Disclaimer
The opinions expressed herein are my own personal opinions and do not represent anyone else's view in any way, including those of my employer.
© Copyright 2010
The opinions expressed herein are my own personal opinions and do not represent anyone else's view in any way, including those of my employer.
© Copyright 2010
I was recently trying to ressurect an older project developed in Windows XP, .NET Framework 2.0, Visual Studio 2005, NHibernate, and SQL Server CE 3.1. I’ve sinced moved to Windows 7 (64-bit) and Visual Studio 2008.
I ran into a surprising number of hurdles while trying to get the application up and running again on 64-bit Windows 7. I figure I would document this here, just in case anyone else runs into the same issues.
Step 1) Try to build the solution. Everything builds fine after installing SQL Server Compact Edition.
Step 2) Try to run the application. Get an exception immediately:
“Could not create the driver from NHibernate.Driver.SqlServerCeDriver.”
InnerException:
“The IDbCommand and IDbConnection implementation in the assembly System.Data.SqlServerCe could not be found. Ensure that the assembly System.Data.SqlServerCe is located in the application directory or in the Global Assembly Cache. If the assembly is in the GAC, use <qualifyAssembly/> element in the application configuration file to specify the full name of the assembly.”
Turns out the issue here is that the System.Data.SqlServerCe dll has to be in the same folder as the application executable. Pretty easy fix – set Copy Local to ‘True’ on the reference to System.Data.SqlServerCe.
Step 3) Run the application again – now I get a different exception:
“Unable to load DLL ’sqlceme35.dll’: The specified module could not be found. (Exception from HRESULT: 0×8007007E)”
Turns out the issue with this exception is that SQL Server Compact Edition is built for x86 and has to run in WoW mode on x64 systems. My solution platform is set to ‘Any CPU’, which worked fine when I was developing on Windows XP. To fix the issue, go through all of the Visual Studio projects – go to Properties > Build > Platform Target, and set Platform Target to ‘x86′ instead of ‘Any CPU’.
Step 4) Try to run the application again… and I get yet another exception:
“ADOException: cannot open connection” with InnerException of:
“The database file has been created by an earlier version of SQL Server Compact. Please upgrade using SqlCeEngine.Upgrade() method.”
This is kind of annoying – the Visual Studio 2008 Upgrade Wizard changed all my references from SQL Server CE 3.1 to SQL Server 3.5. How thoughtful. Unfortunately, I don’t know what the implications of ‘upgrading’ the database are. Everything worked fine with 3.1 – why introduce any more change to the application? So, I set the references back to SQL Server CE 3.1 instead of 3.5.
Step 5) Run the application… again.
No exceptions! Everything works with SQL Server 3.1! Upgrade complete.
One thing that any web developer worth their salt should know is the basics of search engine optimization (SEO). Much of SEO comes down to basic code-level best practices, and it isn’t terribly difficult to simply bake SEO into your development process when working on public facing web applications. However, keep in mind that SEO will always be an evolving, fuzzy science, changing on the whim of the indexing strategies of major search engines. Immediate results are rare, and a long term process should be in place to truly understand the benefit (or detriment) incurred.
I break the concept of SEO down into a few categories that I’ll explain further below…
These ‘Content / Internal’ best practices are things that a developer or content creator can bake in during the site development process. Only a few of these items will make a difference on their own, but as a whole can make an enormous impact. These basic factors should lay the foundation for any SEO strategy. However, these internal factors absolutely cannot be the only part of your SEO strategy. Here are a few of the most important ones…
Strategic SEO includes all of the factors external to your website that can affect your search engine rankings. The number one external factor is getting ‘backlinks’ to your content, this is what made Google so ridiculously powerful and accurate – and their rankings are still very much based on the number, diversity, and quality of links to to your site.
Backlinking can be explained with this anecdote: Several years ago you could search for ‘Miserable Failure’ on Google and the number one result was the White House biography page for George Bush. This was due to a simple viral campaign to get people to put links on their websites, comments, blog posts, etc. linking to the biography page with the anchor text ‘Miserable Failure’. That’s how backlinks work. The more external, inbound links to your site, the more ‘authoritative’ your site appears to be in the eyes of major search engines.
But how can you get these backlinks? A few examples…
As mentioned previously, part of SEO includes a process testing out your SEO changes and tracking their effectiveness over time. A variety of free and paid tools are available to assist you in analyzing your search rankings, search terms, and keyword effectiveness. Below I’ve listed a few tools that can help.
