Evjen  rs V3 - 10/13/2011 Page iv
ffirs.indd ivffirs.indd iv 10/19/2011 2:46:50 PM10/19/2011 2:46:50 PM
Evjen  rs V3 - 10/13/2011 Page i
REAL WORLD .NET 4, C#, AND SILVERLIGHT®
INTRODUCTION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxix
CHAPTER 1 ASP.NET and jQuery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
CHAPTER 2 ASP.NET Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
CHAPTER 3 Ethical Hacking of ASP.NET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
CHAPTER 4 How to Build a Real World Silverlight 5 Application . . . . . . . . . . . . . . . .101
CHAPTER 5 Silverlight — The Silver Lining for Line-of-Business
Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
CHAPTER 6 Tips and Tricks for Designers and Developers . . . . . . . . . . . . . . . . . . . . 169
CHAPTER 7 MVVM Patterns in Silverlight 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
CHAPTER 8 Windows Phone “Mango” for Silverlight Developers . . . . . . . . . . . . . . 223
CHAPTER 9 Pragmatic Services Communication with WCF . . . . . . . . . . . . . . . . . . . 247
CHAPTER 10 Securing WCF Services Using the Windows Identity
Foundation (WIF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311
CHAPTER 11 Applied .NET Task Parallel Library . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349
CHAPTER 12 The WF Programming Language . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389
CHAPTER 13 Practical WPF Data Binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427
CHAPTER 14 Driving Development with User Stories and BDD . . . . . . . . . . . . . . . . . 489
CHAPTER 15 Automated Unit Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .569
INDEX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .591
ffirs.indd iffirs.indd i 10/19/2011 2:46:49 PM10/19/2011 2:46:49 PM
Evjen  rs V3 - 10/13/2011 Page ii
ffirs.indd iiffirs.indd ii 10/19/2011 2:46:50 PM10/19/2011 2:46:50 PM
Evjen  rs V3 - 10/13/2011 Page iii
Real World .NET 4, C#,
and Silverlight
®

ffirs.indd iiiffirs.indd iii 10/19/2011 2:46:50 PM10/19/2011 2:46:50 PM
Evjen  rs V3 - 10/13/2011 Page iv
ffirs.indd ivffirs.indd iv 10/19/2011 2:46:50 PM10/19/2011 2:46:50 PM
Evjen  rs V3 - 10/13/2011 Page v
Real World .NET 4, C#,
and Silverlight
®
INDISPENSABLE EXPERIENCES FROM 15 MVPS
Bill Evjen
Dominick Baier
György Balássy
Gill Cleeren
David Giard
Alex Golesh
Kevin Grossnicklaus
Caleb Jenkins
Jeffrey Juday
Vishwas Lele
Jeremy Likness
Scott Millett
Christian Nagel
Christian Weyer
Daron Yöndem
ffirs.indd vffirs.indd v 10/19/2011 2:46:50 PM10/19/2011 2:46:50 PM
Evjen  rs V3 - 10/13/2011 Page vi
Real World .NET 4, C#, and Silverlight® : Indispensible Experiences from 15 MVPs
Published by
John Wiley & Sons, Inc.
10475 Crosspoint Boulevard
Indianapolis, IN 46256

www.wiley.com
Copyright © 2012 by John Wiley & Sons, Inc., Indianapolis, Indiana
Published simultaneously in Canada
ISBN: 978-1-118-02196-5
ISBN: 978-1-118-22189-1 (ebk)
ISBN: 978-1-118-23619-2 (ebk)
ISBN: 978-1-118-25264-2 (ebk)
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means,
electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108
of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization
through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers,
MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the
Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-
6008, or online at />Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with
respect to the accuracy or completeness of the contents of this work and specifi cally disclaim all warranties, including
without limitation warranties of fi tness for a particular purpose. No warranty may be created or extended by sales or pro-
motional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold
with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services.
If professional assistance is required, the services of a competent professional person should be sought. Neither the pub-
lisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to
in this work as a citation and/or a potential source of further information does not mean that the author or the publisher
endorses the information the organization or Web site may provide or recommendations it may make. Further, readers
should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was
written and when it is read.
For general information on our other products and services please contact our Customer Care Department within the
United States at (877) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.
Wiley also publishes its books in a variety of electronic formats and by print-on-demand. Not all content that is available
in standard print versions of this book may appear or be packaged in all book formats. If you have purchased a version of

this book that did not include media that is referenced by or accompanies a standard print version, you may request this
media by visiting . For more information about Wiley products, visit us at
www.wiley.com.
Library of Congress Control Number: 2011939645
Trademarks: Wiley, the Wiley logo, Wrox, the Wrox logo, Programmer to Programmer, and related trade dress are trade-
marks or registered trademarks of John Wiley & Sons, Inc. and/or its affi liates, in the United States and other countries,
and may not be used without written permission. LEGO is a registered trademark of LEGO Group. Excel, Expression
Blend, Internet Explorer, Microsoft, PowerPoint, Silverlight, Visio, Visual Basic, and Visual Studio are registered trade-
marks, and SQL Server is a trademark of Microsoft Corporation. All other trademarks are the property of their respective
owners. John Wiley & Sons, Inc., is not associated with any product or vendor mentioned in this book.
ffirs.indd viffirs.indd vi 10/19/2011 2:46:53 PM10/19/2011 2:46:53 PM
Evjen  rs V3 - 10/13/2011 Page vii
To Ági, forever.
—György Balássy
To my wife-to-be, Lindsey Broos, and my mother. Thanks for
being there…always.
—Gill Cleeren
My work on this book is dedicated to my sons: Nick and Timmy.
I am more proud of them than of anything else in my life.
—David Giard
For my lovely wife and daughter. Thanks for endless support.
—Alex Golesh
To Rachel — my strong, confi dent, and loving wife. I love you,
Hunny. To Noah, Emily, Kaitlyn and Abigail — you children are
amazing. I am blessed to be your father!
—Caleb Jenkins
To my wife, Sherrill, and daughter, Alexandra. To Thomas Juday, my
father, who taught me that “it all starts with taking out the trash.”
—Jeffrey Juday
This book is dedicated to S^3.

—Vish was L ele
To Lyns, without whose never-ending supply of tea, toast, love, and
encouragement my chapter would have been fi nished in half the time.
—Scott Millett
To my loving parents. Without your guidance and unconditional
support, I would not have the chance to be who I am.
—Daron Yöndem
ffirs.indd viiffirs.indd vii 10/19/2011 2:46:53 PM10/19/2011 2:46:53 PM
Evjen  rs V3 - 10/13/2011 Page viii
ffirs.indd viiiffirs.indd viii 10/19/2011 2:46:53 PM10/19/2011 2:46:53 PM
Evjen  rs V3 - 10/13/2011 Page ix
ABOUT THE TECHNICAL EDITOR
JAMES MILLER is a senior architect and technical evangelist working on highly scalable, reliable,
and usable enterprise applications utilizing the latest Microsoft platforms and technologies. He
has worked in multiple industries and capacities in both the public and private sectors, and has
nearly 30 years of programming experience under his belt, experiencing almost every aspect of the
software life cycle, and is especially skilled in architecting and developing frameworks and tools
to aid rapid application development and agile practices. Miller has held the Microsoft Certifi ed
Professional Developer certifi cation for several years, as well as earning Technology Specialist certi-
fi cations in Web, Workfl ow Foundation (WF), and Silverlight development. He has a B.S.E.E. from
the University of Michigan, specializing in computer and digital systems, with a Business minor
focused in accounting and fi nance. He lives in a rural area outside Ann Arbor, Michigan, with his
wife, three sons, two daughters, four dogs, and four cats. He fi lls much of his limited free time as a
high school men’s varsity lacrosse coach, but still has an electric guitar plugged in over in a corner,
a bookshelf fi lled with tech books, and a comfortable chair near the desk, perfect for watching the
deer as they meander by.
ffirs.indd ixffirs.indd ix 10/19/2011 2:46:53 PM10/19/2011 2:46:53 PM
Evjen  rs V3 - 10/13/2011 Page x
ffirs.indd xffirs.indd x 10/19/2011 2:46:53 PM10/19/2011 2:46:53 PM
Evjen  rs V3 - 10/13/2011 Page xi

