.comment-link {margin-left:.6em;}

Friday, May 11, 2012


JPEG Compressor

Advanced JPEG Compressor is a great tool that i always use for my pics

Photo Hosting

Free Photo Hosting

Photo hosting, free and easy to use!

Photo hosting, free and easy to use! Upload your photos to share. Instantly get direct URLs to your photos.

Femta Ovulation Calendar

Femta Ovulation Calendar is a program for women to keep track of their cycles. Femta calculates the probabilities of becoming pregnant for every day and displays them in charts and a calendar. Femta helps you to predict future cycles, making it possible for you to plan important events.

Sunday, May 06, 2007


Blog Moved

i moved to http://blogs.msdn.com/HusseinA

Saturday, November 25, 2006


Why BTS 2006 Host Process can be Clustered ?


High Availability in BTS is provided using host instances in the same Biztalk Server group . so why do we need to Cluster BTS Host Process ?

1- Concurrency

Problem Statement :  If an adapter handlers running inside an unclustered host process , this means that this adapter is running simultaneously on all the host instances. so let's say that all instances are accessing a shared resource , so we have a concurrency violation access issue here .

a typical example is FTP Adapter that is using FTP Protocol : so if all instances are accessing the same FTP location using FTP protocol , this will lead to concurrency problems since FTP protocol doesnt put any locks on the accessed files.

solution : make the FTP adapter clustered so we got high availability and in the same time , removing concurrency issues.

2- Ordered Delivery

Problem Statement : in case of MSMQ adapter for example : it delivers the messages in the order that messages have been received . so if we have two MSMQ running in two host instances we might lose this order delivery behaviour.

Solution : make only one adapter running at a time and getting high availability for that adapter by clustering the adapter.

for how to Implement the Clustering Itslef : http://www.microsoft.com/technet/prodtechnol/biztalk/2006/library/bts06clustering/cd301e18-ca9a-4b33-b57d-f03bff750521.mspx



Wednesday, November 15, 2006


How To change the Database Server Location and DB Names for BizTalk Server


Foe BizTalk Server 2004: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/operations/htm/ebiz_ops_backuprestore_prqu.asp

For BizTalk Server 2006: http://msdn2.microsoft.com/en-us/library/aa559835.aspx

Wednesday, November 08, 2006


Never ever change snk files during development

assembly 1 is signed with snk 1 . alot of apps are using assembly 1. a developer for some reasons created a new snk file and resigned the assembly and redeployed it. i know that all of us know that all apps will not work. but this really happens alot with developers. i faced it alot with my developers in the last month so i decided to write about it.

snk is not a configuration that we can change . think about it like a critical change where all the behaviours of the application will change.

Tuesday, October 10, 2006


 WSS Web Parts vs ASP.NET 2.0 Web Parts

a good comparison between WSS web parts and ASP.NET 2.0 web parts is here by Ted Pattison : http://pluralsight.com/blogs/ted/archive/2005/06/01/9697.aspx


msdn wiki has been released


Friday, September 22, 2006


BizTalk Rules Parameters not Appearing in CallRules Shape in Orchestration :

i spend some quite time figuring out what was the problem , so i would like to share this with everyone.

after i created a rule in Biztalk rule composer , i created an orchestration with a callrules shape that points to the rule i created , but no properties appear in the window. i want to add a message as an input .

Solution : the "fully qualified name" for schema must = document type for a fact

1- go to the schema1.xsd file that you have created initially and built your facts on

2- highlight the .xsd file in solution explorer

3- copy the "fully qualified name" property value from the properties window

4- goto your vocabularies

5- create a fact based on XML schema

6- in the fact definition window , in the document type property : paste the "fully qualified name"

if you have already published your vocabulary , copy and create a new version , and then create new rules based on the new vocabulary . you will notice the vocabulary version in the properties window

Monday, May 01, 2006


I love this Feature, I really love it

Aspnet_regiis -ga MachineName\user1

This command gives user1 privileges to access the IIS metabase . In short it
gives this account permissions so it can now be an identity of an
application pool in IIS .
In v1.1 we don't have this switch (-ga) . So I used to grant all the rights
and permissions manually ...

