passport-saml2 callback with request/query parameters, Nodejs

Problem at hand

Recently I got requirement to create a generic route that will use separate Identity Provider for each client.
You can check out my another article, if you want to learn saml2 auth implementation end-to-end.
Token based + sessionless saml2 auth implementation using Passport, NodeJs

Solution

Here I am going to share the solution that I figured out.
To read the configuration for each client, we decided to take client name as a request parameter. So If you have read my another article, you will notice this time I am implementing strategy dynamically using client configuration coming in request parameter.

Before moving forward, let’s have a look of configuration file :

config.js

Nothing special, It is as simple as it shows, configurations for each client. As they could have different Identity Provider, we have separated configurations for each one.

After going through the configurations, It is a time to check the strategy JS file now :

samlStrategies.js

I have wrapped the strategy implementation in a function, it is taking client name as a parameter. I know you got the point already, I am reading configuration using client name & setting up the implementation.
Here I am sure you have a question in mind, when this function will be called ?
Actual magic comes up here now, See below routes.js file.

routes.js

I am calling the function in the route(/saml2/:client’) just before asking passport to authenticate the request. Now “passport saml strategy” has been set up for the client coming in & It will authenticate the request using its specific Identity Provider.
Going forward, I have pass the client name in callback URL as well. So that if we need to read some configuration again for the client,we will get client name again in the route when Identity Provider calls back the route.

Feel free to share your comments if you have any better approach for the same task. I would love to read your idea.

Reference: Narendra Singh (http://blog.sikarnarender.com)

Comparision between IIS6.0, IIS 7.0 & IIS 7.5

IIS 7.0 has a modular architecture. Modules, also called extensions, can be added or removed individually so that only modules required for specific functionality have to be installed. IIS 7 includes native modules as part of the full installation. These modules are individual features that the server uses to process requests and include the following:

  • Security modules – Used to perform many tasks related to security in the request-processing pipeline, such as specifying authentication schemes, performing URL authorization, and filtering requests.
  • Content modules – Used to perform tasks related to content in the request-processing pipeline, such as processing requests for static files, returning a default page when a client does not specify a resource in a request, and listing the contents of a directory.
  • Compression modules – Used to perform tasks related to compression in the request-processing pipeline, such as compressing responses, applying Gzip compression transfer coding to responses, and performing pre-compression of static content.
  • Caching modules – Used to perform tasks related to caching in the request-processing pipeline, such as storing processed information in memory on the server and using cached content in subsequent requests for the same resource.
  • Logging and Diagnostics modules – Used to perform tasks related to logging and diagnostics in the request-processing pipeline, such as passing information and processing status to HTTP. sys for logging, reporting events, and tracking requests currently executing in worker processes.
  • IIS 7.5 includes the following additional or enhanced security features:

  • Client certificate mapping
  • IP security
  • Request filtering
  • URL authorization
  • Reference: Narendra Singh (http://blog.sikarnarender.com)

    Delete duplicate records using CTE, Sql Server

    You may use following query :

    WITH CTE(ORDER_ID,REQUEST_ID,ROW_No)
    as
    (
    SELECT ORDER_ID,REQUEST_ID,ROW_NUMBER() OVER(PARTITION BY ORDER_ID ORDER BY ORDER_ID) AS ROW_No
    FROM CRM.ORDER_COMPLIANCE WHERE ORDER_ID=397
    )
    SELECT ORDER_ID,REQUEST_ID,ROW_No FROM CTE
    –DELETE FROM CTE WHERE ROW_NO>1

    There are alternate ways also to achieve this.Share your ideas.

    Reference: Narendra Singh (http://blog.sikarnarender.com)

    WCF Interview Questions and Answers

    Disclaimer : The below list of questions and answers is not written by me. I collected these from different sites and blogs.

    Q1. What is WCF?
    WCF stands for Windows Communication Foundation. It is a Software development kit for developing services on Windows. WCF is introduced in .NET 3.0. in the System.ServiceModel namespace. WCF is based on basic concepts of Service oriented architecture (SOA)

    Q2. What is endpoint in WCF service?
    The endpoint is an Interface which defines how a client will communicate with the service. It consists of three main points: Address,Binding and Contract.

    Q3. Explain Address,Binding and contract for a WCF Service?
    Address:Address defines where the service resides.
    Binding:Binding defines how to communicate with the service.
    Contract:Contract defines what is done by the service.

