Programming

Project Euler

Jan 28th

I recently have joined Project Euler, introduced through a friend an co-worker Linh Vu. A simpler, more mathematics oriented top coder (for the TC fans out there), Project Euler is defined as ”a series of challenging mathematical/computer programming problems that will require more than just mathematical insights to solve.” The problems increase in the level of complexity starting from simpler ones like “Add all the natural numbers below one thousand that are multiples of 3 or 5.” to building bozo sort or a A Kempner-like series. The site keeps track of your progress and you can make friends on the site, via a guid like key. Yes, that’s social networking the nerd way. Here is my key “friend key”. 49113135298912_6fda96436085285581e71ee6fb83e3c9

Try it out. http://projecteuler.net/

SoCal Code Camp Fullerton – Practical AppFabric Caching and Session Management

Jan 18th

Posted by Adnan Masood in Events

SoCal codecamp Jan 28th – 29th is only couple of weeks away. Like always, there is a great list of sessions and speakers.

I’ll be presenting on AppFabric; Being a technical editor for an upcoming book on AppFabric, it’s a great opportunity for me to test out the specific interests around this area. Following is the abstract.

Would you like to learn about high availability, scalability and distributed cache management using Microsoft platform without getting all cloudy? Windows Server AppFabric is a set of application services focused on improving the performance and management of Web, Composite, and Enterprise applications. AppFabric provides a highly scalable in-memory application cache for all types of data. With the caching features of AppFabric you get Scalable in-memory, distributed cache for any serializable data, Seamless integration with ASP.NET, High availability and dynamic scale-out of cluster nodes, Optional local cache with eviction policies and cache change subscriptions and notifications.

In this demo-centric session, we will cover end-to-end implementation of a web solution using AppFabric for caching and session management. Intended audience include web developers who want to build high performance applications leveraging web programming techniques (e.g.ASP.NET, MVC, RESTful services, etc) and enterprise developers who create service oriented middle tier applications using .NET.

Please do try to come, it’s a great event for developers to get together and learn about new (and existing) technologies from their peers.

Making a Business Case for MVC

May 18th

Posted by Adnan Masood in Generic

ASP.NET MVC is the Microsoft implementation of Model View Controller design pattern for their web platform. It provides a clean separation of concerns, promotes decoupling between code and UI and supports test driven development practices which are hard to follow in a UI driven environment such as web forms. Developers often find themselves in the position of justifying why using or upgrading to a modern web framework like ASP.NET MVC is a good business decision. There are various advantages to using the MVC framework including but not limited to ease of maintenance, enhanced security, improved performance and scalability. Following are few salient features with brief description to addresses the ROI part of adapting MVC. Based on my experience of migrating a large scale website from ASP.NET to ASP.NET MVC framework, it gives developers a powerful, pattern-compliant way of building dynamic websites which enables a ‘clean separation of concerns’ and gives full control over markup for agile development.

Facilitates Modern Web Experience: ASP.NET MVC framework provides the facility to create intuitive search engine friendly URL for better conversion. It supports out of the box integration with modern JavaScript/AJAX engines such as JQuery which helps creating a responsive, interactive and overall better UI/UX experience.
Quicker Turn Around for Enhancement Requests: Business loves it and by a cleaner separation of code and contents, a web team can entertain the request of content changes in a much faster manner. This include copy changes, image swaps, multivariate testing, ad-tracking pixels and affiliate marketing. As part of your organization’s Content Management System (CMS) strategy, you can have content managers modify the “views” effectively enabling them to make marketing verbiage and page layout changes without touching code. This is usually a challenging task in a UI-code coupled environment such as ASP.NET webforms.
Enhanced Security: Using the built in features supported in .NET 4.0, ASP.NET MVC provides security against malicious cross site request forgery and scripting attacks using specialized encoding and Anti-Forgery Request tokens. Information and web application security teams promotes these features to be used as standard web development practices.
Performance & Scalability: Yes, no more viewstate! With lighter HTML markup and cleaner separation of concerns, ASP.NET MVC decreases the page load time, promotes load balancer based caching and inherently follows the design of stateless nature of web. Microsoft has provided no official comparison statistics but developer community and professional working experience with MVC shows that MVC is much faster than classic ASP.NET.
Compliance: MVC provides very high degree of control over markup emitted to the client browser therefore ADA Compliance and other web standards (XHTML, HTML 5 etc) are much easier to adapt.
Test Driven Development: As a web framework following MVC design pattern, ASP.NET MVC promotes the usage of test driven development; a technique which has proven to reduce the number of bugs early on and helps in regression testing. Therefore, it effectively reduces development, QA and regression testing time for most changes with the help of automated unit tests. The framework also decouples the components which a single webpage may use, making it possible to test individual components in isolation.
Reusability: With isolation of views, we can now leverage the existing applications to build new websites. For example, developers can work on new “views” that are specific for the mobile browser experience without developing an entirely new web application. This eliminates code duplication which would be hard to achieve with ASP.NET webforms.

References

Microsoft ASP.NET MVC Home

Anatomy of a CSRF Attack

ASP.NET MVC Performance

Exploring Bayes Point Machine with Infer.NET

Dec 24th

Posted by Adnan Masood in Programming

Infer.NET is a framework developed by Microsoft research for running Bayesian inference in graphical models and for probabilistic programming. Along with tutorials and examples, Infer.NET 2.4 beta 2 which was recently made avaialble (17th Dec 2010) can be downloaded from here.

In this example we explore the similar concept as described in the infer.net bayes point machine tutorial however this time we will try it out with the weather dataset. The complete code of this example can be downloaded from the link at the bottom of this post.

Our dataset was nominally represented as follows which was converted to it’s ordinal form for ease of calculation.

@attribute outlook {sunny, overcast, rainy}
@attribute temperature {hot, mild, cool}
@attribute humidity {high, normal}
@attribute windy {TRUE, FALSE}
attribute play {yes, no}
@attribute outlook {sunny, overcast, rainy}@attribute temperature {hot, mild, cool}@attribute humidity {high, normal}@attribute windy {TRUE, FALSE}@attribute play {yes, no}

Let’s visit the important sections of the code; first the usual includes. These namespaces are required for running the inference engine using Infer.NET

using System;
using MicrosoftResearch.Infer;
using MicrosoftResearch.Infer.Distributions;
using MicrosoftResearch.Infer.Maths;
using MicrosoftResearch.Infer.Models;

Next is the initialization of the dataset.

double[] outlook = {0, 0, 1, 2, 2, 2, 1, 0, 0, 2, 0, 1, 1, 2};
double[] temperature = {0, 0, 0, 1, 2, 2, 2, 1, 2, 1, 1, 1, 0, 1};
double[] humidity = {2, 2, 2, 2, 1, 1, 1, 2, 1, 1, 1, 2, 1, 2};
double[] windy = {0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 1, 1, 0, 1};
bool[] play = {false, false, true, true, true, false, true, false, true, true, true, true, true, false};

and this is where we create a target variable y to predict the playability.

VariableArray y = Variable.Observed(play).Named("y");

After initializing the random variable to reflect the dimensions of the input data, we initialize a Bayes point machine with the given dataset.

Variable w = Variable.Random(new VectorGaussian(Vector.Zero(5),
PositiveDefiniteMatrix.Identity(5))).Named("w");
BayesPointMachine(outlook, temperature, humidity, windy, w, y);

The code for how BayesPointMachine is constructed can be seen in the enclosed zip file. And now we are all set to let the inference begin.

var engine = new InferenceEngine();
if (!(engine.Algorithm is GibbsSampling))
{
var wPosterior = engine.Infer(w);
Console.WriteLine("Dist over w=\n" + wPosterior);

Now that model has been complied, let’s initialize a “test” data; we can see that this will result in play happening because the outlook is

double[] outlooktest = {1};
double[] temperaturetest = {0};
double[] humiditytest = {2};
double[] windytest = {0};

variableArray ytest = Variable.Array(new Range(temperaturetest.Length)).Named("ytest");
BayesPointMachine(outlooktest, temperaturetest, humiditytest, windytest,
Variable.Random(wPosterior).Named("w"), ytest);
Console.WriteLine("output=\n" + engine.Infer(ytest));

Upon running this test, we find that the, probability of play is approaching 0.6 which means there is a higher chance of a play.

