Tuesday, September 9, 2014

Mono Trusted Root Certificates missing

Tuesday, September 09, 2014 Posted by Andre Broers No comments
When you receive the following exception in mono it means mono wants to make a secure SSL connection but the certificate it gets is not trusted. Most of the time this means the root certificates are not installed in the mono environment.

System.Net.WebException: Error: SendFailure (Error writing headers) ---> System.Net.WebException: Error writing headers ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server. Error code: 0xffffffff800b010a

Use the following command to import the current root certificates. (I find it useful to do this only for the current user so that is what the command imports)

 $ mozroots --import --ask-remove

Tuesday, August 19, 2014

Add swap space to Azure Ubuntu IaaS VM

Tuesday, August 19, 2014 Posted by Andre Broers , , , No comments
By default Azure doesn't add swap space to it's Linux Virtual Machines. I don't know why but luckily it's easy to turn it on.

Follow these steps to enable swap:

edit the file /etc/waagent.conf

Toggle the option ResourceDisk.Format from 'n' to 'y'
Toggle the option ResourceDisk.EnableSwap from 'n' to 'y'
Add the swapspace size to the option ResourceDisk.SwapSizeMB. In my case 1000 for 1000MB.

# Format if unformatted. If 'n', resource disk will not be mounted.

# File system on the resource disk
# Typically ext3 or ext4. FreeBSD images should use 'ufs2' here.

# Mount point for the resource disk

# Create and use swapfile on resource disk.

# Size of the swapfile.

Also edit the file /etc/fstab and remove the line:

/dev/sdb1 /mnt auto defaults,nobootwait,comment=cloudconfig 0 2

Now after a reboot the waagent starts creating a swap file and after a while it is enabled:

swapon -s
Filename Type Size Used Priority
/mnt/swapfile                           file 1023996 0 -1

Friday, June 20, 2014

Install Mono 3.4.0 in Ubuntu 14.04 LTS from a repo

Friday, June 20, 2014 Posted by Andre Broers , , 3 comments
This is what I did to install Mono 3.4.0 in Ubuntu 14.04 LTS

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:inizan-yannick/mono
sudo apt-get update
sudo apt-get install mono-devel
sudo apt-get install mono-runtime

mono --version
Mono JIT compiler version 3.6.1 (tarball Sat May 31 16:07:15 UTC 2014)
Copyright (C) 2002-2014 Novell, Inc, Xamarin Inc and Contributors. www.mono-project.com
TLS:           __thread
SIGSEGV:       altstack
Notifications: epoll
Architecture:  amd64
Disabled:      none
Misc:          softdebug 
LLVM:          supported, not enabled.

GC:            sgen

Install ElasticSearch in Ubuntu 14.04 server

Friday, June 20, 2014 Posted by Andre Broers , , 5 comments

This is how I installed ElasticSearch on my Ubuntu box

sudo apt-get install openjdk-7-jre-headless -y
sudo wget -O - http://packages.elasticsearch.org/GPG-KEY-elasticsearch | sudo apt-key add -

Add the following line to /etc/apt/sources.list

deb http://packages.elasticsearch.org/elasticsearch/1.3/debian stable main

sudo apt-get update
sudo apt-get install elasticsearch
sudo update-rc.d elasticsearch defaults 95 10
sudo /etc/init.d/elasticsearch start

  "status" : 200,
  "name" : "Kiber the Cruel",
  "version" : {
    "number" : "1.3.2",
    "build_hash" : "dee175dbe2f254f3f26992f5d7591939aaefd12f",
    "build_timestamp" : "2014-08-13T14:29:30Z",
    "build_snapshot" : false,
    "lucene_version" : "4.9"
  "tagline" : "You Know, for Search"


Friday, May 9, 2014

How to Authenticate MVC5 Web Users with Azure Active Directory Access Control ACS

Friday, May 09, 2014 Posted by Andre Broers , , , , 2 comments
In this example I will show how to do authentication with Azure ACS from an MVC 5 web application. For this example I will use Visual Studio 2013. But we will start with some work in the Azure Management Portal.
The first thing we do is create a new Access Control Namespace. Click new in the bottom of the portal and select Access Control - Quick Create and type a unique namespace name (in my case my1stacs) and select your region.