I love the ga switch :)

Tuesday, April 25, 2006


Referencing 2 versions of the same DLL at the same time

I need this feature in VB
Only C# has this feature nowwwwwwwww :(

You can do this in C# :
Csc /r:ver1=assembly1.dll /r:ver2=c:\assembly1.dll myapp.cs

Here is a sample of myapp.cs file
extern alias ver1;
extern alias ver2;

using System;

class MyApp
static void Main(string[] args)


Sunday, April 23, 2006


Connection Pooling

This is a very interesting funny notice :
Connection Strings must be IDENTICAL . so what is new ?

Conn1 : "Server=SQL01;Database=AdventureWorks;Integrated
Conn2 : "Server=SQL01;Database=AdventureWorks;Integrated Security=SSPI

These are not identical since the second connection string has a SPACE after
the word SSPI, so they generate two different pools.you can examine that by
SQL Profiler .
It is very interesting ha .

Saturday, April 22, 2006


Connection Pooling Series or parallel ?

If we have a connection like this :

Conn1 : "Server=SQL01;Database=AdventureWorks;Integrated
Security=SSPI;Pooling=true;Min Pool Size=100"

Are the 100 connections created in series(one after the other) or
parallel(all nearly at the same time) ?
To avoid Flooding the Database with Connections they are created in series .
You can check that by executing the above connection and notice the
"starttime" column in Profiler , you will notice in the profiler that they
are opened serially after each other by fractions of seconds.

Wednesday, April 19, 2006


Why do I have to press CTRL+ALT+DELETE to logon

Why don't the logon screen just appears directly without having to press
this combination ?
As Keith Brown says in his book "A .NET Developer's Guide to Windows
Security" . Always Asking the user for his password trains the user to
always type his password whenever asked. And since it can be any
malicious code asking the user for his password so logon screens must be
kept to minimal.
The Sequence of CTRL+ALT+DELETE can only be traced by Kernel mode , so
this is a clear message from the user to the OS that "I need to type my
password to logon". This Sequence cannot be tracked by user mode. So try
seriously to use the logon user account instead of asking him.

Tuesday, April 18, 2006



Unfortunately I still see some developers and architects see that VB is
untrustable and you still cant do a lot of things using VB, I would say to
those people "please read the Developer Division Manager Somasegar's blog
entry" http://blogs.msdn.com/somasegar/archive/2004/08/01/204540.aspx

And you can read also the Man behind VB's Blog entry :

I hope you completely change your mind now specially when you know that a
lot of .NET 2.0 classes have been written entirely with VB as well as the VB
engine itself and parts of the VS IDE.

The comparison between C# and VB.NET now becomes like "which of my 2 eyes I
like better " as SomaSegar has said .i really like this phrase


Impersonation in .NET

  1. Impersonation is done on a thread basis not on a process level. So when we say that something is impersonating a user, then this something must be for sure a Thread not a process.
  2. A thread impersonating a specific user means that the thread will be working with the security context of that user.
  3. New created processes inherits their parents’ tokens
  4. When a thread needs to stop impersonation for a while for example in ASP.NET if we used impersonation in web.config and a certain page needs to do a task with a specific privilege regardless the impersonated account then in that case we have to stop impersonation temporarily . there is a specific function to call in this case called “RevertToSelf”
    We can do this in .NET by :

    Console.WriteLine(WindowsIdentity.GetCurrent().Name); //print the impersonated account name

    This line will remove the token impersonated and will revert back to the process identity.
    WindowsImpersonationContext c = WindowsIdentity.Impersonate(System.IntPtr.Zero);

    Console.WriteLine(WindowsIdentity.GetCurrent().Name); //print the process identity account name

    //go back to Imopersonation
    c.Undo(); // will get the impersonated token back
    Console.WriteLine(WindowsIdentity.GetCurrent().Name); //print the impersonated account name
  5. Flow of tokens to new threads is different in .NET 1.1 than 2.0
    in the image above you can see...

