Thursday, July 24, 2014

Upgrade TeamCity to enable support for Visual Studio 2013

Symptoms


If you are using TeamCity in your development process and had upgraded from Visual Studio 2010 to VS 2013 in your development environment you may experience unexpected build errors on TeamCity if its version is lower than 8.1.x similar to the following:

error MSB4019: The imported project "C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v11.0\WebApplications\Microsoft.WebApplication.targets" was not found. Confirm that the path in the declaration is correct, and that the file exists on disk.

The Story


The situation is that developers' work stations had been upgraded to Windows 8.x along with Visual Studio 2013 but a TeamCity build server still happily runs under Windows 2008 with .NET 4 installed and everything is just fine. Most likely the projects TeamCity builds target .NET 4.0 framework because they don't utilize newer features from .NET 4.5.x.

Next the decision is to switch your projects target framework to .NET 4.5 in order to take advantage of some new features, for example MVC 5, or ASP.NET Identity framework, etc. The projects have been successfully modified on developers' workstations and compiles and runs there but suddenly TeamCity is not happy because it cannot figure out how to properly build the project with the existing set of MSBuild tools. Apparently a build server software upgrade is required.

The Problem


In the error message above the key problem is that MSBuild is trying to import build targets from the wrong location "C:\...\MSBuild\...\v11.0\...". The exact problem is "v11.0" part. It comes from an environment variable that TeamCity sets when invokes MSBuild. The TeamCity sets it based on MSBuild tool version selected in its project definition. So technically it should be just enough to modify the MSBuild version to 2013 to fix the problem but TeamCity before 8.1.0 simply does not allow any other option to select from. Upgrade is required.

The Solution: Proper Build Server Set-up


Ideally a build server should resemble a production environment and should run the same versions of the build tools as developers have so obvious choice here is to install Windows 2012 with .NET 4.5 already on it and add Visual Studio 2013 build tools for compilation support. Then move TeamCity from the old build server to the new one and everything should be just fine. But there is a catch.

On the old build server TeamCity build steps have been configured to run MS Build v4.0 on .NET 4.0 Framework and MS Build would not be able to find required build targets because they are now in a different location corresponding to Visual Studio 2013. Installing Visual Studio 2013 in addition to the MS Build Tools 2013 would not help resolve the problem (and it's absolutely not required) since the problem is not with the .NET environment at all: the problem is that TeamCity does not know about Build Tools version 12.0.

To fix the problem TeamCity must be upgraded to the latest version but not below 8.1 because support for Visual Studio 2013 was added in version 8.1.0 and then all the build steps in all the projects should be modified to use a proper MSBuild version accordingly. Screen shots below illustrate the build step settings before and after the change:


After the change:



Thursday, July 3, 2014

PDF4NET: Setting Transparent Background for a Barcode

PDF4NET is my favourite PDF manipulation library for .NET. It is very versatile and has many useful and unique features but unfortunately lacks good documentation. So often in order to achieve something it requires some digging and researching to do.

Here is a small trick that allows setting a transparent background for a bar code inside a PDF document.

PDF4NET renders bar codes inside PDF as images. Because of that there is a background colour of a bar code area. By default it's a White colour. If a bar code are is not overlapping with any other coloured content in a PDF document it does not matter. But if a bar code is drawn on top of another coloured area it will look like a white rectangle with a bar code inside it which may not be your exact intention.

PDFBarCode class has a BackColor property of PDFColor type that allows setting a background colour for a bar code area but there is no way to define neither RGB or CMYK colour that is transparent because neither colour model support transparency in PDF. But assigning explicitly BackColor a null value will remove any colour from the background and make a bar code area transparent so only the bar code data will be visible.

Cheat Sheet for Enabling Output Caching in ASP.NET MVC

What is Output Caching


ASP.NET output caching feature allows increasing web application performance by returning content that was built some time ago instead of rebuilding it on every request. Returning content from cache only takes a few milliseconds as opposed to executing a full request cycle that could take much longer.
The content is being cached on the ASP.NET level and the request would not reach the application code for the content that is still in cache. ASP.NET output caching can be used in both WebForms and MVC applications and using it in MVC has become even easier than before.

