The curious case of missing Authorization header

I have been wasting time on a small issue adding Authorization header into HttpClient.

The code was plain and simple:

Specifically, I was writing a .NET Core console app, following this wiki page https://github.com/projectkudu/kudu/wiki/Accessing-the-kudu-service and trying to access http://mysite.scm.azurewebsites.net/basicauth. However, I kept getting 401 Unauthorize response and response.RequestMessage.Headers was completely empty.

After having spent some time searching for solution on the Internet but to no avail, I opened Fiddler to see the actual HTTP requests. Turns out, this was what happened behind the scene:

There were actually 2 requests. The first one has the Authorization header and returns a 302 Found. Automatic redirection of HttpClient triggers the second request, and this one didn’t have any Authorization header.

Normally I can just stop there, accept that how things work in .NET and find a workaround. But since .NET Core is open source on GitHub, I decided to dig a bit deeper to understand the reason of this implementation. A quick search about redirection on the corefx repo in GitHub gave me the exact commit that I need: https://github.com/dotnet/corefx/commit/e8a17715fba4ba6cfce4043a2cd117474dfcee05. And voila, I could see the line in RedirectHandler.cs that causing the issue:

and I could also see the reason in SocketsHttpHandler.cs:

 

I finally solved my curious case, and I hope this post is useful to you. Feel free to leave me a comment and let me know if you have any suggestion on securely implement the redirection with Authorization header.

 

Interesting notes on Docker Windows containers

In this post, I collected some useful links and notes when trying out Docker on Windows with Windows containers.

Useful images

Useful commands

Some notes

  • You do not see the Mount/Disk setting in Docker when using Windows container instead of Linux container because this is not necessary according to the documentation. However, you have to pass in correct parameter for the volume; for instance, C:\data_in_host:C:\data_in_container  or C:/data_in_host:C:/data_in_container  instead of C:/data_in_host:/data_in_container . Check the following links for more information: https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-containers/container-storage.
  • You cannot test with http://localhost:{host_port} on Windows. You will have to use either http://{host_name}:{host_port} or http://{container_ip}:{container_port}. To find out container IP, you can use docker inspect --format '{{ .NetworkSettings.Networks.nat.IPAddress }}' container_name.

Links & Examples

https://docs.microsoft.com/en-us/virtualization/windowscontainers

https://anthonychu.ca/post/dockerizing-aspnet-4x-windows-containers

Deploying ASP.NET Core applications to Docker containers

How to integrate Teamcity and GitLab CI

I note down the step I did to integrate TeamCity build server and GitLab CI pipeline. I am using TeamCity 2017.1.15 and GitLab 10.0.3.

What you will get with this integration:

  • Small green tick for each commit showing that a build has run successfully on the commit
  • Bigger tick for each merge request (MR) showing that a build has run successfully on the head of the merge request
  • Ability to enforce a successful build before any MR can be merged

How to set up the integration

Tldr, you need to go through 3 main steps:

  1. Enable TeamCity integration in your GitLab project settings
  2. Enable TeamCity build configuration to monitor and trigger build for all (CI) branches
  3. Enable “Commit status publisher” build feature

Read More

Migrating Legacy UUID of MongoDB to standard UUID

MongoDB has a legacy format for UUID which causes problem where the UUID is interpreted differently on different platforms, and the standard UUID solves that exact problem.
However, the C# driver defaults to use legacy format and requires switching to standard format explicitly.

Moreover, after switching to standard format, you might get Exception due to existing UUID. You can fix that Exception by using the Python script below to migrate legacy UUID to standard UUID while maintaining the same C# GUID translation:

After running the script, you can then replace ‘my_collection’ by ‘my_collection_new’.
Based on your actual need, you may also replace CSHARP_LEGACY with JAVA_LEGACY or PYTHON_LEGACY or other legacy format (http://api.mongodb.org/python/current/api/bson/binary.html).

Hope this help!

“Access is denied” when using Microsoft Speech Platform with IIS

When you are using Microsoft Speech Platform in your web service to perform speech recognition, you might find a strange situation when the web app works perfectly in Visual Studio, but keep having “Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))” when you try to instantiate SpeechRecognitionEngine.

After some searches on the Internet, I found 2 suggestions in this article http://stackoverflow.com/questions/3385382/run-microsoft-speech-over-iis:

  • Use procmon in SysInternals to find ACCESS DENIED result and add permission there
  • Grant read permission for the IIS apppool account to folder

I tried the second suggestion first as it is more straight forward, but it didn’t work out for me. I then tried the first suggestion.

Turned out the path is a bit different on my PC, probably due to x64-x86 compatibility.
Access Denied problem

I added read permission for

to the folder above (and some of its parents), and the speech platform works perfectly in IIS now.

I hope this article would help you if you have to same issue. Please also leave a comment if you have a better solution.