CREDITS
ACQUISITIONS EDITOR
Paul Reese
PROJECT EDITOR
Kevin Shafer
TECHNICAL EDITOR
James Miller
PRODUCTION EDITOR
Daniel Scribner
COPY EDITOR
San Dee Phillips
EDITORIAL MANAGER
Mary Beth Wakefi eld
FREELANCER EDITORIAL MANAGER
Rosemarie Graham
ASSOCIATE DIRECTOR OF MARKETING
David Mayhew
MARKETING MANAGER
Ashley Zurcher
BUSINESS MANAGER
Amy Knies
PRODUCTION MANAGER
Tim Tate
VICE PRESIDENT AND EXECUTIVE
GROUP PUBLISHER
Richard Swadley
VICE PRESIDENT AND EXECUTIVE
PUBLISHER
Neil Edde
ASSOCIATE PUBLISHER

Jim Minatel
PROJECT COORDINATOR, COVER
Katie Crocker
PROOFREADER
Scott Klemp, Word One
INDEXER
Ron Strauss
COVER DESIGNER
LeAndra Young
COVER IMAGE
© Rayman
ffirs.indd xiffirs.indd xi 10/19/2011 2:46:53 PM10/19/2011 2:46:53 PM
Evjen  rs V3 - 10/13/2011 Page xii
ffirs.indd xiiffirs.indd xii 10/19/2011 2:46:53 PM10/19/2011 2:46:53 PM
Evjen  rs V3 - 10/13/2011 Page xiii
ACKNOWLEDGMENTS
You’re currently holding a book that came together by the joint effort of a lot of people, all around
the world. Thanks to the people at Wrox for helping to put this book together!
—Gill Cleeren
Thanks to Proaction Mentors for the time and focus to get this done. Thanks to Jef, Todd, Tony,
Tim, Dave, Ken and the rest of my friends at Improving Enterprises for instilling an agile mindset
and appreciation for true TDD. Thanks to Craig Walls for teaching me DI, and Raymond Lewallen
for introducing me to BDD. Special thanks to Microsoft and the whole MVP program. To all of
the MVP authors on this book, Paul and the whole staff at Wiley — thanks for pulling this thing
together! Finally, my chapter is also dedicated to developers everywhere — deep in the trenches,
striving to hone their skills and improve our craft — keep fi ghting the good fi ght.
—Caleb Jenkins
Special thanks to Stephen Toub and Microsoft Patterns and Practices for their fi ne documentation
and timely answers to all my questions.
—Jeffrey Juday

Thanks to Steve Michelotti and Sajad Deyargaroo for their valuable feedback.
—Vish was Lele
Lyns, thanks for all your support and getting on with things while I have been writing my chapter
and the last book. Even though it might look like I take you for granted, I really don’t. I thank you
for all your patience and hard work with the house move, “family-do’s,” and looking after me. You
are truly wonderful.
—Scott Millett
ffirs.indd xiiiffirs.indd xiii 10/19/2011 2:46:53 PM10/19/2011 2:46:53 PM
Evjen  rs V3 - 10/13/2011 Page xiv
ffirs.indd xivffirs.indd xiv 10/19/2011 2:46:53 PM10/19/2011 2:46:53 PM
Evjen ftoc V2 - 10/11/2011 Page xv
CONTENTS
INTRODUCTION xxix
CHAPTER 1: ASP.NET AND JQUERY 1
Understanding Web Forms 2
View State 3
web.confi g Transformations 4
Simplifi ed web.confi g 5
New ASP.NET Web Forms Templates 5
ASP.NET MVC 8
Versions of MVC 8
The Pieces of MVC 9
Model 9
View 10
Controller 11
Action Methods 11
Model Binding 12
URL Routing 12
Accessing a Database 14
MVC Tooling 14

