Charteris Community Server

Principles and Axioms

aland — Mon, 21 Jul 2008 20:18:00 GMT

I'm holding an internal discussion arising from one of our regular Core Capability conference calls at the moment and I thought that it would be useful to surface part of that to the outside world to get feedback.

The premise is to see if it is possble to set out certain principles and derive some axioms from those principles that can drive out 'default development environments'. Here, I have chosen two sets of axioms. The first being "Microsoft" for those clients who prefer to use mainstream, low risk tooling and practices. The second being "Alt.Net" for clients who are willing to work with non-Microsoft software for development purposes, most notably open source software.

My thinking may be wrong. My decisions may be wrong. Whatever you think - let me know!

Please note that this is only a first draft - errors and omissions are to be expected.

Axiomatically "Microsoft"	Axiomatically "Alt.Net"

Principle: Project status and progress should be available.
Team Foundation Server MS Project	Burndown Charts

Principle: Requirements must be defined.
Functional Requirements Specification Non-Functional Requirements Specification	Personas User Story cards

Principle: The architectural context must be defined.
Logical Architecture Specification Physical Architecture Specification	Logical Architecture Specification Physical Architecture Specification

Principle: (Non-)Functional tests should be defined.
Scenarios in Team Foundation Server	Scenarios on reverse of User Story cards

Principle: Non-Functional tests should be defined.
Scenarios in Team Foundation Server	Scenarios on reverse of User Story cards

Principle: Version Control must be employed.
Team Foundation Server	Subversion

Principle: Services should be employed to traverse boundaries.
WCF / WS-* REST	WCF / WS-* REST

Principle: Coding standards should be enforced.
FxCop & StyleCop	FxCop & StyleCop

Principle: Defects should be tracked.
Team Foundation Server	Bugzilla

Principle: Developers must test units of code in isolation.
MS Test	NUnit

Principle: Where possible, testers must automate functional verification of the application.
MS Test	FitNesse

Principle: The application must be subject to a build process.
MSBuild	NAnt

Principle: The application should be automatically built on a regular basis.
Team Foundation Server	CruiseControl.net

Principle: XML Code Comments should be compiled.
Sandcastle	Sandcastle

Principle: Deployment media should be built.
WiX / Votive	WiX / Votive

Principle: Where possible, database design should evolve.
Visual Studio Database Edition	SubSonic Migrations

Principle: Where appropriate, ORM should be employed.
Linq2SQL	SubSonic or NHibernate

Principle: Where appropriate, diagnostics should be implemented.
Enterprise Library Logging Block	log4net

Principle: Where appropriate, dependency injection should be employed.
Unity	StructureMap or Spring.NET

Principle: Where appropriate, the MVC pattern should be employed in web development.
ASP.NET MVC	ASP.NET MVC or MonoRail

Principle: Where appropriate, in-memory caching should be employed.
Velocity	Velocity or memcached

Principle: Where appropriate, reverse proxies should be employed to enhance HTTP scalability.
ISA Server	ISA Server, Apache, or squid

Principle: Where appropriate, AJAX should be employed in web applications to improve user experience.
ASP.NET AJAX	jQuery

Principle: Applications should be security-hardened.
SDLC & Threat Modelling STRIDE	SDLC & Threat Modelling STRIDE

Principle: Applications should encrypt sensitive data.
System.Cryptography	System.Cryptography

Alt.Net UK Summer Conference Dates Announced

aland — Wed, 09 Jul 2008 21:27:00 GMT

We are pleased to announce that the Alt.Net UK Conference will be returning in September, and that there will be room for more attendees this time!

The plan is host the event at Conway Hall in London [1] and our thinking is to follow the same sort of schedule as we did in February:
- Evening planning session on Friday 12th September, following by a trip to a bar to socialise.
- The Open Spaces sessions all day on Saturday 13th September

This time we are thinking of starting off Saturday with a Park Bench to get the juices flowing.

We are very open to listening to feedback from the community if you think that there are ways that we can improve on the conference experience.

We would especially like to have more testers, technical authors and usability folk attend to foster cross-pollination of ideas.

User registration will start from Friday 11th July at 07:00 UK time [2] so the early birds will get the worm!

The following social hubs have also been set up: Upcoming [3], Facebook [4], FriendFeed [5] and LinkedIn. Don't forget that you can subscribe to the AltNetUk News River [6].

Finally, we are currently looking for sponsorship, so if you know of an organisation that would be interested to be associated with the conference in return for a little lucre, we would love to hear from you / them! (The conference is non-profit)

Conchango and redgate have generously agreed to be launch sponsors - but more is needed, especially as we have to pay for Conway Hall this time.

[1] http://www.conwayhall.org.uk/

[2] http://altdotnet.org/events/uk

[3] http://upcoming.yahoo.com/event/867921/

[4] http://www.facebook.com/group.php?gid=31833353320

[5] http://friendfeed.com/rooms/altnetuk-conference

[6] http://newsriver.altnetuk.com/

Regards,
Ian Cooper, Ben Hall and Alan Dean

You can discuss the announcement on Google Groups.

