Maarten Balliauw {blog}

ASP.NET MVC, Microsoft Azure, PHP, web development ...

NAVIGATION - SEARCH

New Team Foundation Server projects on CodePlex!

Busy times... Lots of work, some holidays here in Belgium, ... But there's always time to browse CodePlex! It is actually a good thing to do that from time to time. In the past few days, I spotted two great new projects on Team Foundation Server. Thumbs up for their authors!

TeamReview

"Use this Visual Studio Add-In to leverage Team System and the Visual Studio code object model for in-IDE code review feedback, demonstration, and review replay. The inspiration for this project are the many code reviews we've experienced that have been generally underwhelming experiences and less than optimal outcomes. To make code review less painful, and to greatly assist in distributed environment code reviews this project will add Code Review squarely into the VS.Net Team System tools."

TeamReview is, in my opinion, a great step forward regarding code reviews using Visual Studio and TFS. It consists of a new work item type (for code reviews) and a Visual Studio add-in. The presented workflow is quite easy: a developer creates a code review task for the code reviewer, he answers it with eventual comments. A complete example of this flow, including screenshots, can be found on CodePlex.

TeamReview Code Review Response

TFS Sticky Buddy

Want to know by one look what's going on in your project? Pick a work item query in TFS Sticky Buddy and immediately see what work items are on schedule and which ones are overdue. Since a screenshot might say more than words, here are 2. The left one has multiple iterations, the right one is a project on my demo VPC. Seems like I have a lot of work to do :-)

TFS Sticky Buddy TFS Sticky Buddy - A lot of work!

kick it on DotNetKicks.com

Zend Studio + Teamprise = PHP development with Team Foundation Server

Ever since I started developing PHPExcel, I noticed this option of connecting to CodePlex's Team Foundation Server using Teamprise for Eclipse (free CodePlex license here). Back in the days, I was developing using Zend Studio 4, but I recently upgraded to Zend Studio 6 for Eclipse.

Now this "Eclipse" word triggered the idea that perhaps integration of Zend Studio and Team Foundation Server could be something that works. So I downloaded the Teamprise Eclipse plugin package, copied it to the Zend Studio plugins ditrectory. And yes: tight integration of Team Foundation Server with Zend Studio is possible!

Let's rephrase that: it is perfectly possible to use Team Foundation Server in a mixed Microsoft / PHP development team as your main store for source control, work items, reporting, ...

Here's a screenshot of my installation when accessing the CodePlex Team Foundation Server from Zend Studio:

Zend Studio Workspace with Teamprise installed

  kick it on DotNetKicks.com

ASP.Net MVC Membership Starter Kit alternative authentication

Last week, I blogged about the ASP.Net MVC Membership Starter Kit and some of its features. Since then, Troy Goode and I are developing at warp-speed to provide a complete (Forms)Authentication starter kit for the MVC framework. Scott Guthrie also noticed our efforts, which forced us to do an official release earlier than planned.

Now when I say warp-speed, here's what to think of: we added Visual Studio item templates, a nice setup program, a demo application, ... We started with FormsAuthentication, but we have evolved into some alternatives...

OpenID authentication

You can add a route to the OpenID login action, and have an out-of-the box OpenID login form:

OpenID login

Simply enter your OpenID URL, click login. The MVC Membership Starter Kit will handle the rest for you!

More on this lightweight OpenID consumer from Mads Kristensen.

Windows Live ID authentication

For this, you'll need an application key. If you have one, you can add a route to the Windows Live ID login action, and have an out-of-the box Windows Live ID login form:

WLL login

Simply click the "Sign in" link. You will then be authenticated via Windows Live ID Web Authentication and returned to your ASP.Net MVC application when the authentication succeeds. The MVC Membership Starter Kit will handle all background processing for you!

WLL login

WLL login

More on Windows Live ID Web Authentication at dev.live.com.

Associate user with membership database

Both the OpenID and Windows Live ID authentication require you to do one "manual" step: implement the link between the membership database and the authentication method. You can simply override a virtual method in your own controller implementation, like so:

[code:c#]

protected override MembershipUser AssociateOpenIDToMembershipUser( string identity, string name, string email )
{
    // TODO: implement this to use OpenID authentication
    return null;
}

protected override MembershipUser AssociateWindowsLiveIDToMembershipUser(string userId)
{
    // TODO: implement this to use Windows Live ID authentication
    return null;
}

[/code]

What you'll have to do is return the ASP.Net membership user associated with the OpenID / Windows Live ID account.

