Journey Into the Aggregation Process Part 2

hope you are not feeling to weary just yet, as we embark on the second leg of the Sitecore Experience Platform data journey. In this leg of the journey we will see how the data points go from living in tables into bright, colorful, and insightful tables and charts. Understanding how these tables and charts populate will allow you to take control of your organizations data and make meaningful decisions to further engage customers. http://www.paragon-inc.com/resources/blogs-posts/journey_into_the_aggregation_process_part_2

 

Advertisements

Sitecore Experience Analytics Quick Start

One of the awesome selling points of Sitecore Experience Manager is the vast amount of data that can fairly easily be collected on site visitors. The information can be used to trigger engagement plans, site personalization, etc.…to help the visitor feel a connection to your organization. When giving a demo, I always get the most ooohs and ahhhs when showing of the Experience Analytics Dashboard and the Experience Profiles, but behind all that flash is some serious data complexity and planning that is required.

 

My first post in a series exploring Experience Analytics is ready for your exploration, http://www.paragon-inc.com/resources/blogs-posts/engagement-analytics-quickstart.

Collapse and Expand the Accordion

One click, two click, three click, where is that field? Once a day, I get so lost expanding and collapsing field sections when working in Sitecore’s Content Editor interface, that my poor mouse almost takes a unplanned trip across the office. As the industrious Sitecore developer I am, I decided enough was enough. My decision lead to the creation of Custom Content Editor Buttons.

Requires Qualified Assembly Name, ugh!

You are plugging away at writing this super sweet class, to be used in your latest application, and then you hit the wall! Nothing builds because the configuration file requires a reference to the fully qualified assembly name…ugh!!!

The first thing you do is scratch your inner mind trying to recall what makes up this name. (At least that is what I end up doing every time.) It seems depending on what you are working on you will either need a four-part name or a ‘five-part name’.

The four-part fully qualified name consists of the following in the following order:

Assembly Name, Version= 0.0.0.0, Culture=culture code, PublicKeyToken=public key

(It is common for culture to be set to ‘neutral’ if there is nothing contained that is specific to a cultural style.)

What I consider the to be the five-part name is the four-part name with the namespace and class name that is being referenced prefixed.

Namespace.Class Name, Assembly Name, Version=0.0.0.0, Culture=culture code, PublicKeyToken= public key

With the background details explained, how as a lazy programmer can we retrieve the fully qualified name without a lot of clicks? The old stand by use to be to fire up reflector, throw your assembly in and poof there was the four part assembly name, but any more finding a really good reflector is much more difficult (and there is a lot of extra clicking involved by using a second program.)

Visual Studio 2010 has a great feature in allowing you to set up single clicks from the menu bar and via hotkeys to external tools…which means a perfect fit for a simple PowerShell command.

  1. Go to Tools -> External Tools.
  2. The External Tools dialog box should open for you. Click Add.
    image
  3. This will then generate a new value labeled [New Tool 1] and have it selected for you.
    image
  4. In the lower half, provide a Tittle for the new tool such as "4-Part Name".
  5. In the Command, textbox you will enter the following
    powerhell.exe
  6. In the Arguments, textbox enter the following
    -command "[System.Reflection.AssemblyName]::GetAssemblyName(\"$(TargetPath)\").FullName
  7. Select Use Output window to force the assembly name into the output window of Visual Studio.
  8. The completed dialog should resemble the following
    image
  9. Click OK.
  10. Your command should now display under Tools.
    image
  11. To get the four part name,
    1. Select the project or any file in the project from Solution Explorer or Solution Navigator
    2. Go to Tools –> 4-Part Name
    3. See the four part name displayed in the Output window
      image

References:
MSDN AssemblyName.GetAssemblyName()
MSDN Type.FullName
MSDN Details on Assemnly Names

ASP.NET Security Patch

Last week I cross-posted, about a security flaw in ASP.NET which could allow an attacker to get access to files on the server.

Microsoft has announced an out-of-band patch for this on Tuesday, September 28, 2010.

Here is the blog post from the Microsoft SharePoint Team blog with details and links.

x-post from the Microsoft Security Response Center blog — The download links for the security updates are in the Security Bulletin.

As we announced yesterday, today we released Security Bulletin MS10-070 out-of-band to address a vulnerability in ASP.NET. The bulletin and the blog by Scott Guthrie, corporate vice president of Microsoft’s .NET Developer Platform are available for more information.

This security update addresses a vulnerability affecting all versions of the .NET Framework when used on Windows Server operating system. While desktop systems are listed as affected, consumers are not vulnerable unless they are running a web server from their computer.

The update will be made available initially only through the Microsoft Download Center and then released through Windows Update and Windows Server Update Services within the next few days. This allows customers the option to deploy it manually now without delaying for broader distribution.

For customers who use Automatic Updates, the update will be automatically applied once it is released broadly. Once the Security Update is applied, customers are protected against known attacks related to Security Advisory 2416728.

If you can, please join me and Dustin Childs today for a live webcast where we will cover the details of this bulletin and take customer questions live. Here is the registration information:

Date: Tuesday September 28, 2010
Time: 1:00 p.m. PDT
Click Here to Register

Thanks,
Dave Forstrom
Director, Trustworthy Computing

Big Security Hole for SharePoint Servers

You may have already read this somewhere out there, it is making the rounds across the Twitter-phere, blogs, and news. But I felt it would be important to post, or I should say re-post the issue.

Executive Summary from Vulnerability in ASP.NET Could Allow Information Disclosure (http://www.microsoft.com/technet/security/advisory/2416728.mspx)

Microsoft is investigating a new public report of a vulnerability in ASP.NET. An attacker who exploited this vulnerability could view data, such as the View State, which was encrypted by the target server, or read data from files on the target server, such as web.config. This would allow the attacker to tamper with the contents of the data. By sending back the altered contents to an affected server, the attacker could observe the error codes returned by the server. Microsoft is aware of limited, active attacks at this time. We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Scott Guthrie has an excellent post up regarding this vulnerability at http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx. As normal, he has gone through with code snippets to explain the issue and what you can due to protect your systems.

Good luck keeping your systems safe!

Dig Through the Attic

I was inspired to create the Code Attic as I remember as a kid the excitement my siblings and I had when we were given a chance to explore Grandma and Grandpa’s attic. You never knew what type of treasures and some time strange garbage they might have placed up their.

It may have been stuffy, hot, and had a funny smell, but we always seemed to enjoy the exploration that could be done. And usually came across at least one interesting thing to play with during that visit.

So now that I am older, I feel there should still be an ‘attic’ of sorts to store away my thoughts for later looking and to provide others with that childhood excitement of an attic search, without the smell and heat.

The Code Attic is going to become the attic of my adventures in technology, as a Microsoft SharePoint consultant. The articles and how-to entries will revolve around SharePoint and custom .NET development but may bleed into what ever other technologies I might be learning/working with at the time. My hope is to start giving some back to the crazy realm of the blog-o-sphere that has helped me along the way.

My end goal is to store away something new to The Code Attic every Tuesday and if something real cool or for that matter strange comes along, and extra post might happen.

You can contact me via the comments, try me on twitter #thecodeattic, or drop an email to thecodeattic at gmail dot com.