Silverware , Swag and Simple Gratitude - Oxford Branch NxtGen User Group Meetings

rogerw — Wed, 02 Jul 2008 00:16:00 GMT

I attended the Oxford branch of the NextGen User Group meeting tonight (1st July) and heard two good talks on WCF and Dynamic Languages from Geff Lombardi and Ben Hall respectively. Details at of the event are here. These and every other talk I have attended as a group member, have usually been relevant, well presented and informative. On top of that free stuff (swag) is usually given away! So if you lust after the must-have accessory from last years TechEd, books , T-Shirts with a geek flavour etc , it's the place to be!

I was also lucky enough tonight to be awarded a trophy for the "Best Presentation" given at the Oxford Branch over the past year, for the talks I gave on Windows Mobile Development. This was very flattering, so my thanks to all the people who attended the talks and gave feedback on my presentations. It was nice to know my efforts were appreciated! I hope the talks I gave were useful.

The slides for the April 2008 talk and the July 2007 talk are available for download for anyone who is interested to find out more. The code samples for the 2008 talk will be available for download shortly.

The next talk is on Wed 6 August on Continuous Integration by Liam Westley. This is an increasingly significant issue in the development of fully testable and deployable enterprise applications. So if you are interested and in the Oxford area it may well be worth attending.

Exploring the WCF Named Pipe Binding - Part 3

chrisdi — Mon, 23 Jun 2008 13:08:12 GMT

In this post I will show one way to restrict access to the named pipe created by the WCF named pipe listener, to provide a partial workaround for the security flaw mentioned in my last post.

The strategy is to target directly the internal property AllowedUsers on the type System.ServiceModel.Channels.NamedPipeChannelListener. We cannot call this property normally because it is internal to WCF, but reflection allows an alternative way to invoke it. Since this only needs to be done once, when Open is called on the ServiceHost to build the service run-time, the performance cost of using reflection is not an issue here. We will populate this AllowedUsers collection with the SID for a Group representing the authorised users of the service we are protecting, supplied as a parameter of the binding before the service is opened. It turns out we also need to add the SID for the service account itself, for reasons I will explain in more detail below. WCF will then use this collection of SIDs, rather than its default list (EVERYONE), when calling CreateNamedPipe in the PipeConnectionListener.

After Open has been called on the ServiceHost, WCF builds the server run-time stack. The key part of this process which interests us is the point where the channel listener is created by the transport binding element. When using the standard netNamedPipe binding, the relevant transport binding element is of type System.ServiceModel.NamedPipeTransportBindingElement. We can conveniently perform our amendment to the configuration of the listener, by subclassing this NamedPipeTransportBindingElement and overriding the virtual method BuildChannelListener<>(). This allows us to get a reference to the listener after it has been created by the standard WCF transport binding element code, but before BeginAccept() is called on it (whch is when the first pipe instance is created).

Here is some code for a custom named pipe binding which implements this strategy:

using System;
using System.Collections.Generic;
using System.ServiceModel.Channels;
using System.ServiceModel;
using System.Reflection;
using System.Security.Principal;
using System.Threading;

namespace Charteris.ChrisDicksonBlog.Samples
{
public class AclSecuredNamedPipeBinding : CustomBinding
{

    public AclSecuredNamedPipeBinding(): base()
       {
           NetNamedPipeBinding standardBinding = new NetNamedPipeBinding(NetNamedPipeSecurityMode.Transport);
           foreach (BindingElement element in standardBinding.CreateBindingElements())
          {
              NamedPipeTransportBindingElement transportElement = element as NamedPipeTransportBindingElement;
              base.Elements.Add(
             null != transportElement ? new AclSecuredNamedPipeTransportBindingElement(transportElement) : element);
          }
          AddUserOrGroup(WindowsIdentity.GetCurrent().User);
       }

    public void AddUserOrGroup(SecurityIdentifier sid)
       {
          List<SecurityIdentifier> allowedUsers
              = Elements.Find<AclSecuredNamedPipeTransportBindingElement>().AllowedUsers;
          if (!allowedUsers.Contains(sid))
          {
              allowedUsers.Add(sid);
          }
       }
   }

public class AclSecuredNamedPipeTransportBindingElement : NamedPipeTransportBindingElement
{
private static Type namedPipeChannelListenerType
= Type.GetType("System.ServiceModel.Channels.NamedPipeChannelListener, System.ServiceModel", false);

    public AclSecuredNamedPipeTransportBindingElement(NamedPipeTransportBindingElement inner): base(inner)
       {
         if (inner is AclSecuredNamedPipeTransportBindingElement)
         {
           _allowedUsers = new List<SecurityIdentifier>(
              ((AclSecuredNamedPipeTransportBindingElement)inner)._allowedUsers);
      }
    }

    public override BindingElement Clone()
       {
         return new AclSecuredNamedPipeTransportBindingElement(this);
       }

    public override IChannelListener<TChannel> BuildChannelListener<TChannel>(BindingContext context)
       {
      IChannelListener<TChannel> listener = base.BuildChannelListener<TChannel>(context);
      PropertyInfo p = namedPipeChannelListenerType.GetProperty(
              "AllowedUsers", BindingFlags.Instance|BindingFlags.NonPublic);
      p.SetValue(listener, _allowedUsers, null);
      return listener;
    }

internal List<SecurityIdentifier> AllowedUsers { get { return _allowedUsers; } }
private List<SecurityIdentifier> _allowedUsers = new List<SecurityIdentifier>();
}
}

As it stands, this code allows the SIDs of service users to be added in code but not by means of service configuration. The latter is left as an exercise for the reader, as they say.