    A process running under Administrator Token. And a thread that is running under the same account

    The thread impersonates HusseinA.

    The current thread in the process spawns a new thread

    If thread1 spawned a new thread, what will be the token flown from thread1 to the spawned thread.

    In .NET v1.1 it is the original Process token which is Administrator in this case.
    Example: if a process running under “local system” and a thread in this process impersonated another lower privilege account then the current thread decided to spawn another thread. the new thread will run under local system not under the impersonated account. This is very dangerous and can lead to some flaws.

    In .NET 2.0 the default now is to flow the impersonated account and not the original process account.

    using System;
    using System.Text;
    using System.Runtime.InteropServices;
    using System.Security;
    using System.Security.Principal;
    using System.Threading;

    namespace ImpersonateTest
    class Program

    [DllImport("advapi32.dll", SetLastError = true)]
    static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword,
    int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

    static void Main(string[] args)
    //get a token for a user
    IntPtr token = IntPtr.Zero;;
    bool loggedin = LogonUser("user1", "MyMachine", "P@ssw0rd", 3, 0, ref token);
    //prints the name of the process identity name Console.WriteLine(WindowsIdentity.GetCurrent().Name);

    WindowsIdentity w = new WindowsIdentity(token);
    WindowsImpersonationContext oldWindowsIdentity = w.Impersonate();

    //prints the name of the Impersonated account name Console.WriteLine(WindowsIdentity.GetCurrent().Name);

    Thread t1 = new Thread(new ThreadStart(Test));
    static void Test()
    //in .NET 1.1 prints the name of the Process account name
    //in .NET 2.0 prints the name of the Impersonated account name

Sunday, April 09, 2006


Web Application Projects vs Web Site Projects

The motivation for building a new Application Project Model :

A very useful comparison between the two models :

Very useful Tutorials :

Monday, March 27, 2006


Data Driven Unit Test


You will hear a lot about it in the VSTS era

Test driven development :

It is not testing software ,NO
It is aligning the developers to write more code efficient from customer
point of view

So life cycle would be :
- Write test (what ? Without having a code to test it) yes , write test
projects first . Think from customer point of view: what I need this
software to behave like . For example : I need my method to return
InvalidCustomerIDException when someone passes a null of invalid ID, and
I begin writing the test for the method that doesn't exist yet. So I
force the production in this way to follow the behaviour that I have
already designed in the test

- run test and see it fails . In this way I know that there is something
that must be done in the production code to make the test succeed

- write production code that make the test pass

- run test and see it pass

Ok here comes the main goal for this feed entry :
When I write a unit test , I am writing a static expected value and
calculate the actual value and then compare by Assert .what if I need
these values to be dynamic or having many values ? I will write an array
of course in the test method and loop through the array and invoke the
production code, WRONG.
There is another smart way: Data Driven unit test
I will create a table in the DB , and fill the table with data and tell
the test engine : please invoke my test method number of times equals
the no of rows in the table and pass the value for each row to the test
method every time. Wowwwwwwwwwwwwwwwwwwwwwwwwwwwww magnificent
So any time I can go to the table and change the test data and have
another punch of tested values.


Visual Studio 2005 Web Application Projects

Now we have two environments for building ASP.NET II web sites

1- Visual Studio 2005 Web Application Projects Model (Similar to VS
2- Visual Studio 2005 Web Site Projects Model (the new 2005

You can download the web app model from here :

This VS 2003 model style will be merged with VS 2005 SP1

And please no one ask me why we have two models ?
From my point of view : it is left for your flavour .
And one more thing :

Migration from VS 2003 web projects to VS 2005 web projects will be
straight forward as they are the same model .

