On this page.... RSS 2.0 | Atom 1.0 | CDF
# Tuesday, June 28, 2005

I want to put this out here for anyone else who might run into this problem playing with the Quickstart samples for Microsoft's recently-released WSE 3.0.   To get the WSSecurityUsernamePolicyService sample solution (from the hands-on lab) going, you need to run the CreateSampleVdir.vbs in the solution directory.  Then you'll need to follow the instructions in the "Detailed Instructions," which is linked obscurely towards the end of the certificate setup section.  It links to \Program Files\Microsoft WSE\v3.0\Samples\Sample Test Certificates\readme.htm on my installation. 

When installing the server certificate, be sure to change the drop-down to pick the WSE2QuickStartServer.pfx file; it will let you just install the .cer file (*.cer is the default selection in the certificate importer file type drop down).  Put it in the Local Computer - Personal store.  You will also need to import the WSE2QuickStartServer.cer (that's right, the .cer) file into the Current User 'Other People' store.  To do this, I had to open IE and go to Tools - Internet Options - Content - Certificates - Other People tab because the store wasn't showing up in the MMC add-in.  I later found that it showed up after I added it via IE.

Now, according to the docs, that's all you need to do, but there is one more step that you need to do; otherwise, you will likely get a cryptographic exception saying "bad key," which is so far off the mark as to be funny (if you don't have to waste hours tracking down the real problem).  The problem is that your ASP.NET process identity doesn't have permission to read the server key by default. 

To fix this, you can either go find the file in explorer (on my machine, it is in \Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys) and grant the Users group Read on that directory, which is actually probably the best approach if you're dealing with potentially multiple certificates.  Or you can use the WSE X.509 Certificate Tool, which is part of the WSE SDK to find the cert and then click on the View Private Key File Properties... button to bring up the specific cert's key file perms and grant Users the Read right.  Note this applies on XP and 2000, for 2003, you'll want to grant the IIS_WPG group these perms.

After doing this, I was able to finally run the username with server certificate sample.  It seems almost sad that so much trouble is involved in running a simple sample, but my experience has been that whenever you involve X.509 certificates, the trouble and complications go through the roof.  Microsoft REALLY NEEDS TO WORK ON USABILITY with X.509 certs, especially now that they're becoming the almost de facto approach for securing Web services.  Nearly every time I've dealt with them has been problematic, and one time I actually had to resort to calling PSS, which is unusual for me.  Maybe this is because I'm not an X.509 expert, but then again, most of us aren't...

Updated: If you go through the Hands-on Lab, you'll note they cover these issues above.  This lab would be a good place to start; unfortunately, I didn't start there. :)  But I'd still suggest granting the groups (Users on XP/2000, IIS_WPG on 2003) access to this directory and not the users; this way if you change your service's process identity, you won't have to re-grant permissions for it to see those certs.  And I'd still think that granting these groups read to the directory would be best, so they can see any other such certs you might install.

Tuesday, June 28, 2005 10:49:35 AM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 
# Friday, June 24, 2005

Developing Compelling User Interfaces with Ease in ASP.NET 2.0
June 30th - 6:30 PM in Tampa - Russ Fustino - Microsoft


________________________________

Creating Web user interfaces has come a long way since the days of hand-coding HTML and dealing with form postbacks. But even with ASP.NET 1.x you still have to deal with the complexities of maintaining a common look and feel across your site, as well as providing navigation. ASP.NET 2.0 takes Web UIs to a whole new level with a rich set of fresh controls and IDE features. We'll start with a tour of Master Pages and show you not only the benefits at runtime, but during design time as well. We'll show you how easily Themes will let you establish a consistent appearance across your entire site. Finally, you'll discover how managing site maps - including menus, trees and "breadcrumbs" for navigation - is as easy as X-M-L.

By attending this session, you'll learn:

* How to establish a common look and feel for your Web application
* How to manage and customize that look and feel
* How to build dynamic navigation elements for your entire site

This session will illustrate the following:

* Architecture of Master Pages
* Interacting with Master Pages from an ASPX page
* Architecture of Themes
* Working with Themes at design time and programmatically
* Navigation Controls and Site Maps

 

To Register: http://www.fladotnet.com/reg.aspx?EventID=175

Friday, June 24, 2005 12:23:38 PM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 
# Tuesday, June 21, 2005

http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032277133&Culture=en-US

'Nuff said.

More info at http://www.tampacodecamp.com/.

Rumors are that lunch (pizza and soda) will now be provided by a generous donor...

Tuesday, June 21, 2005 7:33:57 AM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 
# Tuesday, June 7, 2005

Microsoft has announced the official launch date for Visual Studio 2005, SQL Server 2005, and BizTalk Server 2006.  November 7th!  Mark it on your calendars; this one has been anticipated for years now (at least by folks like myself).  It's great to finally get definition on it!

In other news, ASPSOFT debuted project Rally, which is the Microsoft .NET-powered battle bot known as The Finalizer.  Too cool!

Tuesday, June 7, 2005 10:16:37 AM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 

It struck me recently that folks would probably not know until they bought the book that it contains an implementation of a custom ADO.NET 2.0 provider for Active Directory.  It is for one of the chapters that I wrote that demonstrates what you would need to do to implement a custom ADO.NET provider.

I chose Active Directory because I don't like working directly with DirectoryServices.  When I first had the need to interact with Active Directory, I found the API and, indeed, the underlying concepts to be notably foreign.  I think that most devs who are coming from your typical MS background of building applications with relational databases and ADO-like technologies find it somewhat obscure and puzzling to be confronted by the likes of Active Directory and LDAP.

