A Rant about Openness

May 2nd, 2008 by Daniele Muscetta

It is interesting to see that a bunch of open source projects written on and for the Microsoft platform grows and grows, and also nice to see that a lot of Microsoft employees are very active and aware of the open source ecosystem, rather than being stuck with only what the company makes. Phil Haack, in a post about an interview to Brad Wilson,  wisely writes:

"[…] What I particularly liked about this post was the insight Brad provides on the diverse views of open source outside and inside of Microsoft as well as his own personal experience contributing to many OSS projects. It's hard for some to believe, but there are developers internal to Microsoft who like and contribute to various open source projects. […]"

In fact, being made by Microsoft people or not, the list of open source software on CodePlex keeps growing too. Mentioning CodePlex and interviews, another interesting one is that of Sara Ford, Program Manager for CodePlex posted on Microspotting. But Microspotting is awesome in general. My favorite quote by her:

"[…] Hey. My name is Ariel and I'm the person you thought would never work at MSFT […]".

In fact, just as I do, she is running that blog on WordPress, posting her photos on Flickr, using a RSS feed on Feedburner and in general using a bunch of things that are out there that might be seen as "competing" with what Microsoft makes. In fact, this attitude towards other products and vendors on the market is what I am mainly interested in. Should we only use flagship products? Sure, when they help us, but not necessarily. Who cares? People's blogs are not, as someone would like them to be, a coordinated marketing effort. This is about real people, real geeks, who just want to share and communicate personal ideas and thoughts. I had a blog before being at Microsoft, after all. Obviously I had exposure to competing products. My server was running LAMP on Novell Netware in 2002 – after which I moved it to Linux. It is not a big deal. And if I try to put things in perspective, in fact, this is turning out to be an advantage. I am saying this, as the latest news about interoperability comes from MMS (Microsoft Management Summit): and that is the announcement that System Center Operations Manager will monitor Linux natively. I find this to be extremely exciting, and a step in the right direction… to say it all I am LOVING this!!! But at the same time I see some other colleagues in technical support that are worrying and being scared by this – "if we do monitor Linux and Unix, we are supposed to have at least some knowledge on those systems", they are asking. Right. We probably do. At the moment there are probably only a limited number of people that actually can do that, at least in my division. But this is because in the past they must have sacrificed their own curiosity to become "experts" in some very narrow and "specialized" thing. Here we go. On the opposite, I kept using Linux – even when other "old school" employees would call me names. All of a sudden, someone else realizes my advantage.  …but a lot of geeks already understood the power of exploration, and won't stop defining people by easy labels. Another cool quote I read the other day is what Jimmy Schementi has written in his Flickr profile:

"[…] I try to do everything, and sometimes I get lucky and get good at something […]".

Reading on his blog it looks like he also gave up on trying to write a Twitter plugin for MSNLive Messenger (or maybe he never tried, but at least I wanted to do that, instead) and wrote it for Pidgin instead.  Why did he do that ? I don't know, I suppose because it was quicker/easier – and there were API's and code samples to start from.

The bottom line, for me, is that geeks are interested in figuring out cool things (no matter what language or technology they use) and eventually communicating them. They tend to be pioneers of technologies. They try out new stuff. Open Source development is a lot about agility and "trying out" new things. Another passage of Brad's interview says:

"[…] That's true–the open source projects I contribute to tend to be the "by developer, for developer" kind, although I also consume things that are less about development […] Like one tool that I've used forever is the GIMP graphics editor, which I love a lot".

That holds true, when you consider that a lot of these things are not really mainstream. Tools made "by developer, for developer" are usually a sort of experimental ground. Like Twitter. Every geek is talking about Twitter these days, but you can't really say that it is mainstream. Twitter has quite a bunch of interesting aspects, though, and that's why geeks are on it. Twitter lets me keep up-to-date quicker and better (and with a personal, conversational touch) even better than RSS feeds and blogs do. Also, there are a lot of Microsofties on Twitter. And the cool thing is that yo can really talk to everybody, at any level. Not just everybody "gets" blogs, social networks, and microblogging. Of course you cannot expect everybody to be on top of the tech news, or use experimental technologies. So in a way stuff like Twitter is "by geeks, for geeks" (not really just for developers – there's a lot of "media" people on Twitter). Pretty much in the same way, a lot of people I work with (at direct contact, everyday) only found out about LinkedIN during this year (2008!). I joined Orkut and LinkedIN in 2004. Orkut was in private beta, back then. A lot of this stuff never becomes mainstream, some does. But it is cool to discover it when it gets born. How long did it take for Social Networking to become mainstream? So long that when it is mainstream for others, I have seen it for so long that I am even getting tired of it.