Sunday, March 05, 2006


Deploy Web Part in GAC or in /bin

There is only 1 difference : Security

Web parts deployed in GAC run always under full trust without any CAS
Web parts deployed in /bin follow any of the five CAS trust levels
defined in web.config .

BTW : "Trust Levels" is a feature provided by ASP.NET II


Is Runnable DLL taking over EXE ?

Till the launch of .NET 1.1 there were some difference between DLLs and EXEs

1- you cannot reference /r an EXE in your project but you can reference a
2- you cannot deploy an EXE in GAC (Gacutil) but you can do so with DLL
3- DLL never meant to be runnable (has an entry point) but EXE does

After launching .NET 2.0 everything have changed now :
1- you can reference an EXE as well as DLL
2- you can Deploy EXEs in GAC
3- you can have a runnable DLL, yes you heard me , you can have a complete
project(like a windows forms APP) inside a DLL and run it .although this is
not documented, but it can be easily done .

So the question now is :
are DLLs taking over EXEs ? It can if it wants to
Are EXEs taking over DLLs ? It can if it wants to

There is still only one difference between them , which is the concept of
"Stand alone runnable APP". If I have a windows or a web or a mobile control
as EXE , I wouldn't know if I need to double click on it to make it run or
just add a reference to it in my app. So the logical meaning beyond the
extension is still there .

Wednesday, February 22, 2006


I Already Have MARS in SQL 2000

Can we really have Mars in SQL 2000 ? The answer is yes to some limit

pIDBCreateCommand->CreateCommand(NULL, IID_ICommandText, (IUnknown**)
pIDBCreateCommand->CreateCommand(NULL, IID_ICommandText, (IUnknown**)
OLESTR("select operation_id, operation_code, product_id, quantity
from dbo.operations where processed=0"));
pICommandText2->SetCommandText(DBGUID_DBSQL,OLESTR("update dbo.operations
set processed=1 where operation_id=?"));
//Execute the command
pICommandText->Execute(NULL, IID_IRowset, NULL, &cRowsAffected, (IUnknown**)
//Execute the command 2
pICommandText2->Execute(NULL, IID_IRowset, NULL, &cRowsAffected, NULL);

What does SQLOLEDB does in the background ? It opens a new connection . What
? Yes you heard me . It opens a new connection and execute command2

Some Scenarios :
1- what happens if command1 was in a DTC TX ?
in this case SQLOLEDB cannot open a new connection and command2
2-Command1 in a TSQL TX not a DTC TX ?
SQLOLEDB has no idea that command1 is in a TX and it will open a new
one, ending in two command living in different TX.
3- think about more scenarios like locking (2 commands lock each other )
There are a lot of more scenarios to be covered but no time

Any way , again the answer of the question is YES of course we do support
MARS in SQL 2000 behind the scene

Tuesday, February 21, 2006


The binding handle is invalid

At last I found a solution for this problem .
Problem : when you start debuggin on Visual Studio 2005 you get this
message . Some people disable generating the vshost files which are
But the solution is : go to the terminal services windows service and
change the startup option to be manual and restart the computer or make
it manual and start it without starting the computer

Sunday, February 19, 2006


Change configuration profile in 2005

If you want to change the configuration Profile from Debug to Release in
2005 , some people go to application properties designer and from (Compile
or Build) they change the configuration to Debug or Release . This is wrong
This allows you only to change the settings of each profile , but if you
want to change the current running active profile you have to go to menu
Build\Configuration Manager and change it

Saturday, February 18, 2006



What are vshost files : "app.vshost.exe" and "app.vshost.exe.config" ?

Vshost files are used at design time only and they are used for 3 purposes :

* improved F5 performance. Keep the state of appdomains between runs
of my application. So before running the app for 2nd time , the vshost
preserve the state of appdomain so saving sometime to reinitialize

* partial trust debugging

* design time expression evaluation. Which has taken out from VB2003
and now is back for all langs .you can use the immediate windows in design
mode for some design time expressions evaluation we need,

Tuesday, December 20, 2005


Why Do we need AppDomains ?

1- a place to load unload assemblies
2- isolation
3- security (assemblies inside same appdomain can have same policy)
4- configuration

Monday, December 12, 2005


A very powerful feature that has been taken for 6 years , now is back

VB DTEE ...............
Yes it is back , I cannot believe that . I deadly needed this feature in
2002 and 2003. and I always wanted to see the one in charge who has removed
this feature , but fortunately now I wont be searching for him any more :)

Now (in 2005) I can open the immediate window without running the program at
all and execute commands .without running my program I can invoke a function
, evaluate an expression , create an object , anything !!!!!!
Wow awseome :-)

Friday, December 09, 2005


Filtering Exceptions

Some languages like VB.NET but not C# supports Exception Filters .

Let's take these quick scenarios :

1- procedure A which has an exception handler is calling Proc B which
doesn't have an exception handler. Proc B Throw an exception . What happens
? Of course the runtime will search the stack for any catch until it hits A.
so A cacth the exception

2- same as before but B has an exception handler . What happens ? Of course
B catch the exception which might in turn voluntarily throw the exception .

Sub A
Catch when Filter1() = True
End Try
End sub

Function Filter1() as boolean
return True
End function

Sub B
End Try
End sub

Sub DoWork()
throw new exception()
End sub

The question now is : what are the ordered steps of execution ?
1- A calls B
2- B calls DoWork()
3- DoWork throw an exception
4- CLR will search in the stack for a handler until it finds A's
5- this is the trick . Filter1 is executed
6- B's Finally
7- DoSomething

So here is the lesson : TAKE CARE , some code could run after the try and
before the Finally . In our case , from B's Perspective , DoWork() is
executed then (SHOULD) followed by FinalizeMyWork(). But in practical , NO the
filter is executed in between . For me it is like (not is) code injection .

Thursday, December 08, 2005


Throw THINGS that are not exceptions !!!

This is my first time to know that we can throw types that are not
exceptions (not derived from system.exception)
Fortunately this cannot be done directly from CLS compliant languages like
C# and VB , but what if we are calling method M1() written by naughty C++ or
IL which throws an integer for example (throw 4). How can we catch this in
C# or VB ?

In .NET v1.x we can write :

'call a naughty code that throws a non-exception

End try

This approach has 2 issues :
1- there is no variable for catching the exception
2- non-system exceptions are not accumulated on the stack trace so we cannot
debug .

In .NET v2.0 :

Non-system exceptions are wrapped up with
System.Runtime.CompilerServices.RuntimeWrappedException which derives from
System.Exception . And even more there is a switch to enable or disable this
: <Assembly:

CLR Magic :

If assembly A (written in IL) throws a non-system exception . Assembly B
(written in C#) calls A . Assembly C (written in C++) call B.
1- if A catch it . It will see the non-system exception and never see that
it has been wrapped
2- if B catch it . It will see RuntimeWrappedException
3- if C catch it . It will see the non-system exception and never see that
it has been wrapped

Friday, November 25, 2005


Dynamic ports and muli-port/IP listener in SQL 2005

In the configuration manager , you can configure SQL 2005 to listen on
multiple Ips , and even more you can make it listen to multiple ports on the
same IP (1440,1450,1460) , but in this case you have to make "listen ALL =

Moreovere you can configure the server to have dynamic port , so when the
service is strating , it asks the OS for an available port, opens an
endpoint for that port.
SQL Server Browser monitors the ports, and direct incoming connections to
the right port for specific instance.
So what happens if SQLBrowser is off ? Of course clients must provide the
right IP and port otherwise they cannot connect.
So sql browser acts as a resolution for instance name to their ports .
The client send a UDP msg to port 1434 with the name of the instance , the
sql browser replies with the port.


The war of SQL vs. Xquery

The world is your database with Log Parser.

I can think of this as a point towards the relational world against the
hierarchical world ...


Log parser is a powerful, versatile tool that provides universal query
access to text-based data such as log files, XML files and CSV files, as
well as key data sources on the WindowsR operating system such as the Event
Log, the Registry, the file system, and Active DirectoryR. You tell Log
Parser what information you need and how you want it processed. The results
of your query can be custom-formatted in text based output, or they can be
persisted to more specialty targets like SQL, SYSLOG, or a chart.

Most software is designed to accomplish a limited number of specific tasks.
Log Parser is different... the number of ways it can be used is limited only
by the needs and imagination of the user.

Saturday, November 19, 2005


Cannot delete fileX :Access is Denied

How many times did you get this message ?

"Cannot delete fileX :Access is Denied
Make Sure the Disk is not full or write-protected
And the file is not currently in use"

I think a lot ha ?
At last I got a solution from the BCL Team

you can use it to enumerate the processes that are using the blocked module

For example : LMOD.exe file1.dll
Then you get a list of running process who are using file1.dll module

/// <summary>
/// Simple tool to find out which process have loaded a particular module.
/// </summary>
public class LMod
// "System Idle Process" pid
static int IdleProcessID = 0;

// "System" pid
static int SystemProcessID
//Is older than XP...
if (Environment.OSVersion.Version.Major < 5 ||
(Environment.OSVersion.Version.Major == 5 &&
Environment.OSVersion.Version.Minor == 0))
return 8;
return 4;
public static int Main(string[] args)
int total = 0;
string m_ModuleName = "";

if (args.Length == 1)
m_ModuleName = args[0];
// wrong number of parameters...
Console.WriteLine("Usage: LMod module_name");
return 1;

// Get all running processes on the machine...
Process[] m_arrSysProcesses = Process.GetProcesses();
for (int i = 0; i < m_arrSysProcesses.Length; i++)
ProcessModuleCollection modules =
int nCount = modules.Count;

if (nCount > 0)
for (int j = 0; j < nCount; j++)
// Is it the module we are looking for?
if (modules[j].ModuleName == m_ModuleName)
Console.WriteLine("Process Name: "
+ m_arrSysProcesses[i].ProcessName);
Console.WriteLine("Process ID : "
+ m_arrSysProcesses[i].Id);
Console.WriteLine("Priority : "
+ m_arrSysProcesses[i].BasePriority);
Console.WriteLine("Memory Usage: "
+ (m_arrSysProcesses[i].WorkingSet64 /
1024) + " Kb");

catch (Exception e)
// System Idle Process (Idle): represents pseudo-process
// that represents all the processor time not used by
// other processes.
// System (System): represents the processor time
// used by the kernel itself.
if (m_arrSysProcesses[i].Id != SystemProcessID
&& m_arrSysProcesses[i].Id != IdleProcessID)
Console.WriteLine("Error: Process "
+ m_arrSysProcesses[i].ProcessName
+ " (" + m_arrSysProcesses[i].Id + ") failed!");
return 2;

Console.WriteLine("There are " + total
+ " processes using module " + m_ModuleName);

return 100;

Saturday, November 12, 2005


(Singularity) New MS OS other than Windows


This is just a little brief about the new OS :

Singularity is a new operating system being developed as a basis for more
system and application software [28]. Singularity exploits advances in
programming languages
and tools to create an environment in which software is more likely to be
built correctly, program
behavior is easier to verify, and run-time failures can be contained.

A key aspect of Singularity is an extension model based on Software-Isolated
(SIPs), which encapsulate pieces of an application or a system and provide
information hiding,
failure isolation, and strong interfaces. SIPs are used throughout the
operating system and
application software. We believe that building a system on this abstraction
will lead to more
dependable software.

