Skip to main content

Posts

Showing posts from February, 2015

Manage bearer token when we scale on more than one server - OWIN, Katana, AngularJS

In this post we will talk about bearer token authentication and how we should manage this token when our application is running on more than one server -  when we are using OWIN, Katana and AngularJS. Token Characteristics First of all let’s see what are the characteristics of bearer token: Generate by server Contains user claims (what kind of operations a user can do/roles) All information that a token contains are encrypted Token information can be decrypted only by the machine that created the token Expiration date is encrypted in the token itself No token information are stored on the server side Encryption is safe enough to be used worldwide (Facebook, Google and Twitter are using it)  A token can be used by external system only when decryption key is shared Easy and cheap to generate tokens Why? All this sounds good, but what is happening if we want to go in production. In this case we should be able to scale our backend from one node to 3 or 10 nodes. D...

How to simulate token expiration if an user is idle on an AngulaJS using Bearer Token (OWIN and Katana)

In one of the project where I was involved I used token based authentication to secure a REST API endpoint -  bearer token. The setup was pretty simple, using OWIN and Katana on backend and AngularJS on the client side. There is a great sample on GitHub, that can be used for learning purposes - https://github.com/tjoudeh/AngularJSAuthentication This days a new requirement came from the client. The authentication session should expire if there is more than 30 minutes with no activity from client. By default when a token is issued it is available for a specific time interval. The value can be specified as below: OAuthAuthorizationServerOptions oAuthServerOptions = new OAuthAuthorizationServerOptions { AllowInsecureHttp = false, TokenEndpointPath = new PathString("/token"), AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30), Provider = new SimpleAuthorizationServerProvider(), AuthenticationMode = AuthenticationMode.Active }; This will works great in normal scenarios, but ...

Scaling Unit - Why we should not have a master unit

http://vunvulearadu.blogspot.ro/2015/02/scale-units-and-cloud.html In the last post we talk about the base concept of a Scale Units. In today post we will go further and talk about why we can end up with different types of scale units based on application needs. Until now we defined a scale unit as a group of resources that are grouped together to server a specific number of clients. This will work with success for application that can have scale units that are 100% independent and are not managed by an authority. Let’s imagine the following scenario: We need to create an application that pushes the same binary content to clients when an administrator decide. It is pretty simple to define a scale unit that manage a X number of clients. This scale unit will contain the content that needs to be pushed to clients replicated as many as time needs to satisfy the SLA required by each client connected to that scale unit. But there are some steps that need t...

Scale Units and Cloud

In this post we will talk about what is a scale unit and what are the benefits of scale unit concept when we are working with a system that is running in a cloud environment. What is a scale unit? We can see a scale unit as a group of resources that are grouped together to serve a specific number of clients or requests.  This scale unit has a ‘common’ configuration that specifies the resources that are needed by a scale unit. Let’s assume that we have a scale unit that contains: 2 Azure SQL 4 Service Bus Namespaces (with 100 Queues per namespace) 8 Worker Roles 3 Web Roles 2 Different storage accounts Having all of them grouped together we can test the environment at a specific scale. Otherwise we could try to scale our system infinitely, but all of us knows that this is not possible. All the resources under the same scale unit work together for the same purpose. Each scale unit serve a specific number of clients (or resources). Because the scale unit is fixed we can ...

How Nokia refused to repair my phone after a hardware failure

After 4 years of using Windows Phone devices using Nokia phones, this year I had to ‘fight’ Nokia services. A few weeks ago I had the unique chance to wake up in a morning with the following error message: “Unable to find a bootable option error” The black screen of dead from another device with the same problem: I said “What the hell….”, I tried to restart the phone , but I ended with the same error message. Trying to use Nokia Recovery Tool to rewrite the OS… no result…. The phone is not seen by PC… The phone is completed dead. From what I found from the internet, it seems that there is a problem with the internal flash memory. It is a common problem for Nokia and the phone cannot be repaired. In USA a lot of people sad that the device is replaced with another one. Okay, I said no problem. The phone is still in warranty and I will send it back to the dealer. The screen of the phone has in the bottom left a small part of the screen broken (I broke it 1 year ago). But this is ...

Deep dive in clouds providers SLAs

In the era of cloud we are bombarded with different cloud services. New features of cloud providers are lunched every day and prices are dropping every month. In this moment the most known cloud providers are Amazon, Google and Microsoft. Looking over their services we will see SLAs (Service Level Agreement) that reach 99.9% availability, 99.95% availability or even 99.99% availability. This article will jump into cloud providers SLAs, trying to explain why the SLAs are so important, what are the benefits of them and last but not least how much money we could get back if a service goes down. What does a SLA mean? “A service level agreement (SLA) is a contract between a service provider (either internal or external) and the end user that defines the level of service expected from the service provider. SLAs are output-based in that their purpose is specifically to define what the customer will receive. SLAs do not define how the service itself is provided or delivered.” Source: http...

DevCamp - Azure in Cluj, Sibiu, Brasov, Oradea, Timisoara, Bucharest, Tg-Mures

Microsoft is coming in your town Registration link: http://aka.ms/bucuresti-13-februarie http://aka.ms/oradea-20-februarie http://aka.ms/timisoara-21-februarie http://aka.ms/tg-mures-27-februarie http://aka.ms/cluj-28-februarie http://aka.ms/sibiu-6-martie http://aka.ms/brasov-7-martie Starting from the next week, Microsoft in collaboration with community leaders from Romania are preparing a series of events in different cities of Romania. If you are from Bucharest or Oradea or Timisoara or Targu-Mures or Cluj-napoca or Sibiu or Brasov than you need to book your seat at this event. "DevCamp – Azure" is dedicated to all developers and technical people that wish to learn more about new features that Azure platforms is offering. The fallowing speakers will present content during “DevCamp –Azure” (random order): Florin Loghiade Ciprian Jichici Răzvan Rusu Radu Vunvulea Adrian Stoian Cosmin Tătaru Tudy Damian The s...