Because Adobe currently don’t support Kerberos in Flex, that limits the ability to do cool Single Sign On stuff through Air and on various sites.

So, how to solve this?  Well, this is just a theory, but it seems to work ok on paper.

The basic idea is that you have something else do the authentication, and generate a One Time Key. That Key is then passed to your Flex app (eg via the Command Line for Air, or a Flashvar in the browser), which then uses this OTK to authenticate and grab a Session key like you normally would.

The point of using a One Time Key which is then discarded after use,  is so that someone malicious can’t grab (say) your process list and reuse that authentication token.

So, for Windows Air clients - you could build a quick-and-dirty preloader (.NET makes this really easy) which does your Kerberos authentication using (say) your Windows Identity against Active Directory.

For Mac Air clients - You’d also need to build a preloader (Mono? :D). Whether you can achieve SSO this way would depend on how the OSX Identity stuff works under a domain (or the equivilent analog in OSX world) model, but at the very least you could do your Kerberos authentication here.

And for Server-side components, well, that’s pretty damn obvious - you generate the OTK on the server and deliver it down (over SSL!) as part of the page.

Anyway, hope this helps someone who’s pondering the way to solve this.

I’m working on a new project at work where we’re dealing with data that updates frequently, at unpredictable times, used in across several different front-end services, and needs to scale to pretty decent traffic levels without going nuts on buying more hardware.

So, given all that, one of the things we’re looking at is using a distributed object caching layer, such as memcached.  If you’re not sure what this technology does, the quick summary is that it is used to store commonly accessed data in memory on your servers. One of the most common uses is to cache results from database queries. 

memcached started it’s life at Danga Interactive to solve issues scaling LiveJournal at 20 million+ pageviews per day. It has a proven track record in the Unix world, and a fairly significant base of knowledge on what works and various workarounds and solutions.

Whilst memcached is from Unix, there are also Windows based ports of the server, and also .NET clients so using it in our environment shouldn’t be an issue from the technical side. 

Recently Microsoft also announced their entry into this space with a project code named Velocity. It’s pretty similar to memcached, but also has some additional functions allowing things like Tagging and Regionalising (Partitioning) data.  There’s also more support at the moment for different cache expiry methods, and the roadmap includes additional redundancy bits too.

For anyone who is considering how their applications will scale up, there’s plenty more to read on the subject.

Dare Obasanjo has a post from July 2007 about memcached on Windows, and also more recently about Velocity.  Scott Hanselman (Who I’m happy to say is coming to Tech.Ed Australia 2008!) has a podcast up about Velocity, talking with Anil Nori - one of the smart fellows responsible for Velocity.

I’ll write some more on this as we progress down the build of this application.

So, today I discovered an issue which related to me doing two calls something a little like this:

- Execute dc.sp_Proc1
- If some condition exists, execute dc.sp_Proc2, and then Execute dc.sp_Proc1 again with the same parameters.
- Insert some records into the database.

The problem is, the first time you execute the sproc, it caches the result. This would be okay for most instances, but in mine - I’m actually after the updated result.

A quick bit of googling revealed this post by Chris Rock. This approach of “turn off object tracking” works Ok if you don’t need to insert records on that Data Context.

My quick, dirty, and (possibly) really wrong approach was just to spin up a new Data Context, and re-execute that sproc.

I promise I’ll find a more sane way of fixing this

With many web 2.0 applications there’s a basic three-tier architecture..   In our case the client is a Flex 3/Caringorm application, the Services are WCF/ASP.NET Web Services, and the Database SQL 2005.

One of the typical approaches to creating Web Services for this type of system is to use a CRUD type pattern. That is: all methods are based around either Creating, Retrieving, Updating, or Deleting records.  In most usually done on a per-table basis, and means that you’re effectively making the Web Services a HTTP enabled SQL client.

For our situation, this wasn’t really appropriate for a number of reasons, including complex relationships between tables, and a need to reduce the amount of network traffic.

Another concern, although relatively minor, is to reduce the amount of work needed by the Flex team to implement the Web Services. 

Ideally, we wanted to be able to share business objects as widely as possible, to reduce the amount of rework needed by everyone involved in implementing the interfaces.

Therefore we chose to go with task, or semantic based methods, and using the objects as needed by the Flex front-end.  The work of validation, and mapping to appropriate tables would be done by the Web services.

An example of this might be that a Document had many properties, such as Media Items (pictures, video, etc), Tags, Authors, etc.  However, within the database there might be a necessity to track Document Versions, What versions are Live, the relationships between Documents, Document Versions and Media Items. 

Because the objects that I needed to send/receive didn’t match the objects that needed to be saved in the database, I needed to write a lot of “left hand/right hand code”: ServiceDocument.Property =   SQLDocument.Property.  Most of this was fairly simple code to write, but tracking the places where this takes place can be grow to become quite a challenge when the solution grows to dozens of tables.

