Ubikuity.net

Publish your tweets on you blog first! Then automate the copy to Twitter: no untrusted URL shortener & free backup

Unfortunately at the moment (2015-11-03), U2F protocol is still not officially supported in Mozilla Firefox: https://bugzilla.mozilla.org/show_bug.cgi?id=1065729

U2F protocol is mainly promoted by Yubico company (who is selling Yubikeys)

Finally, Firefox 57 (called Quantum) supports U2F protocol but for the moment (2017-12-17) it’s not enabled by default. Here is how to enable it:

• Type about:config into the Firefox browser.
• Search for “u2f”.
• Double click on security.webauth.u2f to enable U2F support (the value should be set to “true“)

Source: https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/

Lors des phases de test/recette, il est souvent utile de pouvoir se connecter en tant qu’un autre utilisateur sur une application, par exemple pour vérifier que les permissions et les différents rôles de l’application fonctionnent correctement.

Dans mon cas, j’avais besoin de pouvoir emprunter l’identité d’un autre utilisateur sur une application Intranet ASP.NET MVC dont le mécanisme d’authentification est de type Windows NTLM (<authentication mode="Windows" />)

La solution que j’ai trouvé est de créer un cookie qui contient le nom du compte utilisateur que je veux revêtir (“impersonation”).
Puis à chaque chargement de page (Global.asax.cs), l’application examine la présence de ce cookie afin de changer à la volée l’utilisateur connecté (HttpContext.Current.User).

Evidemment, pour des raisons de sécurité et d’auditabilité, il faut désactiver ce mécanisme sur l’application en Production.

Voici le code qui permet de faire cela et que j’ai publié sur GitHub : https://github.com/ubikuity/impersonate-windows-user-aspnet
Détails de l’implémentation : https://github.com/ubikuity/impersonate-windows-user-aspnet/commit/ed660effc08f2a89ed621b62bbda6b71e72a6e3e

I was searching for a list of neighboring/bordering/adjacent states for each USA state.

I asked on StackOverflow but I had no luck: http://stackoverflow.com/questions/12402673/get-the-neighboring-states-of-a-given-usa-state

I wasn’t able to find any open data.

So, I finally decided to create my own list using the following sources:

• http://theincidentaleconomist.com/wordpress/list-of-neighboring-states-with-stata-code/
• http://www.john.geek.nz/2009/01/sql-tips-list-of-us-states/
• http://askville.amazon.com/Trivia-state-bordered-states/AnswerViewer.do?requestId=3941039
• http://en.wikipedia.org/wiki/List_of_U.S._states_by_date_of_statehood
• http://en.wikipedia.org/wiki/History_of_Washington,_D.C.

=> Feel free to verify, contribute and reuse my file: neighbors-states.csv

Notes:

• The SQL script was created for SQL Server 2008.

Possible improvements:

• Add a column called “IsApproximativeNeighbor” in the table “NeighborStates” to define properly the relation between Alaska and Washington state even if there is no common border.

Off topic:

• At first, I wanted to use MySQL but I discovered that MySQL constraint implementation still is incomplete: “the CHECK clause is parsed but ignored by all storage engines”. See http://bugs.mysql.com/bug.php?id=3464 and http://dev.mysql.com/doc/refman/5.1/en/create-table.html.
• Maybe some of you remember the song from this cartoon: Animaniacs video of Wakko’s famous 50 State Capitols song.
• By the way, I never been to the USA and this list give some motivation to visit USA!

Here is a nice poster to summarize what’s new in .NET Framework 4.5:

http://www.heikniemi.net/hardcoded/2011/10/whats-new-in-net-framework-4-5-poster/

Concerning ASP.NET, I like:

• New site template for ASPNET MVC 4
• Built-in Javascript + CSS combining and minification
• Strongly typed data binding in ASP.NET Web Forms
• Multiple file upload component for ASP.NET Web Forms
• IIS Express used by default (instead of Cassini)

I begin to understand the difference between “Independent association” and “Foreign key association” in Entity Framework Code First thanks to this article : http://www.ladislavmrnka.com/2011/05/foreign-key-vs-independent-associations-in-ef-4/

Advice: use both (Independent associations and Foreign key associations):

“This saves on unnecessary DB lookups, allows lazy loaking, and allows you to easily see/set the ID if you know what you want it to be. Note that having both does not change your table structure in any way.”

