Wesley Bakker

Redux

Mon, 24 Oct 2016 08:18:00 GMT

A friend of mine told me to have a look at Redux as it is such an awesome and popular "framework". I had a look and I’m not convinced. This post describes my view on Redux. I've also written, my own predictable state container using TypeScript and standard design patterns, which I'll share.

Read full post.

Free SSL for multiple domains with Letsencrypt and Nginx on a Raspberry PI

Sat, 21 May 2016 17:35:00 GMT

In the Netherlands we have some amazing bandwith (300Mbit/30Mbit) at our homes. Combined with these dead cheap but very capable Raspberry Pi's readily available, I figured that I could easily run a couple of web servers at home. It's no problem to run Wordpress or a .Net Core web site (Scott Hanselman) on a Pi. The only issue I faced is that I have single public ip-address, but multiple sites to host. The other thing is that I wanted the traffic to these site encrypted with an SSL certificate. I don't want to log in with forms authentication over an unencrypted wire.

I've had been working on a Raspberry Pi Wordpress site before and back then noticed that Nginx is not just a web server, but a proxy server as well. Hmmm... let's combine everything and let's see if we can get this to work. The goal here is to host multiple web sites on multiple Raspberry Pi's behind a proxy. I have a domain name mertarauh.com, where I want to host a Wordpress site at the root, and my SmartPortal (energie consumption monitor) at a sub domain smartportal.mertarauh.com

So let's get started with these 3 basic steps:

Setup the DNS at the domain registar for both the root and sub domain to point to the external ip.
Install Nginx (not the php part) on a clean Raspbian Jessie Light and assign a static internal ip address.
Configure your router to forward all request at port 80 and 443 to the configured internal ip address.

All traffic will now be forwarded to my Nginx service running at the Raspberry Pi.

Let's get some SSL certificates. There is an almost perfect blog post on how to install and configure Letsencrypt on a Debian ditribution (like Raspbian). So just follow that one while you replace the domain names and add yours. We can now make a secure connection to our Nginx service, it is just that the service doesn't know what to do with it. Besides that there is a minor mistake in the configuration which prevents succesfull renewal of your certificates. So how should your Nginx config look?

upstream smartportal {
        server 192.168.24.65;
}

upstream wordpress {
        server 192.168.24.70;
}

server {
        listen 80 default_server;
        listen [::]:80 default_server;
        server_name _;
        root /var/www/mertarauh.com;

        location / {
                return 301 https://$host$request_uri;
        }

        #letsencrypt
        location ^~ /.well-known/ {
                allow all;
        }
}

server {
        listen 443 ssl http2 default_server;
        listen [::]:443 ssl http2 default_server;
        include snippets/ssl-mertarauh.com.conf;
        include snippets/ssl-params.conf;
}

server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name mertarauh.com;
        include snippets/ssl-mertarauh.com.conf;
        include snippets/ssl-params.conf;
        proxy_buffering off;

        location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass http://wordpress;
        }
}

server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name smartportal.mertarauh.com;
        include snippets/ssl-mertarauh.com.conf;
        include snippets/ssl-params.conf;
        proxy_buffering off;

        location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass http://smartportal;
        }
}

Let me explain what is going on here. First I define my two up stream applications.

Then I configured a catch all default_server on port 80 which will redirect all requests to the https equivillent except for requests to the /.well-known/ directory. This is required for autorenewal of your SSL certificates (<- this is missing in the blog post).

Then I have a default_server without a server_name on port 443. This is purely for the SSL hand shake to succeed. The hand shake takes place before the host name is known.

And finally I configured the two servers for which I like to do SSL termination. I simply forward the requests.

DONE!

Finding out if a delimited string contains a specific value the easy way

Mon, 04 Jan 2016 11:43:00 GMT

One of the things I do on a regular basis is to read somebody else's code in order to learn from it. And just this week I was reading some code of which I at first did not understand what was happening and then it struck me:

var searchString = " " + inputString + " ";
if(searchString.Contains(" " + searchValue + " ")){
  // do something
}

The inputString here contains a space(" ") delimited list of values. What I used to do to find out if a delimited string contains a specific value is to call string.Split("<separator>") to create an array and then use Linq or a loop to iterate through the array and verify if this array contains the value. This is however very inefficient. Just prepending en postpending the string value with the separator and then call string.Contains("<separator>" + searchValue + "<separator>") works perfectly fine and is much more optimized.