This is an approximate list of what I need to do to add a property to one table:

• Add the Property to the Service Types
• Add conversion pieces to transpose the Service Type to/from the LINQ to SQL Object equivalents.
• Add the column to the Table in the Database Model for LINQ to SQL
• Add the column to all Stored Procedures in the Database Model which reference this, removing and re-adding them if this means new properties too.  Don’t forget to ensure the return types on the re-added Stored Procedures are set correctly.
• Add the columns to the actual Stored Procedures, update parameters, etc
• Add the column to the actual Table

I can only imagine the Version Control conflict chaos that would ensue if you had several people making these changes concurrently.

I highly recommend grouping changes into a per-table basis, because it can take a while to go through all the additional pieces you have referencing the LINQ to SQL and Service Type object equivilents.

This is the first in (hopefully) a series of quick things I’ve picked up whilst tackling the previously mentioned project. 

So, I have a table something like this:

CREATE TABLE [dbo].[Product](
  [ProductID] [int] IDENTITY(1,1) NOT NULL,
  [Name] [nvarchar](100) NOT NULL,
   [Price] [int] NOT NULL,
    [LastSaveTimestamp] [datetime] NOT NULL CONSTRAINT [DF_Product_SaveTimestamp]  DEFAULT (getutcdate())
) ON [PRIMARY]

The key here is the default value on the column: LastSaveTimestamp.

If I then try to, say insert a new column into this table, for example using this code:

  DatabaseContext dc = new DatabaseContext();
  Product product = new Product();
  product.Name = “test product”;
  product.Price = 50;
  dc.Products.InsertOnSubmit(product);
  dc.SubmitChanges(System.Data.Linq.ConflictMode.FailOnFirstConflict);

Then I’d get an exception like:

System.Data.SqlTypes.SqlTypeException: SqlDateTime overflow. Must be between 1/1/1753 12:00:00 AM and 12/31/9999 11:59:59 PM..

The fix is actually really simple - In the table designer / DBML, you need to tell it that the column is auto-generated. Unfortunately this doesn’t seem to be automatically detected. It’s one of a few ‘just plain weird’ situations. 

AzamSharp has the fix details, with a handy-dandy screenshot over on his blog.

Here’s two things that caused me a bit of pain when working with WCF. Hopefully these pointers should help you get back to more productive things.

No Output when returning Serialized / Serialised objects.

I had been working on adding a significant number of methods and properties to a series of classes, and when I went to test the service I got literally no output.

Debug points indicated that all properties were there, and valid - but still WCF wasn’t returning anything. There was no exceptions  being returned to the client.

The best tool for debugging these sorts of solutions is to first of all enable Tracing and MessageLogging.  This is done via the WCF Service Configuration Editor, on the Diagnostics tab. 

Once you’ve done that, and re-run the projects - you can open up Service Trace Viewer.  For me under Visual Studio 2008, this was under Microsoft Windows SDK v6.0A > Tools.

This tool then lets you open up the trace log generated in your solution directory, and see all the activity that’s been happening.

From here, it was just a matter of scrolling down to the activity entry that had the yellow hilighting (indicating a warning), selecting it - then clicking on the Errors.

For me, the first time this happened to me, it was because I had stuffed up the DataMember Name values. It has also occurred for other reasons, such as a property not being populated, when I had specified that it was both required, and also that it could not emit a default value.

Can’t get mex to work

No, this isn’t a misguided racial slur. I was having issues setting up the mexHttpBinding on an ASP.NET AJAX WCF Service.

The solutions all point towards the same thing, that you need to set up an endpoint, and set the contract to IMetaDataExchange, then set the behaviour to have <serviceMetadata />. Except that it just wouldn’t let me add that property to my endpoint behaviour, and whenever I changed it to a service behaviour it would then not allow me  to set the other properties I needed for that.

Well, perhaps I’m particularly slow - but hopefully this pointer will help someone else.

1: Create a NEW service behaviour:

<serviceBehaviors>
  <behavior name="MyServiceBehavior">
    <serviceMetadata
      httpGetEnabled="true"/>
    <serviceDebug
     includeExceptionDetailInFaults="true"
     />
  </behavior></serviceBehaviors>

2: Add a new endpoint to your  existing service

<endpoint
   address="mex"
   binding="mexHttpBinding"
   bindingConfiguration=""
   contract="IMetadataExchange" />

3: Add the behaviorConfiguration you added in Step 1 to the Service (NOT the endpoint).

<service
  behaviorConfiguration=”MyServiceBehavior”
  name=”MyProject.MyService”>

I kept trying to add it to the endpoint, and failing miserably. So much time spent back-and-forth on this!

