Code through the pain Ladislav Mrnka's professional blog about software development


Last week I had to prepare simple security configuration for WCF service - I needed to configure a test service and a client using mutual HTTPS to achieve secure transport and X.509 Binary Token to authenticate requests. Requests should contain only a message data and a security token and no other security headers like a timestamp were allowed. This proved to be more challenging and frustrating than I expected. I started with the simplest possible configuration using CertificateOverTransport authentication mode but it failed with the exception:

System.InvalidOperationException: Signing without primary signature requires timestamp

I found that I'm not the first one who dealt with this problem. MS Connect contains related  "bug" where I expected to find a solution or workaround because WCF is API designed for interoperability with other platforms, isn't it? Surprisingly I didn't find a solution but instead some very odd answer describing that behaviour is "by design". Well, in the context of the used configuration it is really by design as I will describe in this post but the point of the bug was how to do it and Microsoft representative completely failed to answer the question and marked the problem as fixed because of "by design". This really made me furious so I even wrote my own question to MSDN forum. The rest of this article describes the whole route to the working solution as well as description why initial solution didn't work.

Posted on August 31, 2011 by Ladislav Mrnka
Filed under: WCF
Continue reading

Few week ago ADO.NET team published minor update to Entity Framework 4.1 (download page). By following ADO.NET team blog, I guess the purpose of this minor update was fixing few bugs, adding support for context factory and preparing support for Code First Migrations August 2011 CTP  which demands this update. Everything looks awesome because ADO.NET team is fixing some bugs, adding new features and working on new tools (EF power tools, migrations) and new version Entity framework. Still sometimes there can appear some unexpected problem. The mentioned update contains one annoying hidden breaking change reported by many developers using external profilers. The rest of the article will describe this problem, its impact and announced fix.

Posted on August 21, 2011 by Ladislav Mrnka
Filed under: Entity framework
Continue reading