Prepending and postpending is required to prevent you from finding false positives. Imagine an inputString like this: "12 126 123" while searching for a value of "26".

Combine a Raspberry Pi, Smart Meter (Slimme Energiemeter), Python, Rest, TypeScript, AngularJS and some libraries and you've got your own Energie Consumption Portal

Wed, 25 Nov 2015 22:03:00 GMT

Almost a year ago I created my own solution to view both power and natural gas consumption in my home. I'm thinking about creating a blog post series on how you can create one yourself. But.... this will be a long, multipart, time consuming blog post series. Before I start this adventure I first want to find out if there is anybody out there that is actually interested in such a blog post series. In this first post I will just tell you what I did, and if I get enough comments in which readers express their interest in the full series, I'll continue explaining how I did it.

What I did

I hooked up a Raspberry Pi to my Smart Meter (Slimme Energiemeter) by using an FTDI cable
I wrote a Python service that listens to the 'virtual' COM port and writes values to a Round Robin Database
I wrote a Python web service that exposes a REST api which returns data from this RRDB
I wrote some static HTML, TypeScript, CSS and combined that with some libraries to create my responsive Smart Portal

The results look like this.

If you would like to know how, please just drop me a comment and I'll find some time to start the blog post series.

Regards,

Wesley

Leverage browser cache in MVC using an action filter

Thu, 12 Nov 2015 12:26:00 GMT

Along the lines of my previous post I wanted an easy way to implement client cache in a standard MVC web application. The OutputCache attribute does not allow us to dynamically change the cache settings for the current request. As MVC and Web API both rely on different libraries I could not reuse the Web API action filter in MVC so I had to come up with a new solution. This again resulted in two simple classes.

public class ClientCacheAttribute : ActionFilterAttribute {
    public override void OnActionExecuted(ActionExecutedContext filterContext) {
        base.OnActionExecuted(filterContext);

        var clientCache = ClientCache.Current;

        if (clientCache.IsValid) {
            filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.NotModified);
        }
    }
}

public class ClientCache : HttpCachePolicyWrapper {
    private const string ItemsKey = "C653F02F-14F9-4E8C-9E74-D22F7E7230A4";
    private const string IfModifiedSinceHeaderKey = "If-Modified-Since";

    protected ClientCache()
        : base(HttpContext.Current.Response.Cache) {        
        var request = HttpContext.Current.Request;
        if (request.Headers.AllKeys.Contains(IfModifiedSinceHeaderKey)) {
            string modifiedSinceHeaderValue = request.Headers.GetValues(IfModifiedSinceHeaderKey).First();

            DateTimeOffset modifiedSince;
            if (DateTimeOffset.TryParse(modifiedSinceHeaderValue, out modifiedSince)) {
                this.IfModifiedSince = modifiedSince;
            }
        }
    }

        
    public static ClientCache Current {
        get {
            var currentContext = HttpContext.Current;

            if (!currentContext.Items.Contains(ItemsKey)) {
                lock (currentContext.Items) {
                    if (!currentContext.Items.Contains(ItemsKey)) {
                        currentContext.Items.Add(ItemsKey, new ClientCache());
                    }
                }
            }

            return currentContext.Items[ItemsKey] as ClientCache;
        }
    }

    public DateTimeOffset? IfModifiedSince {
        get;
        private set;
    }


    public DateTimeOffset? LastModified {
        get;
        private set;
    }


    public override void SetLastModified(DateTime date) {
        this.LastModified = new DateTimeOffset(date);
        this.IsValid = (this.IfModifiedSince.HasValue && this.LastModified.Value.Equals(IfModifiedSince.Value));
        base.SetLastModified(date);
    }

    public bool IsValid {
        get;
        private set;
    }
}

These classes again give easy access to the cache headers. This allows us to not do any work at all based on the If-Modified-Since or set appropriate cache headers. The code below shows how the ClientCacheAttribute and ClientCache class can be put to use.

[ClientCache]
public ActionResult Index() {
    var clientCache = ClientCache.Current;
    clientCache.SetLastModified(DateTime.Today);
    clientCache.SetExpires(DateTime.Today.AddDays(1));
    clientCache.SetCacheability(HttpCacheability.Private);

    if (clientCache.IsValid) {
        //don't do work if the client cache is still valid...
        return null;
    }

    return View();
}

The net result is that the ActionResult that is returned from the action might not even be executed based on these settings.