That’s it for this instalment of “WCF is great, but I wish the config was a bit easier to understand”. Stay tuned for more exciting episodes!

I’m looking for a few folks to group together to get a dedicated Windows server.

Server Details:

• CPU: Intel Xeon 3060 (Dual Core)
• RAM: 2GB
• HDD: 2x 250GB (not RAID)
• Network Port: 100Mbit
• Bandwidth Quota: 2500GB per month
• OS: Windows Server 2003 R2  (x32)
• Other Software: .NET 1.1, plus .NET 2.0 to  .NET 3.5.  MS SQL Server 2005 (Express),

The server would be hosted by The Planet (unless you know of a better place?) in the US.

Because there’s 10 IPs allocated, the way I thought it would be set up would be to have one IP for any shared web hosting, etc - plus remote access in. And one IP would be dedicated to a Linux VM Server (for any apache + php + mysql things you want to run).

Then the rest of the IPs would be split up between the  folks sharing the server - for any other things you wanted to do (FTP server,  etc)

Bandwidth, Diskspace and RAM wouldn’t be strictly controlled, but if the performance of the server is suffering, we’re out of disk space, or we’ve got an over-usage charge, then those who’re using far more than their quota will need to pay up (for bandwidth) or reduce their usage (for diskspace and RAM)  

You’d also be expected to know how to use manage IIS properly, and if you’re hosting stuff on the Linux VM, Apache too.  Oh, and also how to use common sense not to stuff with other people’s settings without their OK.

I shouldn’t need to mention this, but you’ll also be responsible for ensuring that you’re not doing anything illegal under US or Australian laws. So - no torrent downloads, thanks.

Total cost per month for the server setup above is USD$230/month. I’m prepared to pay about USD$80/month, so I’m looking for 3-4 people willing to split about USD$150/month.

So, for about $10/month you’d get an allocation of about 100GB of bandwidth quota, and 20GB/disk space (10GB per drive).  IPs would be divvied up based on % of contribution, after I’ve got enough people onboard, but you’d get at least one IP.

So, if you’re interested - add me on MSN - will@hughesfamily.net.au and let me know.

Update: I now have two other people who’re onboard, and another who’s interested…  I need another four people who’re interested in putting in about USD$30/month each.

If that doesn’t happen, then I guess we’ll have to look at trying to get a smaller server, but this is pretty much as small as it gets before things stop being useful.

Today I spent about half an hour banging my head against this problem:
Whenever I would try and return a business object, I’d simply get no response from my WCF Service. Litterally nothing.

The problem turned out to be that I had accidentally specified the DataMember Name of a property in a sub object twice.

So, I had my broken class set up like:


[DataContract(Name = "MyClass", Namespace = "Example")]
public partial class MyClass
{
[DataMember(Name = "property1")] public int Property1 { get; set; }
[DataMember(Name = "property1")] public string Property2{ get; set; }
}


An instance of this class was used as a property in another object, which was being returned from WCF.

.NET didn’t throw any sort of error unless I tried to return just “MyClass”.

Sure, it was my fault, but if you have a complex data structure, this could get awefully difficult to find without some sort of message from WCF.

Yes, this is part of that ultra nifty WCF JSON .NET 3.5 Flex project at work.

(A note to readers: This is all pure geek/coder content - Please skip this if nothing in the subject line makes sense)

I started on a new project at work for a client a bit over a week ago, by virtue of the requirements, we decided to investigate the use of new version of Microsoft’s  .NET Framework, Version 3.5, for all of the server-side services.

Microsoft have been quite strongly pushing the benefits of the new features of .NET 3.5. There’s been a few key features which are particularly interesting, and if all goes according to the marketing hype, should end up saving a huge amount of time and effort, whilst ensuring that we use well known and standardised interfaces.

What features?

Windows Communications Foundation (WCF) is particularly interesting because it promises to let you (mostly) remove the whole ‘how’ and ‘where’ portion of communications between tiers, and let you focus on the ‘what’ and ‘when’.

In essence, WCF should let me state that I want to create (say) a Web Service, that accepts information in format X, and outputs responses in some other format. It doesn’t have to be a Web Service either, it could be a Peer to Peer network speaking in straight binary streams.

For this project the client-functionality is all in Flex, so we need to ensure that the Flex guys can quickly decode all the responses and turn them into Action Script objects. Through a bit of experimenting and application prior experience - Web Services speaking JSON appeared to be the easiest and most light weight method of doing this.

Language Integrated Queries (LINQ) is another particularly interesting technology, particularly because it lets me focus on what I want to do with the data I have, rather than spending time transforming it from the Database tables, rows, and procedures, into .NET objects and methods.

