Skip to content

Nuget Gotcha: Update-Package Edition

Let me start off by stating that Nuget, FluentValidation and Identity Manager are all great tools. Unfortunately their mutual greatness doesn’t prevent issues from arising.

The Gotcha

Having a beta version of one nuget package (e.g. Identity Manager) and trying to update an independent package (e.g. FluentValidation). You run the Update-Package command only to be greeted with the following

You can view a screenshot of this below.


The solution is to use the -pre flag in addition to update-package. However I still don’t understand why updating one package depends on an unrelated one.


Doesn’t Work


To Nuget’s credit, they have this issue and it should be included in an upcoming release.

Powershell: Queuing Multiple TFS Builds


I needed to automate a full deployment of all my services, databases and the client that consumed them frequently.


I am using an on premise installation of TFS 2012 and Visual Studio 2015. I needed to leverage multiple builds since msbuild arguments (the ones that you use to automatically publish/deploy) apply to every project/solution being built. This can potentially lead to multiple different builds.


Fortunately, this can be accomplished using PowerShell. TFS provides a good useful well-documented interface.

Below are some helpful references that I found on my way to the above solution.


  1. TFS Build API by Example #1: Queue a build.
  2. Queuing TFS Build from Powershell Script Which is Called from TFS Build
  3. Queuing a build in PowerShell
  4. relative path in Import-Module
  5. Powershell import-module doesn’t find modules
  6. How to set a custom tfs build parameter using powershell

ASP.NET MVC Gotcha: Model Error Ordering

I had the following peculiar bug with the way Model Errors were presented in the view for my ASP.NET MVC 2 website. The code for the view is below.

You can see the ordering of the fields is First Name, Last Name, Name and Phone. As you can imagine, the validation messages should reflect this ordering. However I was getting the following output instead.ValidationMessagesInOrder

This isn’t a show stopper issue, but it is the kind of things that customers notice (and good QA people). After registering, users add more information at this screen. For this reason, it should be as elegant as possible to keep them coming back. I assumed this would be an easy fix. I’d just go to the validation code and fix the ordering of the errors.

You can see from the code that it is yielding the validation errors the same way that I would like them to be presented. As it turns out, this didn’t make a whole lot of difference. Then I realized that the validation code was not the issue at all.

The errors are displayed in the order that the properties are listed in the mode.

I’ll give you a moment to allow that to sink in. It’s an issue that is difficult to diagnose but easy to rectify. The original model property ordering below outputs the incorrect ordering.

The model should appear like below to achieve the desired user experience.

Once you make that change, the errors display like below.


Commerce Server 2009: Profile Definitions 404 Error

I opened up Commerce Server Manager expecting to be able to browse to the Profile Definitions in Commerce Server 2009 using Commerce Server Manager. Instead of the expected interface, I was greeted with “Server Error in Application ‘Default Web Site’ HTTP Error 404.0 Not Found” like the screen shot below.


This can be rectified with the below steps.

  1. Open Internet Information Services(IIS) Manager
  2. Right Click on Default Web Site
  3. Click Add Virtual Directory
  4. Enter Widgets under Alias
  5. Enter c:\Program Files (x86)\Common Files\Microsoft Shared\Enterprise Servers\Commerce Server\Widgets under Physical Path


After following those steps and refreshing Commerce Server Manager you should see the below interface.


That’s it!

Authentication Failed SharePoint 2010 Edition

I stood up a development that featured both Commerce Server 2007 and SharePoint 2010. Within the environment, there is a public site and a private site. The SharePoint public site authenticates with a custom provider for Commerce Server 2007. The SharePoint private site uses windows authentication. Once the public site loaded correctly, I was greeted by the below Authentication Failed Exception on the private site. You can see from the screenshot below that it’s not pretty.

Server Error in '/' Application.  Authentication failed.  Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.  Exception Details: System.Runtime.InteropServices.COMException: Authentication failed.   Source Error:  An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.   Stack Trace:     [COMException (0x80040e4d): Authentication failed.  ]     Microsoft.CommerceServer.Interop.Profiles.ProfileServiceClass.GetProfileByKey(String bstrKeyMemberName, Object sValue, String bstrType, Boolean bReturnError) +0     Microsoft.CommerceServer.Runtime.Profiles.Profile..ctor(ProfileContext profileService, String keyName, String keyValue, String profileType) +156     [CommerceProfileSystemException: Failed to retrieve profile.]     Microsoft.CommerceServer.Runtime.Profiles.Profile..ctor(ProfileContext profileService, String keyName, String keyValue, String profileType) +504     Microsoft.CommerceServer.Runtime.Profiles.ProfileContext.GetProfile(String keyName, String keyValue, String profileType) +647     Microsoft.CommerceServer.Runtime.CommerceContext.get_UserID() +744     Microsoft.CommerceServer.Runtime.CommerceDataWarehouseAuthenticationModule.OnPreRequestHandlerExecute(Object sender, EventArgs e) +73     Microsoft.Commerce.Providers.SharePointCommerceDataWarehouseAuthenticationModule.OnPreRequestHandlerExecute(Object sender, EventArgs e) +288     System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +80     System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +171     Version Information: Microsoft .NET Framework Version:2.0.50727.5485; ASP.NET Version:2.0.50727.5491

Unfortunately, the stack trace here doesn’t provide too much direction.