Regards,

Wesley

Leverage browser cache in MVC Web API using an action filter

Tue, 10 Nov 2015 17:47:00 GMT

Last week I was working on some sample application that uses MVC Web API to return results to a client framework. While doing so I noticed that the standard Web API framework does not implement client caching in an easy to use way. Of course we can work with headers inside our controller actions, but as a big fan of DRY I decided to find out if I can use a different route. As a result I show you the ClientCacheAttribute together with its ClientCache.

ClientCacheAttribute and ClientCache code

public class ClientCacheAttribute : ActionFilterAttribute {
    public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext) {
        base.OnActionExecuted(actionExecutedContext);

        var clientCache = ClientCache.Current;
        var response = actionExecutedContext.Response;

        if (clientCache.IsValid) {
                response.StatusCode = HttpStatusCode.NotModified;
                response.Content = new StringContent("");
                response.Content.Headers.ContentType = null;                    
        }

        response.Content.Headers.LastModified = clientCache.LastModified;
        response.Content.Headers.Expires = clientCache.Expires;

        response.Headers.CacheControl = clientCache;
    }
}

public class ClientCache : CacheControlHeaderValue {
    private const string ItemsKey = "C653F02F-14F9-4E8C-9E74-D22F7E7230A4";
    private const string IfModifiedSinceHeaderKey = "If-Modified-Since";

    protected ClientCache()
        : base() {
        var request = HttpContext.Current.Request;

        if (request.Headers.AllKeys.Contains(IfModifiedSinceHeaderKey)) {
            string modifiedSinceHeaderValue = request.Headers.GetValues(IfModifiedSinceHeaderKey).First();

            DateTimeOffset modifiedSince;
            if (DateTimeOffset.TryParse(modifiedSinceHeaderValue, out modifiedSince)) {
                this.IfModifiedSince = modifiedSince;
            }
        }
    }

    public static ClientCache Current {
        get {
            var currentContext = HttpContext.Current;

            if (!currentContext.Items.Contains(ItemsKey)) {
                lock (currentContext.Items) {
                    if (!currentContext.Items.Contains(ItemsKey)) {
                        currentContext.Items.Add(ItemsKey, new ClientCache());
                    }
                }
            }

            return currentContext.Items[ItemsKey] as ClientCache;
        }
    }

    public DateTimeOffset? IfModifiedSince { get; private set; }

    private DateTimeOffset? lastModified = null;
    public DateTimeOffset? LastModified {
        get {
            return lastModified;
        }
        set {
            this.lastModified = value;
            this.IsValid = (this.IfModifiedSince.HasValue && this.LastModified.HasValue
                            && this.LastModified.Value.Equals(IfModifiedSince.Value));
        }
    }
    public DateTimeOffset? Expires { get; set; }

    public bool IsValid {
        get;
        private set;
    }
}

The ClientCache

The ClientCache.Current returns an instance per request which allows for easy access to the IfModifiedSince request header value and allows for setting the ClientCache response headers in a much easier way than messing around with headers yourself.

The ClientCacheAttribute

The ClientCacheAttribute inherits the ActionFilterAttribute and overides the OnActionExecuted.

In the OnActionExecuted it gets the current ClientCache instance to modify the response. If the ClientCache is still valid the StatusCode is set to HttpStatusCode.NotModified(304). It also changes the Content property of the response to an empty StringContent instance which prevents the execution of any database queries if a non null result was returned from the action method. Since a 304 response does not have a body, it also sets the content-type header to null.

It finally sets the cache control header and done we are.

How to use this?

The most obvious place to use this is on any of the Web Api GET actions.