Click create to create the new ACS namespace. Now select the tab ACCESS CONTROL NAMESPACES to find your new namespace. Select it and click on MANAGE in the bottom.

Now it is time to fire up Visual Studio and create our MVC 5 Website.
Open Visual Studio 2013 and click New Project. Select an ASP.NET Web Application, give it a location and a name and click OK.

Select MVC as the template and click on Change Authentication. Choose Organizational Accounts and select On-Premises as option. (On-Premises? Yes :-) )

Now go back to our ACS management portal and click on Development Application integration on the left and select the WS-Federation Metadata url.

Copy this url and paste it in the On-Premises Authority field in Visual Studio.

You can leave the App ID URI empty. You can change this value later when you deploy to another location in the web.config.
Click OK. And again on OK. Our web application is being generated.

Check the web.config for our Realm.

Now go back to our ACS management portal and create a new Relying Partner (our web application).
Click Trust relationships - Relying party application and click Add.

Type the Name and the Realm and the Return URL. The Realm and the Return URL are the same and are as seen in the web.config.

Leave the rest default and press Save on the bottom of the form.

We have now created a Relying party for the default Windows Live provider.

And it has created a default rule group.

Open this Rule Group and click on the Default rule group:

Now click on generate to add the default rule where it copies a claim from the Windows Live Provider to our ACS Relying Party.

Click on generate and Save.

How to implement ACS Single Sign-off functionality

Now go back to Visual Studio. The first thing we want to create is a logoff button so we can logoff and retry our demo without removing cookies etc.etc.

Edit the file _LoginPartial.cshtml

So that it looks like this:

In this you have to change the hostname to the one of your acs and the wtrealm to your realm and the last link is the one of the page to return to after the logoff. In our case the home page where you get redirected again to the Windows Live login page.

Try running the WebApplication. You immediately get redirected to the login page. When you login to the Identity Provider it wil redirect you to the home page of you application. Use the logoff link to disconnect again.

Only protect a certain area of the site

In the next example we only gonna protect the About page. So all pages of our Web Application are open but when you link to the About page you have to authorise. It's as simple as we always did with ASP.NET web applications by editing the web.config file:

Lets comment out both authorisation sections from the web.config so that we have no authentication on our web application anymore.
Next open up the HomeContoller.cs and add an Authorize attribute to our About method.

When we run our WebApplication1 we can browse our app freely as long as we stay away from the About page. (If you are still connected hit the logoff link to sign out and see that you can still access the web application). When you click the About page you will get redirected to Windows Live to logon and after this you will get redirected to the About page.

How to access the claims we got from ACS?

Use the following code to access the claims from the connected user:

Happy .netting

Sunday, May 4, 2014

Golang Trie implementation

Sunday, May 04, 2014 Posted by Andre Broers No comments
For a webcrawler I needed a low memory solution to keep track of the already crawled web urls. Because this list grows fast I choose a Trie (wiki) implementation. I just started playing with the Golang language so my implementation will be in this language.
The first thing I tried was an implementation based on maps. But it turned out the creation of maps is very memory intensive. My test of one million records failed on an out of memory error.
The code of my first attempt:

I implemented the functions again using a slice. Which turns out to be way faster and consuming less memory. It runs the tests in less than 3 seconds on a basic Microsoft Azure Ubuntu extra small instance.

I published this as a golang module to github at :

Feel free to use it.

Sunday, April 27, 2014

Install Oracle JDK in Ubuntu

Sunday, April 27, 2014 Posted by Andre Broers , No comments
While installing OpenJDK in Ubuntu is simple, installing the Oracle variant is a little more complicated. Because some installations prefer the Oracle (Sun) version of the JDK I will explain the installation of the Oracle (Sun) version of the JDK.

sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java7-installer

After accepting the Oracle licenses the installation will start. When finished you will be able to use the java binaries:

azureuser@mygo01:~$ java -version
java version "1.7.0_55"
Java(TM) SE Runtime Environment (build 1.7.0_55-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.55-b03, mixed mode)