On this page.... RSS 2.0 | Atom 1.0 | CDF
# Friday, July 22, 2005

This article has a short clip showing that Microsoft has officially named the OS formerly known as Longhorn to Windows Vista.  The title says something about naming a beta date as well, though I didn't see that in the article.  Of course, I still haven't had any coffee today, so...

Okay, I found it...

Friday, July 22, 2005 9:19:30 AM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 
# Monday, July 18, 2005

ScaleOut Software has created a really promising ASP.NET state server system.  I haven't had a chance to play with it myself, but it does look good.  Check it out, and check out the review on asp.netPRO.

Updated 7/21 18:14:  I've now had a chance to review some more of the specs and reviews for this product, and the folks at ScaleOut were even kind enough to answer some of my inquiries.  In short, I think this is, from a purely theoretical/design standpoint, the best solution to session management available today.  As a matter of fact, this solution even allows other forms of caching, so not only does it solve distributed session management, it also solves other forms of distributed cache via their API.  Too cool!

If I ever have a need to host a scalable web application again, this product will be at the top of my list to solve those issues.  It will be interesting to see how it fares in the market and what the experiences of those who implement it will be.  I tend to think they'll be great.  I don't get excited about third party tools very often, but I am about this one.  You definitely should look into it.

Monday, July 18, 2005 8:22:12 PM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 
# Sunday, July 17, 2005

Well, Tampa Code Camp went off really well yesterday, and after writing my chapter on caching for ASP.NET 2.0 MVP Hacks tonight, I remembered that I needed to get the code and slides up from my Creating Reusable Application Frameworks session from yesterday since some of you were asking for the code we built in that session.  That download is here

By the way, after I thought about it for a minute, I fixed the little bug that wouldn't get us a good index to add the label at.  Instead of using page, I used ctrl.Parent, which should be (and was) the containing control for the target control.  Once I fixed that, it added the label where we wanted it.  The fix is included in the download.

Also, since it came up a couple times yesterday, the SortableCollectionBase download information is here.

I hope everyone had a great time.  See ya around!

Sunday, July 17, 2005 11:16:29 PM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [1]  | 
# Friday, July 15, 2005

It just goes to show that we've got a bunch of really great, talented people who are willing to share their time and ideas with others as well as a lot of great folks who want to learn.  Our max of 350 people for the Tampa Code Camp event has been reached, and I'm sure there are those who'd like to come but didn't register in time.

It's going to be a fun and intellectually aggrandizing day tomorrow, and I'm looking forward to seeing a bunch of bright and shiny faces there early on Saturday (that's tomorrow!) morning.  Yes, it is on Saturday, and folks are STILL coming to spend their free time learning.  Wow, what a great lot! 

Hasta maƱana!

Friday, July 15, 2005 4:36:22 PM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 
# Wednesday, July 13, 2005

As those of you who know me or have read my blog for a while know, I head up editing and development for ASPAlliance.  Since it is a part-time endeavor for all of us, change happens slowly, but over the last year or so since I've been tasked with improving the site, we've dramatically increased our response times, improved our editorial process, (hopefully) improved article quality, and we just recently changed our article submission process and compensation model.  I couldn't have done this alone--by no means--and in fact I have the selfless staff of editors and, naturally, Steve Smith to thank for that. 

Of course, we're not stopping there--we intend to keep trudging forward, doing what we can within our limited time and budget to keep it a top developer community site for ASP.NET developers.  To this end, we need your help!  If you think you have the know-how to write articles for us, we are now providing competitive honoraria for our authors.  So not only do you get the benefit of sharing your ideas with hundreds of thousands of other developers, honing your writing skills, and increasing your marketability, you also get a few coins to boot!  Note that we also pay for reviews of books and components as well as short tutorials (CodeSnips) if you feel more comfortable just showing folks how to do something cool.

So if you're interested in this opportunity, just go to our Write for Us page, review the guidelines, and submit your ideas.  The only way we can keep ASPAlliance interesting is to continue getting new, great content from great minds.  We're looking forward to hearing from you! 


P.S. We're also trying out a no-paging approach to viewing articles--check it out to see what you think.

Wednesday, July 13, 2005 10:03:41 PM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 
# Thursday, July 7, 2005

I know I've already mentioned this, but it's getting close, and we only have limited space available, so I wanted to make sure those of you who read my blog in the Tampa area get a chance.  Joe Healy's been nice enough to put our agenda online, and as you can see, it's pretty impressive for a free event!  One well-known .NET guru, Stan Schultes, is quoted as saying it's as hard to choose between sessions at Tampa code camp as it was at TechEd.  I think you'll agree.

