Rebecca Dias hung out with keynote Steve Ballmer and announced the release of WSE 2.0, the successor to 1.0 component libraries with support for OASIS WS-Security protocols in addition to several features of WS-Policy (specifically WS-SecurityPolicy) and WS-Trust/WS-SecureConversation. This is truly an attribute to .NET’s extensibility model that the WSE team can build support for emerging standards (as they emerge) through use of HTTP handlers and SOAP extensions. The WSE team has one of the fastest release cycles at Microsoft, and I expect they will continue to plung forward to support more of the WS* standards so that we can have tools at our fingertips to interact with these protocols with a lot less pain (or, WS-Pain as I call it).

NOTE: If you’re at Tech Ed, come see my talk on HTTP handlers, modules and SOAP extensions. DEV410: Inside the ASP.NET Runtime: Intercepting HTTP Requests, Wednesday 8:30am in Room 8.

This release gives developers a simple way to use Web services security protocols that enable:

• Passing security tokens
• Authenticating callers
• Ensuring message integrity
• Ensuring message confidentiality

This tool has the best support out there today for generating WS-Security and WS-Policy XML, and help you see the value of the actual standard.

Becky, can I have a WSE T-shirt now?

After a long week trouble-shooting last minute issues between .NET, WSE 2.0, BEA Workshop 8.1, Apache Axis and SourceID...we pulled off our Web services event without a hitch! What does that mean? Well...for one, all the demos worked. This is significant because although we each had our own test plans hitting remote and local endpoints...the first we were able to get together and test on the actual machines for the demo was Friday when each speaker arrived to San Diego. Here's how Friday played out:

• Heinrich arrives at San Diego airport at 1pm, we head to my technology palace to hook our machines up to the NAT router and have his BEA code hit the token issuer on my machine (which would be Ben's machine later that night), and the Axis web service on Chris' remote server.
• Anant meets Heinrich and myself at UCSD to test the configuration at the event venue, and we switch to Anant running the Axis service. This didn't quite work (configuration was fragile, too many settings to modify each time we moved service endpoints) so I left them (and my machine) to figure it out while I was off to pick Ben up at the airport
• Ben's plane is late, I call Anant and Heinrich, they come to the airport so we can trouble-shoot the configuration issues while we wait. We can't afford to lose time...it's already 7pm
• Ben arrives and immediately spots us. We were sitting at the airport, connected machines via router, people staring (what the?)...as they walked by. It's 8:30pm
• We head back to my place, call for pizza on the way, Adam Cogan waiting on us (he wanted to see our demo...give us feedback). We work on configuration with Ben's machine, then proceed to run through the demos and discussions. By 2am we were ready...a few hours of sleep later and we were setting up at UCSD!

Ted Neward gave an incredible keynote, not only educating us on interesting historical facts while explaining that we are destined to repeat the same mistakes over and over again if we don't approach SOA, Web services and enterprise component architectures incorporating lessons learned from the failure of past architectures such as CORBA and DCOM. He is a phenomenal speaker, and great philosopher, and what I really like about Ted is that he backs up every statement he makes with cold hard facts and reasoning.

We ended up spending some time describing Web services, and what the purpose of WS-Security and WS-Policy were, before we got to demos...however the audience truly seemed to appreciate the overview, as much as they enjoyed the demonstrations to follow. I'll get some links up soon that make reference to resources. In the meantime, some detailed discussions of the event went are already up on John and Benjamin's respective blogs. Benjamin writes about the panel discussion that followed the code demonstrations. He also summarized Ted's keynote.

I plan to summarize some of the interesting things I noticed while trouble-shooting the code as our human interoperability tester...stay tuned...

Like Scott says...fun things happening at Tech Ed...

