Disqus - Latest Comments for aggieben

Re: Now The Babylon Bee's Been Suspended From Twitter

aggieben — Mon, 17 Aug 2020 23:16:45 -0000

Guys, they're up to 610k. I don't think they actually lost any followers.

Re: The War on Utility Providers | Chris Hacken

aggieben — Fri, 26 Jun 2020 20:23:10 -0000

Hi! I'm pretty deeply involved in a municipality in Texas and am deeply interested in this subject. After reading stories like these (this is far from the first I've seen), I'm becoming more and more convinced that municipalities should take the responsibility for installing the infrastructure itself. Every time a road or sidewalk has to be torn up, they should be laying down fiber. Ultimately, it seems to me that customers would get a fiber connection to their residence or business just like they do currently with the water supply or electrical. They pay a fee and the municipality (or franchised utility) will come establish the "last 20 feet" connection. From the perspective of an ISP, would it be better for you to have this last-mile infrastructure maintained as a utility? My thought is to have the municipality run an interconnect facility where actual internet service could be provided and administered by private parties like yourself, via contract.

Re: Creating an authentication scheme in ASP.NET Core 2.0

aggieben — Thu, 09 Jan 2020 13:33:45 -0000

I figured out that in my case I was using `IOptionsMonitor` incorrectly. I was trying to do something like:
class MyHandler : AuthenticationHandler<myoptions> { private readonly IOptionsMonitor<myoptions> _options; public MyHandler(IOptionsMonitor<myoptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock) { _options = options; } public async Task<authenticateresult> HandleAuthenticateAsync() { var options = _options.CurrentValue; // ... do the rest of the stuff here } }

The fix was to not misuse `IOptionsMonitor` like this, but instead to use the `.Options` property on the `AuthenticationHandler` base class.

Re: Creating an authentication scheme in ASP.NET Core 2.0

aggieben — Wed, 18 Dec 2019 12:24:21 -0000

Thanks for the writeup! Using this article as a guide, I built a custom scheme, but I'm having a bit of trouble. When my handler is instantiated, the options object being passed into my constructor isn't the same one that I configured in my `ConfigureServices` method. Any ideas why that might be?

Re: Can Trump End Birthright Citizenship With An Executive Order?

aggieben — Tue, 30 Oct 2018 12:57:59 -0000

Ben, the Howard quote is grammatically incomplete and therefore ambiguous - and in any case not dispositive, but one of several indications of what the phrase "subject to the jurisdiction thereof" was intended to mean. CIS has done a good job of outlining a pretty balanced assessment of this evidence here: https://cis.org/Report/Birt.... They came to a different conclusion than you, and explained it with quite a bit more evidence - and I find it more persuasive and plausible. It seems to me that federal agencies have come to adopt a jus soli approach without direction from Congress and therefore the president would be within his powers to direct them to do otherwise, absent more clear guidance from Congress.

Re: Chocolatey Gallery | hugo 0.19.0

aggieben — Fri, 24 Aug 2018 17:34:50 -0000

Yeah, agree here. I tried to build a site that requires hugo.extended, and I was pretty confused for a while. Would be nice to have a hugo.extended on chocolatey

Re: GDPR: What You (And Your Store) Need to Know About This New Data Protection Law

aggieben — Fri, 25 May 2018 16:23:50 -0000

Is there a way to simply block all EEA traffic from my Shopify site and present those visitors with a custom 451 error page?

Re: Why Does the Ethereum Ecosystem Use Gas?

aggieben — Mon, 07 May 2018 17:04:07 -0000

I'm just learning about how gas works, and how it decouples the cost of a transaction from the value of Ether. What I don't understand is this: why wouldn't a system of flat fees, as used in Bitcoin, be sufficient for everything that gas is used for? If you want your contract executed sooner, you offer a higher fee. If you don't offer enough of a fee for a highly-complex contract, miners reject it. I'm having a hard time fully grasping the *necessity* of gas.

Re: 'Dr. Doom' Roubini Joins Wall Street Chorus Calling Bitcoin a Bubble - CoinDesk

aggieben — Wed, 08 Nov 2017 17:53:53 -0000

It looks to me like he's actually not very well-informed about Bitcoin. I think he's right (broadly speaking) that one of Bitcoin's biggest risks is that governments will restrict it, but it's far from apparent that this is actually happening. Case-in-point: China didn't actually ban cryptocurrency exchanges, it banned ICO exchanges (albeit they also shadily asked cryptocurrency exchanges to "voluntarily" shut down). What looks likely is that China wanted to halt exchange activity while it figured out a licensing regime (https://www.cryptocoinsnews.... Even in the US, ICO exchanges are unlikely to continue to be allowed to operate unfettered (IMO).

Also, whenever someone starts with "bitcoin is used by criminals", I tune out pretty quickly, Nobel laureate or not. Criminals also use cash, checks, and credit cards. Bitcoin is no less traceable than check and credit cards, and more traceable than cash. Any government who actually understands how it works should be anxious to have a public ledger they scan scour (as the IRS is already doing).

Re: Using dependency injection while configuring services

aggieben — Sat, 30 Sep 2017 18:28:22 -0000

Yes, that's a typo. Thanks!

Re: This is what abortion politics is for

aggieben — Thu, 31 Aug 2017 14:40:26 -0000

This is, frankly, an unbelievably intellectually dishonest misrepresentation of the pro-life (or anti-abortion, if you prefer) stance.

everyone knows that abortion is not the same thing as “killing babies.”

No, "everyone" doesn't. I can't speak for "everyone", but people who are anti-abortion generally believe that abortion is, in fact, killing babies, and that abortion is an ongoing modern holocaust against the most defenseless members of our society - particularly those belonging to black and other marginalized communities.