Now I realize this is on a Saturday, which may not be appealing for the nine-to-fivers, but I hope we can all see that going to this can only help your career.  There's something there for everyone from introductory sessions on .NET 2.0 to architectural discussions about objects and SOA.  Heck, there's even a session hosted by local recruiters that will give you the inside scoop on how to get the most out of your skills.  Spend a little of your free time improving your professional knowledge; you can only be better off for having done so.

Thursday, July 7, 2005 7:45:35 AM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 
# Thursday, June 30, 2005

Unless you work on the WSE team, I doubt it, at least not at the time of writing.  I assume this because there is basically only one article on the subject written by Mark Fussell, the Lead PM for WSE, that is an intro to it.  Fine, it is a CTP and only works with a beta of another product (.NET 2), so I can understand that it's not widely adopted.  But I still need answers, as I'm sure others do and will.  So, if you have experience with WSE 3 (and perhaps knowledge of WSE 2 would help), please take a look at these questions:

1) UltimateReceiver.GetClientToken Returns Null

2) Secure Conversation from an ASP.NET Session

If you've got the answers, please either respond on the NG or here. :)

Thursday, June 30, 2005 5:13:40 PM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [6]  | 
# Tuesday, June 28, 2005

I want to put this out here for anyone else who might run into this problem playing with the Quickstart samples for Microsoft's recently-released WSE 3.0.   To get the WSSecurityUsernamePolicyService sample solution (from the hands-on lab) going, you need to run the CreateSampleVdir.vbs in the solution directory.  Then you'll need to follow the instructions in the "Detailed Instructions," which is linked obscurely towards the end of the certificate setup section.  It links to \Program Files\Microsoft WSE\v3.0\Samples\Sample Test Certificates\readme.htm on my installation. 

When installing the server certificate, be sure to change the drop-down to pick the WSE2QuickStartServer.pfx file; it will let you just install the .cer file (*.cer is the default selection in the certificate importer file type drop down).  Put it in the Local Computer - Personal store.  You will also need to import the WSE2QuickStartServer.cer (that's right, the .cer) file into the Current User 'Other People' store.  To do this, I had to open IE and go to Tools - Internet Options - Content - Certificates - Other People tab because the store wasn't showing up in the MMC add-in.  I later found that it showed up after I added it via IE.

Now, according to the docs, that's all you need to do, but there is one more step that you need to do; otherwise, you will likely get a cryptographic exception saying "bad key," which is so far off the mark as to be funny (if you don't have to waste hours tracking down the real problem).  The problem is that your ASP.NET process identity doesn't have permission to read the server key by default. 

To fix this, you can either go find the file in explorer (on my machine, it is in \Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys) and grant the Users group Read on that directory, which is actually probably the best approach if you're dealing with potentially multiple certificates.  Or you can use the WSE X.509 Certificate Tool, which is part of the WSE SDK to find the cert and then click on the View Private Key File Properties... button to bring up the specific cert's key file perms and grant Users the Read right.  Note this applies on XP and 2000, for 2003, you'll want to grant the IIS_WPG group these perms.

After doing this, I was able to finally run the username with server certificate sample.  It seems almost sad that so much trouble is involved in running a simple sample, but my experience has been that whenever you involve X.509 certificates, the trouble and complications go through the roof.  Microsoft REALLY NEEDS TO WORK ON USABILITY with X.509 certs, especially now that they're becoming the almost de facto approach for securing Web services.  Nearly every time I've dealt with them has been problematic, and one time I actually had to resort to calling PSS, which is unusual for me.  Maybe this is because I'm not an X.509 expert, but then again, most of us aren't...

Updated: If you go through the Hands-on Lab, you'll note they cover these issues above.  This lab would be a good place to start; unfortunately, I didn't start there. :)  But I'd still suggest granting the groups (Users on XP/2000, IIS_WPG on 2003) access to this directory and not the users; this way if you change your service's process identity, you won't have to re-grant permissions for it to see those certs.  And I'd still think that granting these groups read to the directory would be best, so they can see any other such certs you might install.

Tuesday, June 28, 2005 10:49:35 AM (Eastern Daylight Time, UTC-04:00)  #    Disclaimer  |  Comments [0]  | 

The opinions expressed herein are solely my own personal opinions, founded or unfounded, rational or not, and you can quote me on that.

Thanks to the good folks at dasBlog!

Copyright © 2020 J. Ambrose Little