Because Adobe currently don’t support Kerberos in Flex, that limits the ability to do cool Single Sign On stuff through Air and on various sites.

So, how to solve this?  Well, this is just a theory, but it seems to work ok on paper.

The basic idea is that you have something else do the authentication, and generate a One Time Key. That Key is then passed to your Flex app (eg via the Command Line for Air, or a Flashvar in the browser), which then uses this OTK to authenticate and grab a Session key like you normally would.

The point of using a One Time Key which is then discarded after use,  is so that someone malicious can’t grab (say) your process list and reuse that authentication token.

So, for Windows Air clients - you could build a quick-and-dirty preloader (.NET makes this really easy) which does your Kerberos authentication using (say) your Windows Identity against Active Directory.

For Mac Air clients - You’d also need to build a preloader (Mono? :D). Whether you can achieve SSO this way would depend on how the OSX Identity stuff works under a domain (or the equivilent analog in OSX world) model, but at the very least you could do your Kerberos authentication here.

And for Server-side components, well, that’s pretty damn obvious - you generate the OTK on the server and deliver it down (over SSL!) as part of the page.

Anyway, hope this helps someone who’s pondering the way to solve this.

I’m working on a new project at work where we’re dealing with data that updates frequently, at unpredictable times, used in across several different front-end services, and needs to scale to pretty decent traffic levels without going nuts on buying more hardware.

So, given all that, one of the things we’re looking at is using a distributed object caching layer, such as memcached.  If you’re not sure what this technology does, the quick summary is that it is used to store commonly accessed data in memory on your servers. One of the most common uses is to cache results from database queries. 

memcached started it’s life at Danga Interactive to solve issues scaling LiveJournal at 20 million+ pageviews per day. It has a proven track record in the Unix world, and a fairly significant base of knowledge on what works and various workarounds and solutions.

Whilst memcached is from Unix, there are also Windows based ports of the server, and also .NET clients so using it in our environment shouldn’t be an issue from the technical side. 

Recently Microsoft also announced their entry into this space with a project code named Velocity. It’s pretty similar to memcached, but also has some additional functions allowing things like Tagging and Regionalising (Partitioning) data.  There’s also more support at the moment for different cache expiry methods, and the roadmap includes additional redundancy bits too.

For anyone who is considering how their applications will scale up, there’s plenty more to read on the subject.

Dare Obasanjo has a post from July 2007 about memcached on Windows, and also more recently about Velocity.  Scott Hanselman (Who I’m happy to say is coming to Tech.Ed Australia 2008!) has a podcast up about Velocity, talking with Anil Nori - one of the smart fellows responsible for Velocity.

I’ll write some more on this as we progress down the build of this application.

So, today I discovered an issue which related to me doing two calls something a little like this:

- Execute dc.sp_Proc1
- If some condition exists, execute dc.sp_Proc2, and then Execute dc.sp_Proc1 again with the same parameters.
- Insert some records into the database.

The problem is, the first time you execute the sproc, it caches the result. This would be okay for most instances, but in mine - I’m actually after the updated result.

A quick bit of googling revealed this post by Chris Rock. This approach of “turn off object tracking” works Ok if you don’t need to insert records on that Data Context.

My quick, dirty, and (possibly) really wrong approach was just to spin up a new Data Context, and re-execute that sproc.

I promise I’ll find a more sane way of fixing this

With many web 2.0 applications there’s a basic three-tier architecture..   In our case the client is a Flex 3/Caringorm application, the Services are WCF/ASP.NET Web Services, and the Database SQL 2005.

One of the typical approaches to creating Web Services for this type of system is to use a CRUD type pattern. That is: all methods are based around either Creating, Retrieving, Updating, or Deleting records.  In most usually done on a per-table basis, and means that you’re effectively making the Web Services a HTTP enabled SQL client.

For our situation, this wasn’t really appropriate for a number of reasons, including complex relationships between tables, and a need to reduce the amount of network traffic.

Another concern, although relatively minor, is to reduce the amount of work needed by the Flex team to implement the Web Services. 

Ideally, we wanted to be able to share business objects as widely as possible, to reduce the amount of rework needed by everyone involved in implementing the interfaces.

Therefore we chose to go with task, or semantic based methods, and using the objects as needed by the Flex front-end.  The work of validation, and mapping to appropriate tables would be done by the Web services.

