Apr 062010

I’ve been using the full desktop version for only a few days, but already love this tool! In just a matter of minutes, I am able to draw a mockup for a screen and start getting feedback. Here is a sample, a CodePlex-like UI, that took less than five minutes.


Creating this mockup goes as follows:

  1. Drag a browser element onto the design surface, stretch it and type a URL and title
  2. Using the “Quick Add” box, type “tab” <Enter> to add the tab control. Type “Home, Downloads, Documentation, Discussions, etc.” and <Enter> again. Reposition the tab element.
  3. Using the “Quick Add” box, type “link” <Enter> twice to create a link bar for the top right and another link bar to be positioned below the tabs.
  4. Continue using the “Quick Add” box to add textboxes, label text, search boxes, images, subtitle text, links, and data grids. Type values and reposition.

This tool has a few features I find to be more compelling than the imitators:

  1. Speed – Being able to create and recreate mockups with such speed and usefulness really promotes a good prototyping/review process.
  2. Look and Feel – Having an obvious “rough draft” look and feel gets your customer thinking about usability and element placement and less about colors, styles, images, copy, fonts, etc. This makes for a very productive meeting involving customers in “the task at hand” and nothing more.
  3. Demo mode – Similar to MS SketchFlow, you can assign links to buttons that can simulate events. When entering full-screen demo mode, you can click on these links and move between your mockups as if it were a live site. It also has a large pointer (arrow) and always points to the center, staying out of the way.
  4. Good user community – tons of free extensions like wizards, toolbars, reporting chart elements, and plenty of iPhone/iPad junk for “those people”. I’m a PC.
  5. Updates and Upgrades – weekly updates based on user feedback and perpetual free upgrades. My emails have been answered within 12 hours, which is quite impressive considering the 6+ hour time difference.

This is free to try on the web, but you cannot save or export the images. You can, however, export the PNG with a watermark. Desktop version gives you some nice added features like copy/paste, undo, and demo mode.

Try it out, buy it, and love it!

Apr 022010

Check out http://www.balsamiq.com to see one of the best mockup tools ever created. I just started using it and it has already paid off. I have made several mock-ups in minutes that cut my development time in half. Having the ability to demo a new UI to users and change it during the conversation is priceless.

More to come – samples too!

Oct 292009

Using the NetTcpBinding on a WCF service is secure by default. Unless you override the default settings, you will enjoy Transport Security using Windows authentication and the EncrpytAndSign protection level. When you create a new WCF service library, Visual Studio creates a config file with the following identity block:

   24           <identity>

   25             <dns value=”localhost“/>

   26           </identity>


If you wipe this config file clean like me to write a much cleaner and shorter config file, this identity block is the first thing to go. Sadly, most people also add a binding configuration with <security mode=”None”/>. I have done this too in an Intranet environment. The samples and book examples out there don’t show how to write an actual production environment service that cares for different machines in the same domain. While the default settings work when testing on your local machine, they don?t work in a simple Intranet environment.

Most of the difficulty I experienced when starting to work with WCF was getting security to work with the TCP binding. Everything worked so easily during development, but everything broke down once deployed to the development server. It didn’t help that the only errors I saw were timeout exceptions. If I had known about the Service Trace Viewer, I could have easily determine the cause and Googled (Bing wasn’t around then) for a solution. Instead, I chose the easier (and much less secure) way out; rely on my firewall and turn security off.

As mentioned before, the NetTcpBinding is secure by default with transport security using Windows authentication. The problem most experience when moving the service to a different machine is caused by NT authentication failing. If you use svcutil to generate your client config file and your host doesn’t have the identity block mentioned above, svcutil will not add a key piece of information to the client config file. The missing element is, you guessed it, the identity block. Without it, you will likely get an exception and see a stack trace similar to this:

[System.ServiceModel.Security.SecurityNegotiationException: A call to SSPI failed, see inner exception.]

[System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception.]

[System.ComponentModel.Win32Exception: The target principal name is incorrect.]

If you add tracing to your client, you will see that without specifying an identity block WCF will make the call with a DNS identity set to the name of the host. Notice the blue arrows.


You can see that the EndpointReference does not have an <Identity> block. Without that identity block, WCF cannot create a valid ServicePrincipalName. You can find this in Reflector, following this path:

  • System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider+WindowsStreamSecurityUpgradeInitiator.OnInitiateUpgrade() – This is where the SecurityNegociationException is being thrown.
  • System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider+WindowsStreamSecurityUpgradeInitiator.InitiateUpgradePrepare() – This method populates an EndpointIdentity and ServicePrincipalName to be used immediately after for NT authentication.


When the identity is not specified, it falls back to trying to create an SPN from the host address. I have seen this work on a machine that has two DNS names, using the DNS name that does not match the NETBIOS or AD name for the machine. I’m not exactly sure why that works.

Having any of the following identity blocks in your client config file will cause WCF to take the first path that successfully creates an SPN needed to perform NT authentication in the AuthenticateAsClient method called from OnInitiateUpgrade():

  • <dns value=”serviceHostName”/>
  • <dns/>
  • <servicePrincipalName value=”domainhostServiceUserAccount”/>
  • <servicePrincipalName/>

Having these <Identity> settings in your client config file adds the appropriate <Identity> settings in the <EndpointReference> used when opening the channel.


Security seems more mysterious when going rogue and writing your own config files. If you go rogue, make sure you use the appropriate <Identity> blocks. With this mystery solved, <security mode=?None?/> is a thing of the past. Now we can keep our services secure in an Intranet environment.

Oct 142009

Web services are just the tip of the iceberg in WCFI was privileged to attend the IDesign WCF Master Class last week. It only comes to the USA one time each year, and is presented by the one and only Juval Lowy. The class is held at the training center on the Microsoft Silicon Valley campus in Mountain View, CA. Five very intense days of WCF covering all aspects of WCF from essentials like the ABCs to the most intricate details about advanced topics like concurrency, security, transactions, and the service bus.

What we’ve been told sold about WCF from Microsoft is truly just the tip of the iceberg. Juval presents countless examples that prove WCF is not just about web services. WCF is the evolution of .NET, providing world-class features that no class should ever be without.

Demos, samples, and labs are presented using .NET 3.5 and 4.0 with an emphasis on the new features and functionality in 4.0. Discovery and announcements are the most underrated and unknown new features of WCF 4.0. After seeing Juval’s demos on discovery and announcement, I can’t imagine creating services without them.

More than all of the WCF content, the class gives you a lot to think about regarding architecture, the framework, and engineering principles. Juval’s mastery of .NET is evident in his ServiceModelEx library that extends almost all aspects of WCF and the service bus. His “one line of code” motto makes it possible for all of us to configure our WCF services with ease. The ServiceModelEx library is a good example for all developers to know and understand how to “do .NET” the right way. It exemplifies the best of what .NET and WCF have to offer.

Check out the IDesign website to get the WCF Resource CD (containing many of the examples and demos from the class). Also note the next class dates and sign up for the IDesign newsletter.

Sep 032009

The 2009 Jacksonville Code Camp was a great success. Many thanks to Bayer, Brandy, and everyone else that made it happen. The bar has been set really high for future Jacksonville code camps, and for the rest of Florida too.

My session on Transactional WCF Services went well. Many great questions and compliments after the session. If you attended and have any unanswered questions, please email me.

You can download the session files below. It contains staged versions of all of the transaction modes we discussed. It also contains a tracing solution and tracing result files to view the client and host tracing files in Client/Service mode. Also see my previous post on using the Service Trace Viewer. It also contains a few demo projects that we didn’t get to in the one-hour session.

Files/Solutions included in Session Archive:

  • PowerPoint slides
  • Transaction Promotion Code Snippet
  • Testing database backup
  • Testing SQL script (query and cleanup between tests)
  • IDesign ServiceModelEx Project (used by all included Solutions)
  • Code Demo Solutions

Code Demos include:

1. TransactionScope – Shows how single/multiple resource managers affect which Transaction Manager is chosen to handle the scoped transaction. Also gives first look at transaction promotion detection.
2a. Mode None – WCF transaction mode with which no transactions are created or flowed from the calling client.
2b. Mode Service – WCF transaction mode with which no transactions are flowed from the calling client, but a transaction is created for your service operation.
2c. Mode Client – WCF transaction mode with which a transaction is required to be flowed, and the service will only use the client transaction.
2d. Mode Client/Service – WCF transaction mode with which a client transaction will be flowed and used by the service, if available. If no client transaction is flowed, a transaction will be provided automatically for the service operation.
3. Explicit Voting – Shows how explicit voting with a session-mode service is performed using OperationContext.Current.SetTransactionComplete().
4a. Testing Various Resource Managers – Shows how a client can use a single TransactionScope to call several services (some transactional, some non-transactional), a database stored procedure, and an IDesign volatile resource manager Transactional<int>.
4b. Testing Services – Provides a host project for a transactional service and a non-transactional service used in 4a.
5a. Tracing – Same as 2d. modified with the additional app.config settings in the client and host projects to allow for service tracing to .svclog files.
5b. Tracing Results – Stored results from executing 5a. in case you don’t want to load the database and actually run the projects. The .stvproj file can be opened directly in the Service Trace Viewer. On the “Activity” table, click on the activity “Process action ‘http://services/gotjeep.net/GpsTrackServiceContract/SubmitTrack'” then click on the “Graph” tab. You will see that the client and host activities where the arrow moves from client to host (send and receive message, respectively) show the OleTxTransaction in “Headers.” The next activity in the host reads “The transaction ‘5bd25b08-848c-409d-9163-6303b9138382:1’ was flowed to operation ‘SubmitTrack’.”


Download the session files:
TransactionalWCF.zip (854 KB)

Jun 192008

Juval Löwy mentioned the Microsoft Service Trace Viewer in a webcast today. If you ever wondered exactly what WCF does under all of those covers, check this out.

First things first. Enable tracing on the client and host applications using the WCF Configuration Editor. Enable the verbose trace level and check all of the listener settings. This will add all of the necessary <system.diagnostics> settings in your config file. The next time you start each of the applications, a .svclog file will be created that will be used by the Service Trace Viewer.

Start your host, start your client, run through the test cases that you want to analyze in the viewer. After your test run is complete, open the viewer, located at C:\Program Files\Microsoft SDKs\Windows\v6.0A\bin\SvcTraceViewer.exe. “Open” the host.svclog file, and then “Add” the client.svclog file. Both “Open” and “Add” are menu items under “File”.

Start on the Activity tab, look through the host and client activities that occurred. Everything from ServiceHost construction through ServiceHost closing shows up. This is very cool, especially when analyzing the differences between different security, session, and reliability settings.

When you are done looking through the activities, check out the Graph tab. Here you can look at the interactions between the client and host, as well as looking at the details of each activity (at the top right). At the bottom right, you will also notice the formatted and xml details of this activity.

This is a very cool tool for both debugging and training. Below is my lame test projects, if you want to skip past the configuration and check out the tool. My .svclog files are located in the Client and Host folders.

SvtTest.zip (190.32 KB)

Enjoy! Thanks to Juval for the direction.