A few months ago I was presented with a problem that took me a while tofigure out. I had lost my notes but just found them and hence the postnow.
Theissue that I had was that I had a web service that provided a method tosee if a file existed on a remote server from some parameters passed toit that through a function mapped to a file name on those storagesystems. Existence of the file was done with the File.Exists methodwhich was passed a UNC representing the file.
This all workedfine as the web service server and the file server where in the samedomain. This all changed when the moved the web services into a serverin a different domain, and one that didn't have a trust.
Ioriginally thought that this was interesting as I had the web servicesetup to impersonate the user account in the domain of the file serverthrough the web.config impersonation, as that was needed just to passsecurity checks as access is limited to a few accounts on the domain. However, because there was no trust, the impersonation didn't work!
Aftermuch research, what I did not find any real solution, but I did findtwo half solutions that needed to be stitched together into a singlesolution.
The first part of thte solution is to create anapplication pool to run your web service within. We'll configure thisappliation pool to run as a different identity than the rest ofASP.NET. After you've created your application pool, select Properties-> Identity -> Configurable, and enter the account from your webservice server domain that you want the account to run under. It isvery important that this account be named the same and have the samepassword as the account in the remote domain (the one without thetrust) use to access the resources with. Now, configure your webservice to run in that application pool.
If you try to accessyour web service, you will get the infamous ‘Service Unavailable Page’page with big red letters. What's going on? Well, this is the secondhalf of the solution as you've created the application pool, but thatapplication pool doesn't have the permissions to access .net systemfiles. Doh!
To solve this, add your account to theIIS_WPG group, and then assign this account the following user rights:
- Adjust memory quota for a process
- Replace a process level token
And we're not done yet. You still have to give the IIS_WPG group fullcontrol to the following directories (and all sub items):
- C:\windows\Microsoft.NET\Framework\v.2.0.50727\Temporary ASP.NET Files
- And the folder where your web service is located.
Restart IIS and you should be able to access yourweb service, and have it access the resources in the remote but nottrusted domain.
Technorati Tags: .Net
I was upgrading software for a client today so that it wouldperiodically take a snapshot of the CPU utilization so that we couldmonitor the workload. With some google based research, I came up withthe following code to return the cpu utilization:private static PerformanceCounter pc = new PerformanceCounter("Processor", "% Processor Time", "_Total");
Unfortunately,when I deployed this to the servers (it runs as a service), the servicewould not start. Puzzled for a while I took a look at the event logand found the following error:Servicecannot be started. System.TypeInitializationException: The typeinitializer for 'TNSMI.ArchiveServer.WatcherServiceImpl' threw anexception. ---> System.UnauthorizedAccessException: Access to theregistry key 'Global' is denied.
at Microsoft.Win32.RegistryKey.Win32Error(Int32 errorCode, String str)
at Microsoft.Win32.RegistryKey.InternalGetValue(String name, Object defaultValue, Boolean doNotExpand, Boolean checkSecurity)
at Microsoft.Win32.RegistryKey.GetValue(String name)
at System.Diagnostics.PerformanceMonitor.GetData(String item)
at System.Diagnostics.PerformanceCounterLib.GetPerformanceData(String item)
at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)
at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)
Turnsout the service is running under a limited account that did not havepermissions to access the performance counters. The solution after alittle trying was to make the user account a member of the "PerformanceMonitor Users" group.
Technorati Tags: Performance, Security
following is a first draft of a short essay that I am writing for
inclusion in a paper for an IEEE software maintenance conference in
Agile software methodologies are a set of practices for
software developers that promise rapid and quality software development over
traditional waterfall methodologies through collaboration amongst team and
customers, coding only what it needed, “spiking” software to prove concepts, “pairing”
to put multiple eyes on implementations, and by building the systems utilizing
test driven development and continuous integration.
There has been much debate recently about whether or not
agile methodologies produce these stated results. Many will say that agile methodologies are
successful due to the high-collaboration amongst team and customer combined
with up-front versus back-end testing leads to systems that are built faster,
more correctly, and with higher quality.
Others argue that these practices sacrifice long-term software
maintainability by avoiding proper architecture, and although it makes systems
that appear “correct” up front, but in the long run leads to systems that are
not maintainable and reusable and therefore incurring a larger cost over time.
It is my opinion developed through many years of building
systems utilizing agile methodologies that current agile software methodologies
only represent a few of the implementation details of product development process,
and because of this low-level approach they may build software that may meet
short-term, individual project needs, but that do not lead to software systems
suitable for long-term “enterprise” software.
The current practices of
collaboration, pairing, unit testing and continuous integration work at the
implementation detail of “product platforms”, and do not address overall needs of
enabling enterprise agility through suites of products that enable an enterprise
to be agile in their market space.
The evolution of agile practices need to take into account
these needs, addressing more enterprise level issues such as multiple project planning,
overall software architecture and evolution, systems integration, business
process modeling, product planning and product platform in order to enable true
enterprise agility, and must also address combining them all together to form
integrated processes that giving well defined tasks all the way down through
technical implementation where current agile practices are primarily focused.
Technorati Tags: Agile
Workflow for delivering commands from the user to a peer in p2pSB.Client side
- User issues command (ie. ConnectToNetwork)
- Service host looks up the appropriate service. In this case, ConnectToNetworkService.
- Execute is triggered on the ConnectToServiceObject.
- AvailablePeers are retrieved, and ConnectToNetworkMessage delivered to each by the following process. Note that Redezvous Servers are considered peers in this list.
- The list of known transport types for each peer is identified from the PeerConnectionInfo class associated with the peer.
- ConnectToNetworkMessage is sent to each peer via that transport. Note that this is an asyncronous action and considered fire and forget.
- The message is places in the message store for correleation of connect messages.
- ConnectToNetworkMessage is received by a listener.
- Decrement TTL, and if 0 dispose of message.
- Message is routed to the message node. Message node "touches" the message.
- Message node routes it to the ConnectToNetworkService.
- Connect to network service acknowledges the message with a response back through the incoming message node.
- An entry in the peer list is made for this node.
- The message is forwarded to all peers on this servers peer list that are not already on the visited peers list.
Technorati Tags: p2pSB