I've written quite a few functional designs over the years and I've found that for users needing to validate it having visuals is key. In most cases prospective users don't understand what they really get until they see screens. On the opposite side of the spectrum telling developers what to do also is much easier with a screen, especially when you are debating what would be the best and most efficient (coding wise) way to give a user certain functionality. In these situations just getting a piece of paper and draw is the best you can do. The last few years I've done this on and off on my tablet. I can sketch on it, but the results are often so poor to see (and read!), that I can't possible put it in a functional design. This is where a good mockup tool comes in.

A good mockup tool should make you feel like you are drawing, but provide you with predefined controls to make your job fast and easy. Recently I came across Balsamiq Mockups, which is simply jaw dropping. Let's start with the result, which looks pretty much like a hand drawn thing. At first glance that may not seem like a big deal, but it is. It states clearly "This is a mockup, the actual thing may look different". If you give a user something that looks like a screen shot, that is what to expect to get. With this they know it will look differently when it is done, and this also makes it much easier to debate your choices and come up with better ideas (to quote David Platt, "Thy User Is Not You", so they will come up with stuff you didn't even dream about).

Ok, so the result is great, what about getting there? Well, that's a piece of cake, really. Balsamiq is as intuitive a tool as I've seen and I was able to create a pretty complex screen in about 10 minutes. There's a bunch of commonly used controls (and some less common), and you can easily find what you need. Also, you can download tons of additional controls from http://mockupstogo.net. Placing, moving, resizing etc. is all very easy because of the snapping support. Want to see for yourself? Look here.

The last things that I find refreshing is the licensing model and fee. It only costs $79 for a single license, and that comes with updates forever (and they update frequently, so they say). Because the tool is already so good, this means you can use it for years, without having to worry about support or having to get a new version.

This is just a great tool. I am sure I will be using it often.

Just a few days ago Moonlight 2.0 was released. Moonlight is an open source Linux implementation of Silverlight. Moonlight 2.0 should be compatible with Silverlight 2.0, but it also already supports some Silverlight 3.0 features, such as writeable bitmaps, some out-of-browser functionality, and the Silverlight 3 pluggable media pipeline (source: ARS Technica). For us this is very interesting, because we are working on a project involving Silverlight which will run in a public website. The client was worried about the possible reach, and this at least opens the door. According to Microsoft 60% of the PC's in the Netherlands now have Silverlight installed, so this is good news for our client.

Recently we moved our projects to a new TFS server. This means that all workspaces link to the old TFS, and you will get the error message "The path [path] is already mapped in workspace [workspace]" when you try to add a new reference to a project you've already worked on. I keep running into this every once in a while, because we develop from virtual machines and we have different ones for different projects. I also keep forgetting what to do, so this is partly a message to self.

You can solve this by opening the Visual Studio command prompt and typing:

tf workspaces /remove:[projectname]

If you want to remove all of them (which is the case when switching to a new TFS), you can use a wildcard, like this:

tf workspaces /remove:*

Thanks to Gergely Orosz's post on the topic.

I've been reading parts of this book on and off for a long time, and I've pretty much read the whole book and some sections more than once, so it is time for a review (even though this is an "older" book).

If you're a software developer, this is a must read. It gives you a kick in the head about what you should think of when you develop software. The examples David Platt uses in this book are very striking, and will make you think about what you've built yourself. You may feel embarrased sometimes and think "I did that too, shame on me!" However, in the end it will make you a better developer. Platt shows very well that IT is no longer about technology, but about the people operating the technology.

This book is also a fun read. Platt has a good sense of humor, and in some cases the stories he tells themselves are pretty hilarious. The only downside of the book is that at some point repetition kicks in. The message is clear, so you want to move on, but there are still more examples explaining the same thing.

We're doing a project where were talking to non-.NET web services and this means that sometimes we have to see what the exact message looks like. In case you ever need to do this: a MessageInspector will not (always) be suitable for this. This is particularly the case where you're using a certificate to sign the message. Signing happens after the MessageInspector is invoked, so it will just show you the unsigned message. One thing you can do is setup a URL you can post to that logs the incoming message as is. We have a "service" like that available to all developers, because it is a quick and easy solution that doesn't require installing additional tooling or modify code. Another option is to configure message logging (see the MSDN article Recommended Settings for Tracing and Message Logging).

At my company we we're looking at creating a generic STS that does not require Active Directory Federation Services 2.0, and we were also thinking about putting it up on CodePlex. Dominick Baier from Thinktecture beat us to it with StarterSTS. He's also posted some webcasts on how to use it. Good stuff, so instead rolling our own, we'll be using/extending this one.

A while back I blogged about testing VirtualBox. At the same time we've tested Windows Virtual PC, and it's been disappointing pretty much across the board:

1. It doesn't run on our company's Lenovo T61's, which displays some vague error message. Since most of our developers have a T61, this means they can't use it at all. Virtual PC 2007 and VirtualBox run fine, so it isn't clear why WVPC can't. We have some different machines where it does work, so we went on testing on those to see how well it works, in case Microsoft steps up and fixes the T61 problem and starts supporting 64-bit guests. See the remaining points for my experience...
2. The integration features of WVPC suck. Even something simple like dragging a file from the guest to the host or vice versa doesn't work. The reason is that with Integration Mode enabled, you're actually connected to the guest through Remote Desktop Connection. Microsoft has done this to leverage some of the advantages of RDP (as Ben Armstrong explains), but IMHO they should find a different way to do so.
3. Starting/stopping a guest takes forever, and renders my laptop inoperable while doing so. With VPC 2007 hibernating or restoring a hibernated VPC with 1.5 GB of memory takes several tens of seconds, but I can easily use all other applications while doing so. WIth WVPC just restarting a hibernated image tages 3-5 minutes and during that time my other applicaties are pretty much frozen. I can get a cup of coffee (if I'd drink coffee), eat a sandwich, and go to the John, during the wait. I have no clue why this works as bad as it does, because VPC does this perfectly fine.

