Category Archives: Coding

Active Directory Federation Services and YubiKeys

May 14th, 2012 | Posted in Coding, How-to's, Security, YubiKey

The conclusion to my previous post was that I’ll be showing how to implement YubiKeys along with Active Directory Federation Services. So, where do we start on this topic?…

It’s sort of a logic that says that if you aren’t familiar with Active Directory Federation Services (from here on abbreviated as ADFS) a lot of this post will not make sense to you at first glance. So, if you are familiar with ADFS skip ahead – if not I’ll have a few paragraphs explaining why you might be interested in taking a look at ADFS.

Surely everyone has noticed that there are a lot of web sites where there’s two options for signing in; either using an account for that particular site or "use your Google/Facebook/Twitter account to sign-in". The basic concept is easy enough – you already have a user identity, so why would you need another one? Why can’t you re-use the existing one? If you have ever logged on to a domain-joined Windows computer you’ve experienced this already. There is a central user catalog called "Active Directory" that you sign in to, and after being verified there you can access your file shares, Exchange account, etc without needing to sign into each and every one of those services.

That is certainly a good reason for re-using the identity you already have, but there’s another one as well. A lot of programmers are doomed to repeat the failures of others due to their insistence of doing things from scratch. What are the odds that I will be able to code (on my first attempt) a secure login solution that is resistant against cross-site scripting, SQL injection, buffer overflows, and whatnot? (Hint: don’t go all in betting on my success.) For some reason Facebook doesn’t instill a lot of confidence in me when it comes to protecting their users, though they are probably still better at it than me, but at least Google and Windows Live give me the impression of having done a thing or two to proof their solutions.
(…)
I walk through the steps required to support YubiKeys in an ADFS setup.

0 Comments

Exchange ActiveSync Building Blocks – GAL Search

March 13th, 2012 | Posted in ActiveSync, Coding, Exchange, How-to's

Based on the developer-friendly implementation of an encoder and decoder for AS-WBXML I just build it with a small sample implementing GAL search.

3 Comments

Exchange ActiveSync Building Blocks–Encode & Decode

March 7th, 2012 | Posted in ActiveSync, Coding, Exchange, How-to's

If you have followed the “building blocks” series you will have noticed that I have done the AS-WBXML by hand. This approach clearly doesn’t scale, and will not work outside these constrained snippets intended for learning. And it makes for sample apps that are only able to serve up a very specific purpose. (Now, the sample code is meant for copying and pasting so that’s pretty much by design anyways.) Not to mention it has made me look lazy for not doing things properly

Clearly we would be a significant step further if we didn’t have to create the web requests by looking up values in code pages and type in each individual byte. So, how about we take it to that very next level of Exchange ActiveSync “hacking”?
(…)
We go through how we can build a utility for encoding and decoding ASWBXML so you can copy & paste XML samples from the MSDN library and test against your Exchange Server.

2 Comments
RSS for Posts RSS for Comments