.

I was so amused and excited about these new modules that I thought I have to write a short entry this morning:) Also it really demonstrates, in my opinion, that the new modularized architecture of IIS 7.0 really rocks. That is really underpinned by the fact that you really find new modules and new functionality published either by the community through http://iis.net or by Microsoft itself in regular intervals.

The articles I've found aren't new, but I really love this kind of functionality - take a look at the following independent articles:

• Module for fighting against DoS attacks (click here)
• Analysis Tools for uncovering SQL Injection issues (click here)

I think, these tools are really useful helpers and they can provide an additional security gatekeeper in your security architecture - you should definitely take a look at them;)

Mario