Re: Practical Permissions-based Authorization in ASP.NET Core

aggieben — Wed, 28 Jun 2017 13:23:19 -0000

The way you suggest would work fine. There could be a very wide variety of valid approaches. Loading permissions related to roles from the DB is one way; you could do the same with Redis. You could also pre-load permissions and keep them in local memory on the application server. How/when/how often you do that really depends on the needs of your application.

Re: a working example of permissions authorization

aggieben — Tue, 11 Apr 2017 14:18:35 -0000

Right. I think I understand what you're trying to do, but I don't have a great answer to your issues because it looks like there's something wrong not related to authorization itself, so I think you need to troubleshoot first. The first question to resolve is whether or not you're really setting up the policies that you think you're setting up.

For example, this:
foreach (params Permission[] permissions)) {

is not valid C#. How are you actually adding the policies?

Re: a working example of permissions authorization

aggieben — Tue, 11 Apr 2017 13:25:45 -0000

Are you sure that Permission.Teacher is in the permission array in your startup class? Also, are you sure that the result of Permission.Teacher.ToString() is what you expect it to be?

Re: a working example of permissions authorization

aggieben — Tue, 04 Apr 2017 17:42:52 -0000

Your understanding is correct. You don't have to use the Identity framework in order to use IAuthorizationService. I was just trying to say that when you register Identity using app.UseIdentity(); that it would be registered for you, but I was mistaken - actually, it's added when you add Mvc to your project with app.AddMvc();.

If you're not using either Identity or Mvc, then you have to register the authorization service yourself using app.AddAuthorization();, which is defined in the Microsoft.AspNetCore.Authorization package.

Re: Engineers suck at finding the right jobs - Matt Aimonetti

aggieben — Sun, 02 Apr 2017 01:15:56 -0000

I'd be interested in asking you some questions, if you're open at this point.

Re: Why Virtual Credit Card Numbers Aren’t Worth It

aggieben — Tue, 28 Feb 2017 23:15:36 -0000

These are all non-issues. All of them.

Re: Practical Permissions-based Authorization in ASP.NET Core

aggieben — Wed, 18 Jan 2017 14:21:20 -0000

Actually, to be more consistent with the way the documentation describes this method, I should probably just be passing in null rather than a string describing the resource, which I did as a reflex because I don't like using null parameters. In my scenario I don't have a use for a resource object here because the user's authorization doesn't depend on the resource itself, it depends on the permission requirement which is a parameter to the filter.

Does that answer your question?

Re: Practical Permissions-based Authorization in ASP.NET Core

aggieben — Tue, 10 Jan 2017 16:57:04 -0000

You're right! Thanks for catching that.

Re: a working example of permissions authorization

aggieben — Thu, 01 Dec 2016 12:54:48 -0000

I would only cache permissions for the duration of a single request. You don't ever want a user to have stale permissions.

Re: a working example of permissions authorization

aggieben — Tue, 29 Nov 2016 12:15:34 -0000

Thanks, @Kerry Kip . HttpContext.User is a ClaimsPrincipal, and there are ways to customize the creation of it in ASP.NET. The reason I left this as a // TODO is because doing so is pretty well beyond the scope of what I was trying to demonstrate here.

One reason you might want to add a user's permissions to the claims principal is to avoid loading the permissions more than once in a given request (in other words, load them once when the claims principal is constructed, and then thereafter just refer to the in-memory ClaimsPrincipal). In the shown code, we load them each time the requirement handler is run, but that could be undesirable depending on the application. ASP.NET provides the necessary abstractions to allow you to customize the creation of the ClaimsPrincipal, and that's probably where you'd want to load the permissions (see IUserClaimsPrincipalFactory in ASP.NET Identity, as well as UserClaimsFactory<,> in IdentityServer). I would probably avoid storing them as claims; instead, I might derive from ClaimsPrincipal and provide them as a separate property. That might also require you to have a custom HttpContext so you could expose the custom type for .User rather than casting everywhere you want to use it. How far you would take it is up to you.

There are also other approaches to this. You could load permissions into a local cache, or even a distributed cache, and refer to them there instead of using HttpContext.User - or if you're confident that the performance cost of loading them on-demand from the database is of no consequence, then you don't have to do this at all.

Re: The Second Rule of Implementing IDisposable and Finalizers

aggieben — Wed, 16 Nov 2016 22:16:03 -0000

Stephen, how would you compare your sample implementation above to the basic dispose pattern described here?

https://msdn.microsoft.com/...


public class DisposableResourceHolder : IDisposable {

    private SafeHandle resource; // handle to a resource

    public DisposableResourceHolder(){
        this.resource = ... // allocates the resource
    }

    public void Dispose(){
        Dispose(true);
        GC.SuppressFinalize(this);
    }

    protected virtual void Dispose(bool disposing){
        if (disposing){
            if (resource!= null) resource.Dispose();
        }
    }
}

If IDisposable is transitive, then why what benefit does this pattern provide in the case of exclusively managed resources?

Re: Podcast #88 - All About Documentation, Mostly – Stack Overflow Blog – A destination for all things related to development at Stack Overflow

aggieben — Mon, 03 Oct 2016 14:42:38 -0000

Come on Jon, you know what it is: y'all.

Re: Roslyn scripting on CoreCLR (.NET CLI and DNX) and in memory assemblies

aggieben — Wed, 07 Sep 2016 12:55:48 -0000

Have you tried supporting #r directives? I'm working on a tool that needs to support it, and I'm not having much luck.

Re: Texas Elector May Not Vote for Trump

aggieben — Fri, 26 Aug 2016 16:41:51 -0000

Sometimes the will of the voters is ...wrong. To be charitable.