BlogEngineDotNet Uncategorized

Yet another BlogEngine.NET feature that I love

A while ago, Al Nyveldt wrote a post on 5 things he loves about BlogEngine.Net  and I totally agree with him on all the 5 and more coming in the future releases,  Mads Kristensen too wrote and made a video on a the widget framework on a nice feature coming up in the next version of

BlogEngine.Net is built to take advantage of standards, one standard I loved that is implemented in BlogEngine is the OpenSearch 

The cool thing about this standard is that modern browsers are able to detect it and have the option to add the search through the blog.

Internet explorer 7  firefox 2

The opensearch standard is an xml document written in a special format you can see mine here.

And when I search through the browser I am sent to this :


So to implement opensearch in your site, (should have something to search in) you need to do these 2 steps.

  1. Build an opensearch format xml file.
  2. Attach the file from your homepage using the appropriate tag in the head section, like the following.
<link title="Amr Elsehemy's Weblog" type="application/opensearchdescription+xml" 
href="http://www.amrelsehemy/opensearch.axd" rel="search"/>

Thats All.

ASP.NET Uncategorized

ASP.NET Security : 2- More Basics

In my previous post I showed that ASP.NET application goes through 3 security context levels and discussed the first one :

  1. IIS Level
  2. ASP.NET worker process level
  3. ASP.NET pipeline level

In this post, I will talk a little on ASP.NET worker process level, before starting I would like to point out the development environment we use, the development machines run windows XP and IIS 5.1, the server runs windows server 2003 on IIS 6 of course, so I need to point out the differences. [more]

2- The Worker Process Context :


After IIS authentication, if the request is for ASP.NET (.aspx, .ashx, ….etc. ) the IIS thread sends the request to aspnet_isapi.dll which starts the aspnet_wp worker process. This worker process runs under the ASPNET account. ASPNET account is a local account created when the .NET Framework is installed. ASPNET has minimum privileges to be able to run an ASP.NET application which you can know in this article :
You can change the identity from ASPNET to other one using the section in machine.config

	<processModel userName="xxx" password="XXX"/>

In IIS 6, the model is changed where the incoming request in first queued to the application pool that the website is hosted in, then the w3wp.exe worker process servers it.
This time rather than the ASPNET account a new one was introduced named NETWORK SERVICE with the same minimum privileges. To change the this account from the IIS manager, the Application Pool properties > Identity Tab as shown in figure, Read More on Application Pools.

iis pool identity

Next in the worker process, one of the pooled threads picks the request. This thread will by default inherit the identity of the worker process itself defined before, this happens when impersonation is disabled, while if it is enabled the thread will take the identity handed by the IIS, shown in the previous post.

To enable impersonation use this section in web.config

<identity impersonate="true"/>

read more about it on How to implement impersonation in an ASP.NET application

Note: If the impersonation is enabled, the worker process account doesn't change, but impersonation is only used with the code executed in the page, where any database access or file access uses the impersonated account.

Next the last security context level is handled the request and executes, next post I will show preliminary information on the ASP.NET pipeline level.

ASP.NET Uncategorized

ASP.NET Security : 1- Basics

Lately at SCS I have been assigned to build up the security module and related tasks in the Real Estate Management System we are building. So I decided to share what I have learned in this past period and of course to hear from the community to find optimal solutions for the scenarios I worked with, all what I write here might be repeated but I will share it anyway. [more]

In this part, I will show some important basic points that should be clear to everyone before implementing security tasks.

Looking at any web application, the security is a matter of users/passwords/roles/groups… etc. While ASP.NET provides more mechanisms for authentication and authorization that work with the Operating system,IIS and .NET framework classes. So the ASP.NET application runs through these 3 levels.

  • IIS Level
  • ASP.NET worker process level
  • ASP.NET pipeline level

So, the Big Question, What is the Identity that runs my application ?

First, When an IIS web server machine receives an ASP.NET request, the IIS assigns it to one of the threads pooled in it, IIS runs under the SYSTEM account which has all the powers in a Microsoft Windows operating system. You can read extra information in the ASP.NET Application Life Cycle Overview article on the msdn.

Next, the 3 security levels run on the request one after the other.

1- The IIS thread context : the identity of this thread is determined according to the settings of the website in the IIS which has one of the following settings:

  1. Basic authentication prompts the user for a user name and a password, also called credentials, which are sent unencrypted over the network.
  2. Integrated Windows authentication uses hashing technology to scramble user names and password before sending them over the network.
  3. Digest authentication operates much like Basic authentication, except that passwords are sent across the network as a hash value. Digest authentication is only available on domains with domain controllers running Windows Server operating systems.
  4. Anonymous authentication allows everyone access to the public areas of the Web sites, without asking for a user name or password. When this is set, the identity impersonates the identity set in the textboxes, with the default user name IUSR_MACHINENAME. Like shown in the figure down below.

Further more, IIS provides SSL (Secure Socket Layer) authentication mode that is based on certificates, to authenticate users requesting/providing secret information on the server, two trusted certificate providers (which I know but never used) are and

AuthenticationMethods IIS 5

After authentication, the thread sends the request to the appropriate external module.

Next part I will talk about the 2 next security level contexts.

GDI + Uncategorized

Exploring GDI+ : Using the Pen

In my tour in exploring GDI+ I explored the Brush object, now its time for some Pen stuff.

