Freigeben über


patterns and practices WCF Security Application Scenarios

We published an updated set of our WCF Security application scenarios yesterday, as part of our patterns & practices WCF Security guidance project.   Application Scenarios are visual "blueprints" of skeletal solutions for end-to-end deployment scenarios.  Each application scenario includes a before and after look at working solutions.  While you still need to prototype and test for your scenario, this gives you potential solutions and paths at a glance, rather than starting from scratch.  It's a catalog of applications scenarios that you can look through and potentially find your match.

Intranet
Common Intranet patterns:

Internet
Common Internet patterns:

One Size Does Not Fit All
We know that one size doesn't fit all, so we create a collection of application scenarios that you can quickly sort through and pattern match against your scenario.  It's like a visual menu at a restaurant.  The goal is to find a good fit against your parameters versus a perfect fit.  It gives you a baseline to start from.  They effectively let you preview solutions, before embarking on your journey.

How We Make Application Scenarios
First, we start by gathering all the deployment scenarios we can find from customers with working solutions.  We use our field, product support, product teams, subject matter experts, and customers.  We also check with our internal line of business application solutions.  While there's a lot of variations, we look for the common denominators.  There's only so many ways to physically deploy servers, so we start there.  We group potential solutions by big buckets. 

In order to make the solutions meaningful, we pick a focus.  For example, with WCF Security, key overarching decisions include authentication, authorization, and secure communication.  These decisions span the layers and tiers.  We also pay attention to factors that influence your decisions.  For example, your role stores and user stores are a big factor.  The tricky part is throwing out the details of customer specific solutions, while retaining the conceptual integrity that makes the solution useful.

Next, we create prototypes and we test the end-to-end scenarios in our lab.  We do a lot of whiteboarding during this stage for candidate solutions.  This is where we spend the bulk of our time, testing paths, finding surprises, and making things work.  It's one thing to know what's supposed to work; it's another to make it work in practice. 

From our working solution, we highlight the insights and actions within the Application Scenario so you can quickly prototype for your particular context.  We then share our candidate guidance modules on CodePlex, while we continue reviews across our review loops including field, PSS, customers, product team members, and subject matter experts.

Comments

  • Anonymous
    April 10, 2008
    For this week's release in our patterns & practices WCF Security Guidance project , we added new

  • Anonymous
    April 10, 2008
    " For this week's release in our patterns & practices WCF Security Guidance project , we added

  • Anonymous
    April 17, 2008
    For this week's release in our patterns & practices WCF Security Guidance project , we released our

  • Anonymous
    April 18, 2008
    " For this week's release in our patterns & practices WCF Security Guidance project , we released

  • Anonymous
    April 24, 2008
    What are your key security-related questions with WCF? More importantly, what are the answers? For this

  • Anonymous
    May 01, 2008
    We have 5 new How Tos for this week's release of our patterns & practices WCF Security Guidance Project

  • Anonymous
    May 05, 2008
      J.D. Mier is a principal program manager who manages our patterns and practices content. He's