Web Design, Programming, Tutorials
Posts tagged how to
SharePoint 2010: Verify that the Activity Feed Timer Job is enabled
Jan 18th
Here is another warning message that I received after installing SharePoint 2010. To fix this issue, follow these steps:
- Go to Central Administration.
- Click on “Monitoring.”
- Click on “Review job definitions” under “Timer Jobs.”
- Scroll down and click on “User profile service application – activity feed job.”
- Click “Enable.”
Now, you can go back to Central Administration and view the warning message. Click “Reanalyze Now” and after some time the message should go away.
SharePoint 2010: The Unattended Service Account Warning
Jan 18th
After installing SharePoint 2010, you may notice warnings appear from the Health Analyzer after the system has been running for a while.
“The Unattended Service Account Application ID is not specified or has an invalid value.”
To fix this issue:
- Open the Central Administration page.
- Under “Application Management,” click on “Manage service applications.”
- Click on “Secure service application.”
- Next, in the ribbon at the top of the page, click on “Generate New Key.”
- Enter a pass phrase and click OK.
- Now, in the ribbon, click “New.”
- For the Target Application ID, enter a unique identifier such as: TARGET_APPLICATION_ID
- For the Display Name, enter some descriptive name such as: Target Application ID
- Enter your email address.
- Make sure to change the Target Application Type to GROUP.
- Click Next.
- Keep the defaults for the next screen and click Next.
- Enter in your administrator account into the Target Application Administrators and Members fields.
- Click OK.
- Next, go to the Central Administration page.
- Under “Application Management,” click on “Manage service applications.”
- Scroll down and click on “Visio Graphics Service.”
- Click on “Global Settings.”
- Down at the bottom of the page, enter your target ID (TARGET_APPLICATION_ID) into the Application ID field and click OK.
Now, you can go back to your Central Administration page and view the warning messages once again. Open the “Unattended Service Account” message and click “Reanalyze Now.” After some time, the message should go away.
Opening PDF files in SharePoint 2010
Jan 14th
One problem you may be facing if you are new to SharePoint 2010 is how to open PDF files. There are a couple different problems you may have noticed. One: the PDF files do not show a file type icon like the Word or Excel files do, and Two: when you click on a PDF file to open it, you are presented with a dialog box asking you to Save or Cancel.
By default, SharePoint does not recognize PDF files, so we will have to tell it how to recognize the files to display the pretty icon.
The reason the PDF does not open is because of a new header called X-Download-Options that is passed into your browser and if you are using IE 8, a new security feature will block the file from opening.
While we are setting up PDF files, lets go ahead and configure SharePoint’s search engine so that it can crawl the contents of PDF files as well.
Opening PDFs
First, let’s tackle the easiest to fix issue. A SharePoint web application has two modes that it uses to handle browser files: Permissive and Strict. The default mode is Strict and will cause SharePoint to send the X-Download-Options header.
To turn off the header:
- Open your SharePoint Central Administration.
- Click on “Manage web applications.”
- Click on “SharePoint – 80.”
- In the ribbon at the top of the page, click “General Settings.”
- Scroll down the pop up window until you find “Browser file handling” and change the selected value from “Strict” to “Permissive.”
- Click OK to save changes.
Setting Up The Search Engine To Crawl PDFs
- Download Adobe PDF iFilter 9 for 64 bit platforms from Adobe.
- Install iFilter on your SharePoint server (or the server that is running the search service).
- Accept all defaults.
Showing the PDF Icon
- Visit Adobe’s site to download an image of their PDF icon. Save a copy of the 17 x 17 image size to C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\IMAGES\ on your SharePoint server.
- Edit the C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\XML\DOCICON.XML file on your SharePoint server.
- Scroll down to the <ByExtension> tag and enter the following between the <ByExtension> and </ByExtension> tags:
<Mapping Key=”pdf” Value=”pdficon_small.gif” OpenControl=”" />
* If you want to keep the file organized, check the other keys and enter it in alphabetical order. - Save the XML file.
- Next, open the SharePoint Central Administration site.
- Under “Application Management”, click “Manage service applications.”
- Scroll down the list of applications and click on “Search service application.”
- In the left-hand menu, click “File types.”
- Click “New file type.”
- Enter “pdf” into the “File extension” box and click OK.
- Now, you should be able to scroll down and find your PDF icon.
Now, we’ll need to restart IIS by opening the command prompt on your SharePoint server as Administrator. Type into the command prompt: “iisreset” and IIS will be stopped and restarted.