For some reason, geeks love to be pioneers. This is well expressed in a digression by Chris Pratley:

"[…] some of them we will be putting out on officelabs.com for the general public (you folks!) to try so we can understand how "normal" people would use these tools. Now of course, as we bloggers and blog-readers know, we're not actually normal – you could even debate whether the blogosphere is more warped than the set of Microsoft employees, who comprise an interesting cross-section of job types, experiences, and cultures. But I digress. […]"

But I have been digressing, too, all along. As usual.

reportr – Show your Flickrness!

April 27th, 2008 by Daniele Muscetta

reportr - Show your Flickrness!

How many times you have gone somewhere (public demonstration, event, concert, etc) where yo saw other people shooting photos and you though "some of them MUST be flickr'ers"…. but you never had the guts to go and introduce yourself?

Now it's time to show off that you are a Flickr'er, and let other people figure it out.

Polo:

www.cafepress.com/cp/customize/product.aspx?clear=true&am…

Cap:

www.cafepress.com/cp/customize/product.aspx?clear=true&am…
NOTE:

This is just an idea and it is NOT endorsed by Flickr itself.

Also, I do not get any money for it – those are just the prices imposed by the online shop used to create them. I just thought it was a funny idea and I wanted to share it.

Ca(p)tching Cats and Dogs

March 9th, 2008 by Daniele Muscetta

I read on Jeff Atwood's blog about most strong Captcha having been defeated. Also, on top of visitors getting annoyed by it, the Captcha plugin I am using has gone unmantained lately. And, one way or another, I am getting comment spam again. Which is something I really hate as you know what I would love to do to spammers

I am seriously considering giving Asirra a try. It is an interesting project from Microsoft Research for an HIP (Human Interaction Proof) that uses info from petfinder.com to let users set apart pictures of dogs from those of cats. There is also a WordPress plugin, in the best and newest "we want to interoperate" fashion that we are finally getting at Microsoft (this has always been the way to go, IMHO, and BTW).

Anyway, what do you think ?

Merry XMas

December 22nd, 2007 by Daniele Muscetta

This post is to write down some thoughts before Christmas, along the lines of what I have written yesterday in an email to a lot of colleagues (and I definitely forgotten some of them because there are too many great people I've worked with… so if you are one of the forgotten ones and you are reading this: I'm sorry!).

The last few months have been very busy with work. As much as I enjoyed them anyway, and learned a lot in the process and from the people I worked with, I now really want to enjoy these few coming days of Christmas holidays and RELAX and spend some quality time with my family and friends.

So I wish the same for all of you: that you may spend a Merry, relaxing Christmas, and have a great start for a grand, brilliant new year!

 

As a side note, having been very busy I have blogged a lot less. Blogging implies that I already have a sort-of-well-formed thought, that should span a few lines or paragraphs, otherwise I don't find it worth it. That does not mean I don't have small ideas or other things I like to share when I come up with them. That is why I am using microblogging and Social Networking a lot lately, so I remind you that even if this blog's builtin feed only includes the REAL FEW blog posts, then I also have another (very "chatty") feed that you can use to "follow me" and that one includes all of the following combined feeds: my status messages from Facebook, my Twitter messages, my pictures on Flickr, the stuff I read somewhere else and then share on Facebook, the places I visit and mark on 43Places and the goals I achieve, want to achieve, or I simply talk about on 43Things, as well as the REAL posts on this blog. It is my implementation of what has been called a "lifestream" by other bloggers.

Doha, Qatar

December 2nd, 2007 by Daniele Muscetta

Doha, Qatar | Commercial Road

Doha, Qatar | Commercial Road, uploaded by Daniele Muscetta on Flickr.

Last week I have been to Doha, Qatar, visiting a customer site and learning from a colleague how to deliver my first "official" MOM Health Check. I have spent most of my time working on Microsoft Operations Manager, of course, but I also did manage to walk around a bit on my late afternoons and evenings and see some stuff. So, as I usually do in these cases, I took a ton of pictures.

I found an interesting place, filled with contrasts between old and new, tradition and competition, ancient and modern.
It's a living place that is certainly working hard to get over the oil business model and attract richness in different ways.