Creating a New Project 14
Referenced Assemblies 16
Site Structure 17
Adding a Controller 18
Adding a View 19
Sample Application 20
Sample Application Database 20
Departments 20
ASP.NET MVC Framework Summary 27
jQuery 28
Manipulating DOM Elements with jQuery 30
Calling Server Code with jQuery 31
jQuery 32
Summary 32
About the Author 32
ftoc.indd xvftoc.indd xv 10/19/2011 2:40:49 PM10/19/2011 2:40:49 PM
Evjen ftoc V2 - 10/11/2011 Page xvi
xvi
CONTENTS
CHAPTER 2: ASP.NET PERFORMANCE 33
Looking at How ASP.NET Handles Page Requests 33
State Management and Caching 35
Understanding State in .NET 36
Working with Sessions 37
Running Sessions In-Process 38
Running Sessions Out of Process 39
Maintaining Sessions on SQL Server 40
Deciding on the State of Sessions 41
Working with Output Caching 42
VaryByParam 43

VaryByHeader 43
VaryByControl 44
VaryByCustom 44
Extending <outputCache> 45
Partial Page (UserControl) Caching 46
Looking at .NET 4’s New Object Caching Option 47
Caching Web Services 50
Hardware Considerations 51
Using Performance Counters 52
Viewing Performance Counters Through an Administration Tool 52
Tips and Tricks 55
Keep Requests Down to a Minimum 55
Make Use of Content Delivery Networks 56
Enable the Browser to Cache Items Longer 57
Enabling Content Compression 59
Location of Content in Your Pages 60
Make JavaScript and CSS External 60
Summary 61
About the Author 61
CHAPTER 3: ETHICAL HACKING OF ASP.NET 63
Ethical Hacking — Is That an Oxymoron? 64
Filling Your Toolbox 65
Fiddler 65
Firebug 67
Internet Explorer 9 Developer Toolbar 68
Lens 69
ftoc.indd xviftoc.indd xvi 10/19/2011 2:40:50 PM10/19/2011 2:40:50 PM
Evjen ftoc V2 - 10/11/2011 Page xvii
xvii
CONTENTS

Understanding Session Management 70
Session Management in HTTP 71
Session Management in ASP.NET 72
Attacking the ASP.NET Authentication 72
Deep Dive into ASP.NET Authentication 72
Stealing the Ticket 73
Tampering with the Ticket 75
Hijacking the Login Session 75
Protecting Your Application Against Login Session Hijacking 77
Cross-Site Request Forgery 80
Protecting Against CSRF Attacks 81
Additional Protection Against CSRF 82
Attacking the ASP.NET Session 83
ASP.NET Session Under the Covers 83
Guessing the Session ID 83
Stealing the Session Cookie 84
Testing Your Application Against Session Hijacking 84
Protecting Your Website Against Session Hijacking 85
Session Fixation 88
Protecting Your Application Against Session Fixation Attacks 89
Hacking the View State 90
Peeking into the View State 90
Testing Your View State Against Information Disclosure 91
Encrypting Your View State 92
Tampering with the View State 93
Reposting the View State 94
Tricking Event Handlers 95
Event Validation Internals 96
Hacking Event Validation 96
Pushing the Disabled Button 97

Pushing the Invisible Button 97
Protecting Your Site Against POST Attacks 98
Summary 99
About the Author 99
CHAPTER 4: HOW TO BUILD A REAL WORLD
SILVERLIGHT 5 APPLICATION 101
Setting the Scene for the Application 102
Prototype First, Code Later — Using SketchFlow 103
Introducing SketchFlow 104
ftoc.indd xviiftoc.indd xvii 10/19/2011 2:40:50 PM10/19/2011 2:40:50 PM
Evjen ftoc V2 - 10/11/2011 Page xviii
xviii
CONTENTS
Finding Your Way Around SketchFlow 105
Creating the Application’s Prototype 105
The Map of the Application 106
Screen Mockup 106
Testing the Prototype and Gathering Feedback 108
Data-Binding Primer 110
Hello, Data Binding 110
Binding Syntax 110
Binding Modes 112
INotifyPropertyChanged Interface 112
Converters 113
Creating a Data Bound Screen 113
WCF RIA Services in Action 115
Choosing the Service-Layer Technology 116
Hello to You, WCF RIA Services 117
Why WCF RIA Services? 118
Architecture and Concepts of RIA Services 118