Using this custom binding, we can restrict use of a service endpoint to members of a specific Windows group, by means of code like this in the service host:

AclSecuredNamedPipeBinding binding = new AclSecuredNamedPipeBinding();

SecurityIdentifier allowedGroup
= (SecurityIdentifier)(new NTAccount("NPServiceUsers").Translate(typeof(SecurityIdentifier)));

binding.AddUserOrGroup(allowedGroup);

...

_serviceHost.AddServiceEndpoint(... , binding, ...);

...

_serviceHost.Open()

I described this as a partial workaround for the flaw in the default security provided by the standard binding. It is not a full workaround because SIDs which are allowed access to the pipe still have the powerful permission FILE_CREATE_PIPE_INSTANCE, which ideally we would not want anyone other then the service account itself to have.

I said I would say something about why we need to add the service account itself to the AllowedUsers collection. This relates back to the CREATOR OWNER anomaly in the pipe DACL, which I raised in my last post. You might think (and I suspect one of the WCF developers thought) that this ACE in the DACL would grant the service account the rights it needs to set up the listener and handle client requests arriving on the pipe. This isn't the case, though... it is actually the EVERYONE ACE which enables a service using the standard binding to work correctly.

Let's look what happens if we remove the line

AddUserOrGroup(WindowsIdentity.GetCurrent().User);

from the constructor the custom binding, so that the DACL on the pipe just contains the NETWORK deny ACE, an ACE allowing access to our service users' group, and the CREATOR OWNER ACE. In other words, just like the one created by the standard binding, except with our service users' group instead of EVERYONE.

With this configuration, the service appears to start correctly, but as soon as the first client message hits the pipe, the service host starts to consume CPU cycles uncontrollably (and ultimately has to be killed) and the client never gets any response. Turning on tracing shows that the service is repeatedly trying to create a new pipe instance, and failing with an Access Denied error:

<E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent"><System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system"><EventID>131075</EventID><Type>3</Type><SubType Name="Error">0</SubType><Level>2</Level><TimeCreated SystemTime="2008-05-14T09:47:27.8109616Z" /><Source Name="System.ServiceModel" /><Correlation ActivityID="{905d5b25-0f13-4f25-b3fb-a31d9a69738f}" /><Execution ProcessName="WCFDemoNPServer" ProcessID="5916" ThreadID="3" /><Channel /><Computer>#####</Computer></System><ApplicationData><TraceData><DataItem><TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Error"><TraceIdentifier>http://msdn.microsoft.com/en-GB/library/System.ServiceModel.Diagnostics.ThrowingException.aspx</TraceIdentifier><Description>Throwing an exception.</Description><AppDomain>WCFDemoNPServer.exe</AppDomain>
<Exception>
<ExceptionType>System.ServiceModel.AddressAccessDeniedException, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType>
<Message>
Cannot listen on pipe 'net.pipe://localhost/WCFDemoNPServer/NPService': Unrecognized error 5 (0x5)
</Message>
<StackTrace>
   at System.ServiceModel.Channels.PipeConnectionListener.CreatePipe()
   at System.ServiceModel.Channels.PipeConnectionListener.BeginAccept(AsyncCallback callback, Object state)
   at System.ServiceModel.Channels.BufferedConnectionListener.BeginAccept(AsyncCallback callback, Object state)
   at System.ServiceModel.Channels.TracingConnectionListener.BeginAccept(AsyncCallback callback, Object state)
   at System.ServiceModel.Channels.ConnectionAcceptor.AcceptIfNecessary(Boolean startAccepting)
   at System.ServiceModel.Channels.ConnectionAcceptor.HandleCompletedAccept(IAsyncResult result)
   at System.ServiceModel.Channels.ConnectionAcceptor.AcceptCompletedCallback(IAsyncResult result)
   at System.ServiceModel.Diagnostics.Utility.AsyncThunk.UnhandledExceptionFrame(IAsyncResult result)
   at System.ServiceModel.AsyncResult.Complete(Boolean completedSynchronously)
   at System.ServiceModel.Channels.PipeConnectionListener.PendingAccept.OnAcceptComplete(Boolean haveResult, Int32 error, Int32 numBytes)
   at System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32 error, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
   at System.ServiceModel.Diagnostics.Utility.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
</StackTrace>