There is much more to search engine optimization than can be written up in a single blog post (see also: thousands of blogs dedicated purely to the subject). However, I hope this quick guide to the basics will give you the tools necessary to implement numerous high impact SEO quick wins for a client or personal web site. For web developers, the factors listed above should be kept in mind whenever developing customer-facing websites that could benefit from enhanced search results and search rankings. Most of the ‘content / internal’ best practices can be easily baked into the development process of almost any e-commerce or content management system implementation project.
The impact of performance is much more readily apparent in .NET Compact Framework applications. The mobile devices commonly have a CPU that is 10 times slower than your desktop CPU, and possibly up to 100 times less RAM than a desktop or server. In Agile or XP development, the mantra is often to ignore performance considerations until necessary – I don’t think you can apply that to .NET CF development or it will really bite you in the end. You don’t have to go nuts and optimize everything up front, but there are some very important things to keep in mind when developing a Windows Mobile application…
Many of the standard .NET Framework performance best practices can become apparent very quickly including…
However, the .NET Compact Framework is different than the full framework in many ways, leading to a slew of .NET CF specific performance considerations…
I’m starting up a short Windows Mobile project again, so I thought it would be a good time to collect some of my best practices for .NET Compact Framework development and post them. I’m going to break them down into two sections - usability, and performance best practices (in another post).
Microsoft has put together a very specific set of guidelines for Windows Mobile usability – the point of this is to get a consistent set of look and feel and application experiences on their platform. Apple has the same sort of guidelines for iPhone development and it really pays off – most applications have the same consistent look and feel and excellent usability. Of course, many of these usability guidelines are relevant across many development platforms, but there are some special considerations for mobile development.
Usability is a challenge in mobile development. Some of the main concerns include…
Here are some of the most important usability guidelines that Microsoft has set forth…
Over time while using ASP.NET I’ve collected a pretty good handful of best practices that I try to employ on my projects – most of them are things that will simplify the ASP.NET development experience, solutions to common problems, or tips that will just make your life easier. Most of the best practices are only applicable to WebForms, but some are applicable to ASP.NET MVC as well.
set { ViewState["SampleId"] = value; }
}
Ran into an interesting problem yesterday where a few months ago we helped a client redesign an ASP.NET web application to fit it into an iframe within their CMS rather than being a standalone site. Easy enough task. Testing is completed and site is rolled out.
Now, several months down the road after the application has been iframe’d and in production – one random feature of the application is unexpectedly breaking, but it doesn’t make any sense – the only way the behavior could possibly occur would be that an object retrieved from Session is coming back as null, which turned out to be the case. The browser was somehow losing the ASP.NET Session cookie. Furthermore, the feature was working fine in Firefox but not in Internet Explorer, very strange.
The problem was that Internet Explorer will not accept cookies from a page within an iframe where the domain name is different from the top level page. So, the url of the iframe’d page was www.clientsite1.com and the url of the page hosting the iframe was www.clientsite2.com.
To get around this, you need to add a P3P Compact Policy to your HTTP responses. P3P is a protocol that allows websites to pass information to the browser regarding their intent to use information collected from the user. Internet Explorer is the only browser that implements the protocol, and only using it for cookie blocking at that.
To add a P3P in ASP.NET that will allow your cookies to be accepted by the browser from a different domain from within an iframe, add this block of code to your Global.asax.
Microsoft showed us Photosynth while we were touring the MTC in downtown Chicago a few months ago. Photosynth is an impressive new Silverlight-based technology they’ve been working on that can be used to stitch hundreds of images together into a single explorable, zoomable, pannable, and web-viewable panoramic image. I was looking for a situation where I could possibly make use of Photosynth since I first saw it. The amazing panaromic views of Isle Royale National Park in Michigan proved to be the perfect opportunity.
The photosynths are easy to make – just stand in one place, turn in a circle and take about 50-100 overlapping pictures. Be sure to zoom in a few times and take some detail shots. After downloading the Photosynth client and selecting photos to stitch, some pre-processing takes place on your computer and the images are uploaded to the Photosynth website where the final combined result can be viewed. The resulting photosynth can be embedded in a web page.
You can see an example from Isle Royale below. Give it a few seconds to load for a better experience while zooming around. Use the mouse wheel to zoom in and out, and drag the picture around to pan.
In reading various blog posts, forums, and Stack Overflow questions there is still quite a bit of confusion around the different data storage options available in Windows Azure. This is probably mostly due to Microsoft changing their strategy, architecture, and naming conventions a few times.
