More about .NET Windows DLL Hell

dotNET

Although my own recent DLL hell with VS2005 is in design time, I have learned quite a good lesson about dynamically loading assemblies and the dll hell you can introduce in that way.

I have an application that makes heavy use of Reflection.Assembly.LoadFrom where I pass in the path of a DLL to be loaded. The DLLs are randomly added to the application as we create them.

What I learned was from this post of Suzanne Cooke’s about the difference between Load and LoadFrom. Load will load assemblies that are in the GAC (and a few other .NET locales) and is a big help in avoiding dll hell because the GAC does a good job of versioning. LoadFrom will load from a  file that you explicitly tell it to and cares not about versioning. There are a lot more pointers to be aware of here. Check out her post on choosing a binding context (Load and LoadFrom are binding contexts) as well as her related post about switching your code from using LoadFrom to using Load. Suzanne writes the kind of posts that cant’ be read lightly and I can’t really absorb their lessons unless it’s something that I need to know. And I needed to know this today!

Don’t Forget: www.acehaid.org

My side job: travel agent

Just Rambling

One of the pain in the rear parts of doing a lot of travel is doing a lot of travel coordination. It actually is quite time consuming to find the right flights at good times, with short layovers and not overly expensive rates. Then there’s finding hotels, dealing with the usual variety of room rates and lastly coordinating anything else that might be involved. Even when you have a travel agent helping you, there are still a lot of decisions to make. I think for every event I go to, I probably spend at least a few hours on this.

Even with my little overnight trip to do an INETA gig at TechValley .NET in Albany next week, I spent time figuring out where to stay (finally settled on a hotel in Saratoga Springs with the benefit of meeting up with a friend), if I should take a train (turns out it would be a lot more hours than driving and still include driving) or even rent a car (though I discovered the only option there was to drive 30 miles north to Burlington to get a car before heading south to Albany). So in the long run, I  have a simple plan – hop in my car and drive to Albany. But given the options, the budget and my own schedule, it was not a “no-brainer” and I infectiously put way too much thought into it.

When Kate and I sent to South Africa, we spent hours and hours on i.m. trying to find flights that we could meet up on that would be amenably priced for Microsoft and would get all of the mileage credits to our own frequent flier accounts. Then we had to go back and forth with Microsoft’s travel coordinator over a series of about 20 emails. I bet we each spent at least 4 hours doing that. This, of course, does not include planning our outings.

Don’t Forget: www.acehaid.org

INETA’s Formation – perception vs. reality

Ineta

D’Arcy Lussier writes:

Flash back a few years to when .NET was an emerging technology. Microsoft put their marketing muscle behind the promotion and creation of user group communities: groups of geeks getting together to talk about CLR goodness. Their plan worked to perfection, and user groups sprung up all over the world! An organization (which I’m a membership manager for), INETA – The International .NET Association, was created and helped bolster the user groups by providing guidance, speakers, and support.

I see it very differently.

Flash back a few years to when .NET was an emerging technology. INETA – The International .NET Association, was created by a handful of user group leaders (led by Bill Evjen) in an effort to bolster the user groups by providing guidance, speakers, and support. When INETA (with help from Microsoft’s Eric Ewing) demonstrated to Microsoft how important the user group community was, Microsoft put their marketing muscle behind the promotion and creation of user group communities: groups of geeks getting together to talk about CLR goodness.



Don’t Forget: www.acehaid.org

INETA User Group Leaders: How did you make your launch dvds?

Ineta

I am ready to give up.

We have our 5 dvds worth of content to share with our user group members but have still, after two months of begging favors, not found a way to get the copies made efficiently.

I know Lori Mckinney burned all 700+ dvds herself on two normal home dvd burners.

First we have to get someone to pay for 250 blank dvds. Then we have to find a way to copy that many.

I can’t find anyone to do it for us for free or cheaply. The best offer I had was still going to cost us $750.

How have you solved this dilemma?

Update: Here is how we are doing it! Our D.E., Thom Robbins, hooked us up with 250 blank DVDs and I have now gotten a number of user group members who have committed to burning anywhere from 4 to 10 sets. So I will burn about 10 sets myself and then mail those with a bunch of blanks to these people who will bring their burned sets to the next meeting! Yay!!



Don’t Forget: www.acehaid.org

WSE: Security Token could not be retrieved vs. Permissions and some other Certificate hints

WSE

I was pushing a new WSE 3.0 web service to a test web server. Whenever I tried to authenticate I was getting “Security Token could not be retrieved” from the server.

WSE590: Failed to resolve the following Key Info …..

I knew the sample x509 server certificate was installed. I knew I had assigned read permissions to Network Service with the Certificate tool that comes with WSE.

It took me quite a while before I realized I had installed the certificate that came with WSE2 which is different than the certificates I had created with the WSE3 Setup in the Samples.

The data that made me finally realize it was that in the error message, it referred to the SHA-1 key identifier that the client had sent to the server to look for. But that was not the id of the server certificate.

So I uninstalled the wrong certificate and installed the correct one.

Now, as a test, I did not give permission to the Network Service account to access the certificate.

The message was very different:

WSE600: Unable to unwrap a symmetric key using the private key of an X.509 certificate. Please check if the account ‘NT AUTHORITY\NETOWRK SERVICE’ has permissions to read the private key of certificate with subject name ‘CN=WSE2QuickStatServer’ and the thumbprint…..

Now how specific is that? So I am now more confident that “security token could not be retrieved” is literally about FINDING the token, not using it, which can save me a lot of time if I make that mistake again!

Another thing that messed me up was that I had originally installed the certificate into the Current User’s store but I wanted it in Local Machine. You need to export and import certificates to make them work properly. But I didn’t know this and just dragged and dropped it to the Local Computer’s Personal Store instead. That was a no-no. The documentation (see the note in “How to: Make X.509 Certificates Accessible to WSE”) explains that when you do this, even if you use the certificate tool (or other means) to apply the ASPNET or NETWORK SERVICE perms, it won’t work. That is because the file associated to the certificate (and it is the file that is getting the permissions) does not get moved along with the certificate.



Don’t Forget: www.acehaid.org