Wednesday, November 30, 2016

CompTIA Security+ ce renewal

I just completed renewing the Security+ certification issued by COMPTIA.  This is requirement
for all contracting staff who work with DOD.  This has been a requirement for some years now.

Security+ CE program runs on a 3 year cycle.  That is from the time you successfully pass the Security+ exam you have a 3 year period where the following must occur in order to maintain
your certification:

1.) Pay Comptia $50 a year.  You can pay this annually or all at once your choice.
2.) Acquire 50 Continuing Education Units over the period of 3 years.
3.) Add CEUs into the comptia website as you acquire the CEU.  Note:  if you have not paid the annual fee then you will be unable to complete this step.

How to acquire the 50 CEUs?  While this can be reached in a number of ways, see items 1 & 2 under sources, I will describe the path I chose:


  1. Complete the Cyber Security Fundamentals Training (item 3) from Ft. Gordon this will give you 40 CEUs.
  2. Write your job description and have your boss sign and date the description on company letter head.  You get 3 CEUs for each year of work which requires you to use Security+ skillsets. That means for the 3 year timespan you get 9 CEUs.
  3. Complete 1 course from the DISA courseware list (item 1).  I chose the DNS Basic concepts (item 4).
That gave me my 50 CEUs!



Source:


Posted by at No comments:
Labels: , , ,

Tuesday, November 29, 2016

Unable to cast object of type 'System.Data.Entity.Infrastructure.DbQuery' to type of 'System.Web.Mvc.SelectList'

Problem:

Had a solution using the Entity Framework which required a query modification. 


Solution was:
return new SelectList(db.Offices, "Office_ID", "Office_Name");


Changed too:


public class SecurityGroup
{
public string ADGroupSID { get; set; }
public string ADGroupName { get; set; }
public Guid Office_ID { get; set; }
public string ADUser { get; set; }
}


List<FCJC.Model.SecurityGroup> userOffice = theUser.GroupMembership.FindAll(g => ControllerHelper.GetAllOffices().Contains(g.Office_ID)).ToList();









var test = (from o in db.Offices

             join oa in db.OfficeADGroups on o.Office_ID equals oa.Office_ID
           where oa.ADGroup_SID.Equals(userOffice.Select(uo => uo.ADGroupSID).ToString())
select new
{
o.Office_ID,
o.Office_Name
}).AsEnumerable();
return new SelectList(test, "Office_ID", "Office_Name");


The problem did not arise until it ran.  The query compiled but since we are dealing with LINQ the query did not execute until runtime.  Then I received the following error:



Unable to cast object of type 'System.Data.Entity.Infrastructure.DbQuery`1[<>f__AnonymousType9`2[System.Guid,System.String]]' to type 'System.Web.Mvc.SelectList'

Solution:

The problem was the lack of support from Entity Framework.  It will only support primitive data types.  The query uses anonymous typing until it is executed.  This process then tries to resolve the data type.  This will not support the use of custom data types.  I tried a number of work arounds to include forcing the execution of the query and then applying a cast to the SelectListItem type.


Try 1 - Fail
 var test = (from o in db.Offices
  ().Select(o => o.Office_ID) on oa.Office_ID equals uo.Office_ID
                        select new
                        {
                            o.Office_ID,
                            o.Office_Name
                        }).AsEnumerable()
            .Where(o => o.Office_ID.Equals(userOffice.Select(uo => uo.Office_ID)))
         
            new SelectListItem
            {
                Value = x.Office_ID.ToString(),
                Text = x.Office_Name
            });


This will work in Linq to SQL but is not supported in the current version of Entity Framework (v6).
The inclusion of the userOffice LINQ subquery is not supported in EF which will only support constant values.  That ruled out any sort of variable or collection.


Got it finally!


Solution was to take the LINQ out and do a direct query:


   using (var ctx = new FCJCModel())
            {
                var sql = "select Office_ID,Office_Name,Address_ID,Archive,LastUpdatedDate,LastUpdatedUser from office where Office_ID in (" + ofcGuids.Replace("\"", "'") + ")";
                var kk = ctx.Offices.SqlQuery(sql).ToList();
                return new SelectList(kk, "Office_ID", "Office_Name");
            }






Source:

  1. http://stackoverflow.com/questions/15211362/only-primitive-types-or-enumeration-types-are-supported-in-this-context
  2. http://www.entityframeworktutorial.net/EntityFramework4.3/raw-sql-query-in-entity-framework.aspx
Posted by at No comments:
Labels: , , , ,

Tuesday, November 22, 2016

IIS application pool recycles on each page load.



Problem:
I had applied DISA STIG to an IIS application.  Once this was done all page loads required new sessions.  This wiped out any session memory since this gets wiped when a page reloaded.




Why:
Culprit was application pool settings Virtual Memory Limit. 


 


This setting prevents an application from consuming all available memory for IIS which then would


Cause IIS to shut down and force a restart bringing down all websites on that instance of IIS.


The virtual memory limit was designed to prevent this by setting a threshold.  Once that threshold


Is reached the app pool automatically recycles wiping memory and thus preventing any danger of


Lockout due to excessive memory usage. 


 


Explanation:


This setting is was valid in IIS 7 when 64 bit OS'es were not always the norm.  In IIS 8.5 we are on 64 bit OS and ASP.Net does memory management much better.  Further complications are that ASP.Net's memory management can get into a "fight" with IIS over who is doing memory management.   This will only occur if you set the Virtual memory limit to something besides 0 (default).  This is exactly was the IIS 7 STIG prescribes.   End result is that the application pool session is constantly being recycled.  This means that a long running FSA session can be terminated during the middle of an operation.  If this occurs more than 5 times in 5 minutes then the app pool is automatically locked.



Solution:


The Virtual memory limit on the FSA application pool has been set to its default value 0.  This means that ASP.Net will manage memory inside the application.






Source:
https://technet.microsoft.com/en-us/library/cc732519(v=ws.10).aspx
http://blog.walteralmeida.com/2011/07/iis7-private-memory-limit-versus-virtual-memory-limit.html
Posted by at 1 comment:
Labels: , , , ,

How to enumerate fields in a pdf form?

Problem:
Needed to list all the fields in an existing pdf form.  This will then be used to populate the pdf fields from a web form.


Solution:


AcroFields af = ps.AcroFields;


foreach (var field in af.Fields) {
            Console.WriteLine("{0}, {1}", field.Key, field.Value);
        }




Source:
http://stackoverflow.com/questions/3041883/how-do-i-enumerate-all-the-fields-in-a-pdf-file-in-itextsharp
Posted by at No comments:
Labels: ,

Pdf writer for a website.

Problem:
Needed to solve a common problem.  Need to prepopulate an Adobe Pdf form from a web form.
This is a pretty common tasks and several packages are available.


Solution:
I decided to go with itextsharp.  This seems like a popular choice and there were plenty of samples available.  The software will let you fill out an existing pdf form.  This presupposes that you have a completed Adobe form.  If you don't you can create it with this package or you can buy a copy of Adobe Acrobat Pro.




Source:
http://stackoverflow.com/questions/31584274/where-download-examples-of-itextsharp
https://sourceforge.net/projects/itextsharp/







Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)