4 minutes read

Making the X509Store more Friendly

When you need to grab a certificate out of a Windows Certificate Store, you can use a class called X509Store.  It’s very simple to use: X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly); X509Certificate2Collection myCerts = store.Certificates.Find(X509FindType.FindByThumbprint, "…", false); store.Close(); However, I don’t like this open/close mechanism.  It reminds me too much of Dispose(), except I can’t use a using statement.  There are lots of arguments around whether a using statement is a good way of doing things and I’m in the camp of yes, it is.  When they are used properly they make code a lot more logical.  It creates…

9 minutes read

The Basics of Building a Security Token Service

Last week at TechDays in Toronto I ran into a fellow I worked with while I was at Woodbine.  He works with a consulting firm Woodbine uses, and he caught my session on Windows Identity Foundation.  His thoughts were (essentially—paraphrased) that the principle of Claims Authentication was sound and a good idea, however implementing it requires a major investment.  Yes.  Absolutely.  You will essentially be adding a new tier to the application.  Hmm.  I’m not sure if I can get away with that analogy.  It will certainly feel like you are adding a new tier anyway. What strikes me as…

3 minutes read

Azure Blob Uploads

Earlier today I was talking with Cory Fowler about an issue he was having with an Azure blob upload.  Actually, he offered to help with one of my problems first before he asked me for my thoughts – he’s a real community guy.  Alas I wasn’t able to help him with his problem, but it got me thinking about how to handle basic Blob uploads.  On the CommunityFTW project I had worked on a few months back I used Azure as the back end for media storage.  The basis was simple: upload media stuffs to a container of my choice. …

2 minutes read

C# Dynamic Type Conversions

I’ve been looking at ways of parsing types and values from text without having to do switch/case statements or explicit casting.  So far, based on my understanding of statically typed languages, is that this is impossible with a statically typed language. <Question> Is this really true?</Question> Given my current knowledge, my way of bypassing this is to use the new dynamic type in .NET 4.  It allows me to implicitly assign an object without having to cast it.  It works by bypassing the type checking at compile time. Here’s a fairly straightforward example: static void Main(string[] args) { Type boolType…

3 minutes read

SQL Server 2008 R2 Launch Event – Application Lifecycle Management

Unfortunately I will be unable to attend the ALM presentation later this afternoon, but luckily I was able to catch it in Montreal last week. When I think of ALM, I think of the development lifecycle of an application – whether it be agile or waterfall or whatever floats your boat – that encompasses all parts of the process.  We’ve had tools over the years that help us manage each section or iteration of the process, but there was some obvious pieces missing.  What about the SQL?  Databases are essential to pretty much all applications that get developed nowadays, yet…

8 minutes read

Bad User Interfaces are Insecure

The Best of Intentions So you’ve built this application.  It’s a brilliant application.  It’s design is spectacular, the architecture is flawless, the coding is clean and coherent, and you even followed the SDL best practices and created a secure application. There is one minor problem though.  The interface is terrible.  It’s not intuitive, and settings are poorly described in the options window.  A lot of people wouldn’t necessarily see this as a security issue, but more of an interaction bug — blame the UX people and get on with your day. Consider this (highly hyperbolic) options window though: How intuitive…

2 minutes read

My First CodePlex Project!

A few minutes ago I just finalized my first CodePlex project.  While working on the ever-mysterious Infrastructure 2010 project, I needed to integrate the Live Meeting API into an application we are using.  So I decided to stick it into it’s own assembly for reuse. I also figured that since it’s a relatively simple project, and because for the life of me I couldn’t find a similar wrapper, I would open source it.  Maybe there is someone out there who can benefit from it. The code is ugly, but it works.  I suspect I will continue development, and clean it…

1 minute read

Visual Studio Output Window Auto-Scrolling

Just a quick one here. Have you ever been using the output window in Visual Studio, scrolled up, and then lost the auto-scroll functionality?  It’s really annoying when you have a thousand things coming out through the likes of Debug.Write, or even if it’s just a massive build. To re-enable autoscrolling, while in the output window just hit CTRL+END. Kinda wished I knew that a year ago…

2 minutes read

A Thought on Windows Mobile 7

The other day while I was sitting in the airport in Washington, D.C., I had a random thought.  When the ZuneHD first hit the shelves people were talking about how Mobile 7 might borrow the look and feel.  It’s sleek, easy to use/easy to understand, and is very simple.  So I started thinking about what such an interface might look like.  This is something I did quickly.  Nothing was provided by Microsoft.  Nobody has said anything about Mobile 7 design (at least, not at that point, but nobody cared anyway).  This is simply something I thought the interface might look…

1 minute read

Deleting Temporary Internet Files from the Command Line

A quicky but a goody.  Sometimes you just need a quick way to delete temp files from IE.  In most cases for me its when I’m writing a webapp, so I’ve stuck this in the build properties: RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8 RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2 RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 1 RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16 RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32 RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255 RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 4351 It doesn’t require elevated permissions, and has been tested on Vista and Windows 7.  Each command deletes the different types of data: temp files, stored form info, cookies etc.  Enjoy.