An example of this might be that a Document had many properties, such as Media Items (pictures, video, etc), Tags, Authors, etc.  However, within the database there might be a necessity to track Document Versions, What versions are Live, the relationships between Documents, Document Versions and Media Items. 

Because the objects that I needed to send/receive didn’t match the objects that needed to be saved in the database, I needed to write a lot of “left hand/right hand code”: ServiceDocument.Property =   SQLDocument.Property.  Most of this was fairly simple code to write, but tracking the places where this takes place can be grow to become quite a challenge when the solution grows to dozens of tables.

This is an approximate list of what I need to do to add a property to one table:

• Add the Property to the Service Types
• Add conversion pieces to transpose the Service Type to/from the LINQ to SQL Object equivalents.
• Add the column to the Table in the Database Model for LINQ to SQL
• Add the column to all Stored Procedures in the Database Model which reference this, removing and re-adding them if this means new properties too.  Don’t forget to ensure the return types on the re-added Stored Procedures are set correctly.
• Add the columns to the actual Stored Procedures, update parameters, etc
• Add the column to the actual Table

I can only imagine the Version Control conflict chaos that would ensue if you had several people making these changes concurrently.

I highly recommend grouping changes into a per-table basis, because it can take a while to go through all the additional pieces you have referencing the LINQ to SQL and Service Type object equivilents.

This is the first in (hopefully) a series of quick things I’ve picked up whilst tackling the previously mentioned project. 

So, I have a table something like this:

CREATE TABLE [dbo].[Product](
  [ProductID] [int] IDENTITY(1,1) NOT NULL,
  [Name] [nvarchar](100) NOT NULL,
   [Price] [int] NOT NULL,
    [LastSaveTimestamp] [datetime] NOT NULL CONSTRAINT [DF_Product_SaveTimestamp]  DEFAULT (getutcdate())
) ON [PRIMARY]

The key here is the default value on the column: LastSaveTimestamp.

If I then try to, say insert a new column into this table, for example using this code:

  DatabaseContext dc = new DatabaseContext();
  Product product = new Product();
  product.Name = “test product”;
  product.Price = 50;
  dc.Products.InsertOnSubmit(product);
  dc.SubmitChanges(System.Data.Linq.ConflictMode.FailOnFirstConflict);

Then I’d get an exception like:

System.Data.SqlTypes.SqlTypeException: SqlDateTime overflow. Must be between 1/1/1753 12:00:00 AM and 12/31/9999 11:59:59 PM..

The fix is actually really simple - In the table designer / DBML, you need to tell it that the column is auto-generated. Unfortunately this doesn’t seem to be automatically detected. It’s one of a few ‘just plain weird’ situations. 

AzamSharp has the fix details, with a handy-dandy screenshot over on his blog.

Here’s two things that caused me a bit of pain when working with WCF. Hopefully these pointers should help you get back to more productive things.

No Output when returning Serialized / Serialised objects.

I had been working on adding a significant number of methods and properties to a series of classes, and when I went to test the service I got literally no output.

Debug points indicated that all properties were there, and valid - but still WCF wasn’t returning anything. There was no exceptions  being returned to the client.

The best tool for debugging these sorts of solutions is to first of all enable Tracing and MessageLogging.  This is done via the WCF Service Configuration Editor, on the Diagnostics tab. 

Once you’ve done that, and re-run the projects - you can open up Service Trace Viewer.  For me under Visual Studio 2008, this was under Microsoft Windows SDK v6.0A > Tools.

This tool then lets you open up the trace log generated in your solution directory, and see all the activity that’s been happening.

From here, it was just a matter of scrolling down to the activity entry that had the yellow hilighting (indicating a warning), selecting it - then clicking on the Errors.

For me, the first time this happened to me, it was because I had stuffed up the DataMember Name values. It has also occurred for other reasons, such as a property not being populated, when I had specified that it was both required, and also that it could not emit a default value.

Can’t get mex to work

No, this isn’t a misguided racial slur. I was having issues setting up the mexHttpBinding on an ASP.NET AJAX WCF Service.

The solutions all point towards the same thing, that you need to set up an endpoint, and set the contract to IMetaDataExchange, then set the behaviour to have <serviceMetadata />. Except that it just wouldn’t let me add that property to my endpoint behaviour, and whenever I changed it to a service behaviour it would then not allow me  to set the other properties I needed for that.