Running A Full Crawl
- From the Central Administration, under “Application Management”, click on “Manage service applications.”
- Scroll down and click on “Search service application.”
- From the left-hand menu, click “Content Sources.”
- Hover your mouse over the “Local SharePoint sites” record and click the down arrow for more options.
- Select “Start full crawl”
Now, you should be able to open PDF files, see adobe icons next to them in library web parts, and be able to search the contents using SharePoint’s search engine.
Installing SharePoint 2010
Jan 13th
Here is the installation process that I used for setting up SharePoint 2010 using MSSQL 2005 as the backend database.
First, you must make sure if you are going to use SQL 2005 instead of 2008, that your SQL server is patched to a compatible level for SharePoint.
Updating Microsoft SQL 2005
First thing you need to do is make sure your SQL server is patched up. I ended up using the SQL 2005 SP3 Update 6 found on Microsoft’s site. You need to make sure you select the 64 bit version. To do that, you must click on the “Show hotfixes for all platforms and languages (14)” link above the list of files. This will display all the files available.
Check the one marked “SQL_Server_2005_SP3_Cumulative_Update_6″ with the x64 platform type. Enter your email and submit the form to have the download link sent to you. The link will contain a password protected self-extracting program, so make sure to get the password from the email.
Copy this patch over to your server and install it. The SQL server will need to be restarted afterwards, so do so at a time when you can down it for a few minutes.
After patching my SQL server, the version now shows 9.0.4266 in the SQL Server Management Studio Express.
Setting Up A Service Account
SharePoint 2010 will ask for a service account that it uses to communicate with the database. So, you can go ahead and create your service account in Active Directory, I used svc_sharepoint, and configure SQL 2005 for the new user.
- From the SQL Server Management Studio Express, connect to your database server and open up the Security\Logins folders in the tree.
- Right-click on the Logins folder and choose “New Login”
- For the “Login Name”, enter DOMAINNAME\USERNAME
- Click “Server Roles” on the left-hand side and put a checkmark next to “dbcreator” and “securityadmin”.
- Click OK.
Installing SharePoint 2010
Enter the SharePoint disc into your CD/DVD drive on your server. If it does not start automatically, execute the “Splash.hta” file to see the splash page.
Software Prerequisites
- Click on “Install Software Prerequisites”.
- Accept the default values and start the installation of the secondary programs needed to run SharePoint.
- Click Finish when everything has been installed.
Installation
- Click “Install SharePoint Server.
- Enter your product key. Continue.
- When asked for Standalone or Server Farm, choose Server Farm if this is a production server.
- Next, Mark the circle next to Complete and click Install Now.
- Once everything has finished installing, make sure the “Run the SharePoint Products and Technologies Configuration Wizard now” box is checked and click Close.
Configuring SharePoint
When the configuration wizard starts, you will be asked if services can be started or reset. Choose yes.
- Click “Create a new server farm” if this is your first server, otherwise choose “Connect to an existing server farm.”
- On the next screen, you will need to enter in the name of your database server, as well as the username/password for the service account you had created earlier. I used svc_sharepoint. If your database has not been patched up to a compatible level, you will be stopped right here.
- The next screen will ask you for a passphrase. This is an important password that you will need if you want to add another server to this server farm. So, don’t lose it.
- Next, you’ll be asked to configure the Central Administration web application. You can specify a port number that the admin portion of SharePoint will use. I would use something easy to remember, like 9999. Keep NTLM selected and hit Next.
- If everything looks good on the next page, click Finish.
Farm Configuration
Now, a web page should open up and continue the server farm configuration from there. You will be asked if you want to help make sharepoint better. Make a choice and hit OK.
- Select “Walk me through the settings using the wizard” and hit Next.
- On the next screen, select “use existing managed account” and make sure your service account is selected.
- Scroll down the page and make sure all services are checked with exception of the Lotus Notes Connector. Click Next.
- The web page will process these settings for a little while. Once finished, you will be asked to enter the title and description for your main SharePoint site. Also, you can select a template at the bottom. I would stick with the default “Team Site” template.
- Once this has finished, you will get a summary page telling you what services have been enabled. Click Finish.
Changing Your Site URL
After everything has been configured, you will be sent to the Central Administration page. If you look at your URL, it will show the server name and not the domain address that you would, no doubt, like to use. For this to work, of course, you need to make sure you have added an ALIAS entry in your DNS server that points your domain name to your SharePoint server name.
