Early thoughts on asp.net core

Posted by on May 27, 2016 in Asp.net, MVC

The more I play with asp.net core (RC2 at time of publication) the more I’m liking what I see. I still don’t see a use case for me on OSX or Linux yet, so the portability isn’t a massive thing for me. In my mind the windows use case for asp.net is fantastic and licence costs aside the setup and configuration is so simple on Windows I can see little benefit from venturing elsewhere. Application settings There are still things I don’t particularly like about core, including recent changes. One of these is accessing settings file. In ‘current’ asp.net (must be careful not to call it ‘old’ or ‘legacy’) is the ConfigurationManager class made accessing your settings from web.config both simple and succinct. Now though, web.config is no more. Why, I’m not entirely sure. Maybe it’s the flexibility of having multiple configuration sources or not mixing application settings with its configuration. Regardless, you’ll now almost certainly be storing your configuration settings in a JSON file, with appsettings.json seemingly becoming the convention. In early releases of core this was similarly easy to access settings from a JSON file for example simply by using the IConfigurationRoot dictionary (provided you added the source in the startup configuration). However, in the latest builds (RC2 onwards) this has changed. You now need to strongly type your settings via POCO classes and access these settings through the IOptions class. Once its set up and configured the usage is quite straightforward but it’s a lot of setup and maintenance IMO. Every new setting requires adding to the JSON file AND to the corresponding POCO class. State of flux So at the time of writing asp.net core is at release candidate 2 stage. However, there are still some big, big changes going on. The underlying .net runtime has gone though a massive shift of late with the introduction of the much cleaner dotnet CLI. This is a big step forward IMO but not something you would normally expect in release candidates. This still feels much more beta than RC to me so be mindful that there are still lots of breaking changes going on. Another example of this is that having followed the recommended guidance on setting configuration settings access up the “new way” I was still hitting issues. Turns out that a namespace shuffle occurred in the core libraries and was largely undocumented until a couple of days ago (https://github.com/aspnet/Announcements/issues/180). Following the new namespace import and package restore and things are now working fine. As I say, core is still moving forward at a rapid pace with both minor and major changes causing breakage for the developer and at the same time invalidating lots of the already limited documentation. Sending email Another hurdle is the lack of System.Net.Mail in core. This means the tried and tested way of sending email is (at the time of writing)...

Read More »

Unable to create new MVC project in Visual Studio 2013

Posted by on Jun 27, 2014 in Asp.net, MVC

I recently had a problem in Visual Studio 2013 whereby I couldn’t create a new MVC project. When I tried, an empty solution would be created and a dialog box would be shown with the following: System cannot find the file specified (0x80070002) After a bit of digging about, it appears this occurs when there is an issue with Nuget – either a faulty installation or its somehow been corrupted. Thankfully fixing it was as simple as you’d imagine. In visual Studio 2013 go to: Tools=> Extensions and Updates => Installed => Nuget Package Manager for Visual Studio 2013 => Uninstall Close VS when you’re asked to restart it and then download a fresh copy from here by ruinning the VSIX file: Nuget from the Visual Studio Gallery Once the installation is complete, it should be working again… Hope that...

Read More »