The Windows Live ID authentication is currently only available from source control on CodePlex.

(by the way: I think this is the first OpenID and Windows Live ID implementation ever using the ASP.Net MVC framework)

kick it on DotNetKicks.com

To all BlogEngine.NET users... Go patch!

image This morning, I read about a serious security issue in BlogEngine.NET. The security issue is in the JavaScript HTTP handler, which lets all files pass trough... In short: if you open http://your.blog.com/js.axd?path=app_data\users,xml, anyone can see your usernames/passwords! None of the other HttpHandlers are affected by this security hole.

My recommendation: if you are using BlogEngine.NET: go patch!

(and yes, I patched it Cool  http://blog.maartenballiauw.be/js.axd?path=app_data\users.xml)

kick it on DotNetKicks.com

ASP.Net MVC Membership Starter Kit

ASP.Net MVC Membership starter kit Yesterday, I read a cool blog post from Troy Goode about his new CodePlex project MvcMembership. I also noticed his call for help, so I decided to dedicate some of my evening hours to his project.

Almost every (ASP.NET) website is using some form of authentication, in most cases based on ASP.NET membership. With this in mind, Troy started an ASP.NET MVC version of this. The current release version provides a sample application containing some membership functionality:

  • FormsAuthenticationController featuring:
    • Register action & view
    • Login action & view
    • Logout action
  • FormsAuthenticationAdministrationController featuring:
    • User List action & view
    • User Detail action & view
    • Role List action & view
    • Create User action & view
    • Change/Reset Password actions
    • Role Management actions
  • Custom Action Filters, including:
    • a RequiresAnonymousAttribute
    • a RequireAnyRoleAttribute
    • a RequireEveryRoleAttribute
    • a RedirectToActionOnErrorAttribute
    • a RedirectToUrlOnErrorAttribute

After an evening of contributing code, there's additional functionality in the source control system:

  • FormsAuthenticationController featuring:
    • Reset password action & view
    • Retrieve password action & view
    • Change password action & view

Also, I've been doing some massive refactoring to this project. Everything that is "generic" for most applications is now stripped out in a separate assembly still allowing situation-specific overrides. For example, if you use this MvcMembership framework, you can simply inherit the BaseFormsAuthenticationController class in your own code:

[code:c#]

namespace MvcMembership.Controllers
{
    public class FormsAuthenticationController : StarterKit.Mvc.Membership.Controllers.BaseFormsAuthenticationController
    {
    // Nothing here... All is handled in the BaseFormsAuthenticationController class!
    }
}

[/code]

Need a custom Login action? No problem!

[code:c#]

namespace MvcMembership.Controllers
{
    public class FormsAuthenticationController : StarterKit.Mvc.Membership.Controllers.BaseFormsAuthenticationController
    {
        public override void Login()
        {
            // this is an override, additional ViewData can be set here
            base.Login();
        }
    }
}

[/code]

Want to respond to some actions inside BaseFormsAuthenticationController? No problem either!

[code:c#]

namespace MvcMembership.Controllers
{
    public class FormsAuthenticationController : StarterKit.Mvc.Membership.Controllers.BaseFormsAuthenticationController
    {
        public override void OnAfterResetPassword(string email, string userName, string newPassword)
        {
            // TODO: replace with sender e-mail address.
            MailMessage mailMessage = new MailMessage("sender@example.com", email);

            // TODO: replace with custom subject.
            mailMessage.Subject = "Your password";

            // TODO: replace with custom body.
            mailMessage.Body = string.Format("{0}, your password is: {1}.", userName, newPassword);

            // TODO: replace with the name of your SMTP server.
            SmtpClient smtpClient = new SmtpClient("localhost", 25);
            smtpClient.Send(mailMessage);
        }
    }
}

[/code]

Let's hope the ASP.NET MVC team picks this up, as I think it's something lots of users would like to see. For now, it's a separate download from CodePlex.

kick it on DotNetKicks.com