For example, SQL Azure used to be called SQL Server Data Services (SSDS), was non-relational, and used an Entity Attribute Value (EAV) schema – giving it a major overlap in the functionality of Azure Table Storage. This obviously provided a pretty poor migration path to the cloud for existing applications using relational SQL Server storage. It was also confusing for developers, seeing that there were two non-relational storage options. So, Microsoft dumped/revamped SSDS and turned it instead into the now fully-relational hosted SQL Server offering, SQL Azure.
Below I’ve outlined some key bullet points around the various Azure storage options, as well as when each option should be used.
I recently ran into a situation where a client wanted to place their public facing ASP.NET website behind Oracle SSO to allow their customers to log in via their existing Oracle SSO accounts, yet also allow anonymous users to use the application without logging in. We could have done a simple LDAP integration, but the client also wanted users to not have to log into the application if they’re already logged into their Oracle Portal account.
First step, we had to determine how to get Oracle SSO running on Oracle Application Server (OAS) to protect an application running on a separate IIS web server. In order for an ASP.NET application to be able to get user credentials from Oracle SSO, Oracle SSO has to run “in front of” your application – i.e. something has to intercept the browser request on the way to your web app, decrypt their SSO session cookie, and inject an HTTP header containing the the user’s username that your ASP.NET application can read. There are two ways to accomplish this – Apache Reverse Proxying and the Oracle SSO IIS Plug-in.
To preface, Apache Reverse Proxying will route all the calls to your application through Apache first. The other option, the Oracle SSO IIS plug-in is installed on your IIS server, requests are sent directly to the IIS web server, and the requests are intercepted and security is handled by the Oracle plugin.
The Apache reverse proxy will pass all calls sent to a URL in OAS to a site running on another web server. For example, OAS will take all browser requests to http://oas.client.com/iissite/ and proxy them to http://iis.client.com/. Responses from IIS will be sent back to OAS and OAS will send the response back to the originating web browser. In testing this proved to be a little slow, as every single request to the application – images, javascript, css, ajax, postbacks, etc. would all be sent through the reverse proxy server and require an additional hop for every time.
On top of the performance issues, the ASP.NET application had to run in the root of the IIS web server and use a host header to route requests to the proper site. ASP.NET uses relative paths (i.e. <script src = ‘/ScriptResource.axd?etc…’/>) for included javascript used in ASP.NET AJAX and ASP.NET validation controls (ScriptResource.axd and WebResource.axd). Normally this would work fine if the web requests were being sent directly to the IIS server. However, when behind the reverse proxy server (remember, IIS has no idea it is serving pages behind a reverse proxy) – this causes the web browser to try to retrieve the javascript files from http://oas.client.com/ScriptResource.axd (directly from the OAS web server – where ScriptResource.axd obviously doesn’t exist and will send back a 404 error) instead of properly retrieving the files from http://oas.client.com/iissite/ScriptResource.axd. This causes all of the ASP.NET AJAX and ASP.NET validation controls to break.
There isn’t any way to get ASP.NET to retrieve those resources from a different path or to somehow prepend a path to the ScriptResource.axd and WebResource.axd URLs. The ScriptResource.axd issue can be fixed by manually including the individual ASP.NET AJAX javascript files by setting the ScriptPath on your ScriptManager. This is a pain, but works fine with the Reverse Proxy and the browser will be able to properly retrieve the ASP.NET AJAX files. Unfortunately, this still leaves the WebResource.axd pointing to the wrong path. WebResource.axd is used to retrieve the javascript used in the client-side validation for ASP.NET Validator controls and without it all client-side validation will be broken. There isn’t any way that I could find to modify where ASP.NET will retrieve those files. To get around the .axd issue, we had to get creative and create an IHttpModule that would rewrite the HTML responses and fix the paths on the fly.
Doing a simple find and replace on the .axd paths works fine for regular postback responses to fix the bad paths, but fails with ASP.NET AJAX partial-page updates. You can find and replace in the partial-page updates, but then it will throw off the field lengths in the pipe-separated data that is sent back to the browser. Thus, you need to actually find and rewrite the field lengths on the fly as well whenever you do a replace on the .axd paths. You can see the implementation of this in the ReverseProxyPathFixModule.cs below – it is a little scary, and I’m sure it isn’t full proof because the partial page responses are chunked upon being sent back to the browser. If there was an .axd path in between chunks, it wouldn’t be replaced – but I never saw this happen.
The most relevant portions of the code below are the Write() methods of PageFilter and PartialPageFilter – they do all the work. The rest of the code is just overridden Stream methods.
View ReverseProxyPathFixModule.cs
After implementing the custom HttpModule, the application was working almost perfectly behind the Reverse Proxy.