- Under the left-hand menu, click on “Application Management.”
- Under “Web Applications”, click on “Configure alternate access mappings.”
- In the content area, at the top-right side of the page there is a drop down box next to “Alternate access mapping collection.” Click this drop down and select “Change alternate access mapping collection.”
- Choose one of the sites displayed (SharePoint – 80 or Central Administration).
- Click “Add Internal URLs”
- Enter the URL of your domain name (ex. http://my.domainname.com:port). If this is the Central Administration, you will need to add the port as well. It can be ommitted if it is your port 80 site.
- Choose a zone, such as Intranet, if it applies to what your SharePoint server is used for.
- Click Save.
- Run through the same steps to add the URL for the other site.
Now that SharePoint has been installed and configured, you can continue by setting permissions, creating sites and web parts, and building content.
Configuring IIS 6 and ASP.NET MVC
Jan 28th
By default, IIS 6 does not work with ASP.NET MVC and needs to be configured to use wild-card mapping to get MVC’s routing and clean URLs to work correctly. Unfortunately, IIS 6 does take a performance hit because all requests are processed by ASP.NET. Static files, such as images, CSS, and JavaScript are processed as a dynamic page instead of a static one.
Install ASP.NET MVC
Follow the first two steps of the instructions for installing ASP.NET MVC. The third step can be ignored since Visual Studio will not be installed on the server.
Configuring ASP.NET 2.0
First thing to do is open the IIS Manager ->expand your server ->Web Service Extensions folder. Right-click on the white space under the list of Web Service Extensions and select to Add a new Web service extension…
The New Web Service Extension window will pop open. Enter “ASP.NET v2.0.50727″ as the Extension Name and click the Add button. Browse to the C:\Windows\Microsoft.Net\Framework\v2.0.50727 folder and select the aspnet_isapi.dll file. Make sure to check the “Set extension status is Allowed” button before clicking OK.
This will allow your programs to run ASP.NET 2.0, 3.0, and 3.5 versions of the .NET framework.
Configuring Your Web Application
The next thing to do is open the properties of the Web Site where your web application is. Select the ASP.NET tab and select 2.0.50717 in the ASP.NET version drop down box.
Next, click on the Home Directory tab. Click on the Configuration button. Under the Wild-card application maps area, click the Insert button. Browse to the C:\Windows\Microsoft.Net\Framework\v2.0.50727 folder and select the aspnet_isapi.dll file. Uncheck the “Verify that file exists” before clicking OK. Save your changes and your site should now be able to run ASP.NET MVC and use the routes setup by your application.
Clearing the Client Version from the Lotus Notes Directory
Jan 20th
With the latest version of Lotus Notes (8.5.1), you can now view the version of your clients by looking in the People -> by Client Version view. One problem with this, however, is that your users will show each client they have logged in as. Over the years, you may accumulate many versions for each user.
During an upgrade, you may wish to see what users are using the previous version of client against the ones who have the new version installed. But first, we’ll need to clean up the directory so we don’t see all this old version history.
To clean up these fields, you need to write an agent that will empty them for each selected person. This will allow you to run the clean up agent on only the users you wish to run it on.
Writing the agent
Open up the pubnames.ntf template file in your Notes Designer. You’ll need to go to Code and double-click on Agents to see the current agents for the template.
We’ll create a new agent and give it a name. Below is the code for the agent. Copy and paste it in the Designer.
Option Public
Option Declare
Sub Initialize()
'Declare.
Dim s As New NotesSession
Dim db As NotesDatabase
Dim dc As NotesDocumentCollection
Dim doc As NotesDocument
'Initialize.
Set db = s.Currentdatabase
Set dc = db.Unprocesseddocuments
Set doc = dc.Getfirstdocument()
While(Not(doc Is Nothing))
If (doc.Form(0) = "Person") Then
Call doc.Removeitem("ClntBld")
Call doc.Removeitem("ClntDate")
Call doc.Removeitem("ClntDgst")
Call doc.Removeitem("ClntMachine")
Call doc.Removeitem("ClntPltfrm")
Call doc.Save(False, False, False)
End If
Set doc = dc.Getnextdocument(doc)
Wend
End Sub
Now, after you refresh your names.nsf file, you can go to the Action menu and find your agent. Running the agent will only process those Person documents that you have selected.
Scheduling A Task In A Web Application On A Windows Server
Jan 19th
When writting web applications, there may be times when you would like to perform some task automatically at the same time or every X number of hours. Web applications only execute their code when a request is made from a client’s browser. Because of this, scheduled tasks within the web application will not work.
