May 162014
 

I created the dynamic webservice. So far so good. Solved some hard to find problems (at least, Microsoft doesn’t tell you that these problems will arise). Now for the big finale. WCF in all its wisdom caches WSDL requests. Let us repeat that all together now: WCF caches WSDL requests. And there is no way to tell WCF to not do that, or for that matter to empty the cache. The only way to do that, is to recycle the application pool the service is running in, or (of course) to recycle IIS. It’s that bad.

I tried several methods: messageinterceptors, creating extra instances of the service, etc etc but there’s no way to work around the cache. Once requested, the WSDL is written in stone.

We serve web services that have a customerbased configuration. A customer gives us a data file, which will be the source for their endpoint. In our application is defined which columns are served to the respective methods. But all clients have the same set of methods (web operations). So the wsdl generator looks at the user that is logged in (custom servicebehavior), fetches the relevant column names from the database, and modifies the wsdl accordingly. Every customer is served its own data with its own choice of columns. Works perfectly. Until you change the set of columns and don’t restart the service. No problem on my development laptop or on the test machine, but a big problem if we want this in live in production.

At a dead end with this now. Looking for an alternative. But so far, none of what I find actually works.

Nov 302013
 

As a sidetrack for a work related project, I recently looked at GeoDjango. GeoDjango is the geospatially enabled version of Django, the socalled webframework for perfectionists with deadlines.

Doing the GeoDjango tutorial for the umpth time, Python caught me again. The way the language works, it seems to flawlessly connect with the way I think when I’m programming.

I needed to do some manual upgrading, can’t remember what exactly, but that had to do with the Ubuntu registries not having the latest version or so. Nothing special.

Thinking about two projects to create now. One is an idea I already have for a long time, so maybe it will see daylight some time.

Apr 082013
 

Facebook is getting weirder every day. Apart from advertising, their biggest source of income is probably gaming. Gaming requires friends, or neighbors, or whatever the game calls is.
Now Facebook introduced paid messages to non-friends, and celebrities.
How can you expand your neighbors without harassing someone with a friend request first? And secondly, I think it’s ripping off celebrities, since they don’t see a penny of the revenues.

Maybe it’s time to turn our backs to Facebook. I just did by ranting here ;-)

Apr 082013
 

Starting today, Microsoft will terminate the services for its messenger MSN or Messenger Live. We will all have to use Skype from now on. Almost the same you would say, although Skype doesn’t have personalized statuses, it doesn’t understand the typed smileys, and it’s a big program to start with. You loose the groups you created. And in a lot of countries Skype just doesn’t work. The MSN king is dead, long live the new king Skype.

BARF!

Jan 162013
 

Ubuntu 12.04 has the default firewall ufw enabled, but I rather use iptables. And everytime I reboot the system, I run a script to enable the firewall rules again. But I just found out I don’t need to, there’s a tool for that. Of course.


sudo apt-get install iptables-persistent

That asks you to save the current IPv4 and IPv6 rules and creates a service that is started at boot time so it reads the created files.

Voila.

Jul 212012
 

My mail is now running on the server again, not the Synology. The Synology does a good job, but the spamfilters are not what I like them to be. It marks mail as spam by adding “**SPAM**” to the subject line and listing how much spampoints the message got. Not what I want. I want an unaltered mailmessage in my spambox, or no message at all. I used to have that with Postfix/Postgrey/Amavis/Spamassassin.

 

I installed iRedMail, basically an installer layer over the standard Linux mailcomponents. Installing is done in about 2 minutes, switching of greylisting took me more time to figure out how…. Thanks people, for such a great product.

Jul 192012
 

To have some directories on my server protected by more than a simple username and password, I wanted to use SSL and client certificates. I could easily restrict the directories to my local network IP-addresses, but when I’m “outside” that would present a problem. Hence the solution with client certificates.

 

As I blogged earlier, I requested a real server certificate from the people at Xolphin. Nice people, low prices, fast service. But…..you cannot create/sign client certificates with such a certificate. You need the real certificate installed on the server, and you need to create a certificate that has been created/signed by you as a fake Certificate Authority. The Fake CA has to be known to Apache and to your browser. Next the client certificate (created/signed by the Fake CA) must be imported into your browser, and of course the directories you want to protect need to be in the SSL-configuration of Apache.

 

Now that I know how it works, it is simple, but most guides on the internet either follow the Fake CA principle (so you don’t need to buy a real certificate) or they only use a real certificate. Spending money to have your SSL-certificate-supplier do the job for you is another thing. But this works. And for € 10 (excluding VAT) per year I now have a real server certificate, and I can further protect my server with my own certificates.