I checked the Event Viewer to try glean some useful information. I found the following event.

This only offered misdirection and confusion as it referenced the Commerce Server in the stack trace, which couldn’t be the case since this site used Windows Authentication. The solution came down to the aspnet:AllowAnonymousImpersonation setting, which was configured to true. Once it was modified to false, the site came up as desired. Below is the working configuration.

Fort Lauderdale Budget Data with Dygraphs

For those of you that don’t know,

Even though this data may not have been a perfect fit, I struggled with the 0 to visualized portion of Dygraphs longing for more basic and easy to follow examples. I have chopped up this tutorial into easy to follow steps and made it available on github. It’s a great way to learn about city data and data visualization using javascript.

Step 0 – Plain Jane

Step0-PlainJaneThis represents the starting point for the tutorial. Reorienting the data was omitted here but can be learned from comparing the reoriented file with the raw file in the data folder. Applying meaning to the data can be difficult at this stage. Basic javascript, dygraphs reference and scrubbed data are included but not much else.

Step 1 – Adding a Title


To add the title, we pass in the options parameter to the dygraphs constructor using the below javascript. Notice the options parameter is a json object and properties are case-sensitive.

 Step 2 – Resize


After adding the title, the graph looks cramped. We can alter the height and width parameters to fix this as the below gist illustrates.

Step 3 – Formatting Currency


The scientific notation on the left (y-axis) and on the values makes sense, but isn’t terribly readable. Fortunately, we can beautifully format currency with a great library called numeral.js. You can see it in action below. This turns “$10e+7” into “$10 m”.

Step 4 – Set Axis Label Width


The below javascript changes improve the readability of our left(y-axis) values by giving them some room to breath. Below we set the axisLabelWidth property to 100.

Step 5 – Refactor

Our astute readers and developers will notice the identical code that formats the currency for the axisLabelFormatter and
valueFormatter. For consistency’s and stability’s sake, we need to rectify this situation. In our case, we create and use a single function called formatLikeCurrency.

Step 6 – Debugging Tip

As you work through dygraphs, for debugging it can be helpful to use the hideOverlayOnMouseOut property. This prevents the chart corresponding to the mouse position to stay visible until making another selection. Consider moving between other sites, text editor, e-mail and folder/file viewer. It’s important to keep your frustration to a minimum.

Step 7 – Styling

Step7-StylingStyling creates a better visualize experience for anyone using or viewing your data. Fortunately, we easily style the visualizations generated with dygraphs using CSS. First we need to configure our class structure that will be used by CSS selectors. Then, we tell dygraphs the correct class to put the labels, that appear on mouse hover.

Step 8 – Profit

I hope that you learned something about dygraphs, Fort Lauderdale, data visualization or javascript.

South Florida Code Camp 2015

Thank you to NSU, all presenters, volunteers, participants and sponsors for making the 2015 code camp a great experience. A special thank you to Dave Noderer who helped organize the event and allowed me to use the community table to speak with people about getting involved in Code for Fort Lauderdale. An additional special thank you to Rachel for making registration a breeze for volunteers as well as attendees.

SharePoint for .NET Developers

By Gary Blatt

Client-side Object Model (CSOM) provides access to core objects within the SharePoint model. It is composed of three distinct APIs.

  • ECMAScript object model
  • Silverlight client object model
  • .NET managed client object model

Server-side Object Model (SOM) provides access to items in a list, items in a library and creating server controls from within the SharePoint Server Farm. Collaborative Markup Language (CAML) allows developers to define how to construct and display data within SharePoint. It is an xml based and contains specific elements for data definitions and rendering.

One decision will be whether to host your own SharePoint instance or not. One such offering is called Business Productivity Online Services (BPOS). BPOS includes a SharePoint offering hosted by Microsoft (referred to as SharePoint online). Having Microsoft host your SharePoint may be an attractive option in your situation. You should consider the following:

  1. Powershell
    • 800 commandlets with natively hosted SharePoint
    • 29 commandlets with SharePoint online

Best Practice

Never do queries against the SharePoint database directly. The reason boils down to the same reason any application exposes an API rather than the database itself. Before you ever started using it, other consumers tested the API. Direct querying opens the door for complex locking scenarios between you and other database users. It’s not supported, meaning if it breaks it’s your problem (aka no support).


