Archive for November, 2008

30
Nov/08

Working out with Amazon S3

by mehfuzh under - Dotnet, C#

Recently, I was bit playing around with amazon S3. This is said to be the cheapest storage for people who don't want to spend much of their brain cells thinking about DB issues. Now, Amazon S3 primarily supports Web service (SOAP) to store and query data out of the S3 server. The concept behind S3 is that you have to create a bucket and under it you can store as many objects you want. Generally for a particular account 100 is the threshold value for buckets. In this post, I will basically focus on configuring your proxy for uploading large files to amazon using WSE and optionally I will point out a cool browser extension for analyzing your S3 space and third party library alternative.

Amazon depends on WSE 2.0 if you want to upload files larger than 1MB. The large file is transferred in the form of DIME (Direct Internet Message Encapsulation) attachment. Microsoft has released WSE 3.0 that uses MTOM which is a W3C recommendation for replacing DIME. But the time of writing this post it is not yet supported by Amazon.

How to prepare your proxy to support DIME  ?  Well, first you have to get the WSE 2.0 SP3 from Microsoft downloads. Once the step is completed, you can copy the Microsoft.Web.Services2.dll to your local folder. Basically, once the WSE 2.0 pack is installed the DLL is added to the GAC so it is not a required step, but if you want to ship it along with your distribution then you can consider doing that.

Now once you have created the proxy from http://s3.amazonaws.com/doc/2006-03-01/AmazonS3.wsdl. You need to do some manual tweaks before your project is ready to go with WSE.

From the Diff for Reference.cs we can see that we have to add a reference to Microsoft.Web.Services2 and inherit from WebServicesClientProtocol instead of SoapHttpClientProtocol

ReferenceDiff

Pretty easy but hang on a bit. While you are instantiating the proxy class you have to add/remove some standard WS filters. Therefore, if we have a method called CreateProxyInstance , with the OutputFilters it will look like

private AmazonS3 CreateProxyInstance()
{
    AmazonS3 proxy = new AmazonS3();

    /// Remove the standard WSE soap headers.
    proxy.Pipeline.OutputFilters.Remove(typeof(Microsoft.Web.Services2.Security.SecurityOutputFilter));
    proxy.Pipeline.OutputFilters.Remove(typeof(Microsoft.Web.Services2.Referral.ReferralOutputFilter));
    proxy.Pipeline.OutputFilters.Remove(typeof(Microsoft.Web.Services2.Policy.PolicyEnforcementOutputFilter));

    /// Add our custom filter to remove the unwanted WSE soap headers.
    proxy.Pipeline.OutputFilters.Add(new HeaderOutputFilter("wsa:"));

    return proxy;
}

Here the HeaderOuputFilter is a inherited from SoapOutputFilter , where we build the SoapEnvolop header without wsa node. Pretty much that's it for setting up the proxy , now let's upload something to the S3 server.

MetadataEntry[] metadataEntries = new MetadataEntry[2];

metadataEntries[0] = mContentType;
metadataEntries[1] = contentLength;

DateTime timestamp = GetCurrentTimeInMilliseconds();
string signature = GenerateSignature("PutObject", timestamp);

using (AmazonS3 proxy = CreateProxyInstance())
{
    MemoryStream stream = new MemoryStream(content);
    Microsoft.Web.Services2.Dime.DimeAttachment dimeAttachment = new 
    Microsoft.Web.Services2.Dime.DimeAttachment("S3Object",   
    Microsoft.Web.Services2.Dime.TypeFormat.Unknown, stream);
    dimeAttachment.ContentType = contentType; 
    /// add the object in wire.
    proxy.RequestSoapContext.Attachments.Add(dimeAttachment);
    proxy.PutObject(_bucketName, key, metadataEntries, content.LongLength, grants, 
    StorageClass.STANDARD, true, _accessKey, timestamp, true, signature, null);
}

From the fragmented code block we can see that "PutObject" is the method for large content not "PutObjectInLine" and along passing the stream, we have to pass the content type as well or less it wont recognized properly even you specify it in the MimeDataEntry array.

So far that is all. I have joined in a tiny class library project that will be helpful if you are getting started with S3 using SOAP. You can download it HERE. About the tool there is a cool firefox addon called S3Fox that gives you an explorer look for analyzing and even let you to add/delete items directly from S3.

s3Fox

Finally, WSE 2.0 does not work in medium trust mode which is an absolute show stopper for CMS and blog solutions. There is a nice S3 library at codeplex can be found at www.codeplex.com/ThreeSharp that don't requires any of these and can be a good alternative for medium trust problem.