John Lockerbie spotted my photos on Flickrs and asked me permission to use some of the, so they have been now republished on his very interesting page about Islamic Urban design and architeture and the one about islamic society.
They both are an interesting read, and most of his site is.

Using Live ID to authenticate to WordPress

November 2nd, 2007 by Daniele Muscetta

Yesterday I've been hacking a bit with the Windows Live ID SDK and I wrote a very small and simple plugin for WordPress that enables you to login in to WordPress with your passport Live ID.
I had read in various places that such a plugin would be welcome… I looked around and found none yet (if anyone has instead already written something like this and I missed it I will happily waste the simple stuff I did for something more advanced/well written… just let me know :-)).
I took a look at a similar experiment, and eventually even found that there is some conceptually similar plugin written to work with OpenID. The wordpress openid plugin is much more complex and much more advanced than what I did, tough. It will let you log in with just ANY OpenID user, it will automatically create a user for you on that wordpress installation and associate it with your ID, even just for the purpose of commenting, etc.

But in my blog I don't require or need people to actually log in to do anything. I actually like anonymous/free comment. A CAPTCHA takes care of spammers and I am fine with it so far. Probably for a big site with a lot of users it might make sense, but for my blog so far it doesn't. But there's one thing for which this is instead useful: I have always been worried, when logging in through HTTP (thus, without SSL) to my blog from networks I don't manage or completely trust, that my password could be sniffed over the wire and stolen. Live ID solves my problem by letting Microsoft validate my identity: I have associated my Live ID to the blog's main user account(=myself), the one writing this post. So the plugin in its current form is used as a replacement of the login form (the standard wp-login.php wordpress form CAN still be used if you like, of course, you just don't HAVE to. Also the use of xmlrpc will still require local user/pwd combination.). Anyway, this new form will authenticate you thorugh Live ID and then check if your Live ID is associated to any local user. If it is, it will log you on to wordpress with that account. Otherwise it will inform you that you are successfully logged on to passport Live, but unfortunately there is no corresponding local account for you, and that it would need to be set up. Setting it up is as difficult as adding a line to the database… probably adding a form or a property page would be nice, but in my case I just did it with a query:

INSERT INTO `wordpress`.`wp-usermeta` (
`umeta_id` ,
`user_id` ,
`meta_key` ,
`meta_value`
)
VALUES (
NULL , '1', 'LiveID', 'f11fa1d3e82c68776f94a3a5c459b70b'
);

which adds an extra "property" for the first user (admin) called 'LiveID' which contains your Live ID (the one above is not my real one, in case you were wondering). When you are authenticated by LiveID and you get back this value, the plugin checks in this table which WordPress userid in the database has been associated with this Live ID and – if it finds one – it authenticates you as that user. Of course you should not have duplicates.

My code is mostly based on the SDK PHP Sample, with some modification to integrate it in WordPress as a plugin. Of course I removed the file that is used as "user database" and used wordpress DB instead.

There's a ton of things that could be improved. I just did not put any more effort and time in it. As you might know if you read this blog, I am not a full time developer. Actually I shouldn't write code at all for work and I am mainly considered an "infrastructure" guy. Anyway, I would like to code more and even if I am not supposed to, I always try to find stimulating situations that require a bit of integration, thinking out of the box, some scripting, etc…

[updated: november 3rd 2007] You can download the sample plugin "AS-IS" here: liveauth.zip . This has only been tested and only works with WordPress 2.3.x serie (but should also work with earlier versions – not tested)

[updated: march 30th 2008] WordPress 2.5 has changed the way the authentication cookie is generated, therefore here is an updated version of the plugin that works with the new secure cookies: liveauth02.zip
I should really invest some more time in this and clear up the code. I should also make an interface to make the configuration easier, and maybe make a version that works on both 2.3 and 2.5 branches. I am not sure when I will have time for that, though…

[updated: april 20th 2008] I have released version 0.3c of the plugin which now finally includes a simple configuration page, and should work on both WordPress 2.3 (and older) and on the 2.5 brach. Please visit the new Windows Live ID Authentication WordPress Plugin Page.

Disclaimer:
The information in this weblog is provided "AS IS" with no warranties, and confers no rights. This weblog does not represent the thoughts, intentions, plans or strategies of my employer. It is solely my own personal opinion. All code samples are provided "AS IS" without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.
THIS WORK IS NOT ENDORSED AND NOT EVEN CHECKED, AUTHORIZED, SCRUTINIZED NOR APPROVED BY MY EMPLOYER, AND IT ONLY REPRESENT SOMETHING WHICH I'VE DONE IN MY FREE TIME. NO GUARANTEE WHATSOEVER IS GIVEN ON THIS. THE AUTHOR SHALL NOT BE MADE RESPONSIBLE FOR ANY DAMAGE YOU MIGHT INCUR WHEN USING THIS PROGRAM.