Creating the Server-Side 119
Setting Up the Solution 119
Data Access Using Entity Framework 121
Creating the Actual Services 122
Convention Is the Rule 125
Meanwhile, in the Silverlight Project 126
Loading Data in the MovieSelection Screen 126
Polishing the Screen 128
Applying the MVVM Pattern 129
Di erent Parts, Di erent Roles 131
The View 131
The ViewModel 131
The Model 131
Choosing the MVVM Approach 131
Picking a Little Helper — MVVM Light 132
Refactoring to MVVM 132
The Model 132
The ViewModel 133
The View 135
At Your Command 137
Messaging 139
Creating Customized Controls 140
Control Templates 140
Summary 143
About the Author 143
ftoc.indd xviiiftoc.indd xviii 10/19/2011 2:40:50 PM10/19/2011 2:40:50 PM
Evjen ftoc V2 - 10/11/2011 Page xix
xix
CONTENTS
CHAPTER 5: SILVERLIGHT — THE SILVER LINING FOR

LINE-OF-BUSINESS APPLICATIONS 145
Getting Started 146
Hello, Business World! 146
The Application Class 147
The UserControl Class 148
Project Templates 149
Silverlight Application 149
Silverlight Class Library 150
Silverlight Business Application 150
Silverlight Navigation Application 150
Other Application Templates 150
XAML Is Object XML 151
Hosting Silverlight Applications 152
Providing Excellent IApplicationService 153
Choosing the Right Silverlight Framework 155
Getting SOLID: MVC, MVP, and MVVM 155
Dependency Injection and Inversion of Control 157
The Managed Extensibility Framework 158
MVVM Frameworks 161
Prism 161
MVVM Light 162
nRoute 162
Caliburn.Micro 162
Jounce 163
Taking Silverlight Out-of-the-Box 164
Dynamic Loading 164
Out-of-Browser Applications 165
Isolated Storage 165
Communication 166
The Future of Silverlight 167

Summary 167
About the Author 168
CHAPTER 6: TIPS AND TRICKS FOR
DESIGNERS AND DEVELOPERS 169
Understanding the Di erences Between
Silverlight and WPF 170
Choosing XAML over Other Markups 170
Understanding the Separation of Concerns 170
ftoc.indd xixftoc.indd xix 10/19/2011 2:40:50 PM10/19/2011 2:40:50 PM
Evjen ftoc V2 - 10/11/2011 Page xx
xx
CONTENTS
Tips and Tricks for Designers 170
Naming Your Objects 170
Designing in Photoshop 171
Importing Assets from Photoshop 172
Using Sample Data for a Better Design Experience 172
Tips and Tricks for Developers 174
Showing Sample Data in Design Mode 174
Using Behaviors to Make Things Easier 175
Summary 177
About the Author 177
CHAPTER 7: MVVM PATTERNS IN SILVERLIGHT 4 179
Developing Your Own Framework 180
Getting to Know MVVM 180
Creating an MVVM Framework 182
Framework Goals 182
Framework Technologies 184
Getting Started 185
Defi ning ViewModels 186

