Wednesday, December 17, 2014

Generate MachineKey in IIS 7.0+

Normally machineKey is already configured in your machine.config file which is applied to all your application if you are working in the same Web Farm. But most of the time this may not be the scenario, it may be possible that your applications are distributed across different Web Farms.

To deal with this all you need is to configure the same decryption keys in web.config of all the applications to decrypt the authentication cookie created at client side.

To generate a new machine key all you need is to first open the IIS Admin Console, and

1. Select the Server

2. Select the Machine Key from right hand side of the console

image

3. Double Click to open the Machine Key and then Select ‘Generate Keys’ from Actions

image

4. You got the Decryption Key and Unique Key

You can use this Keys in you web.config file which might look similar to something like

image

Monday, December 15, 2014

UnSubscription Email Utility

In this post I am going to show a very simple yet very useful utility which everyone of us encounter when we get lots of unwanted mails which we had subscribed sometime in our web exploration but later we want to get rid of those subscribed mails. Moreover this is a very integral part of our business use cases.

I have used ASP.NET MVC as an example but if you understand the concept, this can be achieved using any of your favorite programming logic as well.

I tried to keep the example as simple as possible so that I can cover the concept/business logic in more details. In this example as soon as I run the application I will call the Index action method with my hardcoded email id. In real world you might want to make it more dynamic and will try to pass this as a parameter.

image

Now I have written a utility  method which is used to generate the subscription link, which can be embedded in the marketing emails, so when the user click on this link Say Unsubscribe Me, he will land on the page where just in a click of button his mail id will be removed from the marketing email database.

image

For the simplicity sake of this example I have not used the real time database operations but for your implementation you will definitely need DB operation to update the user preferences.

Not let me highlight the most important logic of this GetUnSubscriptionLink method; since we are dealing with one key information of a user which is his email id, so I have used CryptoHelper utility which is used to Encrypt the email id of the consumer. This will also help us to filter any Brute force attack where the hacker will try to enter random emails on his list to invoke the unsubscribe methods.

You can download your copy of CryptoHelper utility from here: http://1drv.ms/1r2kisl

One of the example of the unsubscription link is shown in the screen below. For better programming practice you can configure the root URL in your config file.

image

Additionally you can do a second level of validation where you can prompt the end user to provide his email id in a text box and validate this against the decrypted string containing the email id from the query string, if both has a match then unsubscribe otherwise ignore the unsubscribe request.

In my example as soon as you pass all the validation I am calling the Unsubscribe action method of my controller which takes the encryptedText as a parameter and decode the text to unsubscribe the user from marketing emails.

image

Sample screen once the user is unsubscribed

image

I am providing below a utility Property which I found somewhere on internet, this might be very useful to you if you are playing with URL’s

image

Crypto Helper Utility: http://1drv.ms/1r2kisl

You can download the full working copy of this example from this link: http://1drv.ms/1vU5ZCO

Hope this helps, let me know in comments if you have any trouble in downloading the files or understanding my thoughts Smile

Thursday, December 11, 2014

Hello World !!! using Apache Cordova and Visual Studio 2013

You heard it right, this is for all the .NET Developers (other platform also welcome) who have ever wished to build an app using Apache Cordova that targets multiple mobile platforms: Android, iOS, Windows, and Windows Phone.

Disclaimer: All images are copyright to their respective owners.

I am going to show you a very simple mobile application which displays Hello World, using apache Cordova and Visual Studio 2013.

1. Setup the environment by installing the Preview of Visual Studio Tooling Support for Apache Cordova, you can download the CTP from here.

Visual Studio Tools for Apache Cordova

image

2. Once the installation is complete, run Visual Studio 2013 and create a new project. You need to go to Javascript templates or you can select the Multi device Hybrid App and click OK button. this will give you default project structure

image

image

3. For this post I am not going to explain all the files, rather I will go directly to my index.html and change the default text Hello World !!! and we are done.

image

4. And finally select the desired Emulators and run the program.

image

And here is the output, that’s it and you are done.

image

You can double click on config.xml file to customize the Custom and Core properties of your application individually for each platforms.

image

Hope this makes your life simple Smile Enjoy.

Other helpful link:

http://msopentech.com/blog/2014/05/12/apache-cordova-integrated-visual-studio/

http://msdn.microsoft.com/en-us/library/dn757054.aspx

Sunday, September 14, 2014

ASP.NET vNext

With ASP.NET vNext Microsoft has remodeled the entire pattern, with lots of added features and improvements in programming model. I have tried to compile the information from few useful source in this post which contains the complete list of ASP.NET vNext features.

The best part of this is it’s a open source, in this post I have just collected few interesting features of ASP.NET vNext and the video of 2 great Scott’s (Scott Hanselman and Scott Hunter) originally presented in Microsoft TechEd North America 2014.

Download :- MP3 (Audio only), Mid Quality MP4 (Windows Phone, HTML5, iPhone), High Quality MP4 (iPad, PC, Xbox), MP4 (iPhone, Android)

Here are some of the new features in ASP.NET vNext.

  • Cloud-ready out of the box
  • A single programming model for Web sites and services
  • Low-latency developer experience
  • Make high-performance and high-productivity APIs and patterns available – enable them both to be used and compose together within a single app
  • Fine-grained control available via command-line tools and standard file formats
  • Delivered via NuGet
  • Release as open source via the .NET Foundation
  • Can run on Mono, on Mac and Linux

Ref : http://blogs.msdn.com/b/dotnet/archive/2014/05/12/the-next-generation-of-net-asp-net-vnext.aspx

Rebuilt from the Ground Up
  • MVC, Web API, and Web Pages are merged into one framework, called MVC 6. The new framework uses a common set of abstractions for routing, action selection, filters, model binding, and so on.
  • Dependency injection is built into the framework. Use your preferred IoC container to register dependencies.
  • vNext is host agnostic. You can host your app in IIS, or self-host in a custom process. (Web API 2 and SignalR 2 already support self-hosting; vNext brings this same capability to MVC.)
  • vNext is open source and cross platform.
Leaner, Faster
  • MVC 6 has no dependency on System.Web.dll. The result is a leaner framework, with faster startup time and lower memory consumption.
  • vNext apps can use a cloud-optimized runtime and subset of the .NET Framework. This subset of the framework is about 11 megabytes in size compared to 200 megabytes for the full framework, and is composed of a collection of NuGet packages.
  • Because the cloud-optimized framework is a collection of NuGet packages, your app can include only the packages you actually need. No unnecessary memory, disk space, loading time, etc.
  • Microsoft can deliver updates to the framework on a faster cadence, because each part can be updated independently.
True Side-by-Side Deployment

The reduced footprint of the cloud-optimized runtime makes it practical to deploy the framework with your app.

  • You can run apps side-by-side with different versions of the framework on the same server.
  • Your apps are insulated from framework changes on the server.
  • You can make framework updates for each app on its own schedule.
  • No errors when you deploy to production resulting from a mismatch between the framework patch level on the development machine and the production server.
New Development Experience

vNext uses the Roslyn compiler to compile code dynamically.

  • You can edit a code file, refresh the browser, and see the changes without rebuilding the project.
  • Besides streamlining the development process, dynamic code compilation enables development scenarios that were not possible before, such as editing code on the server using Visual Studio Online ("Monaco").
  • You can choose your own editors and tools.

You can find this video and many other interesting videos of TechEd North America 2014 @ http://tena2014.eventpoint.com/topic/list

Link to Scott Hanselman blog: http://www.hanselman.com/blog/IntroducingASPNETVNext.aspx

Complete list of feature in Text:

http://www.asp.net/vnext/overview/aspnet-vnext/getting-started-with-aspnet-vnext-and-visual-studio

http://www.asp.net/vnext

I hope this compiled information might help you to kick start your journey of ASP.NET vNext, please share your views in the comments below.

Thursday, September 11, 2014

4.93 million Google accounts HACKED !!! – Username List

Couple of days back I heard that few millions Google users account id and passwords are leaked online, initially I though its just a rumor, but later after reading in leading news papers I got to know the seriousness of the issue

Russian hackers have leaked the email IDs and passwords of as many as 4.93 million Google accounts. The same Google account password is used across all Google products, such as Gmail, Drive, Plus, YouTube, Maps etc.

The account details have been posted on bitcoin forum btcsec.com by a user named Tvskit. On the forum, Tvskit has said that approximately 60% of the passwords are still active.

Source : http://timesofindia.indiatimes.com/tech/tech-news/4-93-million-Gmail-passwords-leaked-by-hackers/articleshow/42241159.cms

http://www.nydailynews.com/news/world/5-million-gmail-usernames-passwords-posted-online-article-1.1935155

After digging down into the thread I managed to download the complete list of users whose account passwords are hacked, remember this is just the list of users not their passwords. Though this list does not contain my user name but I found couple of emails I am familiar with, so though to share the complete list with the readers of my blog and friends.

You can also query your email on the link here, to see if your Google account is present in the hackers database.

https://isleaked.com/en

image

I have uploaded the file here, if you find your username in this list then I suggest you to take necessary action to protect your account, as you might be aware that the same account is used across all your Google services like Gmail, Google Drive, You Tube, Android, etc.

Link to download the file containing all the Usernames: http://1drv.ms/1qOspGg

Tuesday, September 9, 2014

Finline Touch – Version 4.0.0.1

Version 4.0.0.1 of Finline Touch is live in Windows Phone store, with major enhancements.
You can now Sync your Saved Quotation across multiple mobile devices using Microsoft OneDrive, in addition to the following features from the previous version.

  1. Loan Calculator, for mortgage, car or personal loans
  2. Special Loan calculator, supporting 0% EMI and down payment
  3. Fixed deposit calculator, supports simple interest and interest compounded annually, monthly, quarterly and semiannually.
  4. Saved loans, quotes allows you to view the loans or quotes saved by you. This can be used to generate a quick reference to the loan you already have with amortization details.
  5. Loan Calculators provided in this application supports zero down payment, zero interest rate, calculation of processing fees, etc
  6. Loan quotation generated can be saved for feature reference. This is also useful if you have existing loans. You can save you existing loans with loan reference number and short description which can be used for quick reference without searching and looking into you loan documents provided by you banks.
  7. Save the quotations on OneDrive to sync across multiple mobile devices

You can download the App from Windows Phone Store @ http://www.windowsphone.com/en-in/store/app/finline-touch/e004e119-7f4b-46f1-bda5-aa1b1b94e6ef

Or you can Scan the QR Code from your mobile to download the app

FinlineTouch

SplashScreenImage.screen-WXGAMenuPageSavedLoan

Sync to OneDrive, helps to share the saved quotations across multiple mobile devices*

Backup, Restore, Sync to One drive is in BETA mode, please share your feedback so that I can improve this feature.

Sunday, January 26, 2014

Finline Touch – Version 3.1.0.0

Version 3.1.0.0 of Finline Touch is available for download. With the following features.

1. Loan Calculator, for mortgage, car or personal loans
2. Special Loan calculator, supporting 0% EMI and down payment
3. Fixed deposit calculator, supports simple interest and interest compounded annually, monthly, quarterly and semiannually.
4. Saved loans, quotes allows you to view the loans or quotes saved by you. This can be used to generate a quick reference to the loan you already have with amortization details.
5. Loan Calculators provided in this application supports zero down payment, zero interest rate, calculation of processing fees, etc
6. Loan quotation generated can be saved for feature reference. This is also useful if you have existing loans. You can save you existing loans with loan reference number and short description which can be used for quick reference without searching and looking into you loan documents provided by you banks.

You can download the App from Windows Phone Store @ http://www.windowsphone.com/en-in/store/app/finline-touch/e004e119-7f4b-46f1-bda5-aa1b1b94e6ef

Or you can Scan the QR Code from your mobile to download the app

FinlineTouch

Screens of Finline Touch.

SplashScreenImage.screen-WXGAMenuPageSpecialLoanAmortzAmortzJumpListFixedDepositLoanCalculatorSavedLoan

Monday, September 9, 2013

ASP.NET and Web Tools for Visual Studio 2013 RC

There are several new features introduced in ASP.NET and web tools for Visual Studio 2013 RC. You can check the release notes for more detailed information http://www.asp.net/vnext

Following are the list of major enhancements which you can see

Find more at MSDN Blog @ http://blogs.msdn.com/b/webdev/archive/2013/09/09/announcing-release-of-asp-net-and-web-tools-for-visual-studio-2013-rc.aspx

Check the release notes @ http://www.asp.net/vnext/overview/aspnet-mvc