Scott Hanselman

Hanselminutes Podcast 39 - Identity and CardSpaces

November 2, '06 Comments [3] Posted in Podcast
Sponsored By

My thirty-ninth Podcast is up.  This one is about Identity, Information Cards and Windows CardSpaces.

We're listed in the iTunes Podcast Directory, so I encourage you to subscribe with a single click (two in Firefox) with the button below. For those of you on slower connections there are lo-fi and torrent-based versions as well.

Subscribe: Feed-icon-16x16 Subscribe to my Podcast in iTunes

Links from the show are also always on the show site, although this show had no links to speak of. Do also remember the archives are always up and they have PDF Transcripts, a little known feature that show up a few weeks after each show.

Our sponsors are CodeSmith Tools, /nsoftware and the .NET Dev Journal.

There's a $100 off CodeSmith coupon for Hanselminutes listeners - it's coupon code HM100. Spread the word, now's the time to buy. This coupon is good for the CodeSmith Professional With 1 Year Premier Support option.

As I've said before this show comes to you with the audio expertise and stewardship of Carl Franklin. The name comes from Travis Illig, but the goal of the show is simple. Avoid wasting the listener's time. (and make the commute less boring)

  • The basic MP3 feed is here, and the iPod friendly one is here. There's a number of other ways you can get it (streaming, straight download, etc) that are all up on the site just below the fold. I use iTunes, myself, to listen to most podcasts, but I also use FeedDemon and it's built in support.
  • Note that for now, because of bandwidth constraints, the feeds always have just the current show. If you want to get an old show (and because many Podcasting Clients aren't smart enough to not download the file more than once) you can always find them at http://www.hanselminutes.com.
  • I have, and will, also include the enclosures to this feed you're reading, so if you're already subscribed to ComputerZen and you're not interested in cluttering your life with another feed, you have the choice to get the 'cast as well.
  • If there's a topic you'd like to hear, perhaps one that is better spoken than presented on a blog, or a great tool you can't live without, contact me and I'll get it in the queue!

Enjoy. Who knows what'll happen in the next show?

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

CardSpaces/InformationCard Screencast

November 2, '06 Comments [2] Posted in Screencasts
Sponsored By

CardSpace ScreencastThere's  lots of talk lately about CardSpaces and the underlying WS-* technologies  (that aren't Microsoft-specific, which is a good thing) that make it all happen.

We did this week's Hanselminutes on Identity, with CardSpaces as the primary focus. I realized that it's a pretty hard thing to visualize as the user interface for Windows CardSpace has some new UI techniques like the "Curtain of Security" (my term) that loads the CardSpaces application in a separate desktop context to defeat keyloggers and others evils.

Stuart Celarier at Corillian worked recently on a project to integrate CardSpaces with our eFinance Platform. We've been working with various pre-release versions of CardSpaces for a while, and last month we took a team up to Microsoft to get a live Voyager (Voyager is the name of our eFinance Platform) system integrated with CardSpaces "for real" - as opposed to static demoware. This week Stuart recorded a CardSpace Screencast of the process.

In this demo, we log in as bill27 using a Username and Password, the way folks usually log in. Then while logged in, we visit the Self Service page and ask to associate an Information Card with that account.

When we click Select Information Card, there's an <object> tag within the HTML that asks for specific claims like this:

<OBJECT type="application/x-informationCard" name="xmlToken">
   <PARAM Name="tokenType" Value="urn:oasis:names:tc:SAML:1.0:assertion">
   <PARAM Name="requiredClaims"
Value="
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname 
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/personalprivateidentifier
"/>
</OBJECT>

This object tags requests the givenname, surname, email and a privatepersonalidentifier that is unique to the site/user combination. It's suitable for use as a key.

On this machine we haven't created or imported any Information Cards yet, so we create a Personal Card. This is a "Self Issued Card." Basically a we act as our authority and a local Security Token Service (STS) issues the card. There's two kinds of cards, Personal/Self-Issued and Managed. Managed cards will be issued by wholespace identity providers, like perhaps Visa or Mastercard, maybe Amazon and Paypal. We shall see. Managed cards have the benefit of being revocable, just like real credit cards.

After we create a card, we send it to the web server (which happens to be running .NET 1.1) that decodes the Security Token and retrieves each of the claims. Once the Information Card is associated with the account, we can log out.

Then rather than using a Username and Password we can log in using only the Information Card. Of course, using an Information Card doesn't preclude the use of additional factors, including passwords, Intelligent Authentication, or challenge questions.

Here's a list of links to check out:

Thanks to my boss for letting us publish this (formerly) internal CardSpace screencast and to Stuart for making it happen.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Z walks on his 11 month birthday

October 30, '06 Comments [12] Posted in Parenting | Z
Sponsored By

Zwalks2Big day for us all here at the Hanselman House. My nephew Spox’s 6th birthday was today, so Mo’s sister Nqobile and her husband threw a party.

It's also Z's 11 month birthday if you can believe that, Dear Reader. Here's a video of Z at about one hour old for comparison. ;)

Z has been "cruising" for the last month or so, holding on to the couch and the like. He's taken a few steps here and there, in desperate leaps from parent to parent, but we haven't really felt that was the "official he's walking" event.