There are a few different options:
- Build a separate Windows Service application that can connect to the assemblies your web application uses to execute the scheduled task.
- Build a separate Windows application that communicates with a web service that your web application also uses to perform the scheduled task.
- Use the Windows Scheduler to call the URL of the action to perform the task.
The first option might sound good at first, but creating a separate program that talks to your web application’s library files is a bad idea. Maintenance will become a problem as you change your web application. Since the code is in two places, unit testing will not tell you that the class library you just changed has now broken your scheduled tasks in your windows service.
The second option is slightly better, but you still may have issues with changing your class library.
The third option is the one that I will show you how to configure. We will setup a VBS script that will perform a call to any web address we pass to it. Then, we’ll setup a batch file that calls the VBS script and passes in one or more URLs to execute. And finally, we’ll go through using the Windows Scheduler to create the scheduled task when the batch file should execute.
The primary advantage to this method is that you get to keep all of your code together in your web application. You simply setup an action that performs whatever task you wish to schedule and make sure that action is callable from an anonymous user.
WebRequest.vbs
You may copy the following code and paste into a text file. Then, rename the file to WebRequest.vbs. The script basically takes an argument that is passed into it as the URL. The HTTP object is setup and then the URL is called using a GET request. Then, the returned status is checked to see if the request was successful or not.
url = WScript.Arguments.Item(0)
'WScript.echo url
set WshShell = WScript.CreateObject("WScript.Shell")
set http = CreateObject("Microsoft.XmlHttp")
http.open "GET", url, FALSE
http.send ""
if (http.Status = 200) then
WScript.echo "Request successful."
else
WScript.echo "Error: " & http.Status
end if
set WshShell = nothing
set http = nothing
The Batch File
Calling the WebRequest.vbs file from a batch file is very easy. Simply create a new text file, calling it whatever you’d like, and paste in the following line of text. Rename the file to .BAT when finished.
cscript WebRequest.vbs "http://www.domain.com/controller/action"
Scheduling The Task
From your Windows server, open the Control Panel and then open the Scheduled Tasks item. Next, click on Add Scheduled Task. Choose any application to schedule. This will be changed later on. Configure how often you wish the schedule to run and enter a user name and password to run the schedule as. This users should have access to running the web browser from the server.
After your new scheduled task has been created, open it. In the Run text box, type in the full path to your batch file. Then, in the Start In text box, type in the full path without the batch file name. You can also adjust your scheduled time from within here. Click OK to save the changes and your scheduled task should be ready.
You can test the Windows Scheduler by setting the scheduled time to a minute or two in the future and then waiting for it to execute. If you just wish to test your action, or manually run it, you can simply run the batch file.
ASP.NET MVC Using Forms Authentication With LDAP
Oct 23rd
If you are using ASP.NET MVC and you want to authenticate your users against Active Directory using LDAP, you need to do a little work to get everything set up. It is pretty easy to authenticate users with Active Directory using the <Authorize()> attribute, but I ran into some problems when I wanted to authorize a user based on a Windows Group.
Here are the steps I took to be able to authenticate active directory users and authorize their use of actions based on being members to user groups.
Web.Config
Find the authentication tag and change it to the following:
<authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="2880" /> </authentication>
The LoginUrl points to the Controller/Action where the login function is.
UserRepository
This is the class object that does the communication with Active Directory via LDAP. The project where this class resides should also add a reference to the System.DirectoryServices DLL.
