Communication between third-User and my Server - vb.net

I am looking for the best way to setup communication between user who uses my application and my own server.
The thing is that I am creating application with licensing and I have to receive information by third-User when he connected and IP addresses he connected from.
But, I don't know should I use one more connection string and send those information to my MS SQL Server I have in my company from his workplace or I should upload .txt files on my web server? What is the best way to make this communication possible?

While the requirements are a bit vague, based on what seem to need I would approach this with a web service. This WS would provide the means to communicate with your SQL server without exposing SQL itself to the internet.
Your web service could, for example, have a call which accepts the following information:
Product being requested
Information needed from the local client (machine name, etc.)
Existing authentication ticket previously issued (if required)
Your method could then take this information, process it in SQL, and then return whether or not a license is available along with an authentication ticket (if needed).
On the client side, if your application only needs to hit this service once then you can just call it on connection/load. Otherwise if you need to periodically hit the licensing WS you could use a Timer.
Dim licenseCheck As New Timer
licenseCheck.Interval = 60000 ' Check every minute.
AddHandler licenseCheck.Tick AddressOf CheckLicense
Private Sub CheckLicense(sender As Object, e As EventArgs)
' Call license web service and act accordingly.
End Sub

Related

Is there a simple way to use VB.NET to read a SharePoint Online file without logging in?

I inherited a program written in VB.NET. I want to host the installer and documentation for the program in a SharePoint Online library. The SPO library allows View/Read-only access to "Everyone except external users" but it does not allow anonymous access. I want the program to check the SPO library for an updated version when it launches.
I envisioned a simple function like this:
Private Function getVersion() As String
Using client As New WebClient
getVersion = client.DownloadString("https://companyname.sharepoint.com/site/library/version.txt")
End Using
End Function
where version.txt contains nothing but the current version number.
However, this function throws an IOException stating that the connection was forcibly closed by the remote host. I think this is because the SPO site requires authentication.
I don't want to add a user login step solely for this one thing. This probably means an SPO site that requires authentication is not the ideal place for my version.txt file to reside, but I'm also trying to avoid solutions that require me to jump through hoops and involve others to get it to work. I'm the only developer for this program, so I'd like to be able to publish an update without having to wait for someone else to do something (like update a web server that I don't have access to).
Suggestions for a simple technique to achieve my goal?
In your Using block, before the line with DownloadString, set the Credentials of your WebClient:
Private Function getVersion() As String
Using client As New WebClient
client.Credentials = CredentialCache.DefaultCredentials
getVersion = client.DownloadString("https://companyname.sharepoint.com/site/library/version.txt")
End Using
End Function
The DefaultCredentials will be the credentials of the currently logged in Windows user.
See the docs on System.Net.WebClient.

Capture/Log WCF Binding/Serialization/Deserialization Error

I've class which has a set of attributes.
I'm trying to call WebService from custom Billing device (based on proprietary HW/SW). The problem is that in the application in some cases the required field (an integer in this case) is sent as null. WebService just rejects that.
Is there any way to log such errors in the Server as "return false" prompts the App to resend again (which will fail as the value is still null). Idea is to write to database the errors (with device details and the actual error, integer column is null in this case) and the Application/Web Admin can get in touch with user of the device to take appropriate action.
For debugging, you can use Fiddler2 easily to capture any web traffic, including the full xml of a SOAP request/response (and it even handles SSL easily, unlike Wireshark)
For logging... I wish I knew. Sorry.
Also, dupe of In C#, How to look at the actual SOAP request/response in C#

Retrieving data from a site through a secured proxy

My client will access my company's site to retrieve data information, using a sub I am working on. This has to be done using a secured proxy, since his company blocks access to some sites. I can't test my sub on his computer and obviously he cannot send the proxy information (ie.:Username, passoword, ip, port...)
Sub login_sub()
url = "http://localhost/php004/loginExcelAddin.php?username=" + username + "&password=" + password
Dim httpObject As Object
Dim response As String
Set httpObject = CreateObject("WinHttp.WinHttpRequest.5.1")
httpObject.Open "GET", url, False
httpObject.SetProxy HTTPREQUEST_PROXYSETTING_PROXY, proxyIP + ":" + proxyPortNumber
httpObject.send
response = httpObject.responseText
On Error GoTo errorHandler
If response = True Then
loggedIn = True
MsgBox "You are logged in"
End If
Application.Calculate
Exit Sub
errorHandler:
MsgBox "Login has failed"
End Sub
(Username, password, proxyPortNumber, proxyIP are public variables filled in a form)
I am struggled with this issue for a while. Anyone could tell me if I am going to the right direction, can I send this code for the client?
Thanks
Ah, I've been through this before many times in my career. From a test strategy perspective (rather than a review of your code above), there are several possible combinations of ways to test all this out:
The client's IT department should be able to provide you with specifications on how their proxy expects client identification information to be included in the outbound request. Some proxies may use alternative authentication information data in the request headers; you need to know exactly how the client's proxy requires the authentication data to be passed (this can get troublesome on Enterprise proxies that may use Active Directory/LDAP as intermediaries).
The ideal first stage of testing is to setup inside your own company a test authenticating proxy in as close as possible the same make, version, and configuration as the client's. Put your Excel code onto a laptop, and connect the laptop to the "outside" of this test proxy. This will allow you to test the code to work out bugs with accessing a similar proxy under your control.
Of course, its quite possible that the client's proxy may not behave quite like your test proxy, so even after doing step 2, there may still be problems once you give it to the client. If the client is allowed to use window sharing services like WebEx, you could then set up a WebEx session with the client, and have them share their screen with you while they are using your code for the first time. If it fails, you can talk them though a debugging session with Excel's debugger while you are watching the debugging results.
3a. If the client's IT Dept will allow a more comprehensive sharing tool that allows YOU to remotely control the client's desktop (while they are watching) that would even be more ideal. But if the client's IT Dept is already doing outbound proxying, they are likely too paranoid to allow this.
If a WebEx-like session is not allowed, then you could add diagnostic outputs into a log file which they could then send you, or verbally tell you in a telecon. This is not an optimal way to accomplish the debugging.
4a. Again if WebEx-like method is not allowed, but if the client has an Excel expert and an IT expert, you can get them to do the testing with you on a telecon. Again not optimal but is better than 3 because you are not talking with a clueless client.
Finally and worst-case, you may have to travel to the client's site to do final testing on their own computers (under of course the supervision of the client).

