Ricardo Sanchez
Coder, Photographer, Youtuber, Blogger

Tools

How to enable the new Command Prompt features on Windows 10

Windows 10 is packed with lots of new and old features such as the beloved Start menu. One of my personal favorites is the new Command Prompt and its new features. For years, a lot of us have suffered the limitations of the command prompt such as not able to resize the window or simply paste data using Ctrl+V. These annoyances are now part of the past, and if you want to enjoy these new features too, you’ll need to follow the steps below.

Enable New Command Prompt

If you have upgraded to Windows 10 and you use the Command Prompt, make sure you follow these steps to enable the new Command Prompt features: Continue Reading

Remote employees: Best tools for collaboration and communication

Working remotely has become a common way of working for a lot of professionals, and while it is a lot easier to do this than years ago, working remotely still has some challenges. The one thing we can all agree with is that not having to worry about a busy and/or long commute is awesome (see photo above). The ability to stay connected to your peers and be able to collaborate seamlessly is necessary for remote teams to be successful. All companies use email and most use some sort of instant messaging tool, but this isn’t enough.

In recent years, many software companies have created multiple tools to make remote collaboration and communication easier and less intrusive, below are some of the tools I consider the most useful and enjoyable for the remote employee and remote teams. Continue Reading

Error 0x80131902: Failed to create the managed bootstrapper application.

This error message has been giving me headaches for a while, I have seen it happen in different Windows computers when trying to install a Visual Studio update or a new version of Visual Studio. If you Google for the string “Error 0x80131902: Failed to create the managed bootstrapper application.” you’ll find some sites and forums where the following advice and tips are given:

The error in the log, 0x80131902, means that the .NET Framework could not be loaded (more specifically, an AppDomain could not be created).

Do you have at least .NET 3.5 installed/enabled on your machines? You might also connect to Windows Update and make sure you have all required updates installed. There may be some bugs that have been fixed in the .NET Framework.

Another possibility – though not for this specific error but in general – is that your graphics drivers our out of date or not appropriate for your card (mentioned to @TobiasUlm below in another thread). Setup uses WPF and sometimes bad graphics drivers can cause issues (happened with VS itself for some users).

Visit your graphics card’s manufacturer web site and make sure you have the newest driver available for your card and, on Windows 7, that you have the latest DirectX runtime installed. See http://support.microsoft.com/kb/179113 for more information.

– Heath @ http://blogs.msdn.com/heaths; Visual Studio Professional Deployment

Also…

As you can install VS11 with the same ISO successfully on other machines, I think your VS11 ISO should be fine. And please follow the steps below to see if it helps you:

TemporarilyTurn off your anti-virus/antispyware software during installation;
Install the latest Windows updates from the Windows Update site: http://update.DataZX.CN;
Complete or dismiss Windows Update before installation. (And don’t forget to turn it on
later);
Clean your %temp% folder (Start Menu >>Run >> Type “%temp% >> OK);
Then run the setup with Administrator privilege: right-click the installer -> Run as administrator.
Thanks.

Vicky Song [MSFT]
MSDN Community Support

And…

Do you also install VS11 Developer Preview on that Windows7 machine? If so, I am afraid you need to first uninstall the VS11 DP and then install the VS11 Beta again.

In addition, please try to uninstall VS11 Beta completely from your machine and then try re-install it to see if you get the same result. And for the .NET application related issues, I think can consider reinstall .NET Framework 4.5 again. You can find it here:

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=27541

If you still get the same result, please offer me the complete installation log files you get.

Of course I tried all of those suggestions but none of them worked for me. Every time I tried to install a VS update or a new version of VS – this is the entire log showing me the errors, the error messages were exactly the same for both updating or trying to install a new version of VS:

…..

[0898:1304][2014-04-11T09:08:22]: Loading managed bootstrapper application.
[0898:1304][2014-04-11T09:08:22]: Error 0x80131902: Failed to create the managed bootstrapper application.
[0898:1304][2014-04-11T09:08:22]: Error 0x80131902: Failed to create UX.
[0898:1304][2014-04-11T09:08:22]: Error 0x80131902: Failed to load UX.
[0898:1304][2014-04-11T09:08:22]: Error 0x80131902: Failed while running

…..

