Daniel Fisher(lennybacon) - SOA, Data and the Web

Tuesday, July 26, 2005

Evil Empire

Mike Vernal figured out from where Microsoft's whole "evil empire" moniker comes.´

Must read :-)

Misc

Tuesday, July 26, 2005 10:59:23 PM (W. Europe Standard Time, UTC+01:00)

Disclaimer | Comments [16] |

Monday, July 25, 2005

MSN VirtualEarth

If you ever wanted to know where newtelligence headquarter is (Korschenbroich)...

http://virtualearth.msn.com/default.aspx?cp=51.188584|6.605851&style=r&lvl=9&v=1

You can also see where our next SOA Workshop will happen (Düsseldorf) on September 5 - 7, 2005.

Misc

Monday, July 25, 2005 10:08:46 AM (W. Europe Standard Time, UTC+01:00)

Disclaimer | Comments [25] |

Friday, July 22, 2005

RE: httpOnly cookies in ASP.NET 1.1

Scott posted a solution to support httpOnly cookies in ASP.NET 1.1 but pointed out some problems when you run the code on 2.0(http://www.hanselman.com/blog/HttpOnlyCookiesOnASPNET11.aspx)

Here is a solution:

		
protected void Application_EndRequest(Object sender, EventArgs e)
{    
	if(System.Environment.Version.Major<2)
	{
		foreach(string cookie in Response.Cookies)    
		{        
			const string HTTPONLY = ";HttpOnly";        
			string path = Response.Cookies[cookie].Path;        
			if (path.EndsWith(HTTPONLY) == false)        
			{            
				//force HttpOnly to be added to the cookie            
				Response.Cookies[cookie].Path += HTTPONLY;        
			}    
		}
	}
}

ASP.NET | C# | Projects

Friday, July 22, 2005 2:43:24 PM (W. Europe Standard Time, UTC+01:00)

Disclaimer | Comments [21] |

Wednesday, July 20, 2005

Firefox more sexy than InternetExplorer :-P

Misc

Wednesday, July 20, 2005 5:44:40 PM (W. Europe Standard Time, UTC+01:00)

Disclaimer | Comments [16] |

Friday, July 15, 2005

CAPCHA with Flickr

I just stumbled over roy's post and i think it would make sense to use smth like that as a capcha solution.

ASP.NET | C# | Misc | Projects

Friday, July 15, 2005 2:29:51 PM (W. Europe Standard Time, UTC+01:00)

Disclaimer | Comments [29] |

Wednesday, June 22, 2005

Free Microsoft E-Learning SqlServer 2005

The following e-learning courses are available for SQL Server 2005:

SQL Server 2005

Wednesday, June 22, 2005 3:02:06 PM (W. Europe Standard Time, UTC+01:00)

Disclaimer | Comments [14] |

Monday, June 20, 2005

Re: Windows Impersonation in ASP.NET

Pierre posted an entry bout impersonation in ASP.NET szenarios.

[Pierre]There are several scenario where you have to use the impersonation in ASP.NET. Consider, for example, you have to save and load files from a network share (file server). In that case, if the web site accept anonymous authentications, you have to impersonate a windows user who has enought privileges to access to that resource.

You have three choices (I guess):

Elevate the ASP.NET process identity - worse case since you could compromise the whole site security
Impersonate a windows user during the single call (http://blogs.msdn.com/shawnfa/archive/2005/03/22/400749.aspx)
Demand the task to a COM+ server application

I think that the last is the best since we have more security and maintenance control
[...]

I agree with him that "Demand the task to a COM+ server application" is the best way of the three he listed. But for me impersonation it is still a don't.

By the way i wanted to post this as a comment but "Comments on this post are closed". Yes this is some criticism on weblogs.asp.net :-) ...

So here my opinion as post in my blog:

Avoid impersonation! If you need to "redirect a binary that is located on a different box than the webserver to the client" utilize another IIS on the 2nd machine or write a service that returns the binary data.

ASP.NET | Misc | Projects | Security | WebServices

Monday, June 20, 2005 8:57:15 AM (W. Europe Standard Time, UTC+01:00)

Disclaimer | Comments [17] |

About

Daniel Fisher is a co-founder of devcoach® (www.devcoach.biz), a company that supports and accompanies customers in projects with the Microsoft® .NET platform all through from architecture to deployment.

Daniel has a strong emphasis on service-orientation (SOA), agile methodologies and processes, the web and data access.

He is a recognized expert in the SOA-field and plans and realizes distributed systems on the Microsoft platform since many years. Daniel is one of the early Windows Communication Foundation (WCF) experts and was a member of the technical adoption program for the Microsoft Corporation.

For the federal office for security in information technology of the German government he and Michael Willers have created a security analysis and written practice-proven guidelines for the daily work with WCF. As experts for the topic "SOA with .NET" they traveled through Europe to discuss the requirements of architects from all over the world and help them implement solutions.

Daniel is developing software since 1995 (since 1999 on the .NET platform) and has worked several years on projects as a developer, architect, project lead and consultant for insurance companies, distributors, mobile communications hardware, construction supplies and various other companies of different branches.

He is actively contributing to the software developer community as chair-man of JustCommunity e.V. (www.justcommunity.de), organizer of the biggest regional community event, and lead of a user group.

Navigation