<ExceptionString>System.ServiceModel.AddressAccessDeniedException: Cannot listen on pipe 'net.pipe://localhost/WCFDemoNPServer/NPService': Unrecognized error 5 (0x5) ---&gt; System.IO.PipeException: Cannot listen on pipe 'net.pipe://localhost/WCFDemoNPServer/NPService': Unrecognized error 5 (0x5)
   --- End of inner exception stack trace ---</ExceptionString><InnerException><ExceptionType>System.IO.PipeException, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType><Message>Cannot listen on pipe 'net.pipe://localhost/WCFDemoNPServer/NPService': Unrecognized error 5 (0x5)</Message><StackTrace>   at System.ServiceModel.Channels.PipeConnectionListener.CreatePipe()
   at System.ServiceModel.Channels.PipeConnectionListener.BeginAccept(AsyncCallback callback, Object state)
   at System.ServiceModel.Channels.BufferedConnectionListener.BeginAccept(AsyncCallback callback, Object state)
   at System.ServiceModel.Channels.TracingConnectionListener.BeginAccept(AsyncCallback callback, Object state)
   at System.ServiceModel.Channels.ConnectionAcceptor.AcceptIfNecessary(Boolean startAccepting)
   at System.ServiceModel.Channels.ConnectionAcceptor.HandleCompletedAccept(IAsyncResult result)
   at System.ServiceModel.Channels.ConnectionAcceptor.AcceptCompletedCallback(IAsyncResult result)
   at System.ServiceModel.Diagnostics.Utility.AsyncThunk.UnhandledExceptionFrame(IAsyncResult result)
   at System.ServiceModel.AsyncResult.Complete(Boolean completedSynchronously)
   at System.ServiceModel.Channels.PipeConnectionListener.PendingAccept.OnAcceptComplete(Boolean haveResult, Int32 error, Int32 numBytes)
   at System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32 error, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
   at System.ServiceModel.Diagnostics.Utility.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
</StackTrace><ExceptionString>System.IO.PipeException: Cannot listen on pipe 'net.pipe://localhost/WCFDemoNPServer/NPService': Unrecognized error 5 (0x5)</ExceptionString></InnerException>

</Exception></TraceRecord></DataItem></TraceData></ApplicationData></E2ETraceEvent>

In essence, it seems to me that what is happening is that the service succeeds in getting a handle to the first pipe instance, at the time the pipe is created, but because it hasn't granted itself an ACE in the DACL on the pipe, it is locking itself out of obtaining handles to new instances of the pipe, which it needs to do as soon as a client request is received on the first instance. And there is clearly another bug in the IO completion code for the PipeConnectionListener, which causes this exception to recurse rather than faulting the service host.

So, we have to make the service account itself an AllowedUser, to stop this happening.

Exploring the WCF Named Pipe Binding - Part 2

chrisdi — Mon, 16 Jun 2008 18:04:14 GMT

In my previous post I explained how the named pipe for a WCF NetNamedPipe endpoint is named, and how a client discovers this name in order to connect to the service. This time, I'm looking at the Windows-level security.

Both the named pipe itself, and the shared memory object used by the server to publish the name of the pipe to clients, are objects which Windows secures with Access Control Lists (ACLs). Let's look at the named pipe itself first of all...

The ACL set up when WCF creates the named pipe looks like this in SDDL (Security Description Definition Language):

D:(D;;FA;;;NU)(A;;0x12019f;;;WD)(A;;0x12019f;;;CO)

The elements of this SDDL translate as follows:

(D;;FA;;;NU) - Deny Full Access to NETWORK USERS - that is: deny the access rights specified by the access mask GENERIC_ALL, to any security context having membership of the group with well-known SID S-1-5-2

(A;;0x12019f;;;WD) - Allow the access rights specified by the access mask 0x0012019f, to EVERYONE (the well-known SID S-1-1-0)

(A;;0x12019f;;;CO) - Allow the access rights specified by the access mask 0x0012019f, to the well-known SID S-1-3-0 (CREATOR OWNER)

The first entry enforces the rule that a WCF service endpoint with NetNamedPipe binding can only be accessed by a client process running on the same machine as the service. This is because any logon token created when a user is authenticated over a network protocol has the NETWORK USERS SID S-1-5-2 added to it by the system.

The second ACE allows any authenticated user which is not a network logon to have the specified access to the named pipe. The access mask 0x0012019f corresponds to the following access rights:

0x00100000 - SYNCHRONIZE

0x00020000 - READ_CONTROL

0x00000100 - FILE_WRITE_ATTRIBUTES

0x00000080 - FILE_READ_ATTRIBUTES

0x00000010 - FILE_WRITE_EA

0x00000008 - FILE_READ_EA

0x00000004 - FILE_CREATE_PIPE_INSTANCE

0x00000002 - FILE_WRITE_DATA

0x00000001 - FILE_READ_DATA

Smartphone Security Risks - Perceived Threats

rogerw — Fri, 13 Jun 2008 08:11:00 GMT

In a previous post I wrote about the security threats to smartphone devices following the release of a significant mobile device virus in the Far East. Its seems I am not alone in my concerns.