[0898:1304][2014-04-11T09:08:22]: Error 0x80131902: Failed to run per-user mode.
[0898:1304][2014-04-11T09:08:22]: Exit code: 0x80131902, restarting: No

As you can see the advice is very similar and while this might have helped some people, it did not help me. After looking around extensively and trying different approaches, I did the opposite of what most people suggested and actually turned off the Microsoft .NET Framework 3.5.1 Windows feature located under Programs and Features – Turn Windows features on or off – see screen shot below:

disable 3.5 .NET framework photo

After turning off Microsoft .NET Framework 3.5.1 I tried installing the updates for VS2012 and installing VS2013 and everything worked flawlessly. After the installations completed successfully, I opened back the Windows features on or off menu and enabled the Microsoft .NET Framework 3.5.1 once again.

This is what I got after my simple fix/change and I hope you can get to the following screen too!

VS install successful photo

 

 

 

How To: Secure your ASP.NET MVC application and use Active Directory as the Membership Provider

Securing your ASP.NET MVC application should be priority number one every time you start a new web application. Using the attributes Authorize and ValidateAntiForgeryToken in every controller and action is the only way to avoid any security holes. In this post I’ll show you how to secure your ASP.NET application by implementing the AuthorizeAttribute and ValidateAntiForgeryTokenAttribute classes.

The basics

At the very least, you should add an [Authorize] attribute to every controller or controller Action in case you want some of the controller actions to be accessible by anonymous users. For example, you probably want ALL users to have access to the login and register actions of your web application.

By decorating the HomeController with the Authorize attribute (notice I did not specify any user role) the application will prevent any unauthenticated user from executing any of the actions in this controller.

[Authorize]
public class HomeController : Controller
{
  //...
}

The following is an example of decorating a controller action with the Authorize attribute, you want to do this when you only want to restrict access to some of the actions in a controller instead of all actions.

[Authorize]
public ActionResult Create()
{
  //...
}

Protecting against Cross-site request forgery attack (CSRF or XSRF)

The Authorize attribute offers protection that is sufficient in most cases. However, there is security hole with this and thus it opens your web application for a cross-site request forgery attack. For example, after a user logs into your site the website will issue your browser an authentication token within a cookie. Each subsequent request, the browser sends the cookie back to the site to let the site know that you are authorized to take whatever action you’re taking, so far everything is good.

Here is the problem with only using the Authorize attribute, let’s say that a user is logged in to your website and then they go to a spam site by clicking on a link that points to another site which causes a form post back to your site… this is bad, your browser will send the authentication cookie to your site making it appear as if the request came from your website and initiated by an authenticated user when it really didn’t.

The above scenario is called cross-site request forgery and can be avoided by adding the ValidateAntiForgeryToken attribute available in the .NET framework, this attribute is used to detect whether a server request has been tampered with.

The first step is to add the ValidateAntiForgeryToken attribute to every Post Action as follows:

[HttpPost, Authorize, ValidateAntiForgeryToken]
public ActionResult Create()
{
  //...
}

The next step is to add the HtmlHelper method @Html.AntiForgeryToken() inside the form in your view.

The way the ValidateAntiForgeryToken attribute works is by checking to see that the cookie and hidden form field left by the Html.AntiForgeryToken() HtmlHelper essentially exists and match. If they do not exist or match, it throws an HttpAntiForgeryException shown below:

“A required anti-forgery token was not supplied or was invalid”

By adding the ValidateAntiForgeryToken to your controller actions your site will be prepared to prevent CSRF/XSRF attacks.

Implementing Forms Authentication using Active Directory (AD)

Often times you might run across a project where you need to authenticate users of your website using Active Directory credentials, the good news is that you can use the existing “Account” controller to achieve this, only a few modifications are necessary.