Well, perhaps I’m particularly slow - but hopefully this pointer will help someone else.

1: Create a NEW service behaviour:

<serviceBehaviors>
  <behavior name="MyServiceBehavior">
    <serviceMetadata
      httpGetEnabled="true"/>
    <serviceDebug
     includeExceptionDetailInFaults="true"
     />
  </behavior></serviceBehaviors>

2: Add a new endpoint to your  existing service

<endpoint
   address="mex"
   binding="mexHttpBinding"
   bindingConfiguration=""
   contract="IMetadataExchange" />

3: Add the behaviorConfiguration you added in Step 1 to the Service (NOT the endpoint).

<service
  behaviorConfiguration=”MyServiceBehavior”
  name=”MyProject.MyService”>

I kept trying to add it to the endpoint, and failing miserably. So much time spent back-and-forth on this!

That’s it for this instalment of “WCF is great, but I wish the config was a bit easier to understand”. Stay tuned for more exciting episodes!

Today I spent about half an hour banging my head against this problem:
Whenever I would try and return a business object, I’d simply get no response from my WCF Service. Litterally nothing.

The problem turned out to be that I had accidentally specified the DataMember Name of a property in a sub object twice.

So, I had my broken class set up like:


[DataContract(Name = "MyClass", Namespace = "Example")]
public partial class MyClass
{
[DataMember(Name = "property1")] public int Property1 { get; set; }
[DataMember(Name = "property1")] public string Property2{ get; set; }
}


An instance of this class was used as a property in another object, which was being returned from WCF.

.NET didn’t throw any sort of error unless I tried to return just “MyClass”.

Sure, it was my fault, but if you have a complex data structure, this could get awefully difficult to find without some sort of message from WCF.

Yes, this is part of that ultra nifty WCF JSON .NET 3.5 Flex project at work.

(A note to readers: This is all pure geek/coder content - Please skip this if nothing in the subject line makes sense)

I started on a new project at work for a client a bit over a week ago, by virtue of the requirements, we decided to investigate the use of new version of Microsoft’s  .NET Framework, Version 3.5, for all of the server-side services.

Microsoft have been quite strongly pushing the benefits of the new features of .NET 3.5. There’s been a few key features which are particularly interesting, and if all goes according to the marketing hype, should end up saving a huge amount of time and effort, whilst ensuring that we use well known and standardised interfaces.

What features?

Windows Communications Foundation (WCF) is particularly interesting because it promises to let you (mostly) remove the whole ‘how’ and ‘where’ portion of communications between tiers, and let you focus on the ‘what’ and ‘when’.

In essence, WCF should let me state that I want to create (say) a Web Service, that accepts information in format X, and outputs responses in some other format. It doesn’t have to be a Web Service either, it could be a Peer to Peer network speaking in straight binary streams.

For this project the client-functionality is all in Flex, so we need to ensure that the Flex guys can quickly decode all the responses and turn them into Action Script objects. Through a bit of experimenting and application prior experience - Web Services speaking JSON appeared to be the easiest and most light weight method of doing this.

Language Integrated Queries (LINQ) is another particularly interesting technology, particularly because it lets me focus on what I want to do with the data I have, rather than spending time transforming it from the Database tables, rows, and procedures, into .NET objects and methods.

There are a number of implementations of LINQ, which enables you to query a variety of sources - the one that I’m most likely to use is LINQ to SQL (talking to SQL Server). Regardless of what I’m accessing however, the syntax is identical - again, removing the need to modify my code if I need to query an XML file, Oracle or MySQL Database, or even native .NET objects.

You can probably see a common theme here - WCF lets me focus on communication with the outside world without needing to write that interface or conversion functionality, and LINQ lets me access and manipulate data, without needing to write that interface either.

So, it’s all plug and play?

Well, that depends entirely on what you’re doing with your data. If you’ve got something like a CRM application where the client is responsible for managing (most of) the data, then yes it can quite possibly be almost plug and play if you’re going with a “CRUD” interface.

If your data structure is more complex, then you need to determine exactly where the split is. In this specific project, I’m presenting an abstracted view of the data that the client needs, and doing all of the business logic to manage data management in the SQL and Web Services Layer.

So far, the whole WCF and LINQ combination looks good. I’m hoping to post some more detailed posts later on.