In a recent survey of IT managers 94%, of 300 IT managers surveyed at this years' InfoSecurity Europe exhibition regarded smartphones as a growing security risk, with concern higher among enterprises with more than 1000 employees (97%) than smaller organisations (91%).

The full details are at:

http://www.computerweekly.com/Articles/2008/06/03/230910/smartphones-becoming-an-increased-security-risk.htm

There are of course lots of things that can be done to mitigate the security risks to mobile devices. For enterprises there is a good guide to device and data security at:

http://www.microsoft.com/windowsmobile/enterprise/security.mspx

Windows Mobile 6 ROM Update For Orange SPV E650

rogerw — Thu, 12 Jun 2008 23:35:00 GMT

I recently got hold of the latest Windows Mobile 6 ROM Update for the Orange E650 Smartphone. Note this does not upgrade the device to Windows 6.1 just patches issues in the Windows Mobile 6 release. We are still waiting to discover whether an update for Windows Mobile 6.1 will be available for this platform.

Apparently for the ROM update fixes numerous defects with freezing/lock and Bluetooth issues. It upgrades the device to ROM version 1.35.61.1

I have installed the update on my E650 and so far no issues or problems. Battery life also seems marginally better. I know many people who have had frequent lockups etc with this device at times so if you have these issues, this is a recommended upgrade.

Installing the Update

Note that this is a ROM update so will wipe all previous data on the device. I would recommend you do the following:

Make sure the device is connected to a charging source or has at least 20 minutes of power left before commencing the upgrade.
Perform a backup of all data and software on the device you wish to keep.
If you have encrypted data and SD cards on the device ensure you have also got an unencrypted backup of the data and SD card contents. Windows Mobile 6 lets you encrypt data and SD cards as standard but the encryption is tied to the specific device. There is a slim chance that if the upgrade goes wrong you will not be able to recover the keys on the device to decrypt.
Remember the partnership name used as you will need to re-create it.

Getting the Update

The link for the Windows Mobile 6 ROM for the E650 is as follows:

http://www.business.orange.co.uk/servlet/Satellite?pagename=Business&c=OUKDevice&cid=1044134892703&extarg1=Phone&t=SMEDeviceDownloads

The page linked to from the above URL also provides another link to a ROM installation guide. This is well worth reading.

Exploring the WCF Named Pipe Binding - Part 1

chrisdi — Mon, 19 May 2008 14:18:16 GMT

This is the first in a series of posts in which I will aim to explain some details of the named pipe binding provided by Windows Communication Foundation (WCF), discovered during the course of some exploring I have been doing. My motivations for looking into this were:

The standard binding (NetNamedPipeBinding) exposes very few properties relating to configuration of the underlying transport mechanism. Having some awareness of the Windows named pipe APIs from previous work, I was interested to understand how the WCF binding mapped to the underlying transport protocol; which named pipe configuration options were "baked into" the WCF implementation and which might be controlled/tweaked with a bit of work in the channel stack.
I wanted to understand in more detail the security characteristics of the binding.
I was just nosey :-)

In this post I will start by looking at the how the named pipe used by a service endpoint with the NetNamedPipe binding is created, and how clients locate it in order to connect.

I had expected that if I looked into the service process using a tool like Process Explorer, I would see it holding a handle to a named pipe with a name closely related to the URI of the endpoint. What I see instead is a handle to a pipe named something like...

\\.\pipe\197ad019-6e5f-48cb-8f88-02ae11dfd8c0

... clearly the pipe name has been created using a GUID. I also note that the name of the pipe changes each time I stop and restart my service host, so the GUID is being regenerated each time the endpoint runtime is built by WCF.

How then does a client of the service know how to communicate with the endpoint? Somehow it must be able to resolve the well-known URI for the endpoint into whatever is the current name of the pipe it must use to send messages to the service. It turns out that this is accomplished using what amounts to a mini metadata publishing mechanism which is exclusive to the NetNamedPipe binding. This mechanism is based on a named Windows file mapping object backed by the system paging file. It is the name of this object which is invariant, and directly derived from the endpoint URI... though in a far from obvious way.

So in order to locate the correct pipe, a client of a WCF NetNamedPipe service endpoint has to:

know that the special metadata mechanism exists
know how to derive from the endpoint URI the name of the file mapping object through which the metadata is published
located the file mapping object and use it to open a view on the shared memory
know how to interpret the metadata stored in the shared memory, and translate it into the name of the pipe currently being used by the endpoint

Some more details for those who are interested:

Deriving the file mapping object name from the URI

The shared memory file mapping object created by the service endpoint listener (System.ServiceModel.Channels.PipeConnectionListener) has a name which looks something like this:

net.pipe:EbmV0LnBpnGU6Ly9rL1dDRkRFTU9OUF1g6e9cUFNFUlZJQ0Uv

This is derived from the following components:

["net.pipe"] [:E|:H] [base-64 encoded byte[] X]

Where the X is constructed as:

- when the second component is :E : UTF8 encoding of ["net.pipe://"] [URI hostname-or-wildcard*] [URI path or parent path]

- when the second component is :H : the SHA-1 hash of the above (used when the UTF8 encoding of the above exceeds 127 bytes)

*The URI hostname-or-wildcard depends on the HostNameComparisonMode setting for the endpoint's transport binding - this property is set to HostNameComparisonMode.StrongWildcard in the standard NetNamedPipeBinding, and is not exposed as a property of the binding itself. This means that this component of the name will be "+" (the strong wildcard symbol) unless a custom binding has been used to tweak the HostNameComparisonMode property of the transport binding element.