    Q4. What are the various address format in WCF?
    a)HTTP Address Format:–> http://localhost:
    b)TCP Address Format:–> net.tcp://localhost:
    c)MSMQ Address Format:–> net.msmq://localhost:

    Q5. What are the types of binding available in WCF?
    A binding is identified by the transport it supports and the encoding it uses. Transport may be HTTP,TCP etc and encoding may be text,binary etc. The popular types of binding may be as below:

    WCF supports nine types of bindings.
    Basic binding
    Offered by the BasicHttpBinding class, this is designed to expose a WCF service as a legacy ASMX web service, so that old clients can work with new services. When used by the client, this binding enables new WCF clients to work with old ASMX services.

    TCP binding
    Offered by the NetTcpBinding class, this uses TCP for cross-machine communication on the intranet. It supports a variety of features, including reliability, transactions, and security, and is optimized for WCF-to-WCF communication. As a result, it requires both the client and the service to use WCF.

    Peer network binding
    Offered by the NetPeerTcpBinding class, this uses peer networking as a transport. The peer network-enabled client and services all subscribe to the same grid and broadcast messages to it.

    IPC binding
    Offered by the NetNamedPipeBinding class, this uses named pipes as a transport for same-machine communication. It is the most secure binding since it cannot accept calls from outside the machine and it supports a variety of features similar to the TCP binding.

    Web Service (WS) binding
    Offered by the WSHttpBinding class, this uses HTTP or HTTPS for transport, and is designed to offer a variety of features such as reliability, transactions, and security over the Internet.

    Federated WS binding
    Offered by the WSFederationHttpBinding class, this is a specialization of the WS binding, offering support for federated security.

    Duplex WS binding
    Offered by the WSDualHttpBinding class, this is similar to the WS binding except it also supports bidirectional communication from the service to the client.

    MSMQ binding
    Offered by the NetMsmqBinding class, this uses MSMQ for transport and is designed to offer support for disconnected queued calls.

    MSMQ integration binding
    Offered by the MsmqIntegrationBinding class, this converts WCF messages to and from MSMQ messages, and is designed to interoperate with legacy MSMQ clients.
    For WCF binding comparison, see http://www.pluralsight.com/community/blogs/aaron/archive/2007/03/22/46560.aspx

    Q6. What are the types of contract available in WCF?
    The main contracts are:
    a)Service Contract:Describes what operations the client can perform.
    b)Operation Contract : defines the method inside Interface of Service.
    c)Data Contract:Defines what data types are passed
    d)Message Contract:Defines whether a service can interact directly with messages

    Q7. What are the various ways of hosting a WCF Service?
    a)IIS b)Self Hosting c)WAS (Windows Activation Service)

    Q8. WWhat is the proxy for WCF Service?
    A proxy is a class by which a service client can Interact with the service.
    By the use of proxy in the client application we are able to call the different methods exposed by the service.

    Q9. How can we create Proxy for the WCF Service?
    We can create proxy using the tool svcutil.exe after creating the service.
    We can use the following command at command line.
    svcutil.exe *.wsdl *.xsd /language:C# /out:SampleProxy.cs /config:app.config

    Q10.What is the difference between WCF Service and Web Service?
    Web service is a part of WCF. WCF offers much more flexibility and portability to develop a service when comparing to web service. The following point provides the detailed differences between them :
    1. Hosting : Webservices can be host in IIS, whereas WCF services can be hosted in IIS, Windows Activation Service, Self Hosting.
    2. Encoding : Webservices uses XML 1.0, MTOM(Message Transmission Optimization Mechanism), DIME, Custom. WCF uses XML 1.0, MTOM, Binary, Custom.
    3. Transports : Webservices can be accessed using HTTP, TCP, Custom. WCF services can be accessed using HTTP, TCP, Named Pipes, MSMQ, P2P, Custom.
    4. Protocols : Webservices uses Security porotocols only. Whereas WCF services uses Security, Reliable Messaging, Transactions protocols.

    Q11.What is DataContract and ServiceContract?Explain
    Data represented by creating DataContract which expose the data which will be transefered /consumend from the serive to its clients.
    **Operations which is the functions provided by this service.
    To write an operation on WCF,you have to write it as an interface,This interface contains the “Signature” of the methods tagged by ServiceContract attribute,and all methods signature will be impelemtned on this interface tagged with OperationContract attribute.To implement these serivce contract you have to create a class which implement the interface and the actual implementation will be on that class.