Terrible Performance with WCF and certificates (mutual authentication)

Guys / Gals we are having terrible performance with our website that uses WCF as the application later. We are using message level security and certificates (mutual authentication). We are caching the channel factory in the application object:
Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)
Dim loChannelFactor As New ChannelFactory(Of OurReference.IWCFChannel)("ClientEndpoint")
loChannelFactor.Open()
Application.Add("ChannelFactory", loChannelFactor)
End Sub
In every page that we need data we do the following:
Dim Proxy = DirectCast(voWebApp("ChannelFactory"), ChannelFactory(Of OurInfoReference.IOurInfoChannel)).CreateChannel
Proxy.DataCall()
If roWCFService IsNot Nothing Then
CType(roWCFService, ICommunicationObject).Close()
roWCFService = Nothing
End If
Also i have set establishsecuritycontext = true.
We are not wanting to cache the proxy because of having to mess with a faulted proxy state. As far as i know caching the channel stack should be enough anyways. When i turn on tracking i'm seeing a bunch of SCT commands instead of just for the first call like i would expect. Does anyone know whats going on. Are we caching the channel factory incorrectly?
thanks,
Ncage
Looks like you could solve it using a certificate from a ceritificate authority:
"MakeCert is a tool provided by Microsoft to create test certificates that can be used during the development of a product (For developing and testing purposes only). These certificates have also performance problems, certain cryptographic operations may perform slowly when they are used. Certificates issued from a true Certificate Authority do not have this problem, and it is a know issue."
http://weblogs.asp.net/cibrax/archive/2006/08/08/Creating-X509-Certificates-for-WSE-or-WCF.aspx
Edit: May be the extra activity is due to initial handshake when creating of a session. WCF default is per call, that is a new session is created for each call. You could try marking your contract with:
[ServiceContract(Session = true)]
That may maintain the session and avoid the initial handshake.
I remember a similar issue however it was a good 18 months ago. I found this whilst having a quick look for how i resolved the issue. It may help, I will edit my response when I find what I was looking for!
The additional SCT/RST calls are establishing the security context. If you recreate the proxy on each call, a security context is unneccesary overhead. Turn it off.
The way you use the factory is fine. However, your error handling and closing of the proxy is not. Make sure that you close or abort the proxy in any case. Check msdn for the recommended pattern.
Also can you provide some figures about how bad performance is?

Track installs of software

Despite my lack of coding knowledge I managed to write a small little app in VB net that a lot of people are now using. Since I made it for free I have no way of knowing how popular it really is and was thinking I could make it ping some sort of online stat counter so I could figure out if I should port it to other languages. Any idea of how I could ping a url via vb without actually opening a window or asking to receive any data? When I google a lot of terms for this I end up with examples with 50+ lines of code for what I would think should only take one line or so, similar to opening an IE window.
Side Note: Would of course fully inform all users this was happening.
Just a sidenote: You should inform your users that you are doing this (or not do it at all) for privacy concerns. Even if you aren't collecting any personal data it can be considered a privacy problem. For example, when programs collect usage information, they almost always have a box in the installation process asking if the user wants to participate in an "anonymous usage survey" or something similar. What if you just tracked downloads?
Might be easier to track downloads (assuming people are getting this via HTTP) instead of installs. Otherwise, add a "register now?" feature.
You could use something simple in the client app like
Sub PingServer(Server As String, Port As Integer)
Dim Temp As New System.Net.Sockets();
Temp.Connect(Server, Port)
Temp.Close()
End Sub
Get your webserver to listen on a particular port and count connections.
Also, you really shouldn't do this without the user's knowledge, so as others have said, it would be better to count downloads, or implement a registration feature.
I assume you are making this available via a website. So you could just ask people to give you their email address in order to get the download link for the installer. Then you can track how many people add themselves to your email list each month/week/etc. It also means you can email them all when you make a new release so that they can keep up to date with the latest and greatest.
Note: Always ensure they have an unsubscribe link at the end of each email you send them.
The guys over at vbdotnetheaven.com have a simple example using the WebClient, WebRequest and HttpWebRequest classes. Here is their WebClient class example:
Imports System
Imports System.IO
Imports System.Net
Module Module1
Sub Main()
' Address of URL
Dim URL As String = http://www.c-sharpcorner.com/default.asp
' Get HTML data
Dim client As WebClient = New WebClient()
Dim data As Stream = client.OpenRead(URL)
Dim reader As StreamReader = New StreamReader(data)
Dim str As String = ""
str = reader.ReadLine()
Do While str.Length > 0
Console.WriteLine(str)
str = reader.ReadLine()
Loop
End Sub
End Module
.NET? Create an ASMX Web Service and set it up on your web site. Then add the service reference to your app.
EDIT/CLARIFICATION: Your Web Service can then store passed data into a database, instead of relying on Web Logs: Installation Id, Install Date, Number of times run, etc.