This evening I was screwing around with this little cheap Canon Mini DV ZR700 that I won. It's kind of a cheesy camera...I prefer the heft and video quality of my Sony Digital 8mm, but this little Canon has a neat anamorphic 480p-style 16x9 widescreen video that makes family DVDs look more professional and certainly nicer on an HD TV, even though it's not an HD video camera. We'll be taking it to Tanzania where we'll be spending the whole of December.

But, I digress! It was with this little camera that we taped Z walking down our hallway this evening, and with Vista RC2's "Windows Movie Maker" that I squish that video and present it to you here!

File Attachment: ZWalks2.wmv (1950 KB)

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Outlook 2007 Beta introduces its own Feed URL Protocol. Ew.

October 28, '06 Comments [19] Posted in Reviews | Tools | XML
Sponsored By

(This discussion refers to Outlook 2007 Beta 2 Technical Refresh)

I'm really not sure how I feel about this.

There was a big discussion about if the feed:// protocol was needed. Personally I've always said I think it IS needed while the RSS Team at Microsoft disagrees.

However, I just noticed that not only does Outlook store it's RSS in the PST (and syncs with the Common Feed Store, which we already knew), but it also registers two new "Protocol Handlers" explicitly for handling RSS feeds - they are OUTLOOKFEED:// and OUTLOOKFEEDS:// with the latter including an "S" for secure feeds.

This doesn't seem exactly fair or consistent. I understand that an enterprise, especially one using SharePoint would want to have folks subscribe to a feed directly into Outlook. However, not only is Outlook creating these new pseudo-protocols that are Outlook-specific, it's also taking over FEED:// as well. We'll see if there's changes in the next RC. 

That doesn't seem fair. What if RssBandit started using RSSBANDITFEED://? Of course, any of these aggregators can try to take over OUTLOOKFEED://, although Outlook will likely bork. However, it's the very existence of this custom psuedoprotocol that I find offensive, it doesn't matter it can probably be disabled.

ASIDE: For some reason FeedDemon always warns me that it isn't the default feed reader (i.e. it's not associated with the feed:// protocol, and even though I want it to be the default aggregator, it keeps prompting. This might be a Vista-specific administrative thing, but I suspect Outlook is taking over feed:// also.

You can test these various protocols on your machine by trying each of the following links:

Also, right now, if you click an RSS Feed while running FeedDemon (just using FeedDemon as an example application that eats RSS but also hosts IE7) then IE7 tries to subscribe using the RSS Platform and the Common Feed Store, when really FeedDemon should be getting the subscription request. I know that Nick @ FeedDemon will eventually fix this with some cleverness, but should he really have to? 

I'm just unclear on the usefulness thus far of the Common Feed Store. I like the API (inside msfeeds.dll and a few other places that you'll get quietly when you get IE7), even though it's COM-based, and I like that it handles the retrieval and the parsing/canonicalization of the various feed formats. However, it's unclear how I am to administer it effectively. IE7's interface is a little week if you have 400 feeds. There's no shift-select-delete support in either IE or in Outlook 2007 so I can't remove the hundreds of duplicate feeds that have appeared in the last few weeks. I've found the sync'ing solution from NewsGator to be a decent start - as an idea - but the implementation is NOT working well as it's incredibly slow and 10% of my feeds just don't sync.

Rather than blaming NewsGator or Microsoft, I'm forced to ask, is it really this hard to keep my Feeds and Read Status sync'ed between a few computers and a few applications? Apparently it's wicked hard...this leads me to wonder if ONLINE feed reading is where its at.

Apparently my readership thinks so. At least half of you are using online aggregators (or NewsGator sync'ed aggregators which includes NewsGator proper as well as FeedDemon when you're sync'ing feeds).

What do you think? Do you read your feeds online?

Do you like the one-click convenience of FEED://, or do you prefer either using FireFox's clever Feed Reader Chooser, or are you a Right Click|Copy URL|Alt-Tab|Subscribe|Paste|OK type?

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Who moved my Office Cheese - Mapping Office 2003 commands to Office 2007

October 28, '06 Comments [0] Posted in Reviews
Sponsored By

I'm loving Office 2007 more and more. It really does grow on you. For those of you who are having trouble finding stuff in the new Interface (and haven't discovered the automatic hotkey mapping - that's hot), there's a sexy little Flash Application that lets you select an existing menu item or toolbar item from a Word 2003 interface, then it'll show you the new Word 2007 interface and walk you through where that feature is located.

The same interactive command location finder exists for other apps within the Office 2007 Suite, it's just buried in the help. I say, set it free!

It's very well done and I suspect your Mom/Cousin/Spouse will appreciate it when they start using the new 2007 stuff.

Frankly, the whole Office Online Beta is pretty fantastic. Do check it out if you're trying to get up to speed. I can only hope they will maintain (i.e. 301 redirect) the beta permalinks once Office goes live. It's a shame that these interactive Flash Demos, that I think are very effective, are effectively hidden

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.