Test from WordPress 2.3

September 26th, 2007 by Daniele Muscetta

Blog works, all the plugin work too. I will *only* have to re-write a whole bunch on SQL queries for my .Net frontend that is now broken. I'll do that at one stage, now I can't be asked.

It's nice to see things called by their real name

September 3rd, 2007 by Daniele Muscetta

Facebook Terms of Service state that it is forbidden to "[…] use automated scripts to collect information from or otherwise interact with the Service or the Site […]"

For this reason, I had to pull down the code of the small application I had previously released, which was "logging" into the mobile web application "pretending" to be a mobile browser and change your status. Big deal!!!

I am quite sure there are a lot of people writing "official" applications (that is using the "platform API" and so on) that are collecting A LOT of information about users who install their applications. They are being sent the info about the visitors by facebook, they are storing them, they might do whatever they please with (study it, sell it to spammers, to marketers, to making-money-assholes) and nobody will ever notice because it is on their servers and nobody can check that.

But a script that changes your status from remote – since this is not a functionality they CHOSE to expose in their API – then THAT is a big issue. Doh!
It's just plain ridiculous, but that's it.

Sure, the terms of service for app developers say a bit more in this regard:

[…]
4) Except as provided in Section 2.A.6 below, you may not continue to use, and must immediately remove from any Facebook Platform Application and any Data Repository in your possession or under your control, any Facebook Properties not explicitly identified as being storable indefinitely in the Facebook Platform Documentation within 24 hours after the time at which you obtained the data, or such other time as Facebook may specify to you from time to time;

5) You may store and use indefinitely any Facebook Properties that are explicitly identified as being storable indefinitely in the Facebook Platform Documentation; provided, however, that except as provided in Section 2.A.6 below, you may not continue to use, and must immediately remove from any Facebook Platform Application and any Data Repository in your possession or under your control, any such Facebook Properties: (a) if Facebook ceases to explicitly identify the same as being storable indefinitely in the Facebook Platform Documentation; (b) upon notice from Facebook (including if we notify you that a particular Facebook User has requested that their information be made inaccessible to that Facebook Platform Application); or (c) upon any termination of this Agreement or of your use of or participation in Facebook Platform;
[…]
You will not directly or indirectly sell, export, re-export, transfer, divert, or otherwise dispose of any Facebook Properties to any country (or national thereof) without obtaining any required prior authorizations from the appropriate government authorities;
[…]

Are we sure everybody is playing by these rules, when every facebook "application" really runs on the developer'server ? How do you know that they are really storing only what you want them to store, and deleting what you want them to delete ? Everybody knows how difficult it is to really "delete" digital content once it has come into existance… who knows how many copies of this database/social graph are floating around ?

Of course that is not an issue because people don't talk about it enough. But a script that changes your status – now, THAT is a very terrible thing.

I just don't get this "politically correctness". It must be me.

Oh, no… look! It's not only me!
I had read this post of Dare, but I problably had overlooked the last bit of it…. because he did point out this Hypocrisy going on:

[…]
Or (5) the information returned by FQL about a user contains no contact information (no email address, no IM screen names, no telephone numbers, no street address) so it is pretty useless as a way to utilize one’s friends list with applications besides Facebook since there is no way to cross-reference your friends using any personally identifiable association that would exist in another service.

When it comes to contact lists (i.e. the social graph), Facebook is a roach motel. Lots of information about user relationships goes in but there’s no way for users or applications to get it out easily. Whenever an application like FacebookSync comes along which helps users do this, it is quickly shut down for violating their Terms of Use. Hypocrisy? Indeed.
[…]

He then insists in a more recent post in calling things by their name:

[…]
I will point out that 9 times out of 10 when you hear geeks talking about social network portability or similar buzzwords they are really talking about sending people spam because someone they know joined some social networking site. I also wonder how many people realize that these fly-by-night social networking sites that they happily hand over their log-in credentials to so they can spam their friends also share the list of email addresses thus obtained with services that resell to spammers?
[…]
how do you prevent badly behaved applications like Quechup from taking control away from your users? At the end of the day your users might end up thinking you sold their email addresses to spammers when in truth it was the insecure practices of the people who they’d shared their email addresses with that got them in that mess. This is one of the few reasons I can understand why Facebook takes such a hypocritical approach. :)
[…]

Thanks, Dare, for mentioning Hypocrisy. Thanks for calling things by their name. I do understand their approach, I just don't agree with it.

