Category Archives: English

Migrated my blog to WordPress

I’ve been wanting to migrate my blog to WordPress for quite a while, and I finally did it.

Why?
Even though dasBlog is a nice blogging engine, it is not quite as feature rich and user friendly as WordPress. There are tons of plugins and templates for WordPress that make my life as a blogger easier, and give the reader a better user experience.

I also wanted my blog to be more than just my blog, and you’ll see some additional pages appear of the course of time. This too I could have done with dasBlog, but it is much easier with WordPress.

How?
Reeves Little has an awesome post on migrating from dasBlog to WordPress, which I followed to the letter. Many thanks to him. It took me about 4 hours to do with some trial and error, mainly because of my large BlogML file.

Now what?
As I just mentioned I will add some pages to the site. This will mostly be self gratified boasting of what I’ve done as an author. I will also be tinkering with the layout, in search of the ultimate look & feel. Last but not least, I will be checking all the posts for broken stuff and to clean up the code listings which are filled with formatting no longer needed, a few posts at a time. Feel free to drop me a line of you find a post with errors.

Book Review – Disruptive Possibilities: How Big Data Changes Everything

Even though this is just a little book (just 80 pages), Disruptive Possibilities: How Big Data Changes Everything (Jeffrey Needham, O’Reilly) is a very good and insightful read. Jeffrey Needham explains very well what Big Data is and how it differs from “traditional” computing. He effectively shows you need to approach Big Data differently, because the “old school” approach to data just doesn’t scale. In that sense he echo’s my view on the subject of data: not all data needs to be normalized and transactional and you can save a lot of effort and money (on expensive hardware and software) by picking the right requirements for types of data you are dealing with. For instance, you would need a pretty good reason to store a file in a RDBMS. Because most current IT staff has been brought up with in the RDMBS paradigm, it is often the tool of choice, without thinking about it. This book effectively breaks with that way of thinking, and I would encourage developers, architects, database administrators etc. to read this book to get a sense of perspective. It would greatly help us in not making the mistake of tackling “new world” problems with “old world” solutions. The book is very easy to read, with good examples, funny stories, and insightful comments. There’s also a side step into neuro science and the future of supercomputing, which is not only good to know, but interesting in itself.

Book Review: Quiet: The Power of Introverts in a World That Can’t Stop Talking

Quiet: The Power of Introverts in a World That Can’t Stop Talking by Susan Cain is a very insightful book into introversion and extroversion. Because we deal with people at different positions on the introversion-extroversion spectrum every day, the book may open your eyes to how certain people react to you or to specific situations. IMHO this especially helps to understand children, because they are no yet adapt at hiding their true nature. So if you’re a mother, father, teacher, coach etc. this book can really help you. The book is very thorough, with a lot of personal insights backed up by scientific research. It is also pretty easy to read because it is told around experiences of the author. The book starts of with exploring extroversion and introversion and how these traits are perceived in western culture, and continues with the discussing the (dis)advantages of both traits. It the continues with giving you deeper understanding of where these traits come from and how they affect the way people think. Finally, the book gives pointer on how to deal with people at different ends of the spectrum.

Book Review: The Modern Web

After reading The Modern Web: Multi-Device Web Development with HTML5, CSS3, and JavaScript (Peter Gasston, No Starch Press) I am glad I am not a user interface developer. Over the years HTML has evolved into an entirely different beast from 5-10 years ago. That said, the book is excellent at explaining all the options you have in HTML5, CSS, and Javascript to create good looking, responsive, and adative web applications. Peter Gasston managed to make the book easy to read through the writing style and simple examples that effectively demonstrate what a feature is about and how it works. Despite the simplicity, the samples are very detailed.


Besides meticulous explanation of what a feature does and how it works, Peter Gasston also discusses the material at a higher level, giving you insight into why and when you would want to use certain features, and when there are multiple options which one to go for in your particular situation.


One thing I particularly like is the appendix at the end of every chapter pointing you to more reading material related to the chapter’s content. The book in itself is already very useful as a reference, but this makes it even more useful. Even though it works very well as a reference, I recommend reading it from cover-to-cover to get a good understanding of the possibilties. You can do that at high speed, and then later use parts as needed.