// GET: odata/Customers
[EnableQuery(PageSize = 100)]
[ClientCache]
public IQueryable<Customer> GetCustomers() {
    var clientCache = ClientCache.Current;
    // get the last modified date from:
    //  the db
    //  some setting (data warehouse last load date)
    // as an example I use DateTime.Today
    clientCache.LastModified = DateTime.Today;


    // set any caching options to your requirements
    clientCache.Private = true;
    clientCache.Expires = DateTime.Today.AddDays(1);

    if (clientCache.IsValid) {
        //don't do work if the client cache is still valid...
        return null;
    }


    return db.Customers;
}

// GET: odata/Customers(5)
[EnableQuery]
[ClientCache]
public SingleResult<Customer> GetCustomer([FromODataUri] int key) {
    var clientCache = ClientCache.Current;
    // get the last modified date from:
    //  the db
    //  some setting (data warehouse last load date)
    // as an example I use DateTime.Today
    clientCache.LastModified = DateTime.Today;


    // set any caching options to your requirements
    clientCache.Private = true;
    clientCache.Expires = DateTime.Today.AddDays(1);

    if (clientCache.IsValid) {
        //don't do work if the client cache is still valid...
        return null;
    }

    return SingleResult.Create(db.Customers.Where(customer => customer.Id == key));
}

The result of the above sample is that on the first request of the day, the client will receive fresh data from the database. Until tomorrow, the client won't even hit the server as we did set the Expires header to tomorrow. If we do force the client to go to the server (F5) it wil pass along the IfModifiedSince header and as a result we can simply return a 304 result, without hitting the database again.

Regards,

Wesley

TypeScript Design Patterns and Mine Sweeper

Fri, 17 Jul 2015 10:04:00 GMT

Every now and then when I have to learn a new language I try to implement the Gang of Four design patterns in that langauge to get familiar with it. And so I did for TypeScript. Beside that I was asked to deliver a training on Design Patterns and so I did. Then I was asked to deliver screencasts with some explanation on design patterns and the implementation in TypeScript and so I did. Then I decided to share the result and the result is available over here TypeScript Design Patterns.

Enjoy,

Wesley
P.S. One other practice lab I like to take to get familiar with a new language is to create the good old MineSweeper game with it. The result of that, including the downloadable source, is over here.

Getting Secure Store Credentials in SharePoint 2013

Tue, 19 May 2015 15:22:00 GMT

Last week I reviewed some code that contains memory leaks and I noticed that they fetched some credentials from the Secure Store Service in a way that just didn't seem right to me. If you look at this code sample on MSDN you should be able to see what I mean.

They created a new SPServiceContext by first fetching a SPSite object of the Central Admin site. While this might (don't know) be required for the code sample, this doesn't make sense if we are inside a SharePoint context. I do know however why they thought they needed to go with this approach. They were creating a custom claims provider and the code for this custom claims provider does not run within a site context, but inside the Secure Token Service. They could however use a much easier approach to fetch the default secure store provider. Below you'll find the three classes I create for them that solved the memory issue.

class SecureStoreCredentials {
    public string UserName { get; set; }
    public string Password { get; set; }
    public string Pin { get; set; }
}

static class SecureStringUtility {
    public static string ConvertToString(this SecureString secureString) {
        string retVal = null;

        if (secureString != null) {
            IntPtr pPlainText = IntPtr.Zero;
            try {
                pPlainText = Marshal.SecureStringToBSTR(secureString);
                retVal = Marshal.PtrToStringBSTR(pPlainText);
            } finally {
                if (pPlainText != IntPtr.Zero) {
                    Marshal.FreeBSTR(pPlainText);
                }
            }
        }

        return retVal;
    }
}

class SecureStoreUtility {
    public static SecureStoreCredentials GetCredentials(string applicationId) {
        if (string.IsNullOrEmpty(applicationId)) {
            throw new ArgumentNullException("applicationId");
        }

        var retVal = new SecureStoreCredentials();

        SPServiceContext context = SPServiceContext.GetContext(SPServiceApplicationProxyGroup.Default, SPSiteSubscriptionIdentifier.Default);
        SecureStoreServiceProxy ssp = new SecureStoreServiceProxy();
        ISecureStore iss = ssp.GetSecureStore(context);
            
        SecureStoreCredentialCollection credentials = null;

        try {
            credentials = iss.GetCredentials(applicationId);
            if (credentials != null) {
                foreach (SecureStoreCredential credential in credentials) {
                    if (credential == null) {
                        continue;
                    }

                    switch (credential.CredentialType) {
                        case SecureStoreCredentialType.WindowsUserName:
                        case SecureStoreCredentialType.UserName:
                            retVal.UserName = credential.Credential.ConvertToString();
                            break;