Imports System.DirectoryServices
Public Class UserRepository
Private _server As String
Public Sub New(ByVal server As String)
_server = server
End Sub
Public Function GetUser(ByVal userName As String) As Data.User
Dim root As DirectoryEntry = New DirectoryEntry("LDAP://" + _server)
Dim search As DirectorySearcher = New DirectorySearcher(root)
search.SearchScope = SearchScope.Subtree
search.Filter = "(sAMAccountName=" + userName.Substring(userName.IndexOf("\") + 1) + ")"
Dim results As SearchResultCollection = search.FindAll()
Return _GetUser(results(0).Path)
End Function
Public Function GetUserByFullName(ByVal fullName As String) As Data.User
Dim root As DirectoryEntry = New DirectoryEntry("LDAP://" + _server)
Dim search As DirectorySearcher = New DirectorySearcher(root)
search.SearchScope = SearchScope.Subtree
search.Filter = "(displayName=" + fullName + ")"
Dim results As SearchResultCollection = search.FindAll()
Return _GetUser(results(0).Path)
End Function
Public Function GetMembers(ByVal groupPath As String) As IQueryable(Of Data.User)
Dim root As DirectoryEntry = New DirectoryEntry("LDAP://" + _server)
Dim search As DirectorySearcher = New DirectorySearcher(root)
Dim members As List(Of Data.User) = New List(Of Data.User)()
search.SearchScope = SearchScope.Subtree
search.Filter = "(memberOf=" + groupPath + ")"
Dim results As SearchResultCollection = search.FindAll()
For Each result As SearchResult In results
members.Add(_GetUser(result.Path))
Next
root.Close()
Return members.AsQueryable
End Function
Public Function Authenticate(ByVal userName As String, ByVal password As String) As Data.User
Dim root As DirectoryEntry = New DirectoryEntry("LDAP://" + _server, userName, password)
Dim search As DirectorySearcher = New DirectorySearcher(root)
Dim user As User = Nothing
search.SearchScope = SearchScope.Subtree
search.Filter = "(sAMAccountName=" + userName + ")"
Dim results As SearchResultCollection = search.FindAll()
If (Not (results Is Nothing)) Then
user = _GetUser(results(0).Path)
End If
Return user
End Function
Private Function _GetUser(ByVal userPath As String) As Data.User
Dim entry As DirectoryEntry = New DirectoryEntry(userPath)
Dim user As Data.User = New Data.User()
user.UserName = entry.Properties("sAMAccountName").Value
user.FirstName = entry.Properties("givenname").Value
user.LastName = entry.Properties("sn").Value
user.Email = entry.Properties("mail").Value
For Each group In entry.Properties("memberOf")
user.Groups.Add(_GetGroup(group))
Next
entry.Close()
Return user
End Function
Private Function _GetGroup(ByVal path As String) As String
Dim value As String = ""
Dim index1 As Integer = path.IndexOf("=", 1)
Dim index2 As Integer = path.IndexOf(",", 1)
If (Not (index1 = -1)) Then
value = path.Substring((index1 + 1), (index2 - index1) - 1)
End If
Return value
End Function
End Class
User
This class hold the user information that we want to work with from Active Directory. Here I am storing the username, first and last names, email address, and the list of groups the user is a member of.
This class is in my Data project and that is why you will see Data.User in the UserRepository. If you want everything to be in one project, you could create the Data namespace around the User class. I did run into problems with MVC getting confused between my User class and a built in one if I did not specify the namespace. You could also simply rename the User class to something else.
Public Class User
Private _userName As String
Private _firstName As String
Private _lastName As String
Private _email As String
Private _groups As List(Of String)
Public Property UserName() As String
Get
Return _userName
End Get
Set(ByVal value As String)
_userName = value
End Set
End Property
Public Property FirstName() As String
Get
Return _firstName
End Get
Set(ByVal value As String)
_firstName = value
End Set
End Property
Public Property LastName() As String
Get
Return _lastName
End Get
Set(ByVal value As String)
_lastName = value
End Set
End Property
Public Property Email() As String
Get
Return _email
End Get
Set(ByVal value As String)
_email = value
End Set
End Property
Public Property Groups() As List(Of String)
Get
Return _groups
End Get
Set(ByVal value As List(Of String))
_groups = value
End Set
End Property
Public Sub New()
Me.UserName = ""
Me.FirstName = ""
Me.LastName = ""
Me.Email = ""
Me.Groups = New List(Of String)()
End Sub
Public Function GetFullName() As String
Dim s As System.Text.StringBuilder = New System.Text.StringBuilder()
If (Not (Me.FirstName = "")) Then
s.Append(Me.FirstName)
s.Append(" ")
End If
s.Append(Me.LastName)
Return s.ToString()
End Function
Public Function SerializeGroups() As String
Dim text As String = ""
For Each item In Groups
If (text = "") Then
text = item
Else
text = text + "|" + item
End If
Next
Return text
End Function
End Class
AccountController
Next is the controller that handles signing in and out of the application. I’ve simplified this controller code for the sake of simplicity. Under normal circumstances, I would have the controller communicate to a service class that then interacts with the repository. The service class could do validation on the login form before attempting to authenticate empty user and password strings.
Imports System.Globalization
Imports System.Security.Principal
Imports S3.Data
<HandleError()> _
Public Class AccountController
Inherits System.Web.Mvc.Controller
'data members.
