Abstract: Back for part 3 in their series for “Using Windows Azure to Build Back-End Services for Windows 8 apps”, Peter Laudati, Brian Hitney and Andrew Duthie show us how easy it is to host services built with the ASP.NET Web API using the new Windows Azure Web Sites feature. Check out the full article here. Part 1 | Part 2 After watching this video, follow these next steps: Step #1 – Try Windows Azure: No cost. No obligation. 90-Day FREE trial. Step #2 – Download the Tools for Windows 8 App Development Step #3 – Start building your own Apps for Windows 8 Subscribe to our podcast via iTunes or RSS If you're interested in learning more about the products or solutions discussed in this episode, click on any of the below links for free, in-depth information: Register for our Windows Azure Hands-on Lab Online (HOLO) events today! Windows Azure Hands-on Labs Online Blogs: Brian Hitney’s blog Peter Laudati’s blog Andrew Duthie’s Blog Videos: Microsoft DevRadio: How to Get Started with Windows Azure Microsoft DevRadio: (Part 1) What is Windows Azure Web Sites? Microsoft DevRadio: (Part 2) Windows Azure Web Sites Explained Microsoft DevRadio: How to Integrate TFS Projects with Windows Azure Web Sites Virtual Labs: MSDN Virtual Labs: Windows Azure Download MP3 (Audio only) MP4 (iPod, Zune HD) High Quality MP4 (iPad, PC) Mid Quality MP4 (WP7, HTML5) High Quality WMV (PC, Xbox, MCE)
When developing locally, often times you don’t want to use SSL for a variety of reasons. There’s no real point, since the request isn’t going over the wire. Most of the time, connections are done via the loopback 127.0.0.1 address (although localhost can be used) which throws certificate errors. This one problem is often easy to solve, but it relates to a bigger issue: dictating when (and when not) to use SSL on your site. In the ol’ days, you wouldn’t want an entire site to be SSL for performance reasons. Ideally, you want to gracefully redirect users to/from SSL based on the requirements of the page. If a user navigates to a secure section like their account page, you’d like to use SSL. If they navigate away to a page not needing SSL, you’d want to use http and not https. There are a LOT of ways to do this, such as using MVC filters for MVC based applications. One way I’ve solved this before was simply calling a method like so with each request: private void SetupSslIfNeeded()
{
//bail out on local connections – never need ssl
if (Request.IsLocal)
{
return;
}
bool requiresSsl = false;
string curPath = Request.Path;
if (curPath.StartsWith("/account", StringComparison.OrdinalIgnoreCase) ||
curPath.StartsWith("/user", StringComparison.OrdinalIgnoreCase) ||
curPath.StartsWith("/admin", StringComparison.OrdinalIgnoreCase))
{
requiresSsl = true;
}
//redirect to secure page
if (requiresSsl && !Page.Request.IsSecureConnection)
{
string currentUrl = HttpContext.Current.Request.Url.ToString();
string newUrl = currentUrl.Replace("http://", "https://");
Response.Redirect(newUrl);
}
//redirect to non-secure page
if (!requiresSsl && Page.Request.IsSecureConnection)
{
string currentUrl = HttpContext.Current.Request.Url.ToString();
string newUrl = currentUrl.Replace("https://", "http://");
Response.Redirect(newUrl);
}
}
.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, "Courier New", courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }
It’s a little more verbose than it needs to be, but it’s done to because there were a few port handling lines I left out for simplicity.
What this will do is avoid using SSL for local connections, and any page on the site except for those in the account, user, or admin folders. The main downside of this approach is that it requires a redirect, which is a round trip to the server. Ideally, you’d want your links to always be smart enough to know if they should go http:// or https://, but realistically, context switching between SSL and non-SSL pages is pretty rare so the client needing to endure the few extra milliseconds is an acceptable situation. This is the way we currently handle SSL on http://www.rockpaperazure.com.
On Thursday, we’re going to go live with our RockPaperAzure coding challenge – and it’s time to brain dump on some of the lessons learned while building out the solution – some small (like this one), some large. When developing the RPA website, I chose to use ASP.NET Webforms and ASP.NET Ajax. The reason for this is simple … I’m a big fan ASP.NET MVC, but for this, given the very short time frame, it was the fastest route to completion. (For those familiar with Aaron’s base project on Github, I thought about doing it all client side via JQuery but wasn’t impressed with the perf, so decided to go server side.) ASP.NET Ajax has a nifty UpdateProgress control that is useful during async postbacks to show activity, and while it has a display delay property, it doesn’t have a minimum display time property. This is problematic because if you want a small spinning icon/wait cursor, displaying it too briefly is just an annoyance. (Of course, brief is good because it means your page is snappy.) One of the solutions to this (as I read on StackOverflow) was to simply put a Thread.Sleep in the server postback method, causing the round-trip to take longer and thus display your animation longer. While this will work, it will crush scalability. Depending on how many concurrent users you have, a Thread.Sleep on an ASP.NET thread should be avoided at all costs, and this wasn’t something I was willing to do. There are a few commercial controls that will do this, and indeed, using the Ajax toolkit, you can develop a control that will accomplish the same. But I wanted something that I could develop in 5 minutes – basically in less time than it is taking me to write this blog post. I already have the spinning icon, so I wrapped it in a div or span (whatever is appropriate): 1: <span id="ProgressTemplate" style="visibility: hidden;">
2: <img src="~/images/rpadie.gif" clientidmode="Static" runat="server"
3: id="imganim" height="18" width="18" />
4: </span>
Then, we just plug into the request model to show/hide the control. It’s a little hack-ish – for example, I reset the visibility to visible on EndRequest because the span, with a default of hidden, will disappear on its own. This can be fixed by making it a server control and enabling viewstate. Still, not too bad for 5 minutes:
1: <script language="javascript" type="text/javascript">
2: <!--
3: var prm = Sys.WebForms.PageRequestManager.getInstance();
4:
5: prm.add_initializeRequest(InitializeRequest);
6: prm.add_endRequest(EndRequest);
7: var postBackElement;
8: function InitializeRequest(sender, args) {
9: postBackElement = args.get_postBackElement();
10: $get('ProgressTemplate').style.visibility = 'visible';
11: }
12: function EndRequest(sender, args) {
13: $get('ProgressTemplate').style.visibility = 'visible';
14: setTimeout('hideProgress()', 1000);
15: }
16:
17: function hideProgress() {
18: $get('ProgressTemplate').style.visibility = 'hidden';
19: }
20: // -->
21: </script>
When the Ajax request comes back, it will keep the span visible for 1 second. Ideally, a nice modification would use a elapsed time mechanism, so if the request actually took 1 second for some reason, it would hide the span without delay. This isn’t took hard to implement, but broke the 5 minute goal.
Thanks for those who came out to the roadshow over the past few weeks! In this post, I’ll include the sample files and slides used in my ASP.NET 4.0 overview talk. A couple of notes: each presentation on the show was a bit different. In some cases, some slides were not used. Also, the VS2010 demo solutions here are “approximate” as they were done a bit differently at each venue. The webforms solution demos routing in web form as well as using the QueryExtender control. This requires an AdventureWorks database, or replace with one of your own. The AJAX sample demos client-side templates and data binding, the latter of which also requires the adventure database exposed by ADO.NET Data Services. You can easily change this to your own datasource by creating a new Entity Data Model, changing the ADO.NET Data Service to this new type, and modifying the AJAX (in Demo3) to point to the correct resource. Download: ASPNET4.zip