I was having a hard time adding a rabbitmq.config file today. I added it in the right location, restarted
the RabbitMQ Windows service and the logs still showed that the configuration file was not found.
If you’re experiencing the same problem, you’ll see a similar error message in the RabbitMQ log file after
you restart the Windows service.
This will happen if you just install your RabbitMQ server with the normal, default installation process
and then try to add a configuration file later. By default, RabbitMQ doesn’t install configuration file and just
uses all it’s defined defaults.
I read the documentation a little more closely
and finally came upon this line: “Windows service users will need to re-install the service after adding
or removing a configuration file.”
Oops. Guess I should have read the documentation more closely the first time around! The easiest way to
do this is as follows (start a command prompt as administrator):
I recently ran across a need to generate all permutations of an array of objects
in some unit testing I was doing.
The specific situation was testing that, no matter what the order, when certain messages
were picked up by an NServiceBusSaga, that a certain state was consistent after all
messages were received. Since I explicitly wanted to test the state no matter what order
the messages arrived in, I needed all permutations of those messages so I could send
them to the Saga in each order and test the resulting state.
I know that blog post title is sure a mouth-full, but it describes the whole problem I was trying to solve in a recent project.
Let me outline the project briefly. We were building a report dashboard-type site that will live inside the client’s network. The dashboard gives an overview of various, very important information that relates to how the company is performing on a hourly basis. So, the dashboard is only available to a certain group of directors.
To limit the solution to the these directors, authentication and authorization would go through their existing Active Directory setup by putting the authorized users in a special AD group.
Getting authentication to work was a snap. Microsoft provides the System.Web.Security.ActiveDirectoryMembershipProvider
class to use as your membership provider. Putting an [Authorize] attribute on my action methods or entire controllers was all I needed to get it working (besides, of course, the system.web/authentication web.config updates and a controller to show my login form and handle the submit credentials).
Here’s my relevant web.config setup:
The tough part came when I wanted to limit access to users in that AD group. Microsoft doesn’t provide a RoleProvider along with its ActiveDirectoryMembershipProvider. So, what to do?
I tried several methods I found online. Most of them were based on creating my own custom RoleProvider and querying AD to iterate through the user’s groups (treating them like roles) and seeing if one of them matched my AD group I was looking for. However, I could never get it to work. Each code example I found eventually gave me this AD error when I iterated through the current user’s AD groups:
The specified directory service attribute or value does not exist.
Eventually, I found a solution online that worked. Instead of setting up a custom RoleProvider, all it involved was creating a custom AuthorizeAttribute for your MVC controllers (or action methods) that checked the user’s .IsMemberOf method to see if the member belonged the sought after group (or groups). I don’t know why this method does not cause the same AD error as describe above, but I’m glad it doesn’t! All I can assume is that it queries AD in a more friendly way.
Here is my custom AuthorizeAttribute:
Notice that I also included a little code to distinguish between the user not being authenticated (which the call to base.AuthorizeCore takes care of) and not being authorized. Without the code in HandleUnauthorizedRequest, if the user successfully logs in but is not in the AD group, he just sees the log in screen again which doesn’t communicate the problem very well.
The this.Log() code uses a Nuget package called this.Log. The LDAPHelper class is something I wrote. The code is below: