Next Bits...

Sep 16, 2008 at 5:40 AM
Was thinking of taking a look at the following...

1) Switching to hashed passwords for users in Service.config
2) Taking a look at where we might be able to hook-up the style sheet based on a theme defined for a collection in the service document (experimental - maybe raise an event ... observer in the master page? or somewhere else in the pipeline...
3) Write an update of the installation blog post for the new setup using a virtual directory

For some reason when I changed the project properties back to use IIS - http://localhost/blogsvc/default.aspx - is redirecting to http://localhost (with nothing in the managed fusion debug output). Using http://localhost/blogsvc on its own works fine..

Also still seeing an error on comment submission (the full App_Data dir is read/write with correct permissions for Network Service). Internal Server Error for http://localhost/blogsvc/blog/2008/09/10/SetupDevEnv.atom and if I try to reload the page Server Error in '/blogsvc' Application. Could not find a base address that matches scheme http for the endpoint with binding CustomBinding. Registered base address schemes are [].

Line 26:         {
Line 27:             Uri[] requiredAddress = GetAppropriateBase(baseAddresses);
Line 28:             return base.CreateServiceHost(serviceType, requiredAddress);
Line 29:         }
Line 30:

Is serviceHostingEnvironment no longer required?  It's currently commented out in the Web.config. Or do endpoint addresses need to be set in the Services section for BlogService.Services.RestAtomPubService?
Sep 16, 2008 at 12:36 PM
1) unfortunately, we can't hash passwords if users want to use WSSE as it is a limitation that we must have access to original password.  We could encrypt it though.
2) can temporarily be Global.AtomPubService.GetService().GetCollection().Style in Master until we get workspace detection working.  Then in the BaseFeedPage we can detect if it is overridden by the collection.
3) this would be great.  I'll add you as a contributor to the info collection so you can make updates.  I'll also add you as an author to the blog so you can make new blog posts. This way you can test out the role authorization.

Yes, i think that code needs some tweaking to detect the base address.  It currently only works if you have specifically binded the webserver to localhost.

Sep 16, 2008 at 7:13 PM
1) is this because Atom-enabled clients (like WLW) will be preparing the digest/hash of the password, nonce and a timestamp - at the client end... and hence it (and we) need the password for validation?
2) ok
3) ok - maybe you could Skype me my login details for blog?