                        case SecureStoreCredentialType.WindowsPassword:
                        case SecureStoreCredentialType.Password:
                            retVal.Password = credential.Credential.ConvertToString();
                            break;

                        case SecureStoreCredentialType.Pin:
                            retVal.Pin = credential.Credential.ConvertToString();
                            break;
                    }
                }
            }
        } catch (Exception ex) {
            Debug.WriteLine(ex.ToString());                
        } finally {
            if (credentials != null) {
                credentials.Dispose();
            }
        }

        return retVal;
    }
}

The important line here is:

SPServiceContext context = SPServiceContext.GetContext(SPServiceApplicationProxyGroup.Default, SPSiteSubscriptionIdentifier.Default);

Which fetches a SPServiceContext without the need of a SPSite object.

Have fun with it!

Wesley

Asynchronous programming with Python using Promises

Mon, 20 Apr 2015 16:37:00 GMT

While I was working on a Python project, I needed asynchronous programming and noticed that I couldn't find a lightweight library to do so. So I made myself a promise...

from threading import Thread
from threading import Event
 
class Deferred(object):
    def __init__(self):
        self._event = Event()
        self._rejected = False
        self._result = None
 
    def resolve(self, value):
        self._rejected = False
        self._result = value
        self._event.set()
 
    def reject(self, reason):
        self._rejected = True
        self._result = reason
        self._event.set()
 
    def promise(self):
        promise = Promise(self)
        return promise
 
 
class Promise(object):
    def __init__(self, deferred):
        self._deferred = deferred
 
    def then(self, resolved = None, rejected=None):
        defer = Deferred()
 
        def task():
            try:
                self._deferred._event.wait()
                if self._deferred._rejected:
                    result = self._deferred._result
                    if rejected:
                        result = rejected(self._deferred._result)
                        
                    defer.reject(result)
                else:
                    result = self._deferred._result
 
                    if resolved:
                        result = resolved(self._deferred._result)
 
                    defer.resolve(result)
            except Exception as ex:
                defer.reject(ex.message)
 
        Thread(target=task).start()
 
        return defer.promise()
 
    def wait(self):
        self._deferred._event.wait()
 
    @staticmethod
    def wait_all(*args):
        for promise in args:
            promise.wait()

------------------------------------------------------------------------------

And with that in place I can now write code like this:

------------------------------------------------------------------------------

controller = Controller("COM7")
controller.start()
 
message1 = DiscoveryRequest()
promise1 = controller.send(message1).then(on_ready, on_error)
 
message2 = RequestNodeInfoRequest(1)
promise2 = controller.send(message1).then(on_ready, on_error)
 
Promise.wait_all(promise1, promise2)
 
controller.stop()

------------------------------------------------------------------------------

Changing the autogrowth settings for a set of databases

Mon, 30 Mar 2015 08:51:00 GMT

SharePoint simply ignores the autogrowth settings of your model database and as such you need to make changes to the autogrowth settings of a lot of databases after installation or after adding new content databases. The script below can be used to create a batch script to save you from the tedious task of going over each and every database.

Have fun with it!

-- begin settings
DECLARE @data_FILEGROWTH nvarchar(50) = '10GB'
DECLARE @data_MAXSIZE nvarchar(50) = '200GB'

DECLARE @log_FILEGROWTH nvarchar(50) = '128MB'
DECLARE @log_MAXSIZE nvarchar(50) = '1GB'

DECLARE @database_name_inclusion_filter nvarchar(max) = '%'
DECLARE @database_name_exclusion_filter nvarchar(max) = ''
-- end settings

USE master

DECLARE @database_name nvarchar(max)
DECLARE @database_id int
DECLARE @file_name nvarchar(max)
DECLARE @file_type int

DECLARE databases_cursor CURSOR for
	SELECT database_id, name FROM sys.databases
	WHERE owner_sid != 0x01

OPEN databases_cursor

FETCH NEXT FROM databases_cursor 
INTO @database_id, @database_name

WHILE @@FETCH_STATUS = 0
BEGIN
	IF @database_name like @database_name_inclusion_filter AND @database_name not like @database_name_exclusion_filter
	BEGIN
		PRINT '--Database ' +  @database_name

		DECLARE files_cursor CURSOR for
			SELECT name, [type] FROM sys.master_files
			WHERE database_id = @database_id