Using OAuth in .net without Membership

Posted by on Oct 30, 2013 in Asp.net, MVC

If you search for anything to do with OAuth (Open Authorization), you’ll find lots of very comprehensive examples of how to get started using OAuth in .net 4.5 and VS2013 from the in built templates. You’ll also find a few .net 4.0 examples which also show you how to get started with OAuth, but pretty much everything described is tightly couples with asp.net membership. If, like me, you’re working on a project that uses its own authentication and authorization implementation, or you simply don’t want to take a dependency on a database of any kind, then the information is harder to get hold of. What is OAuth? At its simplest, OAuth allows you to log in to one site (site A) using your credentials from another site (site B) without ever providing your details to site A. This is beneficial for a number of reasons: Fewer credentials to remember for the user The hosting site doesn’t need to concern itself with handling this kind of sensitive data Rich profile information can be obtained (if permitted), enhancing the user experience Allows the user control over which sites can authenticate them and they can revoke this control at any time Many of the largest websites on the internet either offer OAuth login functionality (including the likes of StackOverflow, Vimeo, Digg, Disqus, Tripadvisor etc), or act as a provider (e.g. Facebook, Microsoft, Google, Yahoo, LinkedIn etc). It’s pretty safe to say, if you’ve logged in to any other site using your Facebook account, you’ve used OAuth. Lets get started In the following example I’ll be using VS2013, but VS2012 should also work just fine.   Create a new solution in Visual Studio:   File->New->VisualC#->Web->ASP.NET Web Application   Be sure to select Empty Web Application for the template and notice that Authentication is set to no authentication   Once the project has been created, open up NuGet (right-click on References and select ‘manage NuGet packages’) and search for the Microsoft WebPages OAuth Library (see screenshot).   This will install the library and a host of dependencies – fortunately none of these are membership dependencies. Once complete, if you look in your references folder you should find a number of OAuth references Register with Facebook   I’d recommend following the steps under the section ‘Registering with an external provider’ shown here: http://www.asp.net/mvc/tutorials/security/using-oauth-providers-with-mvc to set up and configure your Facebook application. Once complete you should have an App ID and a Secret key which we’ll need shortly. Set up OAuth Before your application starts it will be necessary to register the provider(s) you wish to offer. To accomplish this, create a new static class in the APP_START folder called OAuthProviders.cs and within a single static method called Configure. This is your first interaction with the OAuth libraries and where you will supply your credentials for Facebook: C# using Microsoft.Web.WebPages.OAuth; namespace OAuthSample.App_Start { public static class OAuthProviders...

Read More »

Enabling HTML files to be processed by the asp.net pipeline

Posted by on Oct 10, 2013 in Asp.net

A quick how-to here. I recently needed to process all HTML files through the ASP.Net pipeline so I could take advantage of its security features. The obvious solution to this would be to run all modules through the pipeline by adding the following to your web.config: C# <modules runAllManagedModulesForAllRequests="true" /> 1 <modules runAllManagedModulesForAllRequests="true" /> However, there would be a performance hit then on other static file types such as CSS, JavaScript and images. The correct way to achieve this is through the following web.config changes: C# <system.web> <compilation debug="true" targetFramework="4.0"> <buildProviders> <add extension =".html" type="System.Web.Compilation.PageBuildProvider"/> <add extension =".htm" type="System.Web.Compilation.PageBuildProvider"/> </buildProviders> </compilation> </system.web> 12345678 <system.web>  <compilation debug="true" targetFramework="4.0">    <buildProviders>      <add extension =".html" type="System.Web.Compilation.PageBuildProvider"/>      <add extension =".htm" type="System.Web.Compilation.PageBuildProvider"/>    </buildProviders>  </compilation></system.web> This tells the runtime that the .htm and .html extensions should be picked up and processed by the PageBuildProvider via System.Web.dll Then, to ensure this is correctly processed by IIS or IISExpress (or any other asp.net capable web server), add the following section, also to your web.config file: C# <system.webServer> <handlers> <add name="HTML" path="*.html" verb="GET, HEAD, POST, DEBUG" type="System.Web.UI.PageHandlerFactory" resourceType="Unspecified" requireAccess="Script"/> <add name="HTM" path="*.htm" verb="GET, HEAD, POST, DEBUG" type="System.Web.UI.PageHandlerFactory" resourceType="Unspecified" requireAccess="Script"/> </handlers> </system.webServer> 12345678 <system.webServer>        <handlers>            <add name="HTML" path="*.html" verb="GET, HEAD, POST, DEBUG"                 type="System.Web.UI.PageHandlerFactory" resourceType="Unspecified" requireAccess="Script"/>            <add name="HTM" path="*.htm" verb="GET, HEAD, POST, DEBUG"                 type="System.Web.UI.PageHandlerFactory" resourceType="Unspecified" requireAccess="Script"/>        </handlers>    </system.webServer> The above handlers instruct the runtime to run all requests for GET, POST, HEAD or DEBUG verbs through the PageHandlerFactory. With this in place you can then handle HTML files through the pipeline, which is ideal for scenarios such as integrating the asp.net security architecture into static sites containing HTML files rather than a WebForms or MVC...

Read More »