Friday, October 7, 2011

ORA-12154: TNS:could not resolve the connect identifier specified in Visual Studio

Hi guys,

If you are trying to connect to an Oracle Database, through Server Explorer in Visual Studio, you have to ensure that:

1. You have installed the Oracle Data Provider (downloadable from the Oracle Website)
2. Have created the tnsnames.ora file, holding information about the databases (http://www.orafaq.com/wiki/Tnsnames.ora). This file should be created most often in the Network\Admin folder under the Oracle Provider. In my case: C:\app\user\product\11.2.0\client_1\Network\Admin

After having these prerequisites, I still couldn't connect to the Oracle Database. The Visual Studio wizard told me: "ORA-12154: TNS:could not resolve the connect identifier specified". What resolved this issue for me was to add the Environment Variable with name "TNS_ADMIN" and value the Path to the directory containing the "tnsnames.ora" file.
Something like:
TNS_NAMES="C:\app\user\product\11.2.0\client_1\Network\Admin"
Then just restart Visual Studio and you're free to go.

Hope this helps someone out there :)

Wednesday, July 20, 2011

More on Template Design Pattern

Hi guys,
hope you liked the last article, which included a modification the Template method pattern.

I would like to continue the same topic and expose another useful implementation of the pattern. It's a very basic example of OOP - nothing advanced.

What do we want solve
In web applications you often have to expose your data through different formats - like XML, JSON or RSS. Every time, you need to get the Response of the page, clear it, fill it with contents and then end the Response.
This can be an error prone information, as you have to take care of some details like "Flushing" the response before ending it. It would be nice, if you could skip these details after you've written and tested them once.

Response Template implementation
My approach to this problem was to create a simple ResponseTemplate class, which is actually a plain implementation of the Template design pattern. Below is a sample implementation:

public abstract class ResponseTemplate
{
protected HttpResponse Response { get; private set; }

public ResponseTemplate(HttpResponse httpResponse)
{
this.Response = httpResponse;
}

public void WriteResponse()
{
this.Response.Clear();

SetContentType();

Write();

this.Response.Flush();
this.Response.End();
}

internal abstract void Write();

internal abstract void SetContentType();
}


Using this class, you forget about the details. You just pass the HttpResponse and implement the SetContentType() and Write() methods.

Now if I would want to return an XML I would write a concrete implementation inheriting the ResponseTemplate class:
public class XmlResponse : ResponseTemplate
{
private string XML { get; set; }

public XmlResponse(HttpResponse httpResponse, XDocument doc)
: base(httpResponse)
{
this.XML = doc.ToString();
}

public XmlResponse(HttpResponse httpResponse, string xml)
: base(httpResponse)
{
this.XML = xml;
}

internal override void Write()
{
base.Response.Write(this.XML);
}

internal override void SetContentType()
{
base.Response.ContentType = ContentType.Xml;
}
}


In the end, these are all just plain and very simple OOP principles. The main purpose why I continue making them look harder by calling them things like "Template Design Pattern" is that this facilitates your communication with the other developers. But, this is a whole different topic, worth writing some day.

Happy coding!

Thursday, May 19, 2011

Try/Catch refactoring

Hi guys,
every now and then I enjoy learning and inventing some new tiny tricks and tips. They make my life easier and my code tidier. Today I would like to share some small refactoring, which I find neat and use all the time.

Original Code
Most probably, you often have to write repetitive code like the one below:
try
{
// Perform operations
}
catch (System.Exception ex)
{
// Log Exception
}

This is pretty common in windows applications/services. What I don't like is repetitive writing it.
So, how can we refactor it? We can review our list of Design Patterns and observe that what we can do is implement something like the Template method pattern. In C# we can use lambda expressions and anonymous methods to implement a lightweight version of a modification of this pattern.

Template method pattern modificatoin
Using the Template method pattern idea, we have to wrap our executing code with try/catch statements. We can create a class we can use to actually "inject" our operation. Something like this one:

public static class SafeCodeExecutor
{
public static T Execute<T>(Func<T> operation)
{
try
{
return operation();
}
catch (System.Exception ex)
{
// Log Exception
}
return default(T);
}
}

Now, we can freely use our SafeCodeExecutor throughout our project. Sample usage would be:
string designPatternName = SafeCodeExecutor.Execute<string>(() => 
{
return "Template method pattern";
});

Of course, you can free use a method inside the Execute<>.

You can build more Execute template methods which fit your needs - for instance taking Action with some parameters and etc (for instance:
public static void Execute<T>(Action<T> operation, T item)
). It's all up to you.

Hope you liked this little trick!

Monday, February 28, 2011

FIPS compliant algorithms

Hi guys!

Distributed software
If you're building and distributing a software/product, you must be aware that some of the Encryption algorithms of the .NET Framework are considered "FIPS approved" (Federal Investigation Processing Standards) and others aren't.