For the next hurdle, we couldn’t find any way to have Oracle SSO protect a resource in IIS (or even running in OAS for that matter) while allowing both anonymous and authenticated access. There isn’t any built-in way to allow anonymous access to an application while it is protected by Oracle SSO. After much research and reading this Extending Oracle SSO presentation and this Integration with Third-Party Access Management Systems help documentation from Oracle, we decided to create a custom Oracle SSO module that would “authenticate” a user and pass them to the application as the Oracle Portal “PUBLIC” account if they weren’t already logged in to SSO. The implementation of this plugin is fairly simple – it’s a Java class that inherits from the default Oracle SSO module (SSOServerAuth) and implements the IPASAuthInterface interface. The code simply checks the user’s cookies on the request – if the user has an Oracle Portal cookie, perform the authentication from the base class by calling super.authenticate. If the user doesn’t have a portal cookie, pass them on to the application and “authenticate” them as the PUBLIC user account. This is definitely a hack, but it works pretty well. See the implementation of the MixedAuthentication below.
Compilation of the code is a little tricky, you need to include ipastoolkit.jar, ossocls.jar, and servlet.jar in your classpath. The ossocls.jar isn’t usually included or detailed in the documentation because most Oracle SSO plugins don’t inherit from SSOServerAuth (it isn’t required), but rather just implement IPASAuthInterface. Deployment is also tricky, fortunately I found this blog post ‘Adding reCAPTCHA to Oracle SSO‘ that detailed how the plugin should be deployed to OC4J_SECURITY container, rather than the standard $ORACLE_HOME/sso/plugins location.
More hurdles! After successfully setting up our custom authentication plugin, we couldn’t figure out how to have our reverse proxy’d application use the custom plugin without it also affecting the client’s Oracle Portal installation. After we would set the reverse proxy path to use the custom plugin, we would see strange behavior in the Oracle Portal even though portal would be set to use the standard MediumSecurity and our reverse proxy path would be set to use our custom ‘MixedSecurity’ setting.
This is how we tried to set up our Oracle SSO policy.properties file:
#add our custom security level. MixedSecurity = 70 #keep the default authentication level so as to not affect oracle portal security. DefaultAuthLevel = MediumSecurity #set our custom app behind reverse proxy to use our new custom security level. oas.client.com/iissite\:80 = MixedSecurity #not sure if you need the path on OAS or the reverse proxy site. also tried it this way.. didn't work. iis.client.com\:80 = Mixed Security #set the plugin class for our custom security level MixedSecurity = com.client.authentication.MixedAuthentication
No matter what we tried with the SSO configuration we couldn’t get our application behind the reverse proxy to be protected by our custom plugin without also affecting the security of Oracle Portal. If anyone knows how to actually do that, I’d be interested to hear where we went wrong in the comments. Unfortunately, this meant that the work with the custom HttpModule, setting up the reverse proxy, etc. was all for naught. We had to install the Oracle SSO IIS plugin. This plugin is somewhat of a beast – the installation and configuration is one of the most complicated and least user-friendly I’ve ever encountered and involves creating registry entries manually, providing many opportunities to make mistakes along the way.
Either way, after installing the IIS plugin everything worked fairly smoothly. One thing to note – if you want to redirect the user from your ASP.NET application to log in to their actual Oracle SSO account rather than the PUBLIC account, you need to delete the user’s cookie that will look something like IAS_IDXXXXXX – this will “log out” the user from the PUBLIC account. If the user isn’t logged out of the PUBLIC account before hitting the SSO logon page, they’ll be automatically redirected (to the url provided in the p_requested_url parameter when sending the user to the SSO logon page) when they hit the page because they’re actually already logged in to the PUBLIC account.
One remaining problem, the Oracle SSO IIS plug-in manages to randomly crash the worker process with an error like:
Faulting application w3wp.exe, version 6.0.3790.3959, stamp 45d6968e, faulting module oracle_osso.dll, version 0.0.0.0, stamp 41775fa1, debug? 0, fault address 0×00002454.
Checking the SSO plug-in log files yields nothing out of the ordinary either so this has been pretty difficult to track down, we still haven’t found any solution for this problem. If anyone knowledgeable on the IIS or Oracle SSO side of things has some ideas or has seen this before, feel free to let me know in the comments.
Finally, after your ASP.NET application is safely behind Oracle SSO you can determine the logged in user’s username by checking the OSSO-USERNAME header like so:
After that, the user’s username from Oracle SSO will come over on the HTTP headers on every request to your application.
Categories
Tag Cloud
Blog RSS
Comments RSS
Void « Default
Life 
Earth 
Wind 
Water 
Fire Light 
Last 50 Posts
Back