		OPEN files_cursor

		FETCH NEXT FROM files_cursor 
		INTO @file_name, @file_type
	
		WHILE @@FETCH_STATUS = 0
		BEGIN
			IF @file_type = 0
			BEGIN
				print 'ALTER DATABASE ' + @database_name +
					' MODIFY FILE (NAME=' + @file_name + ',MAXSIZE=' + @data_MAXSIZE + ',FILEGROWTH=' + @data_FILEGROWTH + ');'
			END

			IF @file_type = 1
			BEGIN
				print 'ALTER DATABASE ' + @database_name +
					' MODIFY FILE (NAME=' + @file_name + ',MAXSIZE=' + @log_MAXSIZE + ',FILEGROWTH=' + @log_FILEGROWTH + ');'
			END

			FETCH NEXT FROM files_cursor 
			INTO @file_name, @file_type
		END

		CLOSE files_cursor;
		DEALLOCATE files_cursor;
	END


	FETCH NEXT FROM databases_cursor 
	INTO @database_id, @database_name
END

CLOSE databases_cursor;
DEALLOCATE databases_cursor;

Using the Claims to Windows Token Service to run code with different credentials

Wed, 09 Jul 2014 12:19:00 GMT

Every now and then you need to run code with specific credentials. If you have the C2WTS service running you can use that to get an identity and then use impersonation to run code with the credentials of the given identity. I created myself a helper method to make this a bit easier:

    public static class SecurityHelper {
        public static void RunAs(string upn, Action action) {
            using (var identity = S4UClient.UpnLogon(upn))
            using (var context = identity.Impersonate())
            {
                try {
                    action();
                } finally {
                    if (context != null) {
                        context.Undo();
                    }
                }
            }
        }
    }

You can use this helper class in the following way:

    SecurityHelper.RunAs(upn, () => {
        using (var connection = new SqlConnection("Server=.;Database=DatabaseName;Integrated Security=True"))
        using (var command = new SqlCommand("SomeStoredProcedure", connection)) {
            command.CommandType = CommandType.StoredProcedure;

            try {
                connection.Open();
                customClaimValue = command.ExecuteScalar();
            } catch (Exception ex) {
                customClaimValue = ex.ToString();
            }
        }
    });

The above code will connect to SQL server with the identity of the given UPN.

Cheers,

Wesley

Solving WmiApRpl and BITS errors with SharePoint 2013 on Windows Server 2012

Fri, 03 May 2013 13:32:00 GMT

I have been searching for a way to get rid of some performance counter errors (WmiApRpl and BITS) on my SharePoint 2013 installation for a while but couldn't find the answer. Today I decided to have a look with Process Monitor and finally found a solution.

The w3wp process tries to access to registry keys but does not have the permissions.

After granting the WSS_WPG group full control(you probable can get away with a little less) to the following registry keys, the errors went away.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance

And that's it!

Cheers,

Wesley

SPItemEventReceiver Bug

Wed, 15 Jun 2011 08:47:00 GMT

Normally when you inherit a class, and override any of the methods, you call the base method, just to be sure you do not interfere with the inner workings of the class. There is a bug however in the SPItemEventReceiver class that always changes the Status to Continue, even if I decided it should stop and cancel. TMHI this is simply a bug. Especially since the SPEventReceiverStatus.Continue enum value is 0 and thus the default value.

Conclusion

If you decide to Cancel the action do not call the base implementation.

Cheers,

Wes

WebDAV slow with “Automatically detect settings”

Fri, 10 Jun 2011 07:47:00 GMT

Just a short note to self. A lot of Microsoft applications use WebDAV. If you encounter some very slow WebDAV performance, just disable the “Automatically detect settings” in IE.

Tools –> Internet options –> Connections –> LAN Settings

Speeds up performance 10 times in my case.

Regards,

Wesley

Microsoft Certified Master SharePoint 2010

Thu, 26 May 2011 14:29:00 GMT

Yesterday I've received the news that I've successfully completed all four exams that come with the MCM program. This actually makes me an MCM as of now which is still somewhat unreal to me. I've had to spent three weeks away from home strugling through the massive amount of information. The lectures were awesome, and I really learned to know a lot of good SharePoint specialists.