SIPs are the OS processes on Singularity. All code outside the kernel
executes in a SIP. SIPs
differ from conventional operating system processes in a number of ways:
- SIPs are closed object spaces, not address spaces. Two Singularity
processes cannot
simultaneously access an object. Communications between processes transfers
ownership of data.
- SIPs are closed code spaces. A process cannot dynamically load or generate
- SIPs do not rely on memory management hardware for isolation. Multiple
SIPs can reside
in a physical or virtual address space.
- Communications between SIPs is through bidirectional, strongly typed,
channels. A channel specifies its communications protocol as well as the
transferred, and both aspects are verified.
- SIPs are inexpensive to create and communication between SIPs incurs low
Low cost makes it practical to use SIPs as a fine-grain isolation and

- SIPs are created and terminated by the operating system, so that on
termination, a SIP's
resources can be efficiently reclaimed.
- SIPs executed independently, even to the extent of having different data
layouts, run-time
systems, and garbage collectors.

SIPs are not just used to encapsulate application extensions. Singularity
uses a single
mechanism for both protection and extensibility, instead of the conventional
dual mechanisms of
processes and dynamic code loading. As a consequence, Singularity needs only
one error
recovery model, one communication mechanism, one security policy, and one
model, rather than the layers of partially redundant mechanisms and policies
in current systems.
A key experiment in Singularity is to construct an entire operating system
using SIPs and
demonstrate that the resulting system is more dependable than a conventional

There are a lot more in the report on the research site

Monday, October 17, 2005


Quartz Web Designer for ASP.NET II from Microsoft

now we can build a very powerful design model based on WPF which can now target ASP.NET Clients


Wednesday, October 12, 2005


Encrypting web.config without writing Code

I think alot of people needs to encrypt their web.config sections in an easy way . it has never been easier than ASP.NET 2.0
1- Tool : Aspnet_regiis.exe . 
    limited to certain kind of sections . there are some system sections like (<processModel>, <runtime>, <system.runtime.remoting> ) that cannot be         encrypted using this tool , so we have to use another tool which is Aspnet_setreg.exe .
2- Encryption Provider : RSA
3- key Storage Location : Encryption Keys are saved in Container files
    a- Machine Container : the encryption key is shared to all applications running on the same server. ( \Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys ).
    The shared Encryption key Container : "NetFrameworkConfigurationKey"
    b- User Container : the encryption key is only accesible by our application. ( \Documents and Settings\{UserName}\Application Data\Microsoft\Crypto\RSA )
4- Encrypting :
for IIS : aspnet_regiis -pe "ParentSection/ChildSection" -app "/WebApplication1"
-pe :  the section to be encrypted like "connectionStrings"  or "appSettings/App1"
-app: the virtual path to the application
-pd : for decryption
For the built-in web server with Visual Studio.NET 2005 :
aspnet_regiis.exe -pef "ParentSection/ChildSection" C:\MyWebs\WebApp1
-pef: section to be encrypted + physical path
-pdf: for decryption
For User Container Storage :
    <add keyContainerName="NetFrameworkConfigurationKey"
      description="Uses RsaCryptoServiceProvider to encrypt and decrypt"
type="System.Configuration.RsaProtectedConfigurationProvider,SystemConfiguration, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
The good news is that you dont have to write anything special in your code to read the encrypted data .it is read by the same way : ConfigurationManager.ConnectionStrings("MyConn1").ConnectionString

5- ACL on the Encryption Key : which web application has permission to read encrypted data ?

any ASP.NET Web APP has an identity (in IIS6 , it is the identity of the App Pool). when an ASP.NET web App tried to read encrypted Data , ASP.NET checks if that application has the appropriate permission by checking the NTFS ACL on the Encryption Key Container File (for shared Machine Container it is :
NetFrameworkConfigurationKey) against app identity
Access Denied : If your web APP doesnt have permission to access the key -->  "Parser Error Message: Failed to decrypt using provider 'RsaProtectedConfigurationProvider'. Error message from the provider: The handle is invalid."