Fix: ClaimsAuthorizationManager.CheckAccess throws HttpException

While preparing a demo about Claims Based Authorization in .NET 4.5, I ran into an exception that initially had me dumbstruck. I created an ASP.NET MVC 4 application from the Internet template. Then I used the Identity and Access Tools for Visual Studio (downloadable from http://bit.ly/IDATVS2012) so users login through an external Identity Provider (for the demo LocalSTS). So far so good. Next I created a custom ClaimsAuthorizationManager class with a custom CheckAccess method to demonstrate how you can invoke this from code, essentially separating security checks from business logic. After hooking it up in web.config I run the code and after a wait I got an HttpException with the message Unable to connect to SQL Server database on a call to Principal.IsInRole, as you can see in the image below.

This had me puzzled to say the least. Why would a simple role check go to a database, especially because these are already in the Claims collection? First I tried commenting it out and just do a direct claim check… no dice. Why? The claims collection is empty. Huh? I have a page that lists the claims and they look fine. A closer look at the principal in the AuthorizationContext revealed it was actually of type System.Web.Security.RolePrincipal. That still inherits from ClaimsPrincipal, but it isn’t a normal ClaimsPrincipal, explaining the behavior. But now the big question: where did it come from? This took me a while to figure out with the help of a forum post (this one), ILSpy, and this blogpost by Phil Haack. As it turns out, the ASP.NET MVC 4 Internet template includes the WebMatrix.WebData DLL. This DLL, among other things contains classes used with the SimpleMembership API introduced by WebMatrix. SimpleMembership, which uses a database, is automatically enabled because the DLL uses PreApplicationStart method to initialize itself (as explained in Phil Haack’s blogpost). As soon as you place the WebMatrix.WebData DLL in your bin folder, it automatically registers itself. The result is that Thread.CurrentPrincipal yields a System.Web.Security.RolePrincipal instead of the ClaimsPrincipal associated with the user.

You could obviously remove the WebMatrix.WebData DLL, but there might be other functionality in there you want to use. A better option is to add the following key in web.config appSettings:

<addkey="enableSimpleMembership"value="false" />

ASP.NET OpenID/OAuth Login With ASP.NET 4.5 – Part 5

With ASP.NET 4.5 it is very easy to enable users to login to your site with their accounts from Facebook, Google, LinkedIn, Twitter, Yahoo, and Windows Live. In this 7 part series I’ll show you how for each of the identity providers.

Note: Out-of-the-box this only works with WebForms and MVC4. MVC3 is not supported by default.

Part 5: Logging in with Twitter

As is the case with Facebook and LinkedIn discussed in previous posts, you need to register with Twitter. This means you have to get a Twitter account. With that account you have to register your application.

  1. Go to https://dev.twitter.com/apps and login with your Twitter account.
  2. Click the Create new application button.
  3. Fill out the form below. To avoid problems later, it makes sense to provide a Callback URL, even though it is not required.

  4. Accept the terms of use (Developer Rules of the Road), enter the Captcha and click the Create your Twitter application button. This will show the Details page shown below.

  5. In the page above notice that Sign in with Twitter has the value No. If you would now try to login users into your application, your server would get a 401 Unauthorized exception. To change this, go to the Settings tab and scroll down to the Application Type section. There you can check the highlighted checkbox in the image below.

  6. Click the Update this Twitter application’s settings button.
  7. Open Visual Studio (if you don’t have already).
  8. Open the project created in Part 1 (or quickly create a project in the same manner).
  9. Find the App_Start folder and open AuthConfig.cs.
  10. Register the identity provider:
    1. In MVC go to the RegisterAuth method and uncomment the following line of code:
      OAuthWebSecurity.RegisterTwitterClient( consumerKey: "", consumerSecret: "");
    2. In WebForms go to the RegisterOpenAuth method and uncomment the following line of code:
      OpenAuth.AuthenticationClients.AddTwitter(
          consumerKey: "your Twitter consumer key",
          consumerSecret: "your Twitter consumer secret");
  11. Replace the place holder text with the Consumer key and Consumer secret shown on the Details page of your application in Twitter (see image under step 4).
  12. Save the file.
  13. Run the project.
  14. Click the Log in link. You will notice Twitter has automatically been added next to the other providers you added under Use another service to log in.
  15. Clicking the Twitter button will send you to Twitter to log in.
  16. Login with a Twitter account on the page shown below. Notice that it is telling the user which application wants you to log in with your Twitter account, and what the application can do once you logged in. Twitter recognizes the application from the Consumer key, and provides the user with the information you entered earlier.

