Secure Distributed Applications with WCF
Dominick Baier of Thinktecture certainly knows his stuff, but for some other reason he couldn't manage to bring the message to his audience (at least not to me). Looking back at this session, it was probably one of the worst sessions I attended.
"IronPython" and Dynamic Languages on .NET
I had high expectations for this session, which only came true for some part. Mahesh Prakriya showed some pretty cool demos, including one with a robot (which always strikes me at a sensitive spot :-) ).
Some random notes I've made during the session:
- IronPython and IronRuby are going to be true implementations of their original counterpart. The development teams will not deviate from the original specifications, which is a good thing. This will enable Python and Ruby developers to migrate their applications to .NET where they have the BCL classes at their disposal.
- IronPython will target the Dynamic Language Runtime starting from version 2.0.
- IronPython is the fastest Python implementation out there, at least that is what they claimed during the session.
- The download for IronPython contains the IronPython command shell. With this shell its possible to instantiate .NET objects from the command line, which is very cool.
- The development team of IronPython uses agile development.
Why Software Sucks
This is also the title of the book David Platt wrote on the subject. This guy is both a very good speaker and a funny guy. In this short talk, David talked about usability in software, showing some real-world examples of the good, the bad and the ugly.
Understanding Claims-Based Identity
Very nice introduction to the concepts and classes in the new System.IdentityModel.Claims namespace, first introduced in .NET 3.0. Keith Brown did a great job bringing the message to the audience.
Some random notes I've made during the session:
- A security token represents a collection of claims: e.g. a Kerberos ticket or an X509 certificate are examples of security tokens that exist today.
- A claim is a statement about a subject where each claim is identified by a URI.
- A claim is represented by the Claim class.
- The ClaimSet class is a collection of Claims + the issuer of the claims.
- Claims are available in WCF through the ServiceSecurityContext.
- Microsoft does not (yet) provide a Security Token Service (STS) out-of-the-box, so you need to build one on your own.
- Claims can also be transformed, e.g. a X509 certificate can be transformed to a Kerberos token.
Also check out this article from MSDN magazine on the very topic.
Entity Framework Introduction
At first I was rather happy with the fact that Microsoft is going to release an object-relational mapping framework. As I got my hands on some of the bits, I was rather disappointed as I blogged about in these posts here and here. But the data access guys and dolls at Microsoft are listening as I already posted here. That is why I wanted to give the ADO.NET Entity Framework another chance. I went to this talk with the idea to start from scratch. As I already knew, its not going to be the next NHibernate. Not that NHibernate doesn't have its quirks, but the first release of the ADO.NET Entity Framework is not going to be mature enough to start using beyond some small applications. But I'm already looking forward to the next version though. That is what being a .NET developer is all about: constant anticipation :-).
PS: I'm blogging this in retrospect as I couldn't get the blogger administrator web site to run on the CommsNet PCs because they had JavaScript turned off.
