Tallan's Blog

Tallan’s Experts Share Their Knowledge on Technology, Trends and Solutions to Business Challenges

Posts Tagged "ASP.NET"

Using SignalR for a Real-time Web App

SignalR is a library in ASP.Net that allows the real-time updating of data between server and client. It proactively pushes content to connected clients instead of waiting for the clients to send a request. This can be leveraged to replace polling and eliminates the need to refresh pages. SignalR also allows management for connections between servers and clients to determine this real-time communication. This functionality can be used from anything ranging from, but not limited to, games to notifications. In this post, I will examine the basic components and set-up of SignalR for an ASP.NET Web App.
There are two main pieces to using the SignalR API: Connections and Hubs.
Connections are the endpoints that represent a user and are used to send content in broadcasts. They can be sent by themselves, or to groups of subscribed users, allowing for greater control…

Applying new NIST standard to Asp.Net Pt. 1 (PBKDF2, SHA256, Password content)

Most developers know that you should never store passwords in plain text, and know that they should be hashed. Only slightly fewer know that they should be stored utilizing a “salt” to append to the password to prevent time trade-off attacks (1). Fewer know what hash function they should use, and it seems lately, the majority don’t know that they shouldn’t just be salting and hashing at all, and instead should be using a key derivation function such as PBKDF2, or scrypt. We will be exploring utilizing PBKDF2, but scrypt is a perfectly viable option. The current draft of the new NIST guidelines says (2):
Verifiers SHALL store memorized secrets in a form that is resistant to offline attacks. Secrets SHALL be hashed with a salt value using an approved hash function such as PBKDF2 as described in [SP800-132]. The salt…

Global Action Filters in ASP.NET MVC 3

Action Filters are a great way to handle cross-cutting concerns in ASP.NET MVC such as Logging, ExceptionHandling, etc.  In previous versions of MVC3, action filters have to be explicitly added to each controller.
MVC3 adds the concept of Global Action Filters which allow you to apply action filters globally without the need for explicit declaration.  In this example, we’ll demonstrate how to add a debug action filter attribute that shows debug information for each view using Global Action Filters.

Code Snippet

/// <summary>
    /// Displays the elapsed time and environment for each executed action in the HTTP Response Stream.
    /// </summary>
    public class DebugInfoAttribute : ActionFilterAttribute
        readonly Stopwatch _startWatch = new Stopwatch();
        private static string _outputFormat = “<h4>Debug Environment Info</h4><div class=\”debuginfo\”><table><tr><td>Web Server:</td><td>{0}</td></tr><tr><td>Browser:</td><td>{1}</td></tr><tr><td>Controller</td><td>{3}</td></tr><tr><td>Action:</td><td>{4}</td></tr><tr><td>Execution Time(ms):</td><td>{5}</td></tr></table></div>”;
        public override void OnActionExecuting(ActionExecutingContext filterContext)

        public override void OnResultExecuted(ResultExecutedContext filterContext)
            var browser = filterContext.HttpContext.Request.Browser;
                                                                   String.Format(“{0} ({1})”,browser.Browser,browser.Version),


This action filter uses the StopWatch object to clock how long the action took…

A Brief Introduction to Error Logging Modules And Handlers (ELMAH)

ELMAH is an open source project used to add error logging capabilities to an ASP.NET Web application. ELMAH essentially provides a means for logging and reporting unhandled exceptions in applications. I came across this very nifty tool while working with the MASS LEG team to create the Legislative Automated Workflow System (LAWS) application for the Massachusetts Legislature. We used ELMAH to uncover issues in the application that were producing unhandled and non-descriptive exceptions.  Using ELMAH, the dev team was able to use the stack trace of the exception to pinpoint and fix the problem. The following provides a brief description of how to set up ELMAH and enable & configure its error logging.
Setting Up
There are only a few steps to setting-up ELMAH. The first thing that should be done is to get the latest release of ELMAH and adding the…