Grant Access to an Account: aspnet_regiis -pa "NetFrameworkConfigurationKey" "MyServer\MyUser"

Monday, October 10, 2005



very cool feature form ASP.NET II . just place a page in the root of your web app with this file "App_offline.htm" and the server will unload the web app and unload the app domain and stop processing any requestes . it just displays the contents of the htm page. this can be used during maintenance.the only complaint is that you cannot control the name of the page in any config file coz this is executed before loading any config file ...

removing this file from the root will result in immediate normal processing for requests from the next request


Using the HTTP.SYS Kernel Mode Cache from ASP.NET

first question of course will be "what is the difference between Kernel mode and user mode ?" .

kernel mode is the OS mode .it is by default a 2GB piece of memory. it is a protected area .running under elevated privilages(Local System) . so anything running in kernel mode is actually very very fast over user mode coz they have elevated priority over anything running in User mode .
by default User mode is 2GB peice of memory. it is the place to run all the applications ( including IIS)  in windows OS

so one of the implications of implementing a kernel mode http listener is dramatically increase the performance .

let's have a look on caching in ASP.NET Today ,  I could take the data i need to cache  and basically store it in memory and guarantee that on subsequent requests, IIS is going to call ASP.NET; ASP.NET is going to get the choice to say, based on the URL you're asking for, I'm going to fetch this out of memory if I have it; and then I can send a response back down. But with IIS 6.0, the extra benefit you get is that rather than IIS ever having even talked to us, the request can be pushed in IIS and it can be served straight from IIS.

so caching data in kernel mode (HTTP.SYS) avoids context switches between user mode and kernel mode .it is dramatically increasing performance , and when talking about performance we can measure this with a very simple page built with ASP.NET on MS Application Center . the difference between no of req/sec before and after apply caching is incredible

note: to apply HTTP.SYS caching from ASP.NET  you have to add the @OutPutCache Directive to the page



i heard alot about wiki i always want to know what is really a wiki .
so languistically speaking  : wiki is a huwai'ian keyword which means "Quick"
In Hawai'ian repeated words provide emphasis, so WikiWiki means very quick
That makes a WikiWikiWeb a very quick way to create web-based content.

from a Technical Technical perspective , you can consider a wiki like a dashboard or a white board but instead of only one person writing on it , no there can be multiplie persons from all over the world can be writing on it , and modification to the text on the white board it tracked to his modifier. so it is amix between chatting , collaboration and discussion board .

let's take an example

  1. go to http://www.flexwiki.com/

  2. alomst every page you see from now on is a complete wiki and it is called a topic. for example the first link in the page in the right section is pointing to http://www.flexwiki.com/default.aspx/FlexWiki/WikiWiki.html, please click on it

  3. this opened web page now is a topic using the wiki methodologies

  4. let's say you need to change the page , you need to add your own text on that page or change or delete. simply double click any where on any white space portion on that page

  5. now we are inside wiki editor

  6. change the text freely and please have a look on the right pane, where you can change your contribution change "Name" and change templates and then click save

  7. the previous page is back now but with your change which is exposed to any one in the world. you can try this yourself bu opening the same page now from another computer

  8. for example lets say that i need to track all changes not that has happened to that page, i can simply click on show changes on the left . it will show me all the changes to that page

  9. a very great feature is also the "recent changes" from the left pane , click on that . you can now see all the changes to the current namespace and you can even filter by author. let's filter by my name for example "Hussein". click in the combo box "Authors" and click "H" in the keyboard then down to "Hussein Computer"

so now for any site , we should have a wiki just to post our own comments about the site , these comments might be questions , answers , notes , summary , etc....

This page is powered by Blogger. Isn't yours?