I would like to thank all the other attendees, the teachers and Brett Geoffroy for getting me through these three weeks. If you ever get the chance to attend the MCM program, go for it. It is an awesome experience you will not likely ever forget, but... just be sure to:

read the prereads
keep focussed on the next(not the previous!) exam
read the prereads
arrive two days before the start, as you cannot use a jetlag when you are in class/studying from 8am till 11pm every single day for three weeks on end
read the prereads
rest well and do some physical exercises in the few moments you have, to digest the massive amount of information you receive every day
read the prereads
enjoy the whole experience!
did I mention to read the prereads?

Cheers,

Wesley

Dynamics CRM 2011 and SharePoint 2010

Fri, 11 Mar 2011 09:47:00 GMT

Here’s just a life saving tip for all you SharePoint developers, thinking about integrating with Dynamics CRM 2011 through BCS.

The new CRM SDK is built with .NET Framework 4.0! SharePoint 2010 runs in 3.5! So you cannot use the new CRM 2011 SDK if you would like to create an External Content Type.

I do have some good new for you though. Stick to the CRM 4.0 SDK. As CRM 2011 is backward compatible, your code will run just fine when you use the “old” SDK to connect to the “new” CRM.

Get Datepart in SharePoint Designer Workflow

Tue, 28 Dec 2010 07:51:00 GMT

Yesterday someone asked me how to get the datepart (f.e. the year of a date) inside a SharePoint designer workflow. I thought it would be some default action in the "Utility Actions" group, but I thought wrong. There is no such pretty common action. This post however shows a simple technique to get datepart Year, Month and Day.

How to

First you have to start by asigning a new workflow string variable to a date value, and make sure to select the ISO Formatted option for the return field as parameter. This will set the string variable to something like 2010-12-28 according to the ISO format(yyyy-mm-dd).

We can now use the Utility Actions for string variables to extract our Year, Month and Day.

Cheers,

Wes

Framed Office Web Apps SharePoint 2010

Mon, 13 Dec 2010 12:20:00 GMT

In a project I'm working on we wanted to use Office Web Apps in SP2010 to preview selected documents in the browser. To do so we've created a very simple web part that renders an I-Frame with the URL set to one of the Office Web Apps urls depending on the document extension. Unfortunately the X-Frame header, that is added by the Office Web Apps service, prevents Internet Explorer to render the documents in an I-Frame! To solve this we've create a very simple HttpModule that checks for the header and changes the value from "DENY" to "SAMEORIGIN". This post simply shows the code for such a module that enables previewing of documents with Office Web Apps inside an I-Frame

The code

/// <summary>
/// The XFrameOptionsModule loosens the x-frame policy from DENY to SAMEORIGIN
/// </summary>
public class XFrameOptionsModule : IHttpModule
{
    private const string XFrameOptionsHeaderName = "X-FRAME-OPTIONS";

    /// <summary>
    /// Initializes a new instance of the <see cref="XFrameOptionsModule"/> class.
    /// </summary>
    public XFrameOptionsModule()
    {
    }

    /// <summary>
    /// Disposes of the resources (other than memory) used by the module that implements <see cref="T:System.Web.IHttpModule"/>.
    /// </summary>
    public void Dispose()
    {
    }

    /// <summary>
    /// Initializes a module and prepares it to handle requests.
    /// </summary>
    /// <param name="context">An <see cref="T:System.Web.HttpApplication"/> that provides access to the methods, properties, and events common to all application objects within an ASP.NET application</param>
    public void Init(HttpApplication context)
    {
        context.PreSendRequestHeaders += ChangeXFrameOptionsHeaderToSameOrigin;
    }

    /// <summary>
    /// Changes the X-Frame-Options "DENY" header to "SAMEORIGIN".
    /// </summary>
    /// <param name="sender">The HttpApplication that triggers the event.</param>
    /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
    private void ChangeXFrameOptionsHeaderToSameOrigin(object sender, EventArgs e)
    {
        HttpApplication application = (HttpApplication)sender;            
        HttpResponse response = application.Response;
            
        string headerValue = response.Headers[XFrameOptionsHeaderName];
        if (headerValue != null && headerValue.Equals("DENY", StringComparison.OrdinalIgnoreCase))
        {
            response.Headers[XFrameOptionsHeaderName] = "SAMEORIGIN";
        }
    }
}

All you have to do now is to add this module to the web.config using a SPWebConfigModification inside a feature receiver.