Data stored by the service in the shared memory object

The service stores 20 bytes of data in the shared memory, representing an instance of the structure System.ServiceModel.Channels.PipeSharedMemory+SharedMemoryContents, which looks like this...

[StructLayout(LayoutKind.Sequential)]
struct SharedMemoryContents
{
public bool isInitialized;
public Guid pipeGuid;
}
The client uses the GUID stored in this object to construct the pipe name through which to connect to the service endpoint.

Of course, the WCF client stack knows how to jump through these hoops, as it uses the same set of System.ServiceModel types as the service used to set up the mechanism. So you don't really need to know anything about all this if your service client is also a WCF application using the standard binding... which it will be if you are doing things as the WCF designers intended: the named pipe binding was designed solely for WCF-to-WCF scenarios.

That's not to say that, in principle, there is any fundamental reason why a named pipe binding to a WCF service should not be able to support any arbitrary client implementation which knows how to write messages to and read messages from a named pipe. Perhaps there are integration scenarios involving legacy unmanaged code or mixed technologies on a single box, where a more open named pipe binding might be useful, not least because the underlying transport mechanism is very fast. But the standard NetNamedPipe binding won't help with this. In practice, it is going to be much easier to use one of the bindings based on standard interoperable protocols, or by providing a COM wrapper around a WCF client implementation.

Windows Mobile 6.1 Announced - Features and Emulators

rogerw — Fri, 11 Apr 2008 00:30:00 GMT

Due to some other work commitments, I almost missed this, but Windows Mobile 6.1 was announced last week.

Some of the headline Windows Mobile 6.1 features are as follows:

Provides a lot of usability improvements due to new UI screens and plug-ins. There are new transparency effects and plug-ins for Windows Media and Live Search amongst others.
Performance improvements over 6.0
Simplified WiFi connection via a single screen rather than the myriad screens currently.
SMS threading (makes related SMS messages look like an instant messaging conversation). You can now also embed and use hyperlinks in SMS messages.
New version of Mobile Internet Explorer.
Other miscellaneous improvements.

From what I've seen it looks to be more evolution rather than revolution but definitely very welcome and well worth a look.

Product Videos

I found find two useful videos on Windows Mobile 6.1 both of which give a run down of some of the features. The first is much longer at 40 minutes but is a presentation by the Windows Mobile team on some of the new features and gives some of their origins. You can find it on the MSN Video site here.

The second is more cut down and polished and is on the official Microsoft Windows Mobile 6.1 site along with other info about Windows Mobile 6.1.

Enterprise Benefits - Microsoft System Center Mobile Device Manager 2008

One of the key elements for enterprises, will be the inclusion of a client for the new Microsoft System Center 2008 Mobile Device Manager server technology. You'd have to look hard to find a longer product name! This allows an enterprise to centrally manage and deploy windows mobile devices and applications as well as providing a Mobile VPN for secure mobile access to corporate resources. Microsoft System Center 2008 Mobile Device Manager was officially announced on April 1 (yes I know - great date choice!). You can find more details here.

Device Upgrades

Windows Mobile 6.1 is likely to be offered as standard on many new Windows Mobile devices. It has already been shown on devices from a number of US cellular operators. As for existing devices, one of the videos shows Windows Mobile 6.1 being demonstrated running on the US Htc Tilt model, which has a broadly equivalent European model in the Htc TynTyn II. As ever, precise availability will depend on the desire of the relevant mobile operators to release it, but at least we know its possible.

Windows Mobile 6.1 Device Emulators

For developers interested in understanding what's changed in the latest versions and how to develop applications for Windows Mobile 6.1, you can now get the latest emulators to try things out. I've only just started to download and install these, so haven't really found out whether 6.0 applications will run unaltered yet.

The emulators for Professional and Standard version of 6.1 are available at:

http://www.microsoft.com/downloads/details.aspx?FamilyId=3D6F581E-C093-4B15-AB0C-A2CE5BFFDB47&displaylang=en

Unfortunately they are currently only in USA English. I'm assuming localised emulators will follow shortly.

Comparing Versions Of Windows Mobile

Its often difficult to keep up with the differences between Windows Mobile 5.0, 6.0 and 6.1 but I found this useful comparison chart which neatly differentiates them.

Lock Up Your Mobiles - The Future's Not So Bright and Secure

rogerw — Sun, 16 Mar 2008 20:35:00 GMT

Well - it has finally happened. After a number of false starts and numerous of captive creations in various labs, McAfee has reported in the past few weeks, that the first real Windows Mobile virus/trojan to be experienced in the "wild" has been discovered. The virus is known as WinCE/InfoJack.