The only thing that's been a positive experience is the performance once it has started. That said, I can't really tell if VPC 2007 or VirtualBox work better or worse, so I can't even praise WVPC on this point.

So for now it is back to VPC 2007, with our final decision on switching to VirtualBox postponed until we really need 64-bit support.

On a side note, we've been trying to get the open source version of VirtualBox working, and that appears to be quite a challenge. There are no binaries, so you need to compile yourself. Even though we have a recent build, getting all the prerequisits is hardly possible. Some of the needed SDKs are no longer available. Our conclusion up until now: the open source version is  not really viable (at least for Windows), and possible only there for marketing reasons ("see, we do open source").

Windows Identity Foundation introduces a new ClaimTypes class. It contains predefined claim type URIs for claims defined by OASIS and Microsoft. In the WIF SDK project templates for a custom STS this ClaimTypes class is mixed with the one already in System.IdentityModel.Claims, which is rather confusing. So, what's the difference?

Functionally: None. All claim type URIs in Microsoft.IdentityModel.Claims.ClaimTypes are identical to corresponding types in System.IdentityModel.Claims.ClaimTypes. That said, Microsoft.IdentityModel.Claims.ClaimTypes adds a few new claim types.

Technically: Claim types in System.IdentityModel.Claims.ClaimTypes are defined as static read only string properties, whereas in Microsoft.IdentityModel.Claims.ClaimTypes the claim types are string constants.

My advice: for clarity always use Microsoft.IdentityModel.Claims.ClaimTypes.

Soms verandert de realiteit zo snel dat iets wat in een magazine bij mensen op de deurmat valt alweer verkeerde informatie staat (tja, dat heb je als op de PDC weer van alles aangekondigd wordt). In mijn artikel voor SDN Magazine 103 - ASP.NET onder de motorkap: ASP.NET op bezoek bij de browser staat een link naar de ASP.NET AJAX Library die inmiddels al verouderd is en een foutmelding oplevert. Je kunt nu naar http://ajax.codeplex.com/. Met dank aan Leo Broos die me liet weten dat de oude link niet meer werkt.

Earlier this year I was pretty negative about the Azure story from Microsoft. My main gripe was that (from my perspective at the time) it was not a write-once, run-anywhere story, so you couldn't run your current apps in Azure without modification. I'm very pleased about what I've seen now from PDC. Microsoft has opened up Azure in many ways, giving you much more control over what's happening. In fact, you can get your own virtual machines and have complete remote admin access. Also, they've been really thinking about how to tie your existing hosting environment to Azure and vice versa. It will be possible to connect a web app inside Azure securely to a database server in your own data center.

I must say I'm impressed at how well Microsoft has listened to all the feedback about Azure. With all the changes they've implemented I feel that it has now become interesting for some of the services my company is implementing, whereas previously we weren't even considering Azure.

Windows Identity Foundation, formerly known as "Geneva", has shipped. I've been talking about Geneva/WIF on several occasions and I absolutely love it. It opens the door for a whole new realm of authentication/authorization scenario's. SharePoint 2010 will be the first Microsoft Product to support it, apart from the new Active Directory Federation Services 2.0, which was part of the development effort and was formerly known as "Geneva" Server. Be sure to check it out!

Komende zaterdag is Code Camp en daar zal ik een sessie doen over Windows Identity Foundation, de nieuwe basis voor beveiliging. Kom je ook? Het is gratis.

I've been a proponent of development inside virtual machine for years. At my previous employer I pretty much moved the whole dev-department from host based development to VM development in 2004 when Virtual PC 2004 came out. Up until now I've always been pretty happy with Virtual PC considering its cost-benefit ratio (it's free and only was only slightly less powerfull than paid offrings from other vendors). However, with Windows Virtual PC Microsoft has seriously dropped the ball. Where all hypervisor based VM software enables you to run 64-bit guests, Microsoft only supports that with Hyper-V on Windows 2008 Server. Since we're not letting our devs run Windows Server on their laptops for several reasons, this is rapidly becoming a problem. Windows 2008 R2 is not available in 32-bit and SharePoint 2010 will also not run in a 32-bit environment. Because of this we've been forced to look for alternatives. VMWare Workstation was our first bet, but it'll take converting all our current VHD images, and I was not really impressed by the overall performance and manageability. Today we started testing VirtualBox and I'm impressed. It'll run our existing VHDs natively, also those that use differencing disks. In fact, the media manager makes it very intuitive to work with differencing disks and shows you the disk hierarchy. It also runs very smoothly, even before installing the add-ons in the virtual images.

VirtualBox comes in a free open source version that you'll have to compile yourself (how hard is it for Sun to also post the binaries?). It lacks some features, such as USB support, but we don't need the additional features. Even so, we are still considering the commercial license just for ease. It's only $50 per machine, with $30 for a subscription (starting at 50 users minium, so not for us though). Unless Microsoft steps up its Virtual PC development and offers 64-bit support within the next six months or so, we will likely move to VirtualBox.

As many BizTalk developers we've been using the SSO (Single Sign On) database for more than just SSO. We've been storing configuration data in that database too. This used to be a work around, and we were using some custom tool to edit the entries in the SSO database. However, we recently learned that Microsoft has release an MMC snap-in to manage the values. You can download it here. Microsoft itself states this about the tool:

This tool provides the ability to add and manage applications, add and manage key value pairs, as well as import and export configuration applications so that they can be deployed to different environments.

That apparently means that even Redmond has "officially" accepted that SSO is used for configuration as well.