NRW Conf 09

Auch in diesem Jahr veranstaltet der Just Community e.V. wieder das größte Developer und IT-Pro Community Event. Unter dem Motto „Check-In zum Wissensvorsprung“ holen wir am 28.08.2009 zahlreiche nationale und internationale Speaker nach Wuppertal. Neben den Vorträgen haben Sie natürlich auch dieses Jahr wieder viel Zeit für das Networking mit anderen ITlern aus Nah und Fern. Alle Informationen, wie die Agenda und eine Übersicht über die Speaker gibt es unter http://www.nrwconf.de/. Wir freuen uns, Ihnen auch dieses Jahr sowohl bekannte Gesichter, als auch neue Speaker vorstellen zu dürfen. Die Veranstaltung wurde in diesem Jahr möglich durch unsere Sponsoren: Hewlett Packard, devcoach, Microsoft Deutschland, Brockhaus AG, Itemis AG, sepago GmbH, MT AG, sowie weiteren Unternehmen. Eine weitere Neuerung in diesem Jahr ist der Workshop Day, der am Vortag der eigentlichen Konferenz – sprich am 27.08.2009 – in den Räumlichkeiten unseres Sponsoren Ontaris GmbH stattfindet. Der Developer-Workshop befasst sich mit der Microsoft Web Platform und behandelt die Themen Rich Internet Applications mit Silverlight 3.0 und Web 2.0 Applikationen mit ASP.NET AJAX und JQuery. Die Workshops haben eine begrenzte Teilnehmerzahl (je acht) um den Lernerfolg zu garantieren. Also schnell einchecken…

UrlAuthorization with ASP.NET Routing

What is life without security. In the last posts I told you how to do URLRewriting with the ASP.NET 3.5 RoutingEngine and how to pass query strings to the destination Web Form. In this post I'll add some authorization code to let ASP.NET Authentication mechanisms play well. The first step is to figure out which authentication mechanism has taken place in the local configuration file. For the case of forms based authentication it would be nice to redirect to the configured login Web Form, for all other authentication mechanisms we can only throw a security exception and set a HTTP status code. I only wanted this operation to be executed once and therefore I implemented as static and thread safe property with a backing field and a lock object:private static string s_authenticationType; private static object s_authenticationTypeLock = new object(); private static string AuthenticationType { get { if (string.IsNullOrEmpty(s_authenticationType)) { lock (s_authenticationTypeLock) { if (string.IsNullOrEmpty(s_authenticationType)) { var authenticationSectionObject = WebConfigurationManager.GetSection( "system.web/authentication"); var authenticationSection = authenticationSectionObject as AuthenticationSection; if (authenticationSection != null) { s_authenticationType = authenticationSection.Mode.ToString(); } } } } return s_authenticationType; } } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   Now its time to check the authorization on the target Web Form:if (httpContext != null && !UrlAuthorizationModule.CheckUrlAccessForPrincipal( VirtualPath, httpContext.User, httpContext.Request.HttpMethod)) { if (AuthenticationType. Equals("forms", StringComparison.OrdinalIgnoreCase)) { VirtualPath = FormsAuthentication.LoginUrl; queryString = new StringBuilder( string.Concat( "?ReturnUrl=", requestContext.HttpContext.Server.UrlEncode( requestContext.HttpContext.Request.RawUrl ))); } else { throw (new SecurityException()); } } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } Next I will add a login Web Form to the site and drop a LoginControl to the form: And add some code behind:using System; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; public partial class login : Page { protected void OnLoggingIn(object sender, LoginCancelEventArgs e) { //TODO: add some auth logic or use membership... FormsAuthentication.RedirectFromLoginPage( "lennybacon", false); } } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } Authorization requires an authorization and therefore I enable ASP.NET forms based authentication that also is compatible to ASP.NET Membership in the configuration file:<configuration> <system.web> <authentication mode="Forms"/> ... .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   I can configure the authorization settings for the destination Web Forms are also in the web.config file by adding location sections:<configuration> ... <location path="Default2.aspx"> <system.web> <authorization> <deny users="?"/> </authorization> </system.web> </location> ... .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   Running the web site and clicking the link to the route (/other) that targets the Default2.aspx results in showing up the login.aspx. Notice that the address bar has not changed - the usual roundtrip for redirecting to the loginURL is also "rewritten" inside of ASP.NET.   This way the security is easily plugged into the RoutingHandler class - Cool stuff! 