Enjoy !!!

kick it on DotNetKicks.com
, Comments Off more...

24
Nov/08

With this post I bid you all adieu

by SQL under - Database, SqlServer, blog
I have posted on this blog for a little over 3 years now and decided it is time to call it quits at this URL.
All SQL Server related post from me in the future will be on SQLBlog.com and on lessthandot.com.
All non tech post will be on denisgobo.blogspot.com, here you will also be able to connect with me on twitter, flickr, friendfeed and linkedin


below are some URLs

Lessthandot.com
Mainsite
Database Blogs
Database Blogs RSS feeds
All Blogs
All Blogs RSS Feed

SQLBlog.com
Mainsite
My Blog
My Blog RSS feed

Personal Blog
URL
RSS Feed

See you there, don't forget to subsrcibe
, Leave a Comment more...

24
Nov/08

With this post I bid you all adieu

by SQL under - Database, SqlServer, blog
I have posted on this blog for a little over 3 years now and decided it is time to call it quits at this URL.
All SQL Server related post from me in the future will be on SQLBlog.com and on lessthandot.com.
All non tech post will be on denisgobo.blogspot.com, here you will also be able to connect with me on twitter, flickr, friendfeed and linkedin


below are some URLs

Lessthandot.com
Mainsite
Database Blogs
Database Blogs RSS feeds
All Blogs
All Blogs RSS Feed

SQLBlog.com
Mainsite
My Blog
My Blog RSS feed

Personal Blog
URL
RSS Feed

See you there, don't forget to subsrcibe
, Leave a Comment more...

20
Nov/08

Lockdown WSS system pages on public SharePoint sites

by Vincent Rothwell under - Database, Sharepoint, SqlServer, Tips, code

Using WSS on public sites means giving anonymous access to virtually all the pages in your site, including all the different list views and document libraries. People won't be able to do anything they are not allowed to because of security trimming, but they will be able to get to see the standard SharePoint UI. There maybe also implementation details you may not want them to have access to or 'public' content which isn't 'always' public.

MOSS Lockdown Feature

MOSS has a feature which provides this functionality, the ViewFormPagesLockDown feature. For me there are three problems with this...

1. It only works with MOSS and I want it to work with WSS.
2. It does not cover everything I want locked down.
3. I don't have any control over it, maybe I want some things still available.

More about this feature is available from...

Securing MOSS 2007 Publishing Sites with Lockdown Mode

Anonymous Users, Forms Pages, and the Lockdown Feature

Master pages

Having completed the SPWorks website using WSS I wanted to restrict access to any of the standard SharePoint pages, whilst still allowing access to the custom webpart pages. It would be easy enough to add a control to the default.master page, but this will un-ghost it and would have to be done for every default.master on each site. The other problem is that this would not work with pages in the 'Layouts' folder which use the application.master page. You can't really change this, without affecting all site collections in the farm.

Realistically I wanted a solution which would work with any of the default SharePoint pages and give me the option as to whether I deny access or not. Fortunately I have found a solution which works for me.

ASP.Net tagMapping

One of the great and underused (at least on my part) features of ASP.Net 2.0 is the <tagMapping> section of web.config. From the documentation...

"Defines a collection of tag types that are remapped to other tag types at compile time"

Essentially this means that you can provide a class which ASP.Net substitutes for the original class when the page is compiled. You can redefine the <ASP:TextBox/> if you want, anything which you can...

a) inherit from the original class and
b) is used within a tag on an ASPX page.

This is extremely powerful and provides endless opportunities for customization. My plan was to provide a tagMapping entry which replaced one of the standard SharePoint controls which is included on all the pages I want to secure.

Firstly I looked at the welcome.ascx control as this is on everyone of the standard SharePoint default pages. Unfortunately there are only two controls used within this ASCX and both of them are sealed. Being sealed means you can inherit from them and therefore cannot map them to a different class (Why?).

So next I looked at the SiteActions control, this is on every page too. This is made up from a FeatureMenuTemplate, which as luck has it is not sealed, so I looked to using this.

Adding security to the WSS pages

To add security checking to all the WSS pages I created a class which inherited from the FeatureMenuTemplate. The code for this is below.

public class SecurityChecker : FeatureMenuTemplate

{

    protected override void OnPreRender(EventArgs e)

    {

        CheckSecurity();

        base.OnPreRender(e);

    }

 

    private void CheckSecurity()

    {

        try

        {

            if (SPContext.Current.Web.CurrentUser == null)

                SPUtility.HandleAccessDenied(new Exception("Please login"));

 

            if (!SPContext.Current.Web.UserIsSiteAdmin && !SPContext.Current.Web.UserIsWebAdmin)

            {

                if (!SPContext.Current.Web.IsCurrentUserMemberOfGroup(SPContext.Current.Web.AssociatedMemberGroup.ID))

                    SPUtility.HandleAccessDenied(new Exception("You do not have access to this page"));

            }

        }

        catch (Exception ex)

        {

            Log.Debug(ex.ToString());

            SPUtility.HandleAccessDenied(new Exception("You do not have access to this page"));

        }

    }

}

In this class we check if the user is logged in, if they are not an Administrator and ultimately if they are a member of the site. We then use HandleAccessDenied to get them to either log in, or send them to the standard SharePoint access denied page.

This class is then mapped to the original SharePoint FeatureMenuTemplate class in web.config...

<pages ...>

  <namespaces .../>

  <tagMapping>

    <add tagType="System.Web.UI.WebControls.SqlDataSource, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
 mappedTagType="Microsoft.SharePoint.WebControls.SPSqlDataSource, Microsoft.SharePoint, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />

    <add tagType="Microsoft.SharePoint.WebControls.FeatureMenuTemplate,Microsoft.SharePoint,Version=12.0.0.0,Culture=neutral,PublicKeyToken=71e9bce111e9429c"

        mappedTagType="ARF.Web.Controls.SecurityChecker, ARF, Version=1.0.0.0, Culture=neutral, PublicKeyToken=fed9cbb14b1dc0f0" />

  </tagMapping>

</pages>

Here we see replacing the FeatureMenuTemplate with the ARF version called SecurityChecker. Now our class will be used and we can check the security.

Now whenever a page is displayed which has the SiteActions menu on it the security will be checked and as the SiteActions menu is on every page all pages will be checked. This example is part of ARF, the source for which can be downloaded from the ARF website.

A note of caution

I am using this with ARF, which has a panel which prevents its child controls from being rendered. I am using this to prevent the SiteActions control being rendered for anyone but site authors in the anonymous master page. Using this prevents the above code being called on the anonymous pages and ensures people still have access to the pages I want them to.

<arf:ARFPanel runat="server" AuthorsOnly="True">

  <ARFConsole:Console runat="server"/>

</arf:ARFPanel>

In order to use this WSS security lock down technique you would also need to implement this kind of solution.

, Leave a Comment more...

19
Nov/08

SharePoint Live Authentication and Custom Discussion Forums

by Vincent Rothwell under - Database, Projects, Sharepoint, SqlServer

I have released a new version of ARF, which includes implementations of a Windows Live Authentication provider for SharePoint and an XML/XSLT implementation of SharePoint discussion forums. Both of these features are being used on the SPWorks website to provide the discussion forums for ARF.

You can now signup to the SPWorks site and ask question about the ARF framework. Signup is simple, just sign in with your LiveID and complete your profile. The profile on the site is completely separate to your LiveID profile allowing you to use a different email if you require.

SharePoint Live Authentication

Based on the CKS:WLA SharePoint provider by Keith Bunge, the provider allows you to use Live Authentication to authenticate with SharePoint. Once authenticated the user can be assigned to groups and acts like any other Forms based authentication on SharePoint.

Working slightly different to the CKS:WLA, the ARF provider directly uses the SiteUserInfoList to store the user details. This works well as there are no passwords to store and makes user management easier.

ARF Discussion Forums

ARF now provides classes which give you easy access to the standard SharePoint discussion forums. As with all things ARF you are provided with XML, allowing you to render the forums using XSLT.

There are classes which list available forums, threads within each forum and posts within each thread. All are controlled by query string parameters.

ARF also provides a form to allow users to create new discussions or reply to current ones. This form can work anonymously or can enforce login prior to submitting a response.

Demonstration, source and installs available

As always with ARF the source and WSP installs are available for download. You can also see both features available at the SPWorks website

, Leave a Comment more...

  • Sponsored Links

  •  

    November 2008
    M T W T F S S
    « Oct   Dec »
     12
    3456789
    10111213141516
    17181920212223
    24252627282930

  • Meta

    • .

    Archives

    Tags

    Copyright © 1996-2010 Answer My Query. All rights reserved.
    iDream theme by Templates Next | Powered by WordPress