Friday, June 24, 2011 by Nate Bross
Someone asked on Stack Overflow:
I’m used to PHP style MVC frameworks which are a little different from the way ASP’s MVC frameworks work.
Is there a built in database class? Or do I need to code my own database class using a web.conf connection string?
With PHP’s MVC frameworks you simply add your database connection information into a database and then query it with something like:
$results = $this->db->query("select * from table");
I posted the following answer, which was chosen as the accepted answer and received 2 upvotes:
It is not quite that simple, but you have a lot more flexibility. Check this link out: http://www.dotnetperls.com/sqlconnection — It has some getting started for doing exactly what you’ve outlined (though I HIGHLY recommend you use sprocs or at a minimum, paramaterized sql, not direct sql).
With that said, I suggest you look into Linq-To-SQL or Entity Framework. Any on-line sampels you find will probably use one of these technologies, and they do make things very nice and simple.
Originally posted on Stack Overflow — 2 upvotes (accepted answer). Licensed under CC BY-SA.
Friday, June 24, 2011 by Nate Bross
Someone asked on Server Fault:
I have a ‘desktop’ java application which is in the form of a .jar file.
How can I:
- Store this application on a single server.
- Grant access via Terminal Services to a specific OU to run this application from the central location.
- Disallow the copying or moving of the application (jar file) to any other location.
- Allow the saving/copying/moving of the output of the application on an authorized user’s local drive.
I posted the following answer, which was chosen as the accepted answer:
- Deploy the necessary JRE and .jar files to your Remote Desktop Services Server.
- AFAIK, you can do this at the Security Group level, not the Organizational Unit level.
- Setup File Permissions for Read/Execute (same security group as above I assume).
- Terminal Services allows the user to connect their Remote Drives, this is a configuration option during connection to the server, the user will have the same access to these “local” drives as they do outside Terminal Services.
That said, I highly recommend that you check out Remote App, its part of the latest Windows Server OS, but it allows you to deploy the app on the server, while the user simply sees a new icon on their local desktop / start menu. Instead of a full Remote Desktop Session, they have a limited, seamless window for just the “published application.”
Originally posted on Server Fault — 0 upvotes (accepted answer). Licensed under CC BY-SA.
Thursday, June 16, 2011 by Nate Bross
Someone asked on Stack Overflow:
I’d like to use OpenID to authenticate users on my webapp — similar to how StackExchange does it. I’d also like to enable users of my website to use my Desktop and Mobile Apps using the same account. I’ve read this requires OAuth (OpenID is purely website only).
What I don’t know is
- Is this the correct approach?
- What would the workflow for this be?
- What data do I need in my database per user/OpenID? Do I store an “account” and then when they’ve authenticated with OpenID, I allow them to generate an OAuth Token for the mobile app?
In an ideal world, I would be able to have buttons similar to those on https://stackoverflow.com/users/login for both my WebApp and also in my Desktop and Mobile Apps which would simply allow users to login with their google or facebook account, is that possible? Simplicity for users is paramount, because my userbase will not take well anything remotely complex.
Can I use something like DotNetOpenAuth to provide all of this functionality?
Would a better solution be to break this up and allow users to authenticate to my site with OpenID and then I provide my own OAuth scheme for my desktop and mobile clients?
I posted the following answer, which was chosen as the accepted answer:
This is the workflow that I came up with, and so far I think its working well.
The user is required to authenticate to the website via third party OpenID/Facebook/etc (mobile friendly website is available). Then, in their “profile” they can generate an API “key” which they can copy/paste into their client software. It isn’t 100% transparent to the user, but its pretty good.
Originally posted on Stack Overflow — 0 upvotes (accepted answer). Licensed under CC BY-SA.
Wednesday, June 15, 2011 by Nate Bross
Someone asked on Server Fault:
I’m a total noob when it comes to Servers. I’ve been designing websites for about four years, and I’m completely self-tought (22 years old)…
I want to get away from Mediatemple because they don’t support rails.
I’m trying Rackspace cloud hosting right now, and I’ve got a beginner’s grasp on Ubuntu, but only slightly. I’m probably going to start my config over…so if I stick with Rackspace, will I have to monitor stuff all the time, or can I set it up, and check back like once a month?
If I can set it and forget it, which platform should I use? (Ubuntu, Debian, Fedora)…And what are some good things to keep in mind?
P.S. I’m currently having trouble setting up a basic mail server. I’m a bit frustrated with the learning curve, but I still like the versatility. Should I just stick with managed hosting?
I posted the following answer, which was chosen as the accepted answer and received 3 upvotes:
IMO, for small sites, managed hosting price is hard to beat. If you need the dedicated box, Ubuntu has a good balance of usability and functionality, though other Linux distros may have more functionality available, they can’t match Ubuntu for ease of use to a beginner.
Originally posted on Server Fault — 3 upvotes (accepted answer). Licensed under CC BY-SA.