I did pull my small application off the Internet because I have a family to mantain and I don't want to have legal troubles with Facebook. Sorry to all those that found it handy. No, I cannot even give that to you per email. It's gone. I am sorry. For the freedom of speech, especially, I am sorry.

I will change my status more often on Twitter.

New Photo Category Visualization

August 26th, 2007 by Daniele Muscetta

New Photo Category Page

Copying the advice by Small Potato, I made a different page for the 'Photos' category/tag on this blog. It has been a bit trickier than I first thought, because he keeps his picture uploaded into wordpress itself, while I had to write a small plugin using a regular expression to extract the "IMG SRC" portion of the post content. This way I also experimented with WordPress templates, plugins and structure a bit more than I had done before… and I am even more convinced than before that it can easily be used as a CMS rather than *just* a bloging software.

Updated RSS Feed for this blog

August 16th, 2007 by Daniele Muscetta

I got tired of using FeedBurner, really. So I made a much more flexible and "Complete" integrated feed that includes posts on this blog, my photos on Flickr, my Status Changes on Facebook and Twitter. Please update your aggregator if you were using the old feed (which still works btw, but will keep having less information in it).

Windows Live ID Web Authentication 1.0 SDK !

August 16th, 2007 by Daniele Muscetta

Check this out:

Windows Live ID Team has published on the web the SDK that lets you liveID (or "passport")-enable your applications!

http://msdn2.microsoft.com/en-us/library/bb676633.aspx

There are even code samples in six different languages: C#, Java, PHP, Python, Ruby e Perl! You can download them from http://go.microsoft.com/fwlink/?LinkId=91761

Wow! Having time, it would be cool to write a WordPress plugin using Passport authentication to authenticate/identify users that want to comment… mumble mumble….. :-)

Interoperability. Wow.

More info at the Live ID starting Page: http://dev.live.com/blogs/liveid/archive/2006/05/18/8.aspx

Facebook development

July 26th, 2007 by Daniele Muscetta

I have been quite hooked into Facebook for the last couple of days, figuring out what it can and cannot do. It can do a lot. The possibility to inject code and brand new application into it is absolutely awesome.

PopFly lets you create mashups and even custom blocks, and I liked that too. But you have to use fancy-shiny Silverlight (which is very cool indeed, but probably not *always* necesary) and you can only create blocks using Javascript. Sure, as someone as already written, the meaning of AJAX is "javascript now works". I can understand (even if I don't know them for sure) the reasons behind certain choices. But I find it limiting. Maybe it is because I don't like Javascript. It must be it. 

Facebook, instead, empowers you to inject code into their social networking framework. Any code. In whatever language you like. They started it in PHP, but you can plug-in whatever you like: Java, Ruby, Perl…. you can even have your application running on your own server, still providing a seamless experience inside of facebook. This opens up to millions of possibilities, and I got fascinated by that.

At the same time, the paranoid part of myself has been thinking to the security implications of it. This open platform is cool, but it also sounds like a framework for cross-site-scripting (XSS) attacks. Sure, you can "report" an application made by a third party that does something weird… but who will really notice if all that happens under the hood is that your cookies get stolen (and someone accesses your bank account) ? Will you figure it out it has happenend because you wanted to see the "dancing pigs" loaded in your profile ? Or will you figure it out at all ?

This said, I set aside my fear for a while and I delved into coding. What I did learn in the last couple of years, having slowly moved away from security engagements, is to relax. When I was working costantly with security I was a lot more paranoid. Now I case much less, and I live a lot more.

So I developed a couple of quick and simple apps running from this very server into Facebook, and I started using thePHP5 library they provide, so to be able to follow the examples first and figure out how it was working.

Now I also want to take a look at the .NET library for facebook when I have time. It sounds cool.

Facebook

July 23rd, 2007 by Daniele Muscetta

Facebook_Daniele

Facebook_Daniele, uploaded by Daniele Muscetta on Flickr.

