SlideShare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.
SlideShare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.
Successfully reported this slideshow.
Activate your 14 day free trial to unlock unlimited reading.
7.
Or not?
Speed of light! USA was slow!
Sync issues, downtime, …
Seems not every ISP follows DNS standards
8.
• Syncing data kept being slow
• Populating cache was a nightmare
• CDN kept having issues
• Of 3 instances, only 1 was being used with enough
load (~60%)
11.
production tenants
www.myget.org
*.customer.myget.org
other domain names
localhost:1196 myget-staging.cloudapp.net
development
Windows Azure Access Control Service
20.
this is why we built username/password
registration, seems a lot of people prefer typing
instead of one click
we must keep investing in Build Services
feed discovery is more popular than we imagined
from zero reactions on our blog and Twitter
the technical fear we had about “download as ZIP”
consuming too much server resources? That thing
doesn’t show up in our stats, that’s how successful
it is…
Demo:Show people around in ACS management portal and whos how easy it is to add another identity providerShow Visual Studio and how easy it is to add a federation identity provider in thereStress the fact that the app only know about ONE identity, and that’s the one from ACS. The others are transformed at the ACS level.Show the incoming claims in the accountcontroller
Demo:Web.config contains multiple audiences: <audienceUris> <add value="http://localhost:1196/" /> <add value="http://localhost:81/" /> <add value="http://www.myget.org/" /> </audienceUris>Realmis the same for every audience, ACS uses the audience to do the home realmdiscoveryDemonstrate a login on prod and one on dev
Demo:Demonstrate http://realdolmen.customer.myget.org/ login via RealDolmen ADFSAgain, demonstrate the audience URI’s and how this should in theory never workShow the dynamic configuration happening on login: if (TenantContext.Tenant != null) { signInRequestMessage.Realm = TenantContext.Tenant.Realm; var allowedAudienceUris = FederatedAuthentication.ServiceConfiguration.AudienceRestriction.AllowedAudienceUris; if (!allowedAudienceUris.Contains(new Uri(TenantContext.Tenant.Realm))) { allowedAudienceUris.Add(new Uri(TenantContext.Tenant.Realm)); } }