Cheers,

Wes

Missing server reference in SharePoint 2010

Tue, 30 Nov 2010 09:47:00 GMT

Unfortunately the "missing server references" health rule in Central Admin Health Monitoring does not display the URL were these uninstalled web parts reside. So to get these pages you'll have to execute some SQL against the mentioned content database. Because this is something that tents to come back regularly on development machines I've created a little SQL script to speed up the process of finding the url's you'll need to delete the web parts.

-- Use the Specify Values for Template Parameters 
-- command (Ctrl-Shift-M) to fill in the parameter 
-- values below.


USE 

DECLARE @className nvarchar = ''
DECLARE @assemblyName nvarchar = ''


SELECT DISTINCT pages.DirName + '/' + pages.LeafName + '?contents=1' as Page
FROM
	dbo.AllWebParts wp
	JOIN dbo.AllDocs pages on pages.SiteId = wp.tp_SiteId
						AND pages.Id = wp.tp_PageUrlID
WHERE
	wp.tp_Assembly like '%' + @assemblyName + '%' AND
	wp.tp_Class	 like '%' + @className + '%'

Cheers,

Wes

WorkflowAction and the Secure Store

Mon, 25 Oct 2010 00:02:00 GMT

I have been working on this custom workflow action which allows you to post data to another servicer. This can be used to send messages to a web service for example. One thing I really wanted to have in there is security. And with security I mean the Secure Store. It is however very difficult to use the Secure Store from inside a workflow action.

Impersonation

Although SharePoint actions are so called “impersonated” to the initiator of the user, the process really runs under its own account. Depending on how busy your server is, and the type of workflow is executed by the SPUserCodeHost, OWSTimer or W3WP process. And your code actually runs under the account of that process. The so called “impersonation” is for SharePoint actions only. This is accomplished by handing out the SPContext of the initiating step to the workflow.

Secure Store

Secure Store stores the credentials for users or groups and only while running under the user, or group account, can you get these credentials out of the secure store and that’s great of course, but that’s also where the trouble starts. We have no way of impersonating the actual initiator of the workflow and thus no way to get the credentials per user. One option would be to get a ticket in the Initialize method and use that ticket during the Execute method to retrieve the user credentials and yes this does work, most of the time. Because most of the time, the Initialize method will run inside the W3WP process which has a HttpContext which in turn has a WindowsIdentity we can use to impersonate. Unfortunately, if the server gets busy, the Initialize method might just as well run inside the OWSTimer process. Another problem with the ticketing system is that tickets are valid for a specified amount of time only. You should think in minutes instead of hours, but workflows well… they sometimes take a few days or weeks before they finally arrive at your workflow action.

private static ICredentials GetSecureStoreCredentials(string applicationId, SPServiceContext context) {
    string username = String.Empty;
    string password = String.Empty;

    ISecureStoreProvider provider = SecureStoreProviderFactory.Create();
    if (provider == null) {
        throw new InvalidOperationException("Unable to get an ISecureStoreProvider");
    }

    ISecureStoreServiceContext providerContext = provider as ISecureStoreServiceContext;
    providerContext.Context = context;

    using (var credentials = provider.GetCredentials(applicationId)) {
        foreach (var credential in credentials) {
            switch (credential.CredentialType) {
                case SecureStoreCredentialType.UserName:
                case SecureStoreCredentialType.WindowsUserName:
                    username = credential.Credential.ToClrString();
                    break;

                case SecureStoreCredentialType.Password:
                case SecureStoreCredentialType.WindowsPassword:
                    password = credential.Credential.ToClrString();
                    break;
            }
        }
    }

    return new NetworkCredential(username, password);
}

Sample code for retrieving network credentials from secure store

Careful

One thing I would really like to stress out is that you really should not store the credentials in workflow variables during Initiate. Workflows can get stored anywhere (depending on the implementation of the WorkflowPersistenceService) and probably not secure. The other problem is that these credentials might not be valid anymore by the time your custom action executes.

What’s the solution?

There simply is no solution. The only thing you can do is create a so called Application Account (=Group account used by all users) in Secure Store and add the service accounts of the SPUserCodeHost, OWSTimer and W3WP processes in there. Problem is that every workflow action with the same Secure Store ApplicationId has to use the same credentials.

Cheers,

Wes