Vibro.NET

Windows Identity Foundation Overview Session recording: drawing-on-slides presentation technique

vibro — Tue, 24 Nov 2009 21:41:36 GMT

In the same spirit of experimentation shown here, in the last year I’ve been using another fairly original presentation technique. The original aim was to mitigate my being chronically late in turning in slides for events but it turned out something that audiences actually like :-).

The technique is easy to explain, and i am sure that somebody is using it already (although I’ve never stumbled in anybody doing it so far). Instead of having fully baked slides, you have just few elements appearing at strategic moments; you hand draw everything else on the fly, directly during the presentation. I finally got a good recording of a session using the technique, the “Windows Identity Foundation Overview” I gave last week at PDC09. It went really well, and judging from the comments the drawing was a contributing factor (BTW thanks to all the nice comments on twitter and in the evals! :-))

At PDC I used a hybrid, meaning that I didn’t draw everything from scratch, but it can and it has been done (the intro to claims talks in Australia & New Zealand techeds & Munich EIC, for example). That usually works best for architectural talks.

While it is true that you can save time by not having to author complex animations and media research, keep into account that a good act needs some planning (and you may have to do the slides anyway). If you want to apply the same technique, here there are few tips I’ve discovered by trial & error.

If you are drawing on slides, use the pen support built in powerpoint. It supports pressure sensitivity/speed and the resulting trait is more expressive than, for example, what you obtain with zoomit (which remains the best solution for drawing on non-slides)

Learn to draw quickly. Drawing & talking should happen seamlessly, if you stop talking for drawing you break the magic

Have fun! I personally *love* the chance of doing visual humor on the slide; also, for semi-interactive sessions you have the freedom of driving the flow wherever you like and adapt to that specific audience, instead of being constrained on the rails of a pre-built slide

Test that what you draw is immediately recognizable as what you intend. If you draw something in a way that won’t be readily and unambiguously recognized by nearly all audiences, consider using clipart for that element instead. For example, my handwriting is HORRIBLE hence I always fade in & out text elements.

Composition. If you mix animated elements & drawing, make sure that you rehearse the sequence so that you know 1) when to advance the animation 2) where to draw on the screen so that the result does not overlap

And more:

Use few colors- ideally just one. Make sure that it has maximum contrast with the background. Avoid backgrounds with many different colors, or if they are forced on you try to keep the drawing on uniform areas
Backup. This technique is powerful, but also completely dependent on the availability of a tablet. In the last 2 events I was at risk of not being able to use it, since the hinge of my tablet occasionally disconnects the display connections… and there’s always the risk of losing the stylus. Also, not all the touch screens are suitable (my UMPC creates all sorts of artifacts with powerpoint drawing, could not have been used as backup.
The solution is to have hidden traditional slides in your deck, just in case at delivery time you are forced to use a traditional PC. This is of course a big time waster, since doing via animations what you can when drawing takes ages, hence you may consider simplified sequences (and be ready to expand elsewhere since this is likely to mess with your timetable)
Downloadable slides. If the event does not offer a video recording of the event, you HAVE to provide the alternative slides otherwise attendees will download a series of empty slides. The option of saving the ink annotations usually does not work, since the final pic usually does not capture all the intermediate sketches and may end up to be too complex anyway if you didn’t see it gradually taking shape.

That’s it. This so powerful yet easy & simple to do that I am truly surprised this is not mainstream. Give it a try and let me know if you discover more tips!

Update on Windows Azure + Windows Identity Foundation

vibro — Tue, 24 Nov 2009 07:10:21 GMT

New Guide

Back in August we released a guide that explained how to use WIF for adding to your web role SSO and claims-based identity capabilities via WS-Federation. That guide contained a number of workarounds that were made necessary by the limitations of the bits publicly available back then. A lot of you wrote back saying that the guide was helpful in getting you going with identity & the cloud and experiment with the scenario (I believe it was the case here, for example) while waiting for more complete guidance. That’s great, because that was precisely the intent.

Since then both WIF and Windows Azure evolved quite a bit: today the scenario described by the original guide can be set up in significantly less steps, and above all you are no longer forced to implement the unsafe workarounds that were needed back then.

The new identity developer training kit and channel9 training course contain a new hands-on lab, Federated Authentication in a Windows Azure Web Role Application, which contains an updated version of the guide. We also uploaded a standalone version of the lab in the same code gallery page where we uploaded the first guide, so that if you land there via search engine you’ll have the most up to date information.

The new lab is the result of a coordinated effort from the Windows Identity Foundation, Windows Azure and DPE teams. Among the key contributors Hervey Wilson, Todd West & Sidd Shenoy on the WIF side, Mohit Srivastava and Remy Pairault on the Windows Azure side, and Ryan Dunn & yours truly on the DPE team. We hope you’ll enjoy the results!