Its gone relatively unnoticed in Europe as to date, it has mainly affected South East Asia.

What Does it Do?

According to McAfee, WinCE/InfoJack has a number of features that show its malicious intent:

Installing as an autorun program on the memory card
Installing itself to the phone when an infected memory card is inserted
Protecting itself from deletion, copying itself back to disk
Replaces the browser's home page
Allows unsigned applications to install without warning

As it disables the Windows Mobile application installation security, the virus allows itself to be to auto updated. It also leaves the mobile open to other malware being installed silently.Furthermore, it has the capacity to send data about the device and its possibly its contents to external locations.

What Does It Mean?

To date Windows Mobile has been relatively unaffected by malware and viruses. However, I've always maintained that their portability, their myriad of connectivity options (3G, WiFi, Bluetooth) and the sheer numbers of devices out there makes them a significant threat both inside an outside an organisation. Imagine a botnet of mobile devices with HSPDA connectivity! Coupled with the amount of sensitive corporate data often carried on these devices that could be stolen and the threat is clear. The fact that memory cards are involved means the capacity to infect other kinds of devices is also a possibility.

So What Can You Do?

Get anti-virus & malware software for your device. Although relatively unpublicised, many of the leading anti-virus providers such as McAfee, Symantec amongst others have had antivirus components for Windows Mobile for several years. Many of these are add-ons aimed at the corporate environment however. Although not necessarily a recommendation, I personally have used the AirScanner suite of tools without any issues so far. It contains firewall utilities as well as anti-virus tools and can be regularly updated over the air.

The other thing to do is be far more sceptical about the origins of any software you install and whether you can verify its authenticity. For a long time people have installed shareware on mobile devices with relative impunity but with this announcement attitudes will need to be revised somewhat.

I don't wish to be considered a doom-monger and if you take precautions and adopt secure usage patterns you shouldn't be affected. I can't help feeling that the world of mobile devices is entering a new era however.

Windows Mobile Development Talk - Nxt Gen User Group, Oxford Branch - Tuesday 11th March 2008

rogerw — Tue, 04 Mar 2008 22:48:00 GMT

Roger Whitehead, Prinicipal Technologist will be giving to the NxtGen User Group Oxford Branch next Tuesday 11th March 2008 at RM offices in Abingdon, Oxfordshire at 7PM.

The talk will build on Roger's previous Introduction to Windows Mobile Development talk and will provide a hands-on introduction to the development, unit testing and deployment of Windows Mobile 6 applications. Roger will be explaining and demonstrating the coding fundamentals behind successful Windows Mobile applications. Coding samples and solutions will also demonstrate some of the latest features of Visual Studio 2008 and Compact Framework 3.5.

You can find full details the event and how to attend etc at the NxtGen User Group site

If you can make it would be great to you there.

Windows Mobile Development Talk - NxtGenUser Group - Oxford Branch - Tuesday 11th March

rogerw — Tue, 04 Mar 2008 22:42:00 GMT

A shameless plug for a talk I will be giving to the NxtGen User Group Oxford Branch next Tuesday 11th March 2008 at RM offices in Abingdon, Oxfordshire at 7PM.

The talk will build on my previous Introduction to Windows Mobile Development talk and will provide a hands-on introduction to the development, unit testing and deployment of Windows Mobile 6 applications. I will be explaining and demonstrating the coding fundamentals behind successful Windows Mobile applications. Coding samples and solutions will also demonstrate some of the latest features of Visual Studio 2008 and Compact Framework 3.5.

You can find full details the event and how to attend etc at the NxtGen User Group site

If you can make it would be great to you there.

My Digital Life on del.icio.us

aland — Mon, 03 Mar 2008 21:03:00 GMT

del.icio.us/alan.dean

This is a social bookmarking web app. It is definitely in my top three most-used sites (at the time of writing I have just short of 7,000 bookmarks saved).

At the simplest level, it is far easier to save your bookmarks in del.icio.us than on your local machine (favorites or desktop). I have installed both the IE Add-In and the Firefox Extension which make saving your current page in the browser a doddle. Here is a screenshot of the IE Add-In Save Dialog:

The key to making del.icio.us work for you is to get the tagging right. In the screenshot above, I have simply tagged the Charteris website as 'Charteris' but usually I use many more tags, for example:

Here I have applied eight tags to the [httpRange-14] resolution. Doing this builds up a rich 'tagspace' that I can drill-down into when I want to use my saved bookmarks.

I have published a short introduction to navigating del.icio.us with user tags.

Having a rich tagspace (also known as a folksonomy) can make your bookmarks an invaluable resource and research tool.

To finish up, I have put together a brief screencast demonstrating how to set up your del.icio.us bookmarks as an IE7 search provider.

My Digital Life

aland — Mon, 03 Mar 2008 13:38:06 GMT

Note that there are some links in this post require Charteris credentials.

Last week I chaired the initiation meeting for the Charteris Core Capability group. I was asked to put together some material on 'my digital life' discussing the web applications that I use.

