From the Desk of Brandon Haynes

I am pleased to announce a beta release of my Amazon S3 integration authorization and data providers.  It may be downloaded via CodePlex on its project homepage.  As is all of my DotNetNuke work, this project is fully open-source and available under a liberal BSD license.

The DotNetNuke web application framework offers multiple file persistence options out-of-the-box, including file-system storage (both unsecured and secured by ACL), along with ACL-secured database storage. When creating a link to a resource, the DotNetNuke UI provides a convenient list of these files, and also allows direct input of arbitrary URI.

However, there exists no ready method by which an administrator might link to a known set of files persisted external to the installation. While direct URI input might be used here, it requires knowledge of these data, and does not allow for enumeration and management of the external objects themselves.

This project attempts to bridge that gap by integrating resources persisted on the Amazon S3 into the DotNetNuke framework. Resources stored there are enumerable via the File Manager and selectable via the URL control. Throughout the core framework, these external resources are treated identically to database-secured resources, including observance of Amazon S3 ACL, automatic synchronization, and (reasonably friendly) 301 Redirects to the Amazon S3 when accessed via LinkClick.aspx.

This is effectuated via customization of two providers: authorization and data. The authorization provider integrates Amazon S3 ACLs for external resources, and the data provider allows enumeration of and details about the external resources themselves.

(more…)

Slightly more than a year ago, I detailed the steps necessary to integrate Commerce Server 2007 — and specifically the UpmMembershipProvider membership subsystem — into the DotNetNuke web application framework.  This entry is located here: Using Commerce Server’s UpmMembershipProvider with DotNetNuke.

However, subsequent to my original posting detailing this approach, I experienced some IPR issues that required my removing the download links to the actual assembly and source code.  While the information in the entry itself was largely sufficient to recreate this adapter, it required a reasonably significant amount of expertise to do so.  As a result, I suspect that many were unable to utilize the material therein.

I am pleased to announce that I have reached resolution on the relevant IPR issues that precluded my releasing the associated code, and have re-enabled the download links in the original post.  For convenience, I am also including them below.

(more…)

I recently had the privilege of presenting at the DoDNN conference on the topic of authorization theory and the new extension points available in DotNetNuke version 5.1. This was an enjoyable session with great attendees and some interesting conversation afterwards.
(more…)

As many are aware, I will be presenting a session at the upcoming Day of DotNetNuke conference in Orlando, Florida.  The session is entitled “The Cutting Edge: Advanced Authorization in DotNetNuke 5.1.”  The abstract for this session reads:

Among the many improvements present in DotNetNuke version 5.1, this latest release includes authorization as a first-class extension point.  This allows customization previously impossible without core modification.  Additionally, the permission model (and the internal use thereof) has been significantly streamlined and centralized, allowing for great flexibility across myriad use scenarios.

In this session, we explore the new permission provider in detail.  This includes a discussion of how (and why) authorization services were centralized and abstracted, the overall design and structure of the provider, and available points of access control.  Finally, we examine some concrete ways in which the provider might be extended to meet real-world policy requirements.

When presenting architectural or theoretical material, I always strive to include a demonstration of how the material might be applied to a real-world scenario.  In this case, I will be demonstrating how a custom authorization provider can be used to enable full DotNetNuke integration with cloud-based Amazon S3 webservices.  A screenshot of the file manager in an Amazon S3-enabled installation is displayed below.

This session should appeal to a wide audience; I cover enough theoretical background for individuals new to security theory, and delve deep enough into the 5.1 authorization architecture to satisfy those that have high familiarity with the platform.  If you are interested in learning more about the internals of the framework — and how 5.1 authorization might be utilized — be sure to stop by!

Epilogue: The presentation materials are now available here, and the Amazon S3 Integration providers may be found here.

I am pleased to announce the 1.00.00 release of a new templated mega-menu provider. It is based on, and derives its functionality from, the default DNNMenu.
(more…)

I am pleased to announce the publically-available preview of a new templated mega-menu provider.  This preview is for internal evaluation only, and should not be used in production.  A full release, including source, is expected at the end of the month.

The provider allows for marking one or more pages as being templated; during instantiation these templates are dynamically inserted into the page.  The templates are highly flexible and may be deployed at the site, skin, or portal level.  This allows for great flexibility in user experience.

The project is hosted on CodePlex and is located here.

By way of example, the default templates available allows styling of the DotNetNuke administrator menu as:

DotNetNuke DNNMenu Templated-Menu Provider Screenshot with Wide Rendering

(more…)

DotNetNuke Multifactor Authentication Requiring Password, One-Time SMS PIN, and X.509 Certificate

I am pleased to announce an initial release of a multi-factor provider for the DotNetNuke content management system.

This authentication provider allows a host to configure enhanced authentication (including SMS, SMTP, YubiKey, and X.509 certificates) for any number and combination of portal roles. Each factor must be fulfilled prior to authentication being granted, increasing overall security.

This package may be downloaded from it’s project site, located at http://dnnmultifactor.codeplex.com.

Goals

• A robust, extensible multi-factor authentication framework for the DotNetNuke content management system.
• Complete integration into the framework using existing extension points, with no core modifications or recompilation required.
• Support for host-, administrator-, and user-level configuration, with the ability to vary required factors across an arbitrary set of roles.
• A robust set of included factor providers, including SMS, secure SMTP, YubiKey (www.yubico.com), and X.509 certificate.
• Extension points in the authentication system allowing for development of custom factors by third parties.
• Reliance on the existing ASP.NET membership subsystem for existing (first-factor) authentication.
• Minimization of “custom security” risk by relying, insofar as is possible, upon existing security infrastructure (ASP.NET membership, DotNetNuke portal security, password generation, et cetera.
• As small an overall surface area as is possible, and an absolute reliance upon the existing ASP.NET membership system as a first-factor fallback, should any unforeseen vulnerability exist.

(more…)

I have, for some time, been maintaining debug-build versions of the standard DotNetNuke releases.  The debugging symbols contained in these assemblies make some types of problems easier to diagnose (see this for a detailed discussion).

To date, a number of people have successfully used these builds in correcting a number of reasonably arcane problems.  As such (and after some delay), I have elected to deploy debug-build version of the core DNN assemblies for the recently-released 4.9.2 and 5.0.1 version.

Please see this entry for downloads and usage patterns for these versions.

In a recent article, I developed a theoretical basis for an adapter that allows for the adaptation of Entity Framework (EF) entities into IDataReader-implementing form, and announced the preview availability of this software. 

Herein I describe with more specificity the use of the adapter generator and the resultant adapters, and announce the release of the first production-ready version of the adapter generator software.

(more…)

Microsoft’s Entity Framework (EF) introduces a new data design paradigm within .NET. This framework, however, can be difficult to implement in projects that internally rely heavily on the exchange of IDataReader-implementing objects between layers (or within interface contracts). This is a shortcoming that is not easily overcome, especially without a standardized method with which to convert EF entities into an object implementing this interface. In many ways, migration of these projects to the Entity Framework is an all-or-nothing proposition.  This is a shortcoming that begs for remediation. 

(more…)