In-depth info

The lab is designed to give you a quick start and be accessible to as many as possible. However there are advanced considerations that arise whenever you deal with non-trivial environments such as multi-stage deployments and web farms (and what is Windows Azure, if not the biggest of them all?).

If you are interested in going deeper in the topic, I strongly suggest you take a look at the recording of the excellent talk Hervey gave on this very subject at PDC09. That will certainly give you food for thought: I also suggest to keep an eye on his blog.

[funny] Stolen Identity Video

vibro — Thu, 19 Nov 2009 23:20:56 GMT

PDC is slowly wrapping up, and it has been an awesome one. Identity was all over the place, and the interest you guys have show for the topic makes the months of behind-the-scenes hard work well worth it!

Before resuming the “serious” steams of news around the content (there’s more to come!), let me share with you this hilarious video in which, you really can say that, identity is the undisputed protagonist… enjoy! (thanks to Mike for the link!)

http://www.youtube.com/watch?v=bT_8pkoIGms

More WIF RTM Extravaganza: Sharepoint 2010 & Claims-Based Identity on the Id Element

vibro — Wed, 18 Nov 2009 09:00:00 GMT

Riding the wave of the WIF RTM joy, Here there’s a bonus for you: an exclusive interview with Venky, Program Manager Lead in the Sharepoint team, where he describes how claims-based identity is helping Sharepoint to address its identity challenges.

This is an unusual interview for the Id Element, as it depicts somebody who USES an identity product rather than somebody who writes it: I personally find it really, really interesting, and I am sure you’ll agree with me ;-) enjoy!

When it comes to identity management intensive applications, it's hard to top Sharepoint. Whether you are signing in a portal, accessing a document or using a webpart for reaching out to external web services, your identity is going to be the factor that drives it all.
Vittorio went to visit Venky Veeraraghavan, Program Manager Lead in the Sharepoint team, to discuss how Sharepoint deals with identity challenges. Venky gives a fantastic explanation of how claims-based identity and Windows Identity Foundation helped the Sharepoint team to deliver on the identity functionalities they needed without getting entangled in low level details such as protocol handling.
Tune in!

Stuart Kwan & yours truly broadcasted LIVE on Channel9 – TOMORROW!

vibro — Wed, 18 Nov 2009 07:48:17 GMT

Yes, you read it right :-)

Tomorrow at 1:00pm PST Stuart Kwan and I will appear LIVE on the new unscripted broadcast that the Channel9 guys are doing from the PDC floor; we are going to be grilled by Scott Hanselman, who presumably will want to know everything about Identity!

Instructions:

To watch, go to www.microsoftpdc.com
To participate and ask questions, send a tweet to @ch9live
PDC attendees can drop by the Channel 9 Live stage in the Big Room to be part of the action in person

Now, don’t ask me how my name ended up in the same program as stars of the magnitude of DelBene, Guthrie, Don & Chris… some times it’s just chance! I guess that WIF RTM and the roaring interest you guys are demonstrating for identity are a good part of it… awesome!

I include screenshot below for good measure :)

Soooooo… see you there? ;-)

Enjoyed TailSpin demo in today’s PDC09 keynote? Get it now!

vibro — Tue, 17 Nov 2009 19:43:04 GMT

Few hours ago Cameron Skinner and Doug Purdy were featured in Bob Muglia’s keynote. They showed great demos, where identity played a no-drama role: Cameron used WIF and ADFSv2 for enhancing SSO capabilities to his MVC application, Doug benefitted by that decision when he didn’t have to worry about authentication while modeling, deploying in staging and finally in the cloud the same application. I may be biased, but I found both demos extremely compelling (not just for the identity parts!!!).

The app they used happens to be the brainchild of LostInTangent AKA Jonathan Carter: being the good guy he is, Jonathan decided to make the demo available for you to download so that you can experience it directly on your own machine and experiment with variations.

There’s preciously little code about identity in the sample, and exactly for that reason it effectively demonstrate how Windows Identity Foundation can transform authentication in a non-problem and allow you to focus on the business aspects of the application.

It was real fun to work with Jonathan for the identity portion of the demo: again, this is just a small part of a very comprehensive application, LostInTangent really knows his stuff. Do check it out, it is a great way of familiarizing with the new features in VS2010 and our new server wave!

Announcing the Identity Developer Training Course on Channel9

vibro — Tue, 17 Nov 2009 19:14:57 GMT

Microsoft is a recognized thought leader in Identity: since the Geneva announcements wave in PDC08, we opened a dialog with developers for helping you to reap the benefits of claims based identity with the .NET framework. And today we RTM’ed WIF! :)

During the past year we rolled out many successful initiatives, from the Id Element show on Channel9 to the Identity Developer Training Kit. Today we are raising the game again, by releasing the Identity Developer Training Course on Channel9.

