I couldn’t find this all in one place, so, here’s how you enable developing and debugging an asp.net app under IIS7 on Vista:

1 Install windows features in “turn windows features on or off”. You need these things (which are not installed by default):
Under “web management tools”:
a. IIS metabase and IIS 6 configuration compatibility
b. IIS management console
Under “Application Development Features”:
a. ASP.NET
Under “Common Http Features” - check everything.

…

I should’ve posted on this a while ago, but it’s been crazy lately. Better late than never.
A month ago I left my place of work at Clarizen. It’s not been long, but it was definitely a great time for me.
I learned a lot and had so much fun.
Most importantly, I had a chance to work with some very talented and wonderful people - Eyal, Eli, Dudu, Sasha, Asher and many many more.
I participated in the development since a relatively early stage in the product’s life and seen the release of the public beta.
Do take a look at what came out in the end - www.clarizen.com.

…

Well, that’s just the exception to the rule, that only proves the rule. (My Father, when wrong)

A while ago, I complained about how measuring the wrong thing will just make things worse, in particular, how measuring things in software almost never works.
Recently, I read the earth-shattering news that “Transformers” beat the all-time record for first-week revenue by a non-sequel.
“Transformers” beat the all-time record for first-week revenue by a non-sequel.
“Transformers” beat the all-time record for first-week revenue by a non-sequel.
Hmm. Is it, like, good?
Does it mean Transformers is the best thing since (user-generated) sliced bread?
Is it just a sucky flick?
I don’t know.
Now, the interesting thing is: how did this ever become the news? Why don’t they say “Transformers is the best movie ever”, or “John Torturo as a ‘section 7’ agent is as brilliant as cold fusion”?
And another puzzle, for the advanced reader - why don’t you hear about top grossing movies over a year or ten years’ period? It’s always “first weekend” or “first week”.
Here’s why:
Movie makers are in it for the money, just like the rest of us. And over the last decade or so, there’s this one major obstacle in their little money making business. It’s called piracy. It’s easier to get an illegal copy of a movie than to get some water from the fridge.
In fact, I’m kind of thirsty now. But I’m not going to get that water. I’m too busy downloading Spiderman 4.
Oh, it’s not out yet? No problem. They got it on bittorrent already.
So basically, most money you’re going to make on a movie is in the first week or so. After that, everyone has already downloaded it from the internet for free.
Of course, the money people run the movie, not the…hmm…movie people. That’s because the money people give the movie people money to buy food, and the movie people, well, they don’t give the money people any money.
Now we have money people who run the movie and they want to make some money and they have to do it all in the first week. So they’re going to measure, you guessed it, first week revenue.

…

Some things I learned about software while watching Die Hard 4.0 and Transformers:

1. A hacker is most of the times a hot chick.
2. A hacker never uses normal operating systems. They have a bizzare OS, that is specifically optimized for their single need - displaying a map of USA with red dots on it.
3. When a computer is hacked into, the screen flickers.
4. Evil hackers, even if hot chicks, will always be proficient at martial arts as well.
5. You can hack a computer system by directing weird sounds at it.
6. Visualization is king - code breaking and pattern recognition are achieved using quick manipulations of 3D images.

…

Web 2.0. Web two o. Web two o. Web two o. Web two o. Web two o. Web two o. Web two o. Web two o.
I am actually typing this, no copy-paste.
Tim, what have you done to us?
Web two o. Web two o. Web two o.
Donna Martin graduates. Donna Martin graduates. Donna Martin graduates.
Can we please just get it over with?
Web two o. Web two o. Two, zero, o.
Two.
Full stop.
O.
Please. Enough.
Web two o. Web to you. Web to me. Web to us.
Toys’R’Us. Don’t call us, we’ll call you.
Have a nice weekend everybody, besos.

…

Here is a major security vulnerability in applications that use the ASP.NET forms authentication mechanism.

Forms authentication exposes a configuration property called enableCrossAppRedirects. It’s default value is false.

However, a simple test showed that this property does not have the desired effect, and it is possible for an attacker to redirect a user to a malicious website from your legitimate login page.

Assuming your login page is at http://www.myapp.com/login.aspx, and login.aspx uses the FormsAuthentication.RedirectFromLoginPage method, the following request will redirect the user to another domain after passing authentication by your application:

…

Summary:

This one is not short. Better sit down.

I am going to discuss a common problem with web controls that are heavy on client-side javascript code and AJAX requests, and suggest a solution I came up with.

Right.

An Example Control

We’ll be working with a sample control. Our control will be a stock ticker control that presents a current price for a stock and periodically gets price updates from the server.

…

If you use dasBlog, the endpoint for Blogger API is:

http:///Blogger.aspx

…

Here’s another short trick for the NMock mock objects framework:

To mock an indexer use the syntax (for the getter):

Stub.On(…).Method(“get_Item”).Will(Return.Value(..));

And for the setter:

Stub.On(…).Method(“get_Item”).Will(Return.Value(..));

*Update*

Via Paul Pierce’s post I found a better way:

Stub.On(…).Get[…].Will(Return.Value(..));

…

This is the second part in an article series about setting up SSL in an ASP.NET application.

You can read the first part here. Go ahead, read it now.

Okay.

Now, that we’ve created an SSL certificate for testing and development purposes, we are ready to make the required configuration in IIS.

Setting Up IIS to Work with SSL

First thing we have to do is configure the web site to use the certificate we created:

…