Creating New Views and View Models 195
Registering Views and View Models 197
Displaying Views 202
Building Composite Screens 208
Displaying Dialogs 214
Communicating Between Views 216
Putting the MVVM Framework to Use 217
Existing MVVM Frameworks 217
Prism 218
MVVM Light 218
Caliburn.Micro 219
Other Frameworks 219
Additional Considerations 220
Data Binding 220
Commands 220
Data Access 221
Summary 221
About the Author 222
ftoc.indd xxftoc.indd xx 10/19/2011 2:40:50 PM10/19/2011 2:40:50 PM
Evjen ftoc V2 - 10/11/2011 Page xxi
xxi
CONTENTS
CHAPTER 8: WINDOWS PHONE “MANGO”
FOR SILVERLIGHT DEVELOPERS 223
Hardware Foundation 223
Camera API 223
Camera Best Practices 227
Sensors API 227
Gyroscope 227
Compass 228

Motion 229
Sensors Best Practices 230
Software Foundation 230
Runtime Improvements 230
Tools Enhancements 230
Network Sockets 231
Silverlight/XNA Hybrid Applications 233
Local Database 234
Application Model 235
Fast Application Switching (FAS) 235
Multitasking 237
Background Agents 237
Notifi cations 239
Background Transfer Service 240
Integration Service 241
Secondary Tiles 241
Push Notifi cations 242
Contacts/Appointments Data Access 243
Summary 244
About the Author 245
CHAPTER 9: PRAGMATIC SERVICES
COMMUNICATION WITH WCF 247
Sample Project 248
Service Orientation Revisited 249
Distributed Means Communication 249
Service Orientation 251
WCF Basics 101 252
Basic Toolset 252
ftoc.indd xxiftoc.indd xxi 10/19/2011 2:40:50 PM10/19/2011 2:40:50 PM
Evjen ftoc V2 - 10/11/2011 Page xxii

xxii
CONTENTS
The Power of the B 254
Less Is More 256
Application Scenario 256
Requirements 256
Application Architecture 256
Application Structure 258
Modeling Services 259
Contracts 260
Service Contracts 260
Operation Contracts 261
Messages 265
Message Contracts 265
Data Contracts 266
Fault Contracts 268
Paging Data 269
Metadata 270
Flat WSDL 271
Metadata URLs 273
Implementing Services 276
Validation 277
Mapping 277
Tracing 280
Hosting Services 283
Customizing Hosting 283
Testing with Console Hosts 284
Self-Hosting with a Windows Service 284
Web-Hosting with WAS 287
Bootstrapping 289

Consuming Services 291
Shared Contracts 292
Asynchronous Calls 293
Service Agent Pattern 293
Complementing Service Approach 297
Web Programming Model 298
Hosting and Consuming 300
Optimization Strategies 302
Tweaking 302
Streaming 306
Summary 308
About the Author 309
ftoc.indd xxiiftoc.indd xxii 10/19/2011 2:40:50 PM10/19/2011 2:40:50 PM
Evjen ftoc V2 - 10/11/2011 Page xxiii
xxiii
CONTENTS
CHAPTER 10: SECURING WCF SERVICES USING
THE WINDOWS IDENTITY FOUNDATION (WIF) 311
Identity in .NET Applications 311
Identity in the Base Class Library 312
Identity in WCF 313
Windows Identity Foundation 314
Security Token Handlers 315
Claims Transformation 316
Claims-Based Authorization 317
Recapping the Building Blocks 319
WCF and WIF 319
Prerequisites 319
Confi guring and Enabling WIF 320
Windows Authentication 321

Username/Password Authentication 322
X.509 Certifi cate Authentication 324
SAML Token Authentication 325
Sessions 326
Recapping Confi guring and Enabling 329
Transforming and Accessing Claims 329
Authorization 330
Tracing 333
Possible Solutions for Securing the
Movie Database SOAP Service 333
Internal Users 334
Adding Windows Authentication 334
Claims Transformation 336
Authorization 337
Adding an External Content Provider 340
Adding the Service Endpoint for External Users 341
Adjusting Claims Transformation 342
The Client 343
Assessing the Solution 344
Possible Solutions for Securing the
Movie Database REST Service 345
Internal Users 345
Token-Based Authentication 345
Summary 347
About the Author 348
ftoc.indd xxiiiftoc.indd xxiii 10/19/2011 2:40:50 PM10/19/2011 2:40:50 PM