Inference Engine probability no play Infer.net bayesian probability

Probability of Play

However, if you run it with a different test set, the probability results in no play i.e. 0.3995.

double[] outlooktest = {2};
double[] temperaturetest = {1};
double[] humiditytest = {2};
double[] windytest = {1};

: Probability of No Play

The Bayes point machine gets initialized and runs as follows.

public static void BayesPointMachine(double[] outlook, double[] temperature, double[] humidity, double[] windy, Variable w, VariableArray y)
{
// Create x vector, augmented by 1
Range j = y.Range.Named("play");
var xdata = new Vector[outlook.Length];
for (int i = 0; i < xdata.Length; i++)
xdata[i] = Vector.FromArray(outlook[i], temperature[i], humidity[i], windy[i], 1);
VariableArray x = Variable.Observed(xdata, j).Named("x");
// Bayes Point Machine
double noise = 0.1;
y[j] = Variable.GaussianFromMeanAndVariance(Variable.InnerProduct(w, x[j]).Named("innerProduct"), noise) > 0;

}

The code and dataset can be downloaded from here

InferNetBayes Example with Weather Nominal Data

Happy Inferencing!

References:
Bayes Point Machines MSR

Learn Windows Azure with Stanford’s Folding@home distributed computing project

May 25th

Posted by Adnan Masood in Events

Are you

A) a Scientist/researcher/student/ looking for the right enterprise platform for your next big scientific project?

B) a developer/architect who wants to learn cloud computing with windows Azure and would like to go beyond the Hello World Apps?

C) an hobbyist interested in Stanford’s Folding@home distributed computing project and see it’s implementation

D) someone who would like to try out a free two week trial of windows Azure and see a cool distributed computing project unfold (literally )

E) a combination of above

If your answer is anything from A-E, this is a perfect opportunity for you. @home with Windows Azure is an online hands-on workshop! This is a guided tour of process of building and deploying a large scale Azure application. No more “hello world”! in this two hour long session, you will see how to build and deploy a real cloud app that leverages the Azure data center It’s a free online session where each attendee will receive a temporary, self-expiring, full-access account to work with Azure for a period of 2-weeks.

The webcast is 2 hours and offered at 4 different times during the month of June.

For details, check out the project website and the event registration page.

You’d need VS.NET 2008/2010 with the Windows Azure Tools for Microsoft Visual Studio 1.1 (February 2010)

Enjoy!

PS. A recording of the Tuesday, May 4th session can be viewed along with the webcasts on Creating your first Azure application and Running and deploying the @home with Windows Azure application however in order to get the free 2 week account, you’d need to signup and attend an event.

Mock Objects 101

May 2nd

Posted by Adnan Masood in Programming

Getting started with Mock Objects can be a bit daunting task if you are newly entering the uncharted waters of TLA’s i.e. TDD (test driven development). It quickly gets confusing to decide when to use Mock objects, the merit and need to use them and also how do they integrate with your testing strategy.

Let me give you a simplest example along with sample code of how to use MOQ, a simple and easy to use mock objects framework. This should help clarify some aspects of mock-objects and their potential usage.

Let’s say you have a simple Math class which looks like follows.

namespace MOQtester
{
   public interface IMathClass
   {
     int Sum(int a, int b);
   }

    public class MathClass : IMathClass
    {
        public int Sum(int a, int b)
        {
            return (a + b);
        }
    }
}

All it does is that it sums up two values and return you the response. Now you will try to mock it which means you’ll try to make a pretend-object or make-believe entity which will behave as the original object according to the instructions told during the setup.

Ok, what does this mean?

Here is all of this works.

You initialize a MOCK object class

var mock = new Mock();

and then you do the “setup” to instruct the make-believe object to return 10 when 1 and 10 are being summed up.

mock.Setup(s => s.Sum(1, 10)).Returns(10);

This setup (use to be Extend) instruction is very important because it defines the behavior of how the mock object would act when invoked.

Now one may wonder, why would I ever want to do this? Why can’t I just instantiate and run the original object?

Well, in this particular case you are right. Its easy to just instantiate an object of Math class and call the Sum method but imagine for the methods where this is hard for instance your HTTPContext testing or when you’d like to test a customer object without going to database and populating the entire thing for a selected test? You can think of several scenarios when a functionality like this can come in handy.

and this is how you’d call it

 mock.Object.Sum(1, 10)

Now I am returning a wrong value just to prove the point that mock objects are exactly what they are called, mock. This means they do as told and are not real replacements of original entities. They mock the supposed behavior of original entities and make TDD easier.

The entire listing of Program.cs looks like this

using System;
using Moq;

namespace MOQtester
{
    internal class Program
    {
        private static void Main(string[] args)
        {
            var mock = new Mock();
            mock.Setup(s => s.Sum(1, 10)).Returns(10);

            //Actual Object
            var obj = new MathClass();
            Console.Write("{0}, {1}", mock.Object.Sum(1, 10), obj.Sum(1, 10));
        }
    }
}

Complete Code can be downloaded from here. MOQ Sample Code

MOQ is a Mocking library for .NET 3.5 and C# 3.0, heavily based on Linq which can be downloaded from here.