Further Reading

I highly recommend Scott Guthrie’s LINQ to SQL series of posts. Start with Part 1: Introduction to LINQ to SQL

These resources have also been of a great help in getting my head around the whole LINQ thing:

• Kirk Allen Evans’s Blog : Using WCF, JSON, LINQ, and AJAX: Passing Complex Types to WCF Services with JSON Encoding
• Programming JSON with WCF in .NET Framework 3.5
• LINQ to SQL - 5 Minute Overview - Hooked on LINQ
• WCF + LINQ? - Rudi Grobler
• Talking to WCF with Flex 3 via JSON or XML

I’m currently working away on improving Smitter R3, and part of that is improving the way proxies are handled.

Currently, there’s four situations it supports quite fine:

- No Proxy
- Proxy, without Authentication
- Proxy, with BASIC Authentication (using specified username/password)
- Proxy, with NTLM Authentication using your current Windows Account (aka Windows Integrated Authentication).

The problem comes you’re in this fifth situation:
- Proxy, with NTLM Authentication using a specified username, password and domain.

Initially, I was using code like:

WebClient client = new WebClient(url);
client.Proxy = new WebProxy(proxyurl, true);
// if proxy-auth required:
client.Proxy.Credentials = new NetworkCredential(proxyusername, proxypassword, domain);
// ...etc


But, this fails with “407 Proxy Authentication Required”
The crazy part is that it actually is doing NTLM authentication, but it appears to be attached in the headers for twitter.com (!?).

So, I tried using WebRequest, and also HttpWebRequest and specifying proxy-keep-alive.
I also tried setting the .NET Default proxy to my specified proxy or just adding authentication credentials.
But, still nothing appears to be working.

Almost all the solutions online are using the DefaultCredentialCache - but that really doesn’t help (I tried), because I’m not logged in as the user that I want to authenticate as. Cretaing a new CredentialCache and adding the details to that - still no help.

All in all, very frustrated!

If you want to have a crack at solving it - download the SmitterR2 source and check out Smitter.Core.TwitterService.GetStatuses (in SmitterClasses\SmitterCore.cs).

There’s currently a line like:
using (WebClient client = BuildWebClient())
Ignore/remove it and create your own WebClient/WebRequest/etc to test on. That’s the first (network) function called when Smitter starts up, and is pretty quick to return a result one way or another.

Just make sure you’re using a proxy which requires NTLM / Kerberos Auth, and isn’t on the same domain as your current account. Any other situation seems to work A-OK.

If you can solve this, I’d be much in your debt.

Smitter, Release 2  is out now.

Changes

• Better error handling (please report any bugs)
• Proxy Support
  (NB: ClickOnce deployment may not work with Proxies requiring authentication!)
• More efficient posting (no refresh necessary)

Requirements

• Microsoft .NET Framework 2.0

Installation

• ClickOnce (See “ClickOnce Notes” below), or
• Download it and install yourself. 
  Note: Download the zip file, and extract it to a new directory. Then run “Smitter.exe”.

ClickOnce Notes (updated!)

• By Default, only works with Internet Explorer 6 and above, with the .NET Framework 2.0 installed
• Does not work correctly if you have Internet Explorer configured to use a proxy requiring Authentication (eg: Corporate Firewalls)
• Firefox users can run ClickOnce applications by installing the FFClickOnce addon, and then going to the normal installation page.

Upgrades

• ClickOnce automatically updates next time you run it.
• Manual Install: Download the zip file and replace the existing files.

Source Code:

• Smitter R2 Source.

Application and Source Code Licence

 
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 Australia License

Please give your feedback in the comments, or add me on Twitter.

Features Confirmed for R3 (updated)

• Minimise to Notification Icon (”System Tray”)
• Balloon Notifications (optional)
  If Smitter is minimised or not visible, and your @Username is mentioned in a new tweet. 
   
  Note:  To deploy the above two features, I need an icon for Smitter.  On the screen-shot above, I am using an icon borrowed from Iconfactory’s Twitterific client icon in the   Litho Extras Volume 5 collection.   Due to licensing rules, I can’t distribute this icon, so it’ll remain for internal testing at the moment
• Minor bug fixing (removal of the “Loading” messages if it errors, and fixing of the hammer-prevention so that it allows you to refresh)
• More?