When to use Output Caching


Output caching is useful when content returned by a controller action method does not change frequently, requires more than few CPU cycles or database access and does not require a lot of memory to store. For example, I would not recommend to use output caching for a large binary object like an image or a file. Also there is no point to cache a short string that only takes a few milliseconds to build. The best use case would be an average size content that requires some calculation or database access to produce but does not change on every request.

How to enable Output Caching


The easiest way to enable output caching in MVC is using an OutputCache attribute on the controller or controller action method. Applying output caching on a controller action method is recommended as it gives much better granularity and control over output caching. The best way to control output caching behaviour is via caching profiles that allow defining all parameters in a web.config file and override them for each environment where the web application is deployed (i.e. Dev, QA, Stage, Live, etc.)

Limitations


ASP.NET MVC has some limitations for output caching, for example: caching profile is not supported for a partial/child controller method therefore caching parameters including Duration and VaryByParam must be set in the code.

Implementation and code review check points

  1. Apply to individual action methods
  2. Use Caching profiles
  3. Partial/child action methods should not be cached for too long
  4. Disable output caching in Dev/QA/Stage environment.
  5. Do not forget to set Duration and VaryByParam values in web.config

Example


Thursday, November 7, 2013

Setting Cache Control HTTP Headers in Web API Controller Method

Controlling caching behaviour of an HTTP response is an important task that cannot be ignored as it will have a big impact on a web application load and performance. In ASP.NET Web Forms and MVC applications it usually is done by using special directives or attributes that take care of adding corresponding headers to the response. ASP.NET Web API framework unfortunately does not come with an out of the box support for this functionality so concious developers need to deal with that themselves. Luckily it is not a difficult task to do as the Web API framework has a number of support objects that simplify the job.

Basically in order to control caching behaviour we need to make sure that the output response will have what is called "Cache control header" with proper values that determine caching behaviour. Example below demonstrates how to make a response publicly cacheable for a period of time:

To simplify the usage further we can even create a static extension method that can be easily applied in a controller method:

Wednesday, November 6, 2013

ASP.NET and SSL Offloading

SSL offloading is quite a popular method of improving a web server performance by delegating a CPU-intensive SSL processing operations to an external device such as a load balancer. Because having a load balancer only makes sense when there are multiple web servers working in a farm it looks like an attractive solution for maximizing usage of a load balancer and at the same time improving performance of web servers by freeing them from doing an "unnecessary" SSL processing. What also makes SSL offloading a high profile feature is load balancing appliance vendors marketing SSL offloading as one of the selling points of their products.

With all above said being correct it is not always recommended to rush for turning SSL offloading on. One very specific use case is an ASP.NET application using  Web Forms authentication configured to serve protected content over secure connection only. What that means is when a request for a protected page sent over unsecured HTTP the application will redirect it to a secured version of the Url. But because the SSL request never reaches a web server (since it's being intercepted by a load balancer and converted into HTTP request) the application logic will be stuck in an infinite redirect loop. To resolve the problem there are only two options: allow protected content over an unsecured connection or disable SSL offloading. If there is more of an application logic that requires secured connection between client an a server it makes more sense to not use SSL offloading at all.

There are however scenarios when SSL offloading is very helpful. Examples include but no limited to many kinds of data processing service-like web applications that are not intended to return human-readable HTML output, TCP/IP based data processing applications that do not use HTTP at all and so forth. Most likely such applications will not base their logic on a condition of a secure connection with a client.

What are PROs and CONs of using SSL offloading? Obviously one positive point is web servers performance improvement by removing SSL processing from their plates. How important that could be? Most likely that depends on traffic. For high traffic high profile publicly accessible web servers that could be very important but in such cases all the efforts must be made to not couple application logic with a type of client-server connection. From another hand modern server CPUs implement specialized command sets that make SSL processing much less intensive and not so terrifying a task for web servers so it could be more convenient to allow secure traffic directly to web servers.

Another consideration is how secure traffic passing between an SSL offloading load balancer and a web server is. Obviously both devices are supposed to be behind a firewall but it needs to be take care of because traffic may contain sensitive information and in such a case load balancer could become a point of attack.

One more concern is IT maintenance. Secured infrastructure requires setting up and maintaining SSL certificates and other components. If there are a lot of web servers in a farm it could make sense to minimize maintenance by centralizing all SSL configurations on SSL offloading devices.

In conclusion, understanding specifics of a particular implementation is crucial for making a correct decision about using SSL offloading technique.