  17. When you sign in you are automatically redirected to the application.

ASP.NET OpenID/OAuth Login With ASP.NET 4.5 – Part 4

With ASP.NET 4.5 it is very easy to enable users to login to your site with their accounts from Facebook, Google, LinkedIn, Twitter, Yahoo, and Windows Live. In this 7 part series I’ll show you how for each of the identity providers.

Note: Out-of-the-box this only works with WebForms and MVC4. MVC3 is not supported by default.

Part 4: Logging in with LinkedIn

Like with Facebook as covered in Part 3, you will need to register your application with LinkedIn before users can log in using their LinkedIn account.

  1. Go to http://developer.linkedin.com.
  2. In the menu select Support->API Keys, login when prompted.
  3. Click Add New Application.
  4. Next you need to fill out a form with quite some information in it. Fortunately most is straight forward. The image below shows the Company Info and the Application Info. Most important is the Application Name (in my case Michiel’s Security Demo), the Website URL (in my case http://michiel-security-demo.localtest.me), and Live Status. The latter indicating whether this is a development application or a live (production) application.

  5. Next up is contact information, which I’ll skip here, followed by the OAuth User Agreement. This is where you add information on what the user sees when logging in through linked in and where the user should be sent (in your application) when the user logs in (or cancels). In this case I’ll use the root URL of the application, because ASP.NET handles all that for me. Also notice I’ve set the Agreement Language to English.

  6. Agree to the terms of service and click Add Application.
  7. Next you’ll see a screen like the one below. You need the information shown to configure ASP.NET. You can get back to this information later by repeating steps 1 and 2, and then selecting the application you created. You will need the API Key and the Secret Key. The other two are only useful if your application uses the LinkedIn API (not covered here).

  8. Open Visual Studio (if you don’t have already).
  9. Open the project created in Part 1 (or quickly create a project in the same manner).

Now comes the tricky part. For starters, ASP.NET WebForms doesn’t have a neat method AddLinkedIn. There’s a fairly easy way around that using the generic Add method, but you’ll then find out what MVC users have already when they used RegisterLinkInClient: it doesn’t work! After logging in with LinkedIn your application will show one of the following messages:

  • MVC: Login Failure. Unsuccessful login with service.
  • WebForms: External login LinkedIn failed.

The problem is that the internal LinkedInClient class used by both MVC and WebForms isn’t quite correct, as Mr. Roa explains in this blogpost. Now, Mr. Roa’s solution works fine of you’re using ASP.NET MVC, but if you’re using WebForms, you’ll run into a new exception. For some reason verification of the authentication response sent by LinkedIn can’t be processed correctly. I’ve already spent quite some time digging through the underlying mechanics, but so far I haven’t been able to track down the problem. So if you’re using WebForm you’re out of luck. For MVC users just follow the steps Mr. Roa discusses and you’ll be fine.

Book review: Inside Microsoft Dynamics AX 2012


The information in Inside Microsoft Dynamics AX 2012 (The Microsoft Dynamics AX Team, Margaret Sherman; Microsoft Press) in itself might be useful for Dynamics AX 2012 developers, but it is poorly structured. It is also not clear what the target audience is. Chapter 1 is supposed to be an overview, but it contains way too much detail. By the time you reach the end of the chapter, you will have forgotten most of the details, because it doesn’t make sense to you if you’re just beginning. If you’re already experienced, it may make sense, but then it is superfluous information. This style of writing is maintained throughout the book. What use is it to cover MorphX and X++ in great detail if readers haven’t done anything with it yet? As I said, the information might be good, but it should be structured around scenarios. For instance, when discussing Design Role Centers (chapter 5), take it all the way down and go from why, to what, to how (including some X++ development). As it is, you are stuck with some rules of thumb, which you can’t use, because there is no follow through until much later in the book. By then, you need to go back and reread what was said originally. Basically the book reads like a technical manual, which isn’t too surprising if you consider that it was mainly written by the Dynamics AX team itself.

Bottom line: For experienced AX developers this might be a good reference and brush up from previous versions. For other types of readers this book doesn’t work.