Yet another social networking. I am on there too, now.
http://www.facebook.com/p/Daniele_Muscetta/742258687

Ah, and by the way, I really find it incredible that every time I invite some people to a new social networking site (it has happened for all of them), it happens that some (many) of the persons I have invited reply to me or call me asking me "is this really sent by you ?" "it looked like spam" "what is this thing" and the like.

Come on, guys, we are in year 2007, you still don't know what social networking is… especially if you work in IT you are sort of a dinosaur, you know?

Where did I leave that old JavaScript book ?

June 5th, 2007 by Daniele Muscetta

When testing out PopFly, I figured out I *really* need to know JavaScript better than I do, in order to build "blocks". And I don't just need it for PopFly, of course, but in general – because these days it is ubiquitous, and it is being used so much on the Web. One more thing on my to-do list. Jeff seems to agree.

This blog in C#

May 30th, 2007 by Daniele Muscetta

I have been busy trying to write a new frontend for this blog that uses .Net. I already blogged about it here. In the last couple of weeks I have been adding stuff – permalinks using mod_rewrite, I finally show the comments properly, I have added categories and category archives (as in http://www.muscetta.net/dotnet/tag/coding). There is even an RSS Feed.

The layout is still crap, but I sort of like it being so light weight, so that is not on my priority list so far. Moreover, I am a crap designer.

Before that, tough, I still have to add important functionalities like the possibility to POST comments (which needs a new CAPTCHA, etc, so it will take me a while), and I am having issues with text encoding (it does not show the accented characters properly, yet).

But I am having fun doing it.

[Edit of December 2009 – I killed the above experiment. I had fun doing it, but there is not time for all, it needs a lot of work to keep it running/update it with every wordpress update, and mod_mono is wasting too many resources on the server.]

Microsoft Popfly

May 19th, 2007 by Daniele Muscetta

Microsoft Popfly

You can build complex web-mashups in minutes.

Read on an interesting review at programmableweb.com and, obviously, more info at the official site http://www.popfly.ms

Italian Microsoft Bloggers

May 11th, 2007 by Daniele Muscetta

Some days ago some of my colleagues (most of them in Milan) who have a blog, decided to gather together to talk to each other and to share experiences about blogging, technology, Microsoft, etc.
What they basically did for now was to make a list of all italian Microsoft blogger.

I could not attend, as it turns out I am the only guy in Rome, among all of them.
That is strange. What is also strange is being all of a sudden in a list of *Microsoft* bloggers. I had never thought of myself like a *Microsoft* Blogger. Sure enough I work at Microsoft, but as my disclaimer says it clear "The content of this site are my own personal opinions and do not represent my employer’s view in anyway.". I just feel like I am myself. And I also have a blog. MUSCETTA.COM has been online for 5 years now, and I have only been working for Microsoft for less than three years now.
For sure, I do blog about technology, also Microsoft technology. Of course, I also talk and write and blog about NON-Microsoft technology. In the past I did try to get an official blog (which I called a "corporate blog") but then I preferred to keep using my own domain, just because a lot of what you find here is often personal, politically incorrect and even – yes, I am gonna write it – open source.

Don't get me wrong, I love being at this company, because there's a lot of brilliant people and you cannot find anywhere in any other company such a huge mix of techies that rock so much and are so passionate about what they do! Those other bloggers in that list are this kind of people.

This said, this will stay my random and personal thoughts' basket. I like being in the community, but don't take my word for "official" please. Those you find written here are just my ramblings written from the couch after dinner.

WordPress.Net

May 1st, 2007 by Daniele Muscetta

WordPress.Net

WordPress.Net, uploaded by Daniele Muscetta on Flickr.

It has been quite a while that I wanted to experiment a bit more with ASP.Net but I don't have a windows machine on the internet. Not one that performs enough anyway. My server runs linux. I have had mono running on it for a while, but its support was not complete with the old release of Debian, so part of my mono and mod_mono installation were a custom compile and they were breaking from time to time, each time some library got updated. So I did run a "Hello World" page with it, but nothing more, because it was a bit of a mess to mantain and, moreover, because I had not yet figured out how to have it connect with mysql instead than with MS SQL Server.
Also, I did not have any real project or idea to implement in my mind.

Now that I have upgraded to Debian Etch, mono support seems to be much more out-of-the-box and stable on this release. I also got an idea of what to do with it, so I finally gave it a try.

As a starter, I am trying to re-publish my blog, historically running at www.muscetta.com, on my other muscetta.NET domain (it makes sense to use a .NET domain, right?). But this is not a new site, it is a republish of the same content, but done using C# – just pointing at the same wordpress' mysql database. Connection to MySQL is done with MySql.Data (the ADO.Net driver for MySQL).