What problems can cause this? Well, if you're using MD5 in your distribution and your customer is running your software on a machine configured to ensure FIPS, your software won't be working.

For instance, in Windows there is a setting called - "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing". Enabling it, ensures that all applications on the PC are using algorithms which are approved by FIPS.

FIPS approved algorithms list
It's a good idea, to always check the Encryption algorithms you're using against the list of approved FIPS algorithms:
https://wiki.mozilla.org/FIPS_Validation

This way you'll ensure your software robustness and reliability.

More resources

http://csrc.nist.gov/groups/STM/cmvp/standards.html#02

http://technet.microsoft.com/en-us/library/cc780081%28WS.10%29.aspx

Monday, February 21, 2011

Little victories make up the big victory

Hi guys!

This will be my first blog post, not directly related to problems, code snippets and etc. I hope I'll write more like these in the future!

Code refactoring
In our daily work we frequently do refactoring. Sometimes we do some pieces of code refactoring, which we enjoy as we see the code becoming better and better and we feel happy and satisfied about that. But sometimes, we have to refactor something bigger, some spaghetti code with much legacy in it.
I've encountered such case recently. I struggled with it for few days and was highly disappointed by my performance.

Don't underestimate your tasks
I was frustrated as nothing was working. I've taken a wrong decision to cut-off the whole project I wanted to refactor and rewrite it. Thinking it will be an easy job to do, I didn't pay much attention, neither estimated accurately all the functionality I had to cover.

What happened was that it turned out to be tougher than expected. I had erased everything old, the whole solution couldn't be build. I couldn't even cover all the functionality, yet. This all happened for few days in which I've been feeling miserable. It was a dead-end thing and I haven't felt that way for some time. I was close to resigning from this task, as the deadline was coming closer and I was becoming more and more heartless. But admitting that you have failed with a task is something hard to live with (at least for me).

Don't lose hope, change directions
Then, I decided to change completely my plan I've firstly tried to follow. I commented most of the code I haven't refactored yet and struggled with building the other code. I've spent few hours on this, but finally built the project (Victory 1). I've started testing and bug fixing (Victory 2..N). It was such a relief. This whole system was alive and beating again!

Get motivated, get the work done
I saw a light in the dark - this whole thing might start working. Fully motivated, I continued iteratively refactoring the remaining part of the project. This took me some time, but in the end, everything was fine and I was satisfied with my work.

The moral of this story is, that when firstly I got my project built successfully this was actually my first victory - and it felt great. When I started testing, bug-fixing and improving my code I achieved my next victories. From this time on the job was easy to do.

Small victories, make up the big victory
Sometimes, you need to get to the small victories as fast as possible, to have the power and motivation to continue until you win the battle.

Learn from your mistakes and don't repeat them
Next time, I'll certainly pay more attention to the details, estimate them and try to iteratively do things, not taking them all at once.

Keep tuned, for more stories of failures and successes!

Sunday, January 16, 2011

Securing your application's configuration data

Hi guys!
We all add our passwords, connection strings and etc in our config files. But how secure are they? I'll focus on Web Applications.

Basic security
Internet Information Services (IIS) - the most popular server for ASP.NET Applications is by default set to reject all requests to files with extensions .config. So, any file on your web server, named as *.config is safe and cannot be viewed.

Next steps
However, let's consider another scenario. What if we want to protect ourselves from everyone who actually have access to our web servers? We can use 3 approaches - it's only up to you to choose how to combine them:

1. Built-in web.config encryption - By default ASP.NET provides as with the functionality to encrypt the whole web.config or a configuration section in it. After we encrypt it the IIS server automatically decrypts it when starts reading the web.config file. Encrypting is simple and straightforward:

aspnet_regiis -pef ConfigurationSectionName

Example is explained here: http://odetocode.com/blogs/scott/archive/2006/01/08/encrypting-custom-configuration-sections.aspx

2. Custom encryption - In most cases, we're collaborating with other people when working on projects and our source is saved into a Source Control. If we want to hide some sensitive information, we can't actually check-in an encrypted config section, because we won't be able to change the settings there anymore.

What we can do now is implement a custom Encryption and Decryption algorithm. Then we'll be able to save an encrypted version of the password in the config file and decrypt it before we start using it. We use plenty of approaches for doing this - use standard algorithm like Rijndael or write a custom encryption/decryption function. Someone can still decrypt the password, but it's not in plain text anymore.

3. Operating System access control usage - We can go one step further - we can physically deny access to the configuration files for anyone except the Application Pool user of our Web Application. This way no one logged on the machine won't be able to see the contents of these files.

This security is useful, when there are people having access to the server - they can log in or browse it through network share. Restricting the permissions only to the Application Pool User will prevent everyone else from reading the contents of these files.

In Conclusion
Security is an important part of our applications. All ways to add security to your application in this article are quite simple. You can combine any set of them, until you're satisfied with the level of security or meet your project's security requirements.

You can leave a comment, if you have some additions to this list of security actions.