Monday, June 13, 2011 by Nate Bross
Someone asked on Server Fault:
We are about to release a web application for our users, and are trying to figure out if others put their servers in a DMZ, or just keep it off the domain behind the firewall and greatly restrict access via firewall rules? Has anyone here found any cons to just restricting access via firewall rules and O/S perms?
Note that this site is an ASP.NET MVC front-end with SQL Server back-end.
Also - this is an HR/Finance application, and the database back-end contains our most valuable data. From a security perspective, I’d rather give the world root access to intranet than allow access to the database server. As a result, my original plan was to skip using a DMZ and only opening up port 443 on the firewall to the web server … this seemed no worse than putting the db server on the DMZ with the web server.
I posted the following answer, which was chosen as the accepted answer and received 4 upvotes:
Typically, the configuration is like this:
Internet facing servers connected to Firewall's DMZ Port
Trusted servers (SQL, AD, etc) connected to Firewall's Trusted/LAN Port
Internet connected to Firewall's WAN port
Then, the Firewall is configured to route between those subnets, and allow access according to the ACLs you define.
Notable comments
Nate (0 upvotes): That said, you can get a LOT of throughput on a medium size firewall for a few thousand dollars.
Nate (0 upvotes): Yes. It does. You need an enterprise grade firewall if you expect to push lots of traffic through.
Originally posted on Server Fault — 4 upvotes (accepted answer). Licensed under CC BY-SA.
Tuesday, May 31, 2011 by Nate Bross
Someone asked on Server Fault:
I’d like to give one of my friend access to my server through ssh so he can setup a tunnel and use as a SOCKS proxy (to circumvent pesky per country restrictions on certain website, we’re in France)
However, I do not want him accessing my files on the server. In fact I don’t want him to be able to do anything but create ssh tunnels.
I posted the following answer, which was chosen as the accepted answer and received 1 upvote:
You would just create an account on the server as per normal, and then setup the ACLs on your files to specifically DENY access from that account. This gives the account full access to their own files (maybe the would want to FTP or something from within the SSH session) while keeping your files safe.
If you don’t trust this person enough to where using the OSes built-in file permissions is not sufficient, giving them SSH access to your server is a bad idea in the first place.
Originally posted on Server Fault — 1 upvotes (accepted answer). Licensed under CC BY-SA.
Monday, May 30, 2011 by Nate Bross
Someone asked on Game Development:
I want to test my Client/Server game for which, currently, I am using localhost for both Client and Server.
Obviously I’m not getting any fluctuation in data and measure idea of performance, and in other parameters, what I wanted to ask how I would test a real world scenario:
if i create a little network with two computers or
if check that on LAN on which i am or
Are these cases (localhost included) equivalent?
or do I really need to test my game on different LANs to have reliable and realistic testing data?
How these different network setups influence the testing process?
Can somebody please suggest methods for testing the effect of network latency and packet loss on my game?
which above setup will give me more up and downs in number with LEAST setup/implementing efforts.
The game is supposed to be played on a LAN but it IS capable of more.
I posted the following answer, which was chosen as the accepted answer and received 2 upvotes:
Its hard to tell exactly what you’re asking, but there’s my thoughts.
When testing networking code, its perfectly acceptable to use localhost for both client and server to get it working, because its quick to debug and you can easily debug both client and server. It is important to note, that this is NOT sufficient for testing and final development.
In order for your testing to have maximum impact, you must test as many situations as you can. The minimum you can get away with are (IMO) these:
- One client and server on same computer
- One client and server on the same SUBNET
- One client and server on the same SUBNET with additional players from other SUBNETS (Internet, etc) connecting to server via NAT
- Server on the Internet and multiple additional Internet clients connected
Notable comments
Nate (0 upvotes): Nothing is comparable to doing both client and server on localhost, because that is a perfect networking case. In the real world, that never happens. Testing on two different computers, connected by any network (even on the same LAN) is a similar topology to anything else you’ll see. Just know that depending on setup, you’ll see a wider range of packet loss and latency.
Nate (0 upvotes): It is better than nothing. Your two computers on a single LAN is probably sufficient; you’ll just need to know what depending on the network topology at your deployment site, you may see higher latency and higher packet loss.
Nate (0 upvotes): Those IPs are routable, so in my mind, that is the Internet. What I mean. The information that you get from test #4 is that you know your application will work when its being routed. This is typically the weak link in networking code because it introduces more packet loss and latency.
Nate (0 upvotes): If I could only chose a single scenario to test, it would be #4. Because it will cover the most bases. You will need at least two computers to test this in an accurate to the real world way.
Originally posted on Game Development — 2 upvotes (accepted answer). Licensed under CC BY-SA.
Friday, May 27, 2011 by Nate Bross
Someone asked on Stack Overflow:
I have inherited a Classic ASP application with a Delphi COM layer. I am tasked with migrating the app to ASP.NET MVC2 and C# with web services replacing the Delphi. Due to the amount of users of the application and the fact that I’m the third developer this company has hired to do this, the company would like to migrate sections at a time. That leaves us with a mixed hybrid of Classic ASP and ASP.NET MVC2 sections. My guys and I have built the first section of the app and are ready for integrating the apples and oranges. My question is, has anyone done this? If so, how? The first attempt is creating a sub-folder in the classic app and inserting the MVC stuff into there. Doing it this way, I cannot get any urls to work. It’s probably some ignorance in the MVC pathing but if anyone has any tips at all on this, combining ASP and MVC2 I would love some help.