Private _userRepository as UserRepository
Private _formsAuthentication As IFormsAuthentication
Public Sub New()
_userRepository = New UserRepository(ConfigurationManager.AppSettings("LDAPServer")
_formsAuthentication = New FormsAuthentication()
End Sub
'GET: /Account/LogOn
Public Function LogOn() As ActionResult
Return View("LogOn")
End Function
'POST: /Account/LogOn
<AcceptVerbs(HttpVerbs.Post)> _
Public Function LogOn( _
ByVal userName As String, _
ByVal password As String, _
ByVal rememberMe As Boolean, _
ByVal returnUrl As String) As ActionResult
Dim result As ActionResult = View("LogOn")
Dim user As User = _userRepository.Authenticate(userName, password)
If (Not (user Is Nothing)) Then
_formsAuthentication.SignIn(user, rememberMe)
If (returnUrl Is Nothing) Then
result = RedirectToAction("Index", "Home")
Else
result = Redirect(returnUrl)
End If
End If
Return result
End Function
Public Function LogOff() As ActionResult
_formsAuthentication.SignOut()
Return RedirectToAction("Index", "Home")
End Function
End Class
FormsAuthentication
The next class is the FormsAuthentication class. The main reason that I made this code a class of its own is for the sake of unit testing my project. During unit testing, the commands that deal with writing and clearing the cookie would error out. To get around this, I created an empty FormsAuthenticationTest class that does nothing for the SignIn and SignOut methods. Note: The example code does not show the interfaces. Check out the repository pattern and factory pattern to see how to setup services and repositories for unit testing.
After a user has been authenticated by the UserRepository, the controller passes the returned user into the SignIn method of the FormsAuthentication. This method then stores the user’s full name and serialized groups in a cookie. The list of groups is serialized by creating a string with each group name separated by a “|” character. This serialization takes place in the User object.
Imports System.Web.Security
Public Class FormsAuthentication
Public Sub SignIn(ByVal user As Data.User, ByVal createPersistentCookie As Boolean)
Dim authTicket As System.Web.Security.FormsAuthenticationTicket = _
New System.Web.Security.FormsAuthenticationTicket( _
1, _
user.GetFullName(), _
Now, _
Now.AddMinutes(60), _
createPersistentCookie, _
user.SerializeGroups())
Dim encryptedTicket As String = System.Web.Security.FormsAuthentication.Encrypt(authTicket)
Dim authCookie As HttpCookie = New HttpCookie( _
System.Web.Security.FormsAuthentication.FormsCookieName, _
encryptedTicket)
If (createPersistentCookie) Then
authCookie.Expires = authTicket.Expiration
End If
HttpContext.Current.Response.Cookies.Add(authCookie)
End Sub
Public Sub SignOut()
System.Web.Security.FormsAuthentication.SignOut()
End Sub
End Class
Global.asax
With the previous code, you should be able to use Forms Authentication to log into your application and authenticate a user against the Active Directory via LDAP. The <Authorize()> attribute will allow you to secure your controller or actions. There’s just one problem. Now, if you want to use <Authorize(Roles:=”GroupName”), your user does not get authorization to the action or controller.
There’s just one change left that we need to make. ASP MVC makes the current logged in user available by accessing the Context.User. When you log into the application MVC is setting the user as authenticated, but no roles or groups have been added to that user. We need to modify the Global.asax file and use the AuthenticationRequest event.
The following code will fire each time an authentication request is triggered. The code will check if the authentication cookie exists and if it does, reads the user’s name and groups from it and stores them in the Context.User so MVC can access the groups.
Private Sub MvcApplication_AuthenticateRequest(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.AuthenticateRequest
Dim cookieName As String = System.Web.Security.FormsAuthentication.FormsCookieName
Dim authCookie As HttpCookie = Context.Request.Cookies(cookieName)
If (Not (authCookie Is Nothing)) Then
Dim authTicket As System.Web.Security.FormsAuthenticationTicket = Nothing
Try
authTicket = System.Web.Security.FormsAuthentication.Decrypt(authCookie.Value)
If (Not (authTicket Is Nothing)) Then
Dim groups As String() = authTicket.UserData.Split(New Char() {"|"})
Dim id As System.Security.Principal.GenericIdentity = _
New System.Security.Principal.GenericIdentity(authTicket.Name, "LdapAuthentication")
Dim principal As System.Security.Principal.GenericPrincipal = _
New System.Security.Principal.GenericPrincipal(id, groups)
Context.User = principal
End If
Catch ex As Exception
'Do nothing.