I still need to implement a lot of things/features, such as comment posting (you can only read them now), some layout/styling/framing to make it look nicer, some sidebar/blogroll, feeds, and a many other things. I am not aiming at a complete rewrite (for example I won't do an administrative interface or a webservice so far), but just a republish/frontend to the visitors.
I don't know when I will have time to continue writing it, but all in all I am glad it works so far, and I had fun doing it.

Writing ASP.Net for mono on linux in the absence of Frontpage server extentions and WebDAV and the remote debugger is proving slightly more challenging than just dragging and dropping controls in Visual Studio and let it do a lot of work with you. You have to write the code, upload it, and see if it works. No debugging, no intellisense. Just the hard old way of trial and error, which makes development slower, but you learn a hell of a lot more that way. Of course you need to keep the MSDN library handly :-)

[Edit of December 2009 – I killed the above experiment. I had fun doing it, but there is not time for all, it needs a lot of work to keep it running/update it with every wordpress update, and mod_mono is wasting too many resources on the server.]

Everybody loves T-Shirts, Etch.

April 14th, 2007 by Daniele Muscetta

An old photo of Joshua in his Debian T-Shirt has been used (with permission) by Holger Levsen in his presentation of http://www.debian-community.org/ given at FOSDEM 2007.
You can check out the slides here: http://layer-acht.org/slides/20070225-debian-community.org-prelaunch.pdf
and download a video here: http://meetings-archive.debian.net/pub/debian-meetings/2007/fosdem/

And yes, I feel very "debiany" today. In fact I just finished upgrading my server from Sarge to Etch and it went very smoothly, even if I had to reconfigure / migrate some settings – for example moving all the virtual server configuration from Apache 1.3 to 2.x … but it was about time for me to move my ass off 1.3! Among other things I am quite glad now I can use mod_mono and have it update with apt-get, instead than having my own compiled version with all sort of broken dependencies… also, it performs better – faster, and takes up the same amount of resources, which I would not have believed and I was in fact slightly concerned about. Nothing to be worried about, it turns out.

Some other guy was pointing me out today all the other improvements in the desktop-feature-space. I would not know, I am a runlevel-2 guy when it comes to linux.

MOM 2005 Alerts to RSS feed

March 22nd, 2007 by Daniele Muscetta

I am an RSS Addict, you know that.So I wanted an RSS Feed to show MOM Alerts. I have been thinking of it for a while, last year (or was it the year before?).
It seemed like a logical thing to me: alerts are created (and can be resolved – that is, expire), generally get sorted by the date and the time when they have been created, the look pretty much like a list. Also, many people like to receive mail notification when new alerts are generated.
So, if the alert can be sent to you (push), you could also get to it(pull).
Pretty much the same deal with receiving a mail or reading a newsgroup, or syndicating a feed.

At the time I looked around but it seemed like no one had something like this already done.
So I wrote a very simple RSS feed generator for MOM Alerts.
I did it quite an amount of time ago, just as an exercise.
Then, after a while, I figured out that the MOM 2005 Resource Kit had been updated to include such a utility!

Wow, I thought, they finally added what I have been thinking for a while. Might it be because I mentioned it on an private Mailing list ? Maybe. Maybe not. Who cares. Of course, if it is included in the resource kit it must be way cooler than the one I made, I though.
I really thought something along these lines, but never actually had the time to try it out.
I think I just sort of assumed it must have been cooler than the one I made, since it was part of an official package, while I am not a developer. So I basically forgot about the one I wrote, dismissing it as being crap without looking too much into it anymore.
Until today.
Today I actually tried to use the alert to RSS tool included in the resource kit, because a customer asked if there was any other way to get notified, other than receiving notification or using the console (or the console notifier).
So I looked at the resource kit's Alert-to-RSS Utility.
My experience with it:
1) it is provided in source code form – which is ok if it was ALSO provided as source. Instead it is ONLY provided as source, and most admins don't have Visual Studio installed or don't know how to compile from the command line;
2) Even when they wanted to compile it, it includes a bug which makes it impossible to compile – solution in this newsgroup discussion;
3) if you don't want to mess about with code since you are using a resource Kit tool (as opposed to something present in the SDK) you can even get it already compiled by someone from somewhere on the net, but that choice is about trust.