ASP.NET OpenID/OAuth Login With ASP.NET 4.5 – Part 3

With ASP.NET 4.5 it is very easy to enable users to login to your site with their accounts from Facebook, Google, LinkedIn, Twitter, Yahoo, and Windows Live. In this 7 part series I’ll show you how for each of the identity providers.

Note: Out-of-the-box this only works with WebForms and MVC4. MVC3 is not supported by default.

Part 3: Logging in with Facebook

  1. Login to Facebook.
  2. Go to https://developers.facebook.com/apps.
  3. Click the Create New App button.
  4. Go through the Captcha (if shown).
  5. In the dialog enter the App Name, in my case Michiel’s Security Demo, and a unique namespace. Then click Next (Doorgaan in Dutch).
  6. Next you need to fill out some information about your application. If all is well the Display Name, Namespace, and Contact Email are already prefilled. The only other thing really needed is a Site URL, which appears when you click the top check-icon.
  7. Save the settings to finish up on Facebook.
  8. Open Visual Studio (if you don’t have already).
  9. Open the project created in Part 1 (or quickly create a project in the same manner).
  10. Find the App_Start folder and open AuthConfig.cs.
  11. Register the identity provider:
    1. In MVC go to the bottom of the RegisterAuth method and uncomment the following line of code:
      OAuthWebSecurity.RegisterFacebookClient(
        appId: "",
        appSecret: "");
    2. In WebForms go to the bottom of the RegisterOpenAuth method and uncomment the following line of code:
      OpenAuth.AuthenticationClients.AddFacebook(
        appId: "your Facebook app id",
        appSecret: "your Facebook app secret");
  12. Set the appId and appSecret values in the code with the App ID and App Secret shown on the settings page of your application in Facebook (see image under step 6).
  13. Save the file.
  14. Run the project.
  15. Click the Log in link. You will notice Facebook has automatically been added next to Google (from Part 2) under Use another service to log in.
  16. Clicking the Facebook button will send you to Facebook to log in.
  17. Login with a Facebook account. You will then see a page like the one below. Notice that it is telling the user which application wants you to log in with your Facebook account. Facebook recognizes this from the App ID, and provides the user with the information you entered earlier.
  18. If you click Go To App (Naar app gaan) you’re sent to your website again. This also registers the App with the user, so he/she will not see the second screen again. The App will show up in the user’s account under My Apps, where the user can remove the App if he/she no longer wants to allow logging in through Facebook. This has to do with the fact that by accepting the App, the user also accepts that the App can read some information.
  19. If this is the first login with Facebook, you can create a registration for the Facebook account. Note: if you’re already logged in through the local database or another identity provider, you will be asked to add the Facebook account to your existing account.

ASP.NET OpenID/OAuth Login With ASP.NET 4.5 – Part 2

With ASP.NET 4.5 it is very easy to enable users to login to your site with their accounts from Facebook, Google, LinkedIn, Twitter, Yahoo, and Windows Live. In this 7 part series I’ll show you how for each of the identity providers.

Note: Out-of-the-box this only works with WebForms and MVC4. MVC3 is not supported by default.

Part 2: Logging in with Google

Enabling your site for users to login with Google is extremely easy. It just requires you to uncomment a single line of code. There is no need for registration with Google or setting up some share secret, as is the case with the other identity providers.

  1. Open Visual Studio (if you don’t have already).
  2. Open the project created in Part 1 (or quickly create a project in the same manner).
  3. Find the App_Start folder and open AuthConfig.cs.
  4. Register the identity provider:
    1. In MVC go to the bottom of the RegisterAuth method and uncomment the following line of code:
      OAuthWebSecurity.RegisterGoogleClient();
    2. In WebForms go to the bottom of the RegisterOpenAuth method and uncomment the following line of code:
      OpenAuth.AuthenticationClients.AddGoogle();
  5. Save the file.
  6. Run the project.
  7. Click the Log in link. You will notice Google has automatically been added under Use another service to log in.
  8. Clicking the Google button will send you to Google to log in, which will show a page like the one below. Notice that it is telling the user which application (gained from URL) wants you to log in with your Google account.
  9. On the next page the user gets to see which information the application will get, in this case only the email address (and in Dutch in my case). The user can also indicate if this permission should be remembered next time.
  10. After clicking the approval button, you’re sent back to the application, where you can create a registration for the Google account. Note: if you’re already logged in through the local database or another identity provider, you will be asked to add the Google account to your existing account.