End Try
End If
End Sub
And that should be all you need to use FormsAuthentication with LDAP and group authorization.
ASP.NET MVC Full URL From A Controller
Oct 16th
In working with ASP.NET MVC, I came across the need to send an email with the URL of a document that is to be approved. There are helper functions accessible from the View to build an ActionLink or get the URL of an action, but I had problems finding how to build this URL from within a controller. Here is the simple code that I finally pieced together to do what I wanted:
Dim link As String = HttpContext.Request.Url.Scheme + _
"://" + HttpContext.Request.Url.Authority + _
Url.Action("ActionName", "ControllerName", New With {.id = idOfDocument})
HttpContext.Request.Url.Scheme returns “http” or “https”, which ever one you’re using.
HttpContext.Request.Url.Authority returns the Base Url of your application.
And, the Url.Action method creates the Url to the Controller, Action, and ID of the document that is being sent out for approval.
How to setup CodeIgniter
Jun 30th
Introduction
This article explains the process I go through to setup the CodeIgniter framework and how to configure it so that I can start developing an application.
What is CodeIgniter?
If you don’t already know, CodeIgniter is an MVC framework built on PHP. There are many features and built in functions that make building a web application fairly easy. You can download the current version, 1.7.1, from CodeIgniter.com. Also, check out the very well documented User Guide.
If you are interested in using the Zend library of tools with CodeIgniter, please check out How to use Zend_Search_Lucene with CodeIgniter.
Step-By-Step
For this tutorial, I’m using a WAMP Server running on my local Windows computer. You could just as easily perform these same actions on a web server running PHP, although the paths may be different depending on if you are using Windows or a Linux based server.
Step 1
Download the latest version of CodeIgniter (1.7.1).
Before extracting the files to your server, let’s talk about where to put the files. For security purposes, it is recommended to place the CodeIgniter files outside the path of your web server so those files cannot be accessed by typing in a URL. So, if I access my web server by typing in http://localhost and the web server loads the website at C:\wamp\www\, then I want to place the System folder of CodeIgniter inside the C:\wamp\ folder. Go ahead and extract the System folder from the download package to the C:\wamp\ folder. You can place the System folder in the C:\wamp\www\ folder if you desire. Just make sure to adjust the path name later on.
Step 2
Next, I have decided that I may want to use CodeIgniter for several applications that I develop. To save on hosting space, I can setup all CodeIgniter applications to use the same core framework. First, we need to move some files around from their default locations.
Open the C:\wamp\system\application\ folder. You should see several folders listed here. The default CodeIgniter application is setup for a single application. We will be changing it to run multiple applications. Create a new folder called baseApplication_1234 or something unique. Make a copy of the index.html file and paste it inside baseApplication_1234. Next, move all of the folders located at C:\wamp\system\application\ into C:\wamp\system\application\baseApplication_1234\.
We will configure this base application with all of our default settings that we want to use for all CodeIgniter applications. Then, when you want to make a new application, you can simply copy the baseApplication_1234 and rename it.
Step 3
Next, we will configure the CodeIgniter application files.
Browse to C:\wamp\system\application\baseApplication_1234\config\ and open the following:
autoload.php
Modify line 42 to show:
$autoload['libraries'] = array('database', 'session');
config.php
Modify line 14 to show (change localhost to your domain name):
$config['base_url'] = "http://localhost/";
Modify line 26 to show:
$config['index_page'] = "index.php?";
This line will be very important for the way our URLs are displayed later on.
Modify line 44 to show:
$config['uri_protocol'] = "QUERY_STRING";
Modify line 57 to show (this is optional if you want a .html to be shown on the end of your URLs):
$config['url_suffix'] = ".html";
Modify line 220 to show (add your own unique value within the quotes):
$config['encryption_key'] = "12345";
Modify lines 234 – 241 to show:
$config['sess_cookie_name'] = 'ci_session'; $config['sess_expiration'] = 7200; $config['sess_encrypt_cookie'] = TRUE; $config['sess_use_database'] = TRUE; $config['sess_table_name'] = 'ci_sessions'; $config['sess_match_ip'] = TRUE; $config['sess_match_useragent'] = TRUE; $config['sess_time_to_update'] = 300;
This will require that we have a database and a table within called ci_sessions. This table will need to have certain fields that CodeIgniter will be attempting to write session data to for each users who visits your site. I’ll explain more later on.
database.php
Modify lines 41 – 45 to show:
$db['default']['username'] = "dbuser"; $db['default']['password'] = "mypassword"; $db['default']['database'] = "mydbname"; $db['default']['dbdriver'] = "mysql"; $db['default']['dbprefix'] = "dev_";
You will need to enter your correct username, password, database name, and prefix if you wish to use one. If you use a prefix, you will need to have a table called dev_ci_session instead of ci_session.
routes.php
For the base application, the routes.php file is probably OK. There are two lines that need to be modified when you build an application.