Why The Identity Developer Training Course

The hands on lab in the kit were designed specifically to help you to address the most common scenarios, as gathered at events and indicated by the search engine queries that landed visitors to our blogs; however, once the content was packed in the training kit it was totally opaque to search engines and direct queries, leaving the full burden of discoverability to the short description in the download page or blog posts & tweets.

The Identity Developer Training Course represents the unbundling of the Identity Developer Training Kit: all the labs documentation is now unfolded and hosted by Channel9 on the public internet, ready to answer YOUR queries right when you need it.

Once the content is on line, an entire new range of possibilities opens up: we can complement the content with instructional videos that can be streamed on-demand, roll continuous updates without forcing you to re-download the package, and many others we are considering for the next releases.

Discover Identity at Your Own Pace

The content is designed to provide a gentle introduction to the claims-based approach to identity and the Microsoft technologies that developers can use to put it in practice: in this release we focus on Windows Identity Foundation and the Access Control Service. The course also offers more advanced content, which will appeal to experienced developers and will help beginners to move to the next level.

Just to give you an idea of the kind of content we make available, here there’s a list of the units we offer in the first version of the Identity Developer Training Course:

Overview
- Video: Welcome To The Identity Training Course
- Video: An Introduction to Claims-Based Identity
Web Sites and Identity
- HOL
  - Exercise 1: Enabling claims based access for an ASP.NET Web Application by generating a local STS
  - Exercise 2: Customizing the Credentials Accepted by a Local STS
  - Exercise 3: Accepting Tokens from an Active Directory Federation Services (ADFS) STS
  - Exercise 4: Accepting Tokens from Live ID
  - Exercise 5: Invoking a WCF Service on the Backend via Delegated Access
Web Services and Identity
- HOL
  - Exercise 1: Using Windows Identity Foundation to Handle Authentication and Authorization in a WCF Service
  - Exercise 2: Accepting Tokens from an Active Directory Federation Services (ADFS) STS
  - Exercise 3: Invoking a WCF Service on the Backend via Delegated Access
ASP.NET Membership Provider and Federation
- HOL
  - Exercise 1: Enhance an ASP.NET Membership Website with Identity Provider Capabilities and Use it from a Third Party Website
Identity and the Windows Azure Platform
- Video: What is the Access Control Service?
- HOL: Introduction to the .NET Access Control Service
  - Exercise 1: Using ACS with Symmetric Keys
  - Exercise 2: Using ACS with SAML Tokens
- HOL: Federated Authentication in a Windows Azure Web Role Application
  - Exercise 1: Enabling Federated Authentication for ASP.NET applications in Windows Azure

You can go through the course “cover to cover”, or pick and choose the references that can help them with the task at hand.

Get on board!

The interest in Identity has been growing at steady pace for the last year: with the RTM release of Windows Identity Foundation and the cloud services getting more concrete every day, we expect the interest of the community to grow further.

Developers skilled in identity matters are in preciously short supply, and our courses represent an easy (and FREE!) way to acquire a skill in high demand. If you want to get on board:

Go through to the online identity developer training course…
…or download the classic identity developer training kit
Explore our end to end sample, FabrikamShipping, or our ASP.NET custom controls (here and here)
Subscribe to the Id Element show on Channel9 to hear about the latest news in Identity directly from the protagonists

As always, we look forward for your feedback: please let us know what works and what you would like us to do differently!

Windows Identity Foundation RTM!

vibro — Tue, 17 Nov 2009 18:16:13 GMT

Hello from PDC09 Day 1 keynote! It is my pleasure to let you know that Bob Muglia just announced the general availability of Windows Identity Foundation. Get it while it’s hot!

Almost exactly 2 years ago I had the honor of giving the first sneak-peak of what at the time we called the ADFS “2” project, which during PDC08 was officially announced under the codename “Geneva”.

With “Geneva” we collectively indicated one developer product (“Geneva” Framework, now Windows Identity Foundation), one server product (“Geneva” Server, now Active Directory Federation Services v2) and one end-user one (Windows CardSpace “Geneva”, now Windows CardSpace 2). Today we put in your hands the first component of the former “Geneva” platform, and I am personally thrilled that is the one for developers :)

We had a fantastic beta program, receiving tons of good feedback which made its way in the product: what you get today is the first of its kind, and is the answer to the need expressed by so many of you of handling identity and access in .NET applications in consistent & easy way. As you heard me say so many times in my presentations in the last year, the time of hand weaving is over: now you can start to experience the power of the claims-based approach directly in your apps!

You can find the official announcement on the Forefront blog: furthermore, before leaving for Berlin/L.A. I was lucky enough to capture a short impression of Conrad Bayer, Director of Program Management for Identity and Access, and get his comments on this release for the Id Element.