EMV Training

By Frank Haggar

EMV stands for Europay, Master Card and Visa, a global standard for integrated circuit cards. The standard includes using the cards at Point of Sale (POS) terminals and ATMs. EMV uses dynamic authentication to validate the transaction via cryptograms. It focuses on authenticating the user. The standard includes improving security with the following

  • Card authentication – prevent card skimming and counterfeiting.
  • Cardholder verification – authenticating the cardholder
  • Transaction authorization – using credit card issuer-defined rules to authorize transactions

For any credit card number (in some cases called Primary Account Number or PAN)

  • digits 1-6 represent the Bank Identification Number(BIN)
  • a variable length (up to 12 digits) individual account identifier
  • a single check digit calculated using the Luhn algorithm

There are different requirements for different payment methods. Card present encompasses the following payment categories.

  • Contact – require physical contact with the device beginning the payment processing (e.g. credit card)
  • Contactless – requires proximity but not physical contact for initiating the payment processing

Card Not Present implementations include

  • Host Card Emulation uses software only rather than carrier issued sim cards to verify identity for mobile payments.
    • Apple Pay
    • Google Wallet

The Electronic Transaction Association is an International trade association for the payment processing industry. In an effort to decrease liability, the credit card companies developed EMV to shift fraud liability to any merchant that did not accept EMV chip cards.

They didn’t want to stop fraud, they just wanted to stop paying for it.” -Frank Haggar


  • Point of Sale (POS) Payment Application – An application capable of accepting payment at the point of sale (e.g. a cash register at checkout).
  • PIN Pad – used to enter the personal identification number
  • EMV Kernel – Utilized for testing by the company producing products or software capable of passing the EMVCo tests. EMV by itself is not encrypted.


Lessons Learned: Being Agile in a Waterfall World

By Phillip Japikse

Estimation is going to be wrong, it’s not exactimation. Don’t try to hold anyone accountable for their estimates. Leverage estimates for planning and goal setting. Don’t be afraid to adjust when the unexpected predictably happens. Let communication drive your progress.

The #1 way to instill fear in someone is to not tell them anything. Colleagues will fear the unknown even more so than an unfavorable outcome. Leverage pizza & pop to get the right people in the room together. Ask for their opinion, make them co-conspirators in your project. Don’t ever mandate.

Choose your metrics carefully. What am I measuring? Burndown shows on track. Swim Lanes help present actionable items and make blocking more visible. Sprint Review communicates progress with stakeholders & users. It determines whether something was done or not.


  • Release Plan – how you will release not the contents of the release. Release Planning doesn’t include what’s in the software.
  • Sprint planning – Estimate, Select and decompose. Never commit to 100% of the team’s capacity.
  • Scrummerfall – adopting the most comfortable portions of Scrum.
  • Keep meetings succinct and focused with time boxes. Always have an agenda. No agenda, No attenda.
  • Definition of Done

UAT is a joke, because it’s not actionable. UAT is performed after everyone has agreed not to change anything. Every sprint, get users involved. Let users enter defects into your bug tracking system. Users can be internal or external to the company but will always be external to the team. Bugs should go into the product backlog not the current sprint. Make your users co-conspirators.

Shift people around to make sure that the right people see each other all the time through Co-location. This prevents barriers from forming around departments hindering progress and communication. Keep your retrospectives simple and purposeful. Use cards that are Start (Green) Stop(Red) and Continue(Yellow). Take 1 item as an action item and commit to working on that.

Agile Transformation is slow. People only change 10% at a time. Find small wins. Use incremental progress to build a coalition.

Grow your people not your processes.

Getting started with Open Data

By Thomas Robbins

Open data represents a tremendous amount of data. Data is a national treasure. The type of data being released does not contain Personally Identifiable Information(PII). Protecting privacy and exchanging information happens through cleansing the data prior to its release to respect individuals’ privacy. Open data has many potential applications.

  • One great example is updates on the topics and areas you care about for your city. Leverage it to participate locally in your community.
  • Many restaurant sites such as yelp, urban spoon and others push for health code inspection data. Imagine seeing this official data with customer reviews.

Wait a second, how does Socrata make any money? Rest assured, there is no hidden agenda. They charge data publishers to provide a no fee service for data consumers. They’ll even help you advertise and code review your app. Become a Socrata developer today

  1. Create a socrata account
  2. Follow the getting started guide

A special thank you to Thomas for setting aside time to let me plug Code for Fort Lauderdale. If you haven’t heard of us, please stop by our next meetup. We’d love to meet you.



Get every new post delivered to your Inbox.

Join 129 other followers

%d bloggers like this: