For those using a typical US keyboard layout, but with the need to use the Euro sign. I used the Microsoft Keyboard Layout Creator to make a copy of the US-International keyboard and remove all the dead-keys. So basically it’s a normal US keyboard layout, with all the Alt-Gr goodies with it.

United States-AltGr layout available now.

Use BasicHttpBinding:

The BasicHttpBinding uses HTTP as the transport for sending SOAP 1.1 messages. A service can use this binding to expose endpoints that conform to WS-I BP 1.1, such as those that ASMX clients consume. Similarly, a client can use the BasicHttpBinding to communicate with services exposing endpoints that conform to WS-I BP 1.1, such as ASMX Web services or Windows Communication Foundation (WCF) services configured with the BasicHttpBinding.

We came across this one at work while trying to test our brand new WCF services using standard web service test tools that have not been updated to know about Soap1.2. I finally figured it out after I read Kurt’s Post comparing BasicHttpBinding to WSHttpBinding at the packet level.

So we’ve been trying to interop with a web service at work that requires Basic authentication. Unfortunately we get one of the following errors (depending on if we’re going via our ISA proxy server or not):

• System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. —> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. —> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
• System.Net.WebException: The request failed with HTTP status 502: Proxy Error ( The specified network name is no longer available. ).

It turns out (thanks to ethereal), that for some reason the .Net Framework is ignoring the ‘401 Access Denied’ reply and assuming that the web service is usable. Oddly enough Squid handles the request perfectly, so does just bouncing the request via another box – so there’s clearly something odd going on inside the framework.

So no problem, we’ll just set PreAuthenticate to true. Except that only affects secondary requests:

“With the exception of the first request, the PreAuthenticate property indicates whether to send authentication information with subsequent requests to the specific Uri without waiting to be challenged by the server.”

The solution is rather hackish, but works while we wait for MS to code and test a real solution:

Paste this code into your web service proxy class, or preferably create a new file and extend the partial class. This means your code won’t be erased when the proxy class is recreated when you update the web reference.

protected override WebRequest GetWebRequest(Uri uri)
{
  WebRequest webRequest = base.GetWebRequest(uri);
  NetworkCredential credentials = Credentials as NetworkCredential;
  if (credentials != null)
  {
    string authInfo =
      ((credentials.Domain != null) && (credentials.Domain.Length > 0) ?
       credentials.Domain + @"\" : string.Empty) +
      credentials.UserName + ":" + credentials.Password;
    authInfo = Convert.ToBase64String(Encoding.Default.GetBytes(authInfo));
    webRequest.Headers["Authorization"] = "Basic " + authInfo;
  }
  return webRequest;
}


d@vid tells me that Stormhoek are giving Wine away to bloggers that are willing to blog about it! Well I certainly wouldn’t mind a glass to go with my Macaroni Cheese at lunch

BTW: gapingvoid cartoons are being used as wine labels! Who would have thought?

Update: Lunch was del.icio.us – the Wine was tasty good too. It really make a big difference if you drink it just after you’ve opened the bottle!

Mark Quinn pointed out back in August, that the imap authentication plugin suffered from a rather serious security risk. If you knew that a site was using it, you could create cookie that would let you in without having to know a user’s real password. (You did have to know a valid user’s account name).

So I’ve added a Secret Key to the imap options. This key is used to secure the cookie that is created, and will make it almost impossible for outsiders to create cookie to fool wordpress into letting them in. Users with a valid cookie (but they want to fake a login as a different user) will have to do a time consuming brute force attack of their own cookie to determine the Secret Key. (which they could then use to create a valid login cookie for another user account)

I’ve been experiencing windows with a OSX Tiger theme for the past few weeks, and recently someone asked me where I got the skin. As I was at home I had to do a bit of searching on Google, but in the process I came across the most amazing transformation yet: Engadget has an article on how to Turn your PC into a Mac.

We’ve set up a new blog for people to start playing with at work. As part of the set up I wanted to link back into the central authentication used for workstation login, etc… So the options were really kerberos, or radius. As the authority is an AD controller LDAP is not really considerable and getting php to work with kerberos or radius is a real hassle requiring extra modules to be compiled and loaded.

So I had a quick look at Daniel’s http authentication plugin, and coded up a imap authentication plugin.

Don’t forget to apply the patch if you’re not using WordPress 1.5.1 yet. You will need to configure the mailbox url under options > imap authentication if you’re using anything but unsecured localhost access. The mailbox location is passed directly to php’s imap_open function, so you can use pop/imap/nntp in secure or non-secure mode, your choice.

The user suffix is only required if your server requires the @domain.com part of the email address when logging in, and you don’t want to add that as part of the user’s wordpress login name.

Side-note: I also secured wp-login and wp-admin/ to force access via https, thereby furthur increasing the security passwords used on the site.

Update: I’ve addded the plugin to the WordPress plugin repository.

Update #2: It seems that wordpress doesn’t like redirects in wp-admin, so I’ve had to disable the forced https for that folder. However I continue to use it for wp-login.

Update #3: Version 0.6

I foud this gem in the latest code project email. Versioning Controlled Build is a “Visual Studio add-in that automates AssemblyVersion control.” This plugin has already saved me time deploying our latest application, and I can guarantee it will continue to do so!

After the install of SP1 on our routing and remote access box, all inter-device routing died. You can ping and traceroute within the same network, but as soon as the server has to route the packet between interfaces it just drops it. Oddly pings happily leave the network (routed correctly), but the replies get lost. They can be seen by network monitor coming back on the vpn connection, but they never make it to the lan connection. (Uninstalling SP1 fixed this issue, we have routing back).

Aditionally today we have an issue with the Fax server:

Fax Service failed to initialize because it could not initialize the TAPI devices.
Verify that a fax device is installed and configured correctly.
Win32 error code: 31.
This error code indicates the cause of the error.

If you uninstall the fax service, it’s impossible to re-install it due to this error. If anybody has any ideas, please leave them as comments.

It rained (and hailed apparently) a lot on Sunday, so on Monday morning work was without power. So I got to spend the day at home harassing the ADSL installers for my ADSL that was supposed to be installed on Friday (8th April 2005). If I’m luckly i might be able to get someone to come and install it soon, but it looks like tomorrow is going to be out, because I have to be at work early to fix machines in the US (assuming we have power)