Step by Step Guide for Authenticating WCF Service with Username and Password over SSL

Apr 29th

Posted by Adnan Masood in Programming

Here is a short step by step guide on how to get your WCF service to perform Message and Transport level security over SSL with user name and password. I ran into this recently and thought should document it along with source code to provide reference for the rest of us.

1. If your development machine is XP (or 2K3 server) and you need dev SSL cert installed on it, follow the instructions mentioned in the articles here. The SelfSSL makes it real easy to do self signed certificates, literally one statement.

Setting up SSL with a SelfSSL certificate on Windows Server 2003 (and XP)

Create a self-signed SSL certificate with IIS 6.0 Resource Kit SelfSSL

2. Create a WCF Service Project. Name the service and contracts appropriately. In my sample it is a simple contract like follows.

   [ServiceContract]
    public interface IWcfService
    {
        [OperationContract]
        string GetData(int value);
    }

Make sure you make the appropriate config changes matching with your service contract.

2. Add a custom validator class in your service. You can create a separate file for it. In this example I have added it to the main service file WcfService.svc.cs. You are going to need to add the reference (not just adding these lines at the top, go to add-reference and add the corresponding dll’s to the project)

using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;

and the custom validator code.

public class CustomValidator : UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)
        {
            if (userName == "test" && password == "test")
                return;
            throw new SecurityTokenException(
                "Unknown Username or Password");
        }
    }

You probably want to make this user name and password moved to a more secure location or point to your database/authentication store for security and maintainability perspective.

3. Now the code part is done. Move to config file. Enable custom errors so you know details about the errors happening.

4. Add a new bindings attribute in the config called SafeServiceConf which will specify the TransportWithMessageCredential type of security. You can add this right before </system.serviceModel>

<bindings>
<wsHttpBinding>
<binding name="SafeServiceConf" maxReceivedMessageSize="65536">
<readerQuotas maxStringContentLength="65536" maxArrayLength="65536"
maxBytesPerRead="65536" />
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<bindings>       <wsHttpBinding>          <binding name="SafeServiceConf" maxReceivedMessageSize="65536">             <readerQuotas maxStringContentLength="65536" maxArrayLength="65536"                maxBytesPerRead="65536" />             <security mode="TransportWithMessageCredential">                <message clientCredentialType="UserName" />             </security>          </binding>       </wsHttpBinding>    </bindings>

5. Modify your end point address to refer to this binding configuration

			<endpoint address="" binding="wsHttpBinding" contract="MySamples.IWcfService" bindingConfiguration="SafeServiceConf">

also modify your metadata exchange endpoint to use mexHttpsBinding

				<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>

6. Modify your service behavior to look like this

				<behavior name="WcfService.Service1Behavior">
					<serviceMetadata httpGetEnabled="true"/>
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <userNameAuthentication
                 userNamePasswordValidationMode="Custom"
                 customUserNamePasswordValidatorType="MySamples.CustomValidator,WcfService"
                                                                          />

          </serviceCredentials>
        </behavior>

It’s recommended that “Include exception in faults” should be disabled when moved to production.

7. Now you are almost ready to run the service however before you do this, make sure that you are running it in the IIS AND you have the SSL enabled on the server as specified in step 1 otherwise you’ll run into WCF error stating that there is no HTTPS endpoint available.

Setup Virtual Directory in IIS from Visual Studio

You should be able to run and see the service end point as follows.

Running WCF Service over SSL

Running WCF Service over SSL 2

8. Now that the service is done, let’s move towards building the client. Add the service reference to the service end point. You can do it either via entering the entire URL or using the discover feature.

Add WCF Reference

9. Name your reference “Client” or modify your code appropriately. Following is the code for client implementation.

       private static void Main(string[] args)
        {
           ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(
                delegate { return true; });

            var client = new WcfServiceClient();
            GetCredentials();
            client.ClientCredentials.UserName.UserName = username;
            client.ClientCredentials.UserName.Password = password;
            Console.Write(client.GetData(1));
            client.Close();
            Console.Read();
        }

The RemoteCertificateValidationCallback part is used to programatically avoid the following warning which would popup due to self signed cert usage.