Skip to main content

Posts

Showing posts from 2016

Secure cookie in load balancer environment

To secure cookie in an environment without load balancer, simply add or configure httpCookie element in web.config file under <system.web> <httpCookies requireSSL="true" httpOnlyCookies="true"/> For form authentication cookie, simply add requireSSL="true" in <forms> element <forms name="authCookie" loginUrl="login.aspx" timeout="20" requireSSL="true"  />  However, if there are load balancer exist and the certificate is deployed on load balancer, the actual web site is only http, configuring as above will not work. In order for it to work, you have to keep the httpCookie configuration the same as above, but change the requreSSL attribute in <forms> element to false. In addition, in your code that creates the authentication cookie, make sure not set the "Secured" property (You can not set it to true nor false).

The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

When I try to connect to a remote WCF service which uses basicHttpBinding and transport security, I got this error message. It turns out that the reason of the error is the root certificate that issues the certificate for the WCF site is not in the calling machines "Trusted Root Certification Authority" store. By obtaining the root public certificate and import it into calling machines "Trusted Root Certification Authority" store, the problem solved. It is easy to obtain root public certificate using just the browser. Take Chrome as an example: Open Chrome and type the secured URL into the address bar, for example, https://www.google.ca/ In the browser address bar, click the lock icon in front the address. In the pop-up window, click the "Details" link after the sentence "Your connection to this site is private" Click the "View Certificate" button on the right panel In the "Certificate" dialog window, click "...

MVC partial view not getting new model value after postback

It takes me quite a long time to figure out what the issue is and how to fix it. Here is a example to explain the problem. Say you have a view which include a partial view called "RandomNumber", which takes a RandomNumberModel object as model. Each time the page refresh or post back, the RandomNumberModel object will generate a new random number. public class RandomNumberModel { public static int Generate() { return new Random().Next(); } } Partial View: @model RandomNumberMode <p>         @Html.TextBoxFor(m => RandomNumber.new { autocomplete = "off" }) </p> It turns out after the postback, the values of all the inputs binding using HtmlHelper class are from ModelState instead of from Model. The value changes in model will not be shown in the rendered view. The solution for this is easy: 1. Using the plain html tag for data display instead of using Html helper <input type="text" name="RandomNumber" id="Ran...

.NET - CryptographicException 'Keyset does not exist'

When you use the certificate to do signing and encryption, you may encounter this exception: CryptographicException 'Keyset does not exist' One possibility of this error is that the caller has not read permission of the private certificate using. By granting the read permission to the private certificate, the problem is solved. Following these steps to grant read permission to private certificate: In Windows -> Run, type mmc to open Microsoft Management Console In MMC, click File -> Add/Remove Snap-in... Choose "Certificates", then click "Add"  In the popup window, choose "Computer account" and then click "Next" Choose "Local computer" and click "Finish" to close popup window Click "OK" to close "Add or Remove Snap-ins" dialog. Go to "Personal"  certificates store on the left navigation Found the certificate on the right panel and right click it and choose "All T...

Manage IIS 7 remotely using PowerShell and AppCmd

We can use  Windows PowerShell remoting features  to manage IIS 7 websites remotely.  Currently, remoting is supported on Windows Vista with Service Pack 1 or later, Windows 7, Windows Server 2008, and Windows Server 2008 Release 2.  Start Windows PowerShell as an administrator by right-clicking the Windows PowerShell shortcut and selecting Run As Administrator .  Enable PowerShell Remoting with Enable-PSRemoting -Force Starting a Remote Session using:  Enter-PSSession -ComputerName <COMPUTER> -Credential <USER> Now the PowerShell connected to the remote server. Any commands issued with work against the remote server. We can use the Appcmd.exe command line tool to manage remote server just as what we do locally. For example, to add an application pool: c:\windows\system32\inetsrv\appcmd add apppool /name:"Contoso" /managedPipelineMode:Integrated /managedRuntimeVersion:"v4.0" /enable32BitAppOnWin64:true To change application p...

Packing, Packaging and Indirect materials treatment in various free trades

Definition of Packing, Packaging and Indirect Material Packaging materials and containers  means materials and containers in which a good is packaged for retail sale Packing materials and containers  means materials and containers that are used to protect a good during transportation, but does not include packaging materials and containers; Indirect material   means a good used in the production, testing or inspection of a good but not physically incorporated into the good, or a good used in the maintenance of buildings or the operation of equipment associated with the production of a good, and includes a)       fuel and energy, b)       tools, dies and moulds, c)        spare parts and materials used in the maintenance of equipment and buildings, d)       lubricants, greases, compounding materials and other materials used in production or used to operate ...