When you create a new MVC Web Application project and choose the Internet Application template, the Account controller is added to the project, you can use this controller with AD to authenticate your users. For the Account controller to work with AD we need to remove all Actions but the following:

  • Logon()
  • Logon(LogOnModel model, string returnUrl)
  • LogOff()

Your Account controller should look like the following after you remove the unnecessary Actions such as ChangePassword, Register, etc…

public ActionResult LogOn()
        {
            return View();
        }
        
        [HttpPost]
        public ActionResult LogOn(LogOnModel model, string returnUrl)
        {
            if (ModelState.IsValid)
            {
                if (Membership.ValidateUser(model.UserName, model.Password))
                {
                    FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
                    if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                        && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\"))
                    {
                        return Redirect(returnUrl);
                    }
                    else
                    {
                        return RedirectToAction("Index", "Home");
                    }
                }
                else
                {
                    ModelState.AddModelError("", "The user name or password provided is incorrect");
                }
            }

            // if we got this far, something failed, redisplay form
            return View(model);
        }

        public ActionResult LogOff()
        {
            FormsAuthentication.SignOut();

            return RedirectToAction("Index", "Home");
        }

After this, go ahead and clean up the AccountModel as well so the only model class left is the LogOnModel:

public class LogOnModel
        {
            [Required]
            [Display(Name = "User name")]
            public string UserName { get; set; }

            [Required]
            [DataType(DataType.Password)]
            public string Password { get; set; }

            [Display(Name = "Remember me?")]
            public string RememberMe { get; set; }
        }

Lastly, add the following to the project’s web.config file:

adconnection

That is all! the first code snipet is the connectionstring to your Active Directory server and the second one is where we specify Active Directory as the application’s default membership provider.

Save your changes, hit Ctrl-F5 and logon to your application using your domain/AD account.

Hopefully this will help you get started to secure your ASP.NET web apps and show you a very simple way to use ASP.NET’s membership services with Active Directory.

In this post I show how to use Active Directory groups to restrict access to controller actions and make your application even more secure!

NuGet, The Package Management System for the .Net Platform

NuGet is a package management system for the .NET platform, it is supposed to simplify the process of incorporating third-party libraries into a .NET project during development. Basically, it is a great way to add (and update) open source libraries and the like to your .NET project. The first version of NuGet was released in October 2010 and it was originally named NuPack.

How to get it

NuGet can be installed from here or from Visual Studio’s Extension Manager located under the Tools menu.

The awesomeness of it

Before NuGet, the way we incorporated third-party libraries into our projects was by doing the following:

  1. Download third-party library (and any dependencies) from the web.
  2. Unpack them (as many of them come in compressed files) to a folder in our project, I usually create (or created) a folder labeled “lib” and placed all the third-party libraries there.
  3. Import to the .NET project.
  4. Make any necessary changes to the config file when needed.
Too much work right? With NuGet, you basically open your project in Visual Studio and type a command in the new Package Manager Console. For example, if you wanted to add NUnit to your project, you’ll type the following command:

Continue Reading

MIX11 – A tribute to Microsoft’s Web Stack of Love!

A few weeks ago I attended MIX11 in Las Vegas. MIX is an annual event where Microsoft showcase their new web technologies. This year it was all about new versions of existing products, such as Windows Phone 7, Entity Framework, Silverlight, ASP.NET MVC, IIS, etc… Below is a summary of what was shared on both keynotes:

  • Mango: code name for coming version of Windows Phone 7 (WP7).
  • ASP.NET MVC 3 Tools update
  • Entity Framework 4.1
  • Silverlight 5 Beta
  • NuGet
  • IIS Express
  • SQL Compact Edition 4
  • Internet Explorer 10 Preview
There were many sessions available, some of them really good and some others were not. One thing that I did appreciate was the endless supply of coffee, water and other drinks. Snacks were available as well between breakfast and lunch which were also provided by Microsoft.
All sessions are now available online as well as both keynotes, check them out!
As a software developer, the most interesting for me was the ASP.NET MVC 3 tools update, EF 4.1. Continue Reading