Thanks and I apologize if this is a bit vague, I’d really just like to start a conversation or connect with someone that’s done this before.
I posted the following answer, which was chosen as the accepted answer and received 2 upvotes:
First, you need to make the subfolder in the classic app a Virtual Directory or Wep Application for MVC to work, it wont work simply dropped in a subfolder of an IIS website.
Second, if the app is authenticated, you need to figure out a way to share the authuthentication so users don’t have to login every time they switch sections of the app. (Unless thats an acceptable situation, which I doubt). Sharing this authentication may involve making some changes to the existing application, or possibly not.
I wonder what is the scope of this project and why it cannot be done in one felswoop? I’m not saying doing it in phases is bad, but if that is a requirement, you’ll need to address the above issues.
Originally posted on Stack Overflow — 2 upvotes (accepted answer). Licensed under CC BY-SA.
Thursday, May 26, 2011 by Nate Bross
Someone asked on Server Fault:
I have a Rails Gem that does Active Directory authentication and its test suite has quite a lot of authentication checks. When I run the test suite on our LAN everything works no problem (as one would expect) but we are thinking of moving one of our applications off to a cloud server which of course means it will be accessing the DC from outside the network.
I’ve pulled a copy of the LDAP Gem onto a cloud server that we can test with and setup a port forward on our firewall and then ran the tests after putting in the settings and they fail, but in a different way to if you get your password wrong.
I’m getting a successful login appearing in the security logs on the DC but for what ever reason its not returning the data back to the client.
I have port XXXX forwarded to port 389 on the DC, do I need any other forwards?
I posted the following answer, which was chosen as the accepted answer and received 8 upvotes:
LDAP uses TCP 389 for unsecured communication and 636 for secured communication.
A client starts an LDAP session by connecting to an LDAP server, called a Directory System Agent (DSA), by default on TCP port 389.
and
A common alternate method of securing LDAP communication is using an SSL tunnel. This is denoted in LDAP URLs by using the URL scheme “ldaps”. The default port for LDAP over SSL is 636.
In terms of firewall, you’ll need to allow access to those ports from the “External” interface of the firewall to the “Trusted” interface. If you are using a NAT, you may need to add the rule on both the public IP as well as the LAN IP.
You shouldn’t need to forward any ports, but you will need to allow communication as follows:
permit tcp any x.x.x.x 0.0.0.0 389
permit tcp any x.x.x.x 0.0.0.0 636
Where you allow any source IP on any souce port that is destened for your server on a specific port.
You should also allow any established connections, on Cisco devices it looks like permit any established this will allow the response from your server back out of the firewall. Most firewalls typically do this established thing by default (in my experience) so if you have a dedicated firewall this shouldn’t be an issue.
Originally posted on Server Fault — 8 upvotes (accepted answer). Licensed under CC BY-SA.
Tuesday, May 24, 2011 by Nate Bross
Someone asked on Game Development:
I have been attempting to make a game engine in C++ and have come across the dilemma of game state management. I have done a lot of research and found numerous ways of accomplishing from game engine with derived classes to using enums and I would like to know the most effective/efficient way of managing game states.
EDIT
I would like to know how other people implement their game state management, i.e. what you like the most and why you like it. Also, any tutorials/code examples that are generally about game state would also be much appreciated.
I posted the following answer, which was chosen as the accepted answer and received 1 upvote:
In most of my games (that are all small in scope) I have used an enum and a switch (in some cases an if..else if...) and it has always been sufficiently fast. I’ve never had more than a few states, which helps.
enum GameStates
{
Running = 1,
Menu = 2,
Credits = 3
}
// update loop
switch(this.CurrentState)
{
case GameStates.Running:
UpdateRunning(gameTime);
break;
case GameStates.Menu:
UpdateMenu(gameTime);
break;
case GameStates.Credits:
UpdateCredits(gameTime);
break;
// add more states here
}
void UpdateRunning(GameTime gameTime)
{
if(running == null) LoadRunning(); //
// perform the rest of your game logic
}
This gives you a few things worth mentioning:
- You can change state anywhere, as long as you have a pointer to your main class.
- You can load/unload as necessary to save memory (if your game is big it might be nice)
- You’ve kept your very simple and easy to follow. This is the single most important thing a programmer can do IMO.
(Please excuse my C#/XNA style this was copy/pasted and tweaked, shouldn’t be to hard to adapt to C++)
Notable comments
Ali1S232 (4 upvotes): if you define a class for each state, it’ll help you organize your code and also let you to define OnEnter and OnExit events for every event, very useful for loading unloading unnecessory data.
Originally posted on Game Development — 1 upvotes (accepted answer). Licensed under CC BY-SA.