So my goal, apart from demonstrating how to build an ADO.NET provider (which I honestly think most people don't need to know), was to provide something useful that I and others could put to work, making our lives easier.  While the provider itself is not shrink-wrap quality, it does have the basic functionality you'd need to work with user accounts, which I think is the most common scenario for app devs--the greatest benefit of AD for applications is the centralized profile and authentication store it provides.

I would say, and I'm not just saying this because I wrote it, that the book will be worth the price just to get your hands on this provider code, which is available in both VB.NET and C#.  It majorly simplifies dealing with Active Directory by giving you a very familiar API to work with (ADO.NET) and easily enables data binding and updating for common scenarios.  I'd love to see someone take it and build it out into a full-fledged, commercial-quality provider as I think there is definitely a niche for such a product (I'd buy it!).

Of course, I don't want to downplay the value of the rest of the book; it has a ton of other great stuff that will give you all you need to know to become a pro with ADO.NET 2.  So what are you waiting for?  Go get it!

Tuesday, June 7, 2005 10:09:45 AM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 
# Friday, June 3, 2005

I was just looking something up on Google, and I noticed a little, harmless link in the top right that said "Satellite."  Curious person that I am, I clicked it, and suddenly the map I was staring at was replaced by lush imagery.  Too cool!

But even cooler is that you can drag the screen around, zoom in to a very close proximity, and you can even overlay driving directions on the satellite imagery.  Now how much better can it get than that?

Check it out!

Friday, June 3, 2005 4:29:49 PM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [1]  | 
# Thursday, May 19, 2005

I just ran across the patent application for what appears to be some rendition of the purportedly defunct Object Spaces.  At least, I hope that's what it is and not some attempt by Microsoft to patent the idea of entity mapping itself.  I didn't read the whole thing (who has that kind of time!?), but I can only assume (because patenting entity mapping itself would be preposterous) that it is a patent for their particular solution that they are working on for the WinFS timeframe.

In any case, I guess those who were trying to model their own entity mapping utilities off of object spaces need to be careful if/when MS gets the patent on it.  I'm not really sure I see what's to be gained by patenting their approach.  Microsoft will squash any competition in the space when they get something out there anyways...

Thursday, May 19, 2005 3:47:05 PM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 
# Monday, May 16, 2005

Tampa Code Camp is looking for you.  We are currently accepting sessions on virtually any .NET dev related topic.  If you've got great ideas that you want to share with others, please send us your sessions.  The deadline for new session submissions is mid-June.  So show off your knowledge, help others, and just generally have fun by participating in Tampa Code Camp this July 16th!

More information is available at the Tampa Code Camp site.

Monday, May 16, 2005 6:31:05 PM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 
# Saturday, May 14, 2005

I was just surfing around, looking for a decent grammar guide for a friend, when I ran across this site.  The fella there has an impressively long list of common English errors, but what I found most interesting is his list of non-errors.  Non-errors are caused by pedants who are so eager to show off their superior knowledge of the language that they will go too far and actually show their ignorance.

I chuckle inside when I hear someone saying "I feel well" or "between you and I."  I don't fault them for trying to speak proper English; heck, I've often laughed at myself for saying such things, and I immediately correct myself (often under my breath) to remind myself.

You'd be surprised at the number of bad habits I've had to break, things like "coulda went," "less calories," and one that I still have trouble with: "I'm gonna go lay down for a bit."  What can I say?  I was raised in Arkansas and Oklahoma, neither of which are particularly known for proper English. :)

For the record, the proper way to say the above things are:
1. "I feel well" should be "I feel good," unless of course you are talking about your health and not your state of mind.  If you are thinking "I feel good" (like the song), then you should say that and not overcorrect yourself.
2. "Between you and I" should be "between you and me."  This is a case where folks have been told that saying "you and me" is incorrect, usually in the context of using it as the subject (nominative case) in a sentence such as "you and me are going to dinner."  In that case, you should use "you and I" because "I" is the nominative case for the singular, first-person personal pronoun; however, nouns that follow prepositions (which is what "between" is) should be in the accusative or dative case, and that case for the aforementioned personal pronoun is "me."
3. "Coulda went" should be "coulda gone" if you're intending to be colloquial.  Of course, the more proper way would be "could've gone."
4. "Less calories" should be "fewer calories."  This is a toughie, at least for us Americans.  "Less" should be used when referring to a single thing, such as "less water" or "less sand."  "Fewer" should be used when talking about multiple things, such as "fewer items" or "fewer calories."  Even Wal-Mart gets this one wrong, or at least they intentionally use it because it is more common to be incorrect.  Let me know if you find a store whose express lane says "10 or fewer items" rather than "10 or less items."
5. The last one that still causes me trouble is "lay" versus "lie."  The difference is in whether or not the verb takes an object, that is, whether or not it is transitive or intransitive.  If you are putting something down, you would "lay" it down; however, if you are describing what something is doing, you would say it is "lying" down.  So I should say "I'm gonna go lie down for a bit" unless I'm going to go take something and lay it down for a while. 

Anyways, for the time being, these are still shibboleths, but I wouldn't be surprised if in a few decades these become the new non-errors because common usage has made them correct. 

The main thing to keep in mind is that there are plenty of folks who use the way you speak or write as a means to determine your level of education or, worse, intellect.  It's not so much that these little errors really matter in getting your point across (which is, after all, the point of language) but that you don't want to be discounted a priori for what is considered by many others to be incorrect.

Saturday, May 14, 2005 5:32:35 PM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [1]  | 

Disclaimer
The opinions expressed herein are solely my own personal opinions, founded or unfounded, rational or not, and you can quote me on that.

Thanks to the good folks at dasBlog!

Copyright © 2019 J. Ambrose Little