Source: http://stackoverflow.com/questions/5281974/code-first-independent-associations-vs-foreign-key-associations

Question: how to find which version of ASP.NET MVC is used in an existing Visual Studio project?

Answer: via Reflection:

<code>typeof (Controller).Assembly.GetName().Version </code>

Source: http://stackoverflow.com/questions/3008704/how-to-determine-the-current-version-of-asp-net-mvc

PureText est un petit utilitaire qui permet de faire un copier-coller d’un bout de texte sans conserver la mise en forme d’origine (gras, souligné, style, code html, etc.) et de coller uniquement le texte brut.

Source : http://www.stevemiller.net/puretext/

Le plugin “WP to Twitter” permet de publier automatiquement vos articles de blogs WordPress sur votre compte Twitter.

La configuration du plugin demande quelques minutes d’attention (récupération des paramètres Consumer key, Consumer secret, Access token, Access token secret via https://dev.twitter.com/) mais ensuite cela marche très bien.

En savoir plus : http://cleverwp.com/publish-to-twitter-automatically-from-your-wordpress-blog/

When I switched from PHP to ASP.NET, I searched an equivalent to error_reporting() function.

I wanted to monitor all errors that happened on our production server. I know production software should be bug free but in the real world, bugs happen in many unexpected ways : an unusual navigation of the user that you hadn’t thought, an external database result which contains something that you didn’t even imagine in your units tests (database mocking is another topic…).

Context : we have a lot ASP.NET applications in production (more than 100), so modifying every application wasn’t an appropriate option.

Here is the steps of my implementation :

1. Natively, DotNet Framework adds in Windows Event Log an warning event when an exception occurs in an ASP.NET application (Yellow Screen of Death).
This mechanism is configurable through System Health Monitoring.
Windows event log is purged automatically but I currently have 3 or 4 weeks of history so it’s enough (“By default, event logs are set with a maximum file size of 512 KB. Then, when a log reaches this limit, events older than seven days are overwritten to prevent the log from exceeding the maximum file size”).

2. I created an executable (C# console project) which reads the event log and send an email to the appropriate developper(s) :

• I use a CSV file with correspondence between “ASP.NET application URL” and the “email’s developer”. Simple but effective to avoid any dependency of an external resource that could fail (such as database, which will prevents me from being notified of -the so-called failure).
• In fact, I still depend on the mail server… (I could provide a fail over solution that uses the command "NET SEND", SNMP… It would be good but a bit luxury at the stage).

3. A Windows Scheduled Task is configured (every 5 minutes) on the machine running IIS to run the executable.

• A text file contains the date and time of the last exception that was sent by mail.
  Exceptions are sent by email and only once regardless of how often the scheduled task is executed. If the scheduled task didn’t run for any reason, just restart it and it will send emails back where it left off.

4. Display a Custom Error Page with the opportunity for the user to enter a comment and then sent it by email to the appropriate developer.
This mechanism is configurable through Web.config file. I created an .aspx page as simple as possible (no external dependencies) with a textbox and a "send" button.
This helps to stimulate the user feedback and hide the error details (for security reasons).

=> Conclusion : the main advantage of this hand made tool is that it requires no change in source code of the other applications.

• 90% of users don’t call (or don’t know how to call) the IT department when they encounter an exception.
• A small number of exceptions that occur aren’t visible to the user (mainly session handling errors).
• The most common exceptions are easy to reproduce and fix (80-20 rule ?).
• Then it becomes increasingly difficult to diagnose the type of exception and the call stack isn’t sufficient to understand what happened (I need to know the data entered by the user).

I also developed a web application to group, sort and filter the exceptions but this will be the subject of another article.

Possible improvements :

• Collect user input data and send it to the developer.
• Find a way to catch and report client side Javascript exceptions to the server. Any idea ?

References :

• SmartAssembly from Reg Gate Software
• http://www.4guysfromrolla.com/articles/091306-1.aspx
• http://www.codinghorror.com/blog/2008/05/crash-responsibly.html
• http://www.hanselman.com/blog/ELMAHErrorLoggingModulesAndHandlersForASPNETAndMVCToo.aspx