Anyway, one way or another, after it is finally set up…. surprise surprise!!!
It does NOT show a LIST of alerts (as I was expecting).
It shows a summary of how many alerts you have. basically it is an RSS feed made of a single item, and this single item tells you how many alerts you have. What is one supposed to do with such a SUMMARY? IMHO, it is useless the way it is. It is even worse than one of those feed that only contains the excerpt of the article, rather than the full article.
Knowing that I have 7 critical errors and 5 warning without actually knowing ANYTHING of them is pointless.
It might be useful for a manager, but not for a sysadmin, at least.

So I thought my version, even if coded crap, might be useful to someone because it gives you a list of alerts (those that are not resolved) and each one of them tells you the description of the alert, the machine tat generated it, and includes links to the actual alert in the web console, so you can click, go there, and start troubleshooting from within your aggregator!
My code does this. Anyway, since I am a crap coder, since I wrote it in only fifteen minutes more than a year ago, and since I don't have time to fix it and make it nicer… it has several issues, and could be improved in a million ways, in particular for the following aspects:

  1. is currently depends on the SDK Database views – it could use the MOM Server API's or the webservice instead;
  2. it uses SQL Security to connect to the DB – by default MOM does not allow this – it is suggested for the SQL instance hosting "OnePoint" to only use Windows Integrated Authentication.. so to make my code work you have to switch back to Mixed mode, and create a login in SQL that has permission to read the database. This is due to the fact that I've coded this in five minutes and I don't know how to use delegation – if I was able to use delegation, I would… so that the end user accessing IIS would be the one connecting to the DB. If anybody wants to teach me how to do this, I will be most grateful.
  3. it could accept parameters as URL variables, so to filter out only events for a specific machine, or a specific resolution state, etc etc
  4. At present it uses RSS.Net to generate the feed. It could made independent from it, but I don't really see why, and I quite like that library.

The code is just an ASP.Net page and its codebehind, no need to compile, but of course you need to change a couple of lines to match your webconsole address.
Also, you need to get RSS.NET and copy its library (RSS.Net.dll) in the /bin subfolder of the website directory where you place the RSSFeed generator page. I see that I wrote this with version 0.86, but any version should do, really.

Here is what it will look like:

AlertToRSS

And here's the code of the page (two files):

Default.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>

Default.aspx.cs

using System;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Web;
using Rss;

public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
string webconsoleaddress = "http://192.168.0.222:1272/AlertDetail.aspx?v=a&sid=" // must change to match your address

// Inizializza il Feed
RssChannel rssChannel = new RssChannel();
rssChannel.Title = "MOM Alerts"
rssChannel.PubDate = DateTime.Now;
rssChannel.Link = new Uri("http://192.168.0.222:1272/rss/"); // must change to match your address
rssChannel.LastBuildDate = DateTime.Now;
rssChannel.Description = "Contains the latest Alerts"

// query – you might want to change the severity
string mySelectQuery = "SELECT ComputerName, Name, Severity, TimeRaised, RepeatCount, GUID FROM dbo.SDKAlertView WHERE Severity > 10 AND ResolutionState < 255"

// SQL Connection – must change SQL server, user name and password
SqlConnection conn = new SqlConnection("Data Source=192.168.0.222;Initial Catalog=OnePoint;User ID=rss;Password=rss");
SqlDataReader rdr = null;

try
{
conn.Open();
SqlCommand cmd = new SqlCommand(mySelectQuery, conn);
rdr = cmd.ExecuteReader();
while (rdr.Read())
{
RssItem rssItem = new RssItem();
string titleField = rdr[1].ToString();
rssItem.Title = titleField;
string url = webconsoleaddress + rdr[5];
rssItem.Link = new Uri(url.ToString());
string description = "<![CDATA[ <p><a xhref=\"" + rssItem.Link + "\">" + rdr[1] + " </a></p><br>" + "<br>Computer: " + rdr[0] + "<br>Repeat Count: " + rdr[4] + "<BR>Original ALert Time: " + rdr[3];
rssItem.Description = description;
rssChannel.Items.Add(rssItem);
}

// Finalizza il feed
RssFeed rssFeed = new RssFeed();
rssFeed.Channels.Add(rssChannel);
Response.ContentType = "text/xml"
Response.ExpiresAbsolute = DateTime.MinValue;
rssFeed.Write(Response.OutputStream);
}
finally
{
if (rdr != null)
{
rdr.Close();
}

if (conn != null)
{
conn.Close();
}
}
}
}