While the Brush classes are used to fill shapes, the Pen class is used to frame shapes. However, Pens are not only used for simple frames. Here in this post I show some advanced uses for the Pen. [more]

Some interesting members are :

sealed class Pen : MarshalByRefObject, ICloneable,  IDisposable 
// Constructors
public Pen(Brush brush);
public Pen(Brush brush, float width);
public Pen(Color color);
public Pen(Color color, float width);
// Properties
public Color Color { get; set; }
public CustomLineCap CustomEndCap { get; set; }
public CustomLineCap CustomStartCap { get; set; }
public DashCap DashCap { get; set; }
public float DashOffset { get; set; }
public float[] DashPattern { get; set; }
public DashStyle DashStyle { get; set; }
public LineCap EndCap { get; set; }
public LineJoin LineJoin { get; set; }
public LineCap StartCap { get; set; }
public float Width { get; set;
//Other members removed here.}

As you can see, the pen can be instantiated with a Color or with a defined Brush that means the pen can be one of the Brush TypesI previously wrote about.

In addition to their brushlike behavior, pens have behavior at starting and ending along their length that brushes don’t have. For example, each end can have a different style, as determined by the LineCap enumeration shown next.

Line Caps


You can set different LineCaps for pens in the StartCap and EndCap properties of the Pen, there are predefined caps and custom caps are allowed too.

        private void RenderPens1(Graphics g)
using (Pen p = new Pen(Color.Black, 10))
p.EndCap = LineCap.ArrowAnchor;
g.DrawLine(p, new Point(10, 20), new Point(300, 20));
//other pens
p.EndCap = LineCap.Custom;
// width and height of 3 and unfilled arrow head
p.CustomEndCap = new AdjustableArrowCap(3, 3, false);
g.DrawLine(p, new Point(10, 260), new Point(300, 260));


In addition to the ends having special styles the starts can have as well, further more a line can have a dash style, as defined by the DashStyle enumeration.

Dash Style of Pen

        private void RenderPens2(Graphics g)
using (Pen p = new Pen(Color.Black, 10))
{ p.DashStyle = DashStyle.Dash;
g.DrawLine(p, new Point(10, 20), new Point(300, 20));
//other DashStyles
p.DashStyle = DashStyle.Custom;
p.DashPattern = new float[] { 1f, .5f, 2f, .5f, 3f, .5f, 4f };
g.DrawLine(p, new Point(10, 170), new Point(300, 170)); } }

As you can notice in the members of the Pen, the DashCap property which also accepts a LineCap enumeration, so you can take more control over the line that appears.
Thats all for this part. Happy Coding.

PensForm.cs (2.86 kb)

Design Time Support Uncategorized

Enabling Design Time Template Editing

Few days ago, I blogged about how to enable auto formats in the design time smart tag by overriding simple property, this post will describe how to enable design time template editing in a similar simple way.

Template Editing 


The following steps will show how to do this in your template controls, assuming you already have a template control ( template controls are web server controls that have one or many properties of type ITemplate ).

So, this is how it works :

  1. Implement a custom designer that inherits from System.Web.UI.Design.ControlDesigner
  2. Override the TemplateGroups Collection.
  3. In the get define your template group collection and return it.
  4. Don't forget to enable TemplateEditing flag.

The Sample I introduce here contains a template control having 4 templates which I divide them into 2 template groups.

The SampleControl

[ToolboxData("<{0}:SampleControl runat=server></{0}:SampleControl>")]
public class SampleControl : TemplateControl
private ITemplate _firstTemplateX;
 private ITemplate _firstTemplateY;
 private ITemplate _secondTemplateX;
 private ITemplate _secondTemplateY;
public ITemplate FirstTemplateX
 get { return _firstTemplateX; }
 set { _firstTemplateX = value;
public ITemplate FirstTemplateY
 get { return _firstTemplateY; }
 set { _firstTemplateY = value; }
public ITemplate SecondTemplateX
 get { return _secondTemplateX; }
 set { _secondTemplateX = value; }
public ITemplate SecondTemplateY
 get { return _secondTemplateY; }
 set { _secondTemplateY = value; }

The Control Desginer

class SampleControlDesigner : ControlDesigner
 public override void Initialize(IComponent component)
  SetViewFlags(ViewFlags.TemplateEditing, true);
 private TemplateGroupCollection _templateGroups;
 public override TemplateGroupCollection TemplateGroups
  if (_templateGroups == null)
   _templateGroups = new TemplateGroupCollection();
   TemplateGroup tempGroup1, tempGroup2;
   TemplateDefinition tempDef1, tempDef2, tempDef3, tempDef4;
   SampleControl ctl;
   ctl = (SampleControl)this.Component;
   tempGroup1 = new TemplateGroup("FirstTemplateGroup");
   tempGroup2 = new TemplateGroup("SecondTemplateGroup");
   tempDef1 = new TemplateDefinition(this, "TemplateX", ctl, "FirstTemplateX", true);
   tempDef2 = new TemplateDefinition(this, "TemplateY", ctl, "FirstTemplateY", true);
   tempDef3 = new TemplateDefinition(this, "TemplateX", ctl, "SecondTemplateX", true);
   tempDef4 = new TemplateDefinition(this, "TemplateY", ctl, "SecondTemplateY", true);
  return _templateGroups;

The final output of the sample looks like this

Final output of sample

Here's the code so have fun.

SampleControl.cs (3.32 kb)