ASP.NET Routing for URLRewriting with QueryStrings

In the last post I showed how to use the ASP.NET 3.5 Routing Engine for URLRewriting purposes. I want to go further in this post by adding the ability to add variables into a route path and forward and append query string variables to the destination Web Form request. A route can contain one or more variables expressed by its {name}.  RouteTable.Routes.Add( new Route( "articles/{id}", new devcoach.Web.RoutingPageHandler())); .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   Inside of the RoutingHandler we can iterate through the variables by accessing them by the RouteData property on the parameter passing the RequestContext:  var queryString = new StringBuilder("?"); foreach (var aux in requestContext.RouteData.Values) { queryString.Append( requestContext.HttpContext.Server.UrlEncode(aux.Key)); queryString.Append("="); queryString.Append( requestContext.HttpContext.Server.UrlEncode( aux.Value.ToString())); queryString.Append("&"); } queryString.Remove(queryString.Length - 1, 1); .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   The problem now is that the method CreateInstanceFromVirtualPath of the BuildManager class does not allow us to pass for instance a query string as a parameter (I had this discussion recently with Holger at the speakers party of the Basta! confrence):  var handler = (IHttpHandler)BuildManager.CreateInstanceFromVirtualPath( VirtualPath, typeof(Page)); .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }   Passing URL Parameters (a query string) to the instance of the page created from its virtual path we can use the good old RewitePath method (which should be familiar for everyone who has rewritten URLs with ASP.NET 2.0):   HttpContext.Current.RewritePath(    string.Concat(        VirtualPath,        queryString)); var handler =    (IHttpHandler)BuildManager.CreateInstanceFromVirtualPath(        VirtualPath,        typeof(Page));   It feels a bit strange to use the old fashioned way of rewriting URLs just to pass a query string, but the routing handler will stay in control of the request and only the context  variables gets modified.  Listening to: Elbow - Grounds for Divorce

ASP.NET Routing for URLRewiting

With ASP.NET MVC comes a component that is called the routing engine. In ASP.NET MVC it is responsible to assign a controller to an incoming request: From an conceptional view the routing engine consists of two parts: a) The RouteTable which stores the information which routes are defined b) The UrlRoutingModule which finds matches to routes on incoming requests. But the routing engine is not limited to MVC in its use. The ASP.NET 3.5 Routing Engine is a powerful instrument for URLRewriting. Lets have a look how to use routing standalone or with classic ASP.NET (wow, now its already classic! Never dreamed that this would happen so fast... But hey, the .NET platform is nearly ten years old...): 1. First I added the HttpModule to you configuration file: .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } … <httpModules> <add name="urlRouting" type="System.Web.Routing.UrlRoutingModule, System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> … .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } 2. Second I created a routing handler by implementing the IRouteHandler interface which comes from System.Web.Routing. I've put a simple if-else together to route to different pages:using System.Web; using System.Web.Compilation; using System.Web.Routing; namespace devcoach.Web { public class RoutingPageHandler : IRouteHandler { public IHttpHandler GetHttpHandler(RequestContext requestContext) { var VirtualPath = pathData.VirtualPath.Contains("articles") ? "~/Default.aspx" : "~/Default2.aspx"; var handler = (IHttpHandler)BuildManager.CreateInstanceFromVirtualPath( VirtualPath, typeof(Page)); return handler; } } }  .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } 3. Third I registered the routes to the RouteTable from within the Global.asax file: <%@ Import Namespace="devcoach.Web"%><%@ Import Namespace="System.Web.Routing"%><%@ Application Language="C#" %> <script runat="server"> .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } static void RegisterRoutes() { RouteTable.Routes.Add( new Route( "articles", new RoutingPageHandler())); RouteTable.Routes.Add( new Route( "other", new RoutingPageHandler())); } void Application_Start(object sender, EventArgs e) { RegisterRoutes(); }  And here we go already:  Basic URLRewiting in a few minutes. Quite neat, eh. Definitely worth a try...  Now listening to: Flobots - Handlebars

IE Active Content Update

I'm back on ASP.NET (at least more than last year :-)) - And it feels great (again) digging deep into some interesting areas around user interfaces (also WPF!!!), processes and tasks, state management, async stuff (multi threading/AJAX & JSON) and so on... Personal Ref.: Activating ActiveX Controls Adobe's comments on the topic... IE Persistence Behaviour Tabbed Browsing for Developers Search Provider Extensibility in Internet Explorer

Macro to enable Code Analysis and define FxCop rules

I'm currently helping a customer to migrate a *really large* web application from ASP.NET 1.1 to 2.0 (round about 130 projects in the master solution...). I always liked FxCop but enabling "Code Analysis" manually is way to complicated (or not geekish enough?!?). So I wrote this small macro this morning. Imports System Imports System.Diagnostics Imports System.Text Imports System.Windows.Forms   Imports EnvDTE Imports EnvDTE80   Public Module CodeAnalysis       Public Sub EnableFxCop()         Dim objProj As Object()         Dim proj As Project           For i As Integer = 1 To DTE.Solution.Projects.Count             proj = DTE.Solution.Projects.Item(i)             EnableFxCop(proj)         Next     End Sub       Private Sub EnableFxCop(ByVal project As Project)           If project.Kind = "{66A26720-8FB5-11D2-AA7E-00C04F688DDE}" Then             'Filter Project Folders             For Each subProject As ProjectItem In project.ProjectItems                 EnableFxCop(subProject.SubProject)             Next         Else             project.ConfigurationManager.ActiveConfiguration.Properties.Item( _                 "RunCodeAnalysis").Value = "True"               project.ConfigurationManager.ActiveConfiguration.Properties.Item( _                 "CodeAnalysisRules").Value = String.Concat( _                     "-Microsoft.Design#CA2210;", _                     "-Microsoft.Design#CA1020;", _                     "-Microsoft.Naming#CA1705;", _                     "-Microsoft.Naming#CA1709")             project.Save()         End If     End Sub End Module

New blogger on my Team

A while ago I posted that I and my company were searching for ASP.NET guys... Sergey Shishkin joined newtelligence in March this year and started to blog yesterday. He will do a presentation about a project related to Office Open XML and WinFx he is doing on out next user group meeting (18th May) in Düsseldorf, Germany