Random 500 errors on IIS when using client certificates

Recently, I have been working on an application that provides some web services to a client. The communication between the client and our application runs through HTTPS. Furthermore, the client has to provide a client certificate whenever requesting our web services. The application is built on WCF and runs behind IIS 10 on Windows Server 2016. Everything worked fine until we looked at the response statistics our client had generated, where we could see we weren’t responding 100%. The statistics showed response drop to 90%-95% every other day. Continue Reading…

Dynamic resource registration in ASP.NET MVC

Many people combine all scripts (and style sheets) for the entire website into one bundle. The rationale behind this is the TCP connections limitation by browsers. Furthermore, once the bundle is downloaded, it gets cached by the browser and subsequent requests to the website are faster. This approach, however, works against the concept of modularity. Why changes in one file should invalidate the entire (potentially huge) bundle? Moreover, HTTP/2 removes the TCP connections limitation issue. Although, ASP.NET MVC provides a way to register resources separately, this build-in mechanism is not flexible enough. Continue Reading…

Kerberos and load balancers

Kerberos is a ticket-based authentication protocol, which requires deep understanding to make it work properly. Information about setting it up is somehow scattered over the web, so it took me some time to find relevant reads. In my previous post I wrote about my initial experience with Kerberos and I want to share some more in this one.

Working in a load-balanced environment introduces (administrative) complexity to your system and Kerberos is no exception to this. In this post I will focus on setting your IIS (>= 7.0) correctly up to work with Kerberos in such scenarios. Continue Reading…

5 things preventing your organization from becoming agile

Organizations are living organisms – people inside are connected by an established culture and they all move the organization together. Trying to influence this established culture is a difficult undertaking. In the last couple of years, I have been working in organizations, each being at different level of becoming agile and adopting Agile mindset:

  • such, implementing successfully Agile mindset & practices;
  • such, being successful in being agile until another culture interferes;
  • such, using waterfall model and believing the world is almost static and changes slowly.

In this post I have collected some patterns I have seen (both from my own experience and from others) that cause troubles to organization trying to become agile. I don’t claim this is an exhaustive list, but rather want to share what I have seen most often happen in such organizations. Here I assume the management has bought the idea of implementing Agile practices and work in that direction, because if there is no support, all initiatives would die early. You are very welcome to share your experience in the comments below; I will be happy to see that. Continue Reading…

Ode to versioning

Unless you keep your programs only for yourself, you would want to give them a version. Versioning is a popular technique where a unique version number is assigned to a program to denote a specific state of the code of that program at a specific time. A version number is used as a reference to what the program, as a deliverable, includes in terms of functionality. This reference is expressed in words that your users would understand. Furthermore, if your users experience a problem, you could try to reproduce it on that same state of the code.

There are many versioning schemes that dictate how to generate new version numbers. When trying to implement continuous integration (and delivery), though, you may face some challenges. In this blog post I will try to explain some of these challenges and what options there are.

Continue Reading…