Wednesday, 15 February 2012

Managing Legacy Classic ASP Websites

In the 10 years since ASP.NET 1.0 was first released, all Classic ASP websites will have been converted to ASP.NET, right? 


Like it or not, legacy systems are still with us and they are likely to be with us for some time yet. As developers, it's a fairly reasonable assumption that we want all systems to utilize the latest technology, and converting Classic ASP websites to either ASP.NET 4.0 or ASP.NET MVC3 Web Applications will be a logical step. There's just one problem; return on investment.

Many if not most businesses will be feeling the pinch right now, and the return on investment in time and resources to convert Classic ASP websites may well be difficult to see for financial managers. The improved manageability, stability, testing, etc, that comes from using the latest technologies will be negated by managers watching the bottom line very carefully. If the investment on conversion doesn't make an improvement to the bottom line, or someone else isn't willing to pay for the conversion (for example if you are an agency and the client wants to pay for you to convert), then full conversion is probably a no-go.

A halfway house solution to this problem is to utilise the managability features of ASP.NET and Visual Studio Web Projects, but keep the Classic ASP code the same with one or two exceptions. Why do this? Well:

1. It allows you to better manage the source code within a web project, allowing you to use all Visual Studio features applicable to web application projects

2. You can leverage the power of web.config transformations for different builds (I'll come on to that in a bit!)

3. New sections in your web application can be developed can be developed using ASP.NET - whilst this creates a hybrid application, it may very well be quicker and therefore cheaper to develop the new sections in ASP.NET depending on the skill set of the developers in your company. I used to use VBScript day in, day out for years but I struggle now compared with how quick I can write code in C# or VB.NET.

Reading the Web Config File

To read the web.config file in your new project containing your ASP code, you will need to create a function that iterates through the web.config file and returns the value for the key you are looking for.

The code for this function is quite simple:

Function GetConfigurationValue(Name)
    Dim returnString
    Set xmlDoc = server.CreateObject("Microsoft.XMLDOM")
    Set xmlAppSettings = server.CreateObject("Microsoft.XMLDOM")
    Set xmlAdd = server.CreateObject("Microsoft.XMLDOM")
    xmlDoc.async = "false"
    xmlDoc.load(server.MapPath ("web.config"))
    Set xmlAppSettings = xmlDoc.GetElementsByTagName("appSettings").Item(0)
    Set xmlAdd = xmlAppSettings.GetElementsByTagName("add")
    For Each x In xmlAdd
        'Check for the Atrribute Value
        If  x.getAttribute("key") = Name Then
            returnString  = x.getAttribute("value")
        End If
    GetConfigurationValue = returnString 
End Function


This function can then be called like so: <% GetConfigurationValue("TestKey")%> - this will iterate through the web.config file and return the value for the TestKey appSettings key.

You can download a sample project from here. This project has one Classic ASP file, and contains a sample use of the function above.

Tuesday, 7 February 2012

Creating CSR Requests for FTPS in IIS 7.5

IIS 7.5 took a great step forward with the inclusion of an FTPS module that can be installed during set-up. There are a wealth of great sources of information on how to setup an FTPS site, however one issue I ran into was how to generate a CSR to purchase an SSL certificate for my FTPS site. All the examples I saw used self-signed certificates; presumably so the examples could be followed without any costs involved in purchasing an SSL certificate.

 To create a CSR for an FTPS site, you need to open IIS 7.5 manager, click on the server name in the left hand pane, then double click on "Server Certificates" in the main window

From here, click on "Generate Certificate Request" in the right hand actions menu to launch the Request Certificate wizard.
On the first screen of the wizard, you will need to enter the distinguished name properties for your site, remembering to use as the Common Name (obviously replace!).

Clicking next brings you to the Cryptographic Service Provider Properties screen. If you want to read further on the options here, please see this TechNet article, however I would accept the defaults and click next.

And finally, the next screen allows you to select a file location and filename for your CSR:

When you click finish, a text file is saved with your CSR contained within it. Use this CSR to perform a certificate request using your preferred SSL authority/supplier.