There are a number of implementations of LINQ, which enables you to query a variety of sources - the one that I’m most likely to use is LINQ to SQL (talking to SQL Server). Regardless of what I’m accessing however, the syntax is identical - again, removing the need to modify my code if I need to query an XML file, Oracle or MySQL Database, or even native .NET objects.

You can probably see a common theme here - WCF lets me focus on communication with the outside world without needing to write that interface or conversion functionality, and LINQ lets me access and manipulate data, without needing to write that interface either.

So, it’s all plug and play?

Well, that depends entirely on what you’re doing with your data. If you’ve got something like a CRM application where the client is responsible for managing (most of) the data, then yes it can quite possibly be almost plug and play if you’re going with a “CRUD” interface.

If your data structure is more complex, then you need to determine exactly where the split is. In this specific project, I’m presenting an abstracted view of the data that the client needs, and doing all of the business logic to manage data management in the SQL and Web Services Layer.

So far, the whole WCF and LINQ combination looks good. I’m hoping to post some more detailed posts later on.

Further Reading

I highly recommend Scott Guthrie’s LINQ to SQL series of posts. Start with Part 1: Introduction to LINQ to SQL

These resources have also been of a great help in getting my head around the whole LINQ thing:

• Kirk Allen Evans’s Blog : Using WCF, JSON, LINQ, and AJAX: Passing Complex Types to WCF Services with JSON Encoding
• Programming JSON with WCF in .NET Framework 3.5
• LINQ to SQL - 5 Minute Overview - Hooked on LINQ
• WCF + LINQ? - Rudi Grobler
• Talking to WCF with Flex 3 via JSON or XML

Those following me on Twitter have had the joy of seeing random messages about the ongoing issues I’ve had getting my ADSL2+ connected.

Since the last post on this (on the 13th of Feb) I basicly gave up on calling iiNet - I’d already spent a fortune in mobile costs listening to their hold music, and was just waiting for them to get back to my support-enquiry email. (I never did get a response to that)

However, last Friday (22nd) as I was going to bed at about 1:30am (Okay, so technically Saturday morning) I noticed that my DSL Router was saying it had sync. I normally check the router panel when I get home, so I must’ve missed it that night. I stayed up about an hour setting up a bunch of tests to see how fast/stable the connection was. I left these tests to continue running whilst I slept. When I left home on Saturday at about 9AM it was still running, and I was feeling somewhat optimistic that it might continue to work. Of course, Murphy was listening, and when I got home at around 5pm, I had lost line sync once again.

Sunday I called iiNet again, this time because their Toolbox said there should only be about a 7min wait. The tech guy tried a few things from their end, but once again no success - and said he’d put the request through to their Fault Manager who would try to get VisionStream to narrow down the timeframe.

Come Monday morning, I get a call from Christy at Vision Stream, “Is Wednesday suitable for you?”. Grr. Same situation as last time Christy called me! Looking at the iiNet Toolbox - what do you know, a 45min or so wait on hold, again. Instead of doing that, I try another tact - go straight to the top.

So, I write a pleading email to Michael Malone, the Managing Director of iiNet. He’s quite active on Whirlpool’s forums, and makes his email available there. I give a bunch of possible ways we could try and work together, such as asking for the first/last timeslot on the day, getting a call an hour or two beforehand, and even offering to pay for a Saturday callout if necessary.

Tuesday I get a call from Rebecca at iiNet regarding the email, she’s called VisionStrem and tried getting them to go with any of the options I presented - no luck. I think up one last option - asking the Tech to call me as he’s starting the job before mine. Rebecca thinks it might work, and goes back to VisionStream.

Today, (Wednesday) Rebecca calls back - VisionStream won’t go for it, despite having escalated it up the chain of management there. Apparently VisionStream started quoting sections of the Telecommunications Act to her, and stating that “we treat all customers equally”. However, the VisionStream manager has agreed to commit to a particular timeslot (9AM-12:30PM or 12PM to 6PM), AND to get the Tech to call an hour beforehand.

I ask Rebecca what the chances are of switching to a regular ADSL2 service (and having the line connected as a standard phone again) - apparently it can be done, but I’d be the first to have tried it. And the time it would take would probably be somewhere up around a month, assuming everything went according to play.

So, for now Rebecca is sending the case back to VisionStream, and getting them to commit to providing a 9AM-12:30PM timeslot for this job plus the hour-before call.

Here’s hoping that VisionStream can come through on this!

Side Rant:
VisionStream’s comment to Rebecca that they treat all customers equally, is rather stupid. Yes, they treat all customers equally poorly. VisionStream’s view is apparently that All customers’ time is worth nothing, and they obviously have nothing better to do.

Surely someone at VisionStream can see that doing this just gives them a really poor reputation.