$route['default_controller'] = "welcome"; $route['scaffolding_trigger'] = "12345";
Again, use some unique value for the scaffolding_trigger. If you use a value that is hackable or nothing at all, your application will have a possible security hole. The default controller name can be changed here as well.
Step 4
There are two helper files that I add to my projects that help translate the URLs the way I like them (http://localhost/controller/action/id.html).
MY_form_helper.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
if ( ! function_exists('form_open'))
{
function form_open($action = '', $attributes = '', $hidden = array())
{
$CI =& get_instance();
if ($attributes == '')
{
$attributes = 'method="post"';
}
//Modify ->site_url to ->item('base_url').$action
$action = ( strpos($action, '://') === FALSE) ? $CI->config->item('base_url').$action : $action;
$form = '<form action="'.$action.'"';
$form .= _attributes_to_string($attributes, TRUE);
$form .= '>';
if (is_array($hidden) AND count($hidden) > 0)
{
$form .= form_hidden($hidden);
}
return $form;
}
}
?>
MY_url_helper.php
<?php
function redirect($uri = '', $method = 'location', $http_response_code = 302)
{
$CI =& get_instance();
switch($method)
{
case 'refresh' : header("Refresh:0;url=".site_url($uri));
break;
default : header("Location: ".$CI->config->item('base_url').$uri, TRUE, $http_response_code);
break;
}
exit;
}
?>
Create these files and save them to C:\wamp\system\application\baseApplication_1234\helpers\. These functions will override the original CodeIgniter functions and fix some URL rewriting issues.
Step 5
Enabling URL rewriting may depend if your server supports it. Apache has a rewrite_module that must be enabled before this will work. Most hosting providers should already have enabled URL rewriting.
Create a new text file called .htaccess and paste the following code into it:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php?$1 [L]
This will redirect all requests on your domain back to the index.php file, unless the actual path does happen to exist, then the server will serve up whatever file/directory is at that location.
Notice the ? behind index.php. The web server is rewriting the pretty URL into a QUERY_STRING that CodeIgniter is expecting and passes in the controller and action as variables such as index.php?var1=this&var2=that.
The .htaccess file should be stored in the C:\wamp\www\ folder or the root of your web site.
Step 6
Next, the database will need to be created and the ci_sessions table created to store the user sessions to.
After you create the MySQL database, run the following SQL and it will create the table for you:
CREATE TABLE `dev_ci_sessions` ( `session_id` varchar(32) NOT NULL, `ip_address` varchar(15) NOT NULL, `user_agent` text NOT NULL, `last_activity` datetime NOT NULL, PRIMARY KEY (`session_id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
Make sure to remove the “dev_” if you did not setup a dbprefix.
Step 7
Next, for testing purposes, we’ll setup the baseApplication_1234 web application and attempt to run it.
Find the index.php file that came with the CodeIgniter 1.7.1 download. It should be located in the same folder as the system folder and user_guide folder. Copy this file into your web site root at C:\wamp\www\.
Modify line 26 as shown:
$system_folder = "c:/wamp/system";
Modify line 43 as shown:
$application_folder = "application/baseApplication_1234";
This is the line that specifies which application to load.
This index.php file is the main entry point for the application. It will use these modifications to find the C:\wamp\system\ folder and run the correct web application. The only other files that need to be in the C:\wamp\www\ folder are files that HTML needs to be able to access via URLs such as images and JavaScript.
Conclusion
That should be everything. You can now try to open your web application by going to the URL, http://localhost. The default controller is Welcome and the default action is Index, so you can also test http://localhost/welcome/index.html to verify URL rewriting works. Remember the “.html” can be used to hide that PHP is running your web site. In reality, index is an action of the welcome controller and doesn’t need the “.html” to be there at all.
If you run into problems, you can add this line to an action or the controller’s constructor for further information:
$this->output->enable_profiler(TRUE);
Be sure to shut this down when not needed, or it could give your users information you may not wish them to have.