Taking this on, I have decided to start a series, with a post per application.

Amongst the applications I will introduce are del.icio.us, LinkedIn, Facebook, and the various Google applications.

ISA Server as Reverse Proxy

aland — Tue, 19 Feb 2008 10:27:12 GMT

Here was me feeling that I wasn't learning stuff with a great deal of utility (to me, that is) and along comes a little golden nugget...

I am familiar with the role of reverse proxies (especially their role in scaling RESTful applications). I have referred to Squid in the past and at my last employer we used BIG-IP to reverse proxy. What I had not realised was that ISA Server can be configured as a reverse proxy too - cool!

Roy Fielding on REST

aland — Tue, 19 Feb 2008 10:12:49 GMT

Over the weekend, I spent 7 hours trawling through the [rest-discuss] list archive to pull together 'the collected utterances of Roy Fielding' (the originator of the REST architectural style in his dissertation). I hope that this may help people to understand REST more thoroughly. I plan to do some community talks on the subject later in the year.

Coincidentally, this was the same weekend that Roy started a blog!

The STSADMIN utility

aland — Mon, 18 Feb 2008 17:12:00 GMT

A first introduction to the command-line admin tool.

To get help: STSADMIN ?

Usage pattern: STSADMIN -o {operator name} -p {parameters}

To add a template:
STSADMIN -o addsolution -filename C:\templates\applicationtemplatecore.wsp

Note that the application template core must be installed before any other template! (this is not made clear)

Mike mentioned that the Groupboard template is good.

To backup at the Web Application level: STSADMIN -o backup

To restore at the Web Application level: STSADMIN -o restore

Upgrading from WSS 2.0

aland — Mon, 18 Feb 2008 16:39:07 GMT

More contemporaneous notes from Mike:

In-Place --> downtime

Gradual --> disk space

Database migration --> new hardware

WSS Security Model

aland — Mon, 18 Feb 2008 16:25:38 GMT

Mike discussed the following security model for Windows SharePoint Services:

Web Application -maps-to- IIS Application Pool
|
-contains-
|
Site Collections (first major security boundary: users, groups, permissions ...)
|
-contains-
|
Sites (inherit security settings from collection)

Here is the whiteboard:

5060A Module 3: Installing Windows SharePoint Services 3.0

aland — Mon, 18 Feb 2008 15:53:14 GMT

Some contemporaneous notes.

High-level installation activities are:

Binaries
Products & Technologies
Initial Services
Web Applications
Site Collections

Things to consider when selecting installation options:

"Basic Installation" == "everything runs on one machine using Embedded SQL" (yes, that is Embedded not Express)

"Advanced Installation » Standalone" and "Basic Installation" don't allow reconfiguration to a distributed architecture at a later date, but are good for test and dev.

"Advanced Installation » Web Frontend" will usually be your choice. Can install to a single machine and then reconfigure. Can't use Embedded SQL, but can use Express.

Here is the whiteboard:

Mike Brown, Firebrand

aland — Mon, 18 Feb 2008 15:33:13 GMT

Our course trainer is Mike Brown (who unfortunately doesn't have a blog that I can link to).

Pile o' Books

aland — Mon, 18 Feb 2008 15:22:00 GMT

It's Day 1, so naturally there is a pile of books:

SharePoint Training at Firebrand

aland — Mon, 18 Feb 2008 14:31:18 GMT

I am on a residential course on SharePoint at Firebrand Training.

The course comprises "Implementing Microsoft Windows SharePoint Services 3.0" and "Implementing Microsoft Office SharePoint Server 2007".

Introduction

aland — Mon, 18 Feb 2008 13:54:00 GMT

Hello and welcome.

I am a Senior Technologist here at Charteris. This blog will focus on my activities here. For more information about me and what I do outside of Charteris, you can visit my homepage.

ASP.Net MVC Further Info & Microsoft ASP.Net 3.5 Extensions Preview Download Available

rogerw — Fri, 11 Jan 2008 09:38:56 GMT

This is a slightly belated "catch-up" post to update those that haven't seen it elsewhere, but Scott Guthrie has posted further details (Parts 3 and 4) of the ASP.Net MVC Framework on his blog. ASP.Net MVC Part 3 is available here and ASP.Net MVC Part 4 is available here.

ASP.Net MVC is not a solution for everyone as you lose things like state management and parts of the page lifecycle. It does however offer very targetted functionality for those that have a specific need for Model View Controller based solutions.

The ASP.Net MVC framework is now available for download as part of the new Microsoft ASP.Net 3.5 Extensions Preview . This is a roll-up release of new functionality to be added to ASP.Net 3.5 and ADO.Net in 2008. It currently includes the following:

ASP.Net MVC Framework
ASP.Net Dynamic Data
ASP.Net AJAX
ADO.Net Entity Framework
ADO.Net Data Services
Silverlight Controls for ASP.Net

Some of these elements were previously available via the ASP.Net Futures CTP. This is now superceded by the extensions preview.

You can get the ASP.Net 3.5 Extensions Preview from here