Well, I couldn't be more thrilled today...after rebuilding my machine on Friday (sun shining outside, 80 degrees) and following Chris Haddad's flawless instructions to set up my machine with the latest JDK, Ant, Tomcat, and Axis yesterday (sun shining outside, 80 degrees)...we were ready to start testing Ben's .NET SAML implementation. Setup was time consuming, yet surprisingly painless... a far cry from the hell I went through several years ago when Axis was in its infancy ...back then it took me 3 days to get HelloDuke() to run properly...mind you that could have been related to my J2EE container, ATG Dynamo.

Yesterday Anant and I both set up our machines to run Axis demos and between phone calls and IM Chris and I tested his remote Axis endpoint with Ben's SAML token issuer. We discovered a few things related to how Axis handles SOAP messages, for example you have to manually indicate understanding for *mustUnderstand* headers like wsse:Security (a good one to understand wouldn't you say?).

Today we continue (sun shining...80 degrees...sigh)...

As I mentioned earlier a bunch of us are pulling together some *wicked* demos (that's Canadian for *awesome*) for first ever Web Services Interoperability Education Day.

We crafted a plan for the tiered demonstration in late February and everyone broke off into their respective coding frenzy. Benjamin Mitchell took on extending .NET WSE 2.0 to create a SAML token issuer. Heinrich Gantenbein is extending the existing interop example he already created between .NET WSE and BEA Workshop 8.1/WebLogic Server. And Chris Haddad stepped up big time to build us an Apache Axis/Source ID Web service to receive SAML token signed messages and verify with the token issuer. (We switched to open source since we discovered it was VERY difficult to get our hands on a trial version of Tivoli to support our IBM WebSphere example...and the clock was ticking...).

Throughout all of this, John Bristowe and myself have been waving pom poms (John's term) and supporting the group either by testing code, discussing issues, and general coordination. In addition, Anant Kadiyala (run's the local BEA user group in San Diego, and teaches Web Services at UCSD Extension with me) stepped up to support the open source side, working with me configuring machines for the demos, and we'll be trouble-shooting the entire system here in San Diego before our esteemed speakers arrive.

Now, I have to admit that it was really very difficult for me NOT to *own* a specific part of the code for this event...given that I work with WSE 2.0, have a past with Axis and also know enough BEA to be dangerous :)... and I'm sure John and Anant may have similar feelings despite bandwidth issues we all have...however, this couldn't be a better display of teamwork in action. As issues come up, there is a support team to research issues, test code and find solutions...fast. We're running into x.509 certificate serialization issues, Web service specification implementation issues, and other configuration bottlenecks. Not to mention that coordinating all of this with the actual presentation is just a ton of work since we will be networked through a NAT router and hitting each others machines...good things...so, in short, this is a really great experience.

It is a honor to work with all of these guys...really.

My esteemed colleague Brian Noyes blogs about performance trade-offs in application design

We're putting on an event right before Tech Ed San Diego, hosted by UCSD Extension. This Web Services Interoperability Education Day, on May 22nd, is geared at showing the community some of the .NET and Java tools that help developers implement solutions with WS-Security (now OASIS standard) and WS-Policy support. This event is an extension of the IDesign whitepaper and webinar comparing .NET/WSE and BEA Workshop 8.1 support for emerging Web services standards, and showing their interoperability.

I am really fortunate to have so many great people contributing their time to make this a success (see the site for a list of presenters, although a few are not listed yet, I guess those php sites take time to update ). The diverse backgrounds, and various perspectives of each presenter and panelist will definitely make for some very interesting post-demo discussions, and certainly should help to keep you awake during our Q&A period during the BOF.

Of course, we have prizes too...XBOX anyone? How about an iPod? T-shirt? Cap? Mug? The list is endless...

I have no excuse for taking this long, it only took about 1 hour to play with the latest release of dasBlog (1.6) and get it deployed...clearly, without adding any personal flair or artistic effort on my part. That would have had exponential impact on my timeline. And so, my first entry is simply to say "hey, I have a blog now". Finally.

Now, to find something interesting to say...