All our content has been updated to work with Windows Identity Foundation RTM, and we created some new interesting deliverables: watch this blog and/or my twitter for the next few hours!

Download the November 2009 release of the Identity Developer Training Kit

vibro — Sat, 07 Nov 2009 00:00:45 GMT

Let’s close the WIF RC day with the November refresh of our Identity Developer Training Kit.

The new version of the Identity Developer Training Kit ported forward the three WIF labs (web site, web services, ASP.NET Membership provider) to the RC, and improved support for Windows 7 and Windows Server 2008 R2.

The ACS labs have been temporary removed, to give us the time to accommodate the new REST scenarios it now supports, but it will be back in in no time.

In addition to that, we’ll also be adding some new interesting content very soon… but I won’t spoil the surprise ;-)

Happy coding!

ClaimsDrivenModifierControl has been updated to WIF RC

vibro — Fri, 06 Nov 2009 19:32:51 GMT

Following the route of FabrikamShipping, the Claims-Driven Modifier Control is now ready to influence the behavior of your federated sample websites… using WIF RC :-)

enjoy!

FabrikamShipping has been updated to WIF RC

vibro — Fri, 06 Nov 2009 19:08:23 GMT

That’s right, the big sample you know and (hopefully?;-)) love has been updated for taking advantage of WIF RC.

Get it while it’s hot at http://code.msdn.microsoft.com/FabrikamShipping

The Id Element Special: up close & personal with WIF RC

vibro — Fri, 06 Nov 2009 18:21:00 GMT

The Federated Identity team finally unwrapped the RC version of Windows Identity Foundation: as you have come to expect, the Id Element did some fact gathering for you. Enjoy!

The release candidate of Windows Identity Foundation is here! Chock-full of improvements driven by YOUR feedback, WIF RC gives a very good idea of how the final release will look like.
Vittorio went to visit Sidd, Govind and Sesha to learn about the new features and explore the rationale behind some of them. From a comprehensive list of new features to deep dives in their favourite scenarios, the guys tell it all. Tune in!

The RC of Windows Identity Foundation is here!

vibro — Fri, 06 Nov 2009 18:06:00 GMT

You have been waiting for it: it is finally here. We have just released WIF RC, you can download it here. Note how nicely the logo reflects WIF’s status of member of the .NET family… i love it!

This release has very few breaking changes, but it is full of small & big improvements. You can learn all about it in our RC special of the Id Element!

Also, we updated to the RC the Identity Training Kit, FabrikamShipping and the ClaimsDrivenModifierControl; as the new versions come online I will post accordingly (and change the text into links).

And now… heads down for the Big R!

The New ACS is Live: if you do HTTP, you can play the Game

vibro — Fri, 06 Nov 2009 07:56:32 GMT

Today the .NET Services team released the first CTP that reflects the changes announced back in September: you can read about it in their team blog and in Justin’s blog and experiment with the service here.

You know, it’s kind of a big deal! The power of the claims-based approach is now within reach for REST developers and a surprisingly wide array of platform and devices: all it takes for taking advantage of the service is being able to use http and perform super-simple crypto (did I just say an oxymoron or what? Come on, you know what i mean :-)). Substantially, many of the diagram you have seen me drawing in the last 4 years remain pretty much unchanged: the difference is mainly in the kind of tokens exchanged (a minimalist bearer that plays fair with the space limitations in HTTPland) and in the protocol used.

The protocol ACS uses is WRAP, or Web Resource Authorization Protocol; in fact I should probably call it OAUTH WRAP, given what is mentioned on the WRAP discussion group home page… which is now moved to http://groups.google.com/group/oauth-wrap-wg. OAUTH WRAP has a companion token, the Simple Web Token or SWT, whose spec can be found here. Take the time to leaf through them: you’ll be surprised by how simple & straightforward they are.

I am itching to pick the pen and start scribbling on my tablet some schema for you, but I’ll resist the temptation: we are working on some content for helping you to explore the new possibilities that the service offers, and it will be available to you very soon. In the meanwhile, you can play with the samples in the SDK: and of course, don’t forget to add Justin’s session in your PDC09 agenda!

WIF on .NET Rocks!

vibro — Tue, 03 Nov 2009 17:30:12 GMT

Last Saturday I had the pleasure to spend 1 hour at the phone with Carl & Franklin from .NET Rocks: you can listen to the results here.

We mainly chatted about why claims are good for you: while the first parts are mostly introductory content, we quickly find ourselves discussing advanced topics, like the (good!) implications on development practices on switching to claims. It’s a gentle slope, so you’ll have time to pull out before the water gets too deep… or to dive right in, if identity is your thing ;-)