Tomer Gabel's annoying spot on the 'net RSS 2.0
# Thursday, 26 March 2009

It seems nothing to do with maintaining this website is as easy or as simple as it should be. Whenever I switch hosts it’s an uphill struggle to get the site up and running again; whenever I upgrade dasBlog to a newer version I have to learn a lot about how it works, how ASP.NET works, how IIS is configured etc. It’s enough to make me seriously consider hosting my blog elsewhere and/or moving to another blogging platform, but the truth is I love dasBlog so much I simply forget how complex and volatile it can be and have to go through the same frustrating process whenever something changes.

The way I update my site is usually this:

  1. Ensure I have an up-to-date local mirror of the website. dasBlog keeps all of its data in XML files, so backing up the website is simply a question of wget –-passive-ftp –m; I have a daily scheduled task to take care of this.
  2. Copy the latest mirrored version to a working directory; set the directory up as an IIS website/virtual directory.
  3. Test the new working copy to make sure it works.
  4. Perform whatever modifications are required.
  5. Test again to make sure that the website works with multiple browsers (this time I tested with Chrome, Firefox 3.1 Beta 3 and IE 8)
  6. Upload the website over FTP using the FileZilla client. I always verify that the relevant configuration files and binaries are overwritten and nothing else.

This process generally allows me to test upgrades before uploading them to the “production” website, as well as provides an easy rollback path if something goes wrong. Thing is, something always goes wrong. In this case, although nothing’s changed in the site configuration I started getting SecurityExceptions just after the upgrade:

Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

This is one of the least informative error messages I have ever seen. All it tells me is that a request for some permission is denied; it doesn’t say what permission was requested, nor by whom (the stack trace seemed to indicate the permission was asserted from within System.Diagnostics.Trace, which doesn’t make much sense). A quick web search brought me to this page, which deals specifically with installing dasBlog on a GoDaddy-hosted website. Because GoDaddy runs ASP.NET applications under a modified medium trust that allows file-system access only to the virtual directory hierarchy, the site recommends adding a virtual directory for each of dasBlog’s writable directories (content, siteconfig, logs); I tried this out and the problem was not resolved.

At this point I was getting desperate, and was willing to try just about anything to get the site up and running again. Eventually I ran a diff between the site backup and the newly modified version, and found a new openidConsumerTrace.txt file in the site root. I’ve never seen that one before; where'd it come from? A quick search showed the following section in the web.config file:

    <assert assertuienabled="false"/>
        <add name="OpenID" value="4"/>

    <trace autoflush="true" indentsize="4">
            <add name="fileLogger" type="System.Diagnostics.TextWriterTraceListener"
                 initializeData="openidConsumerTrace.txt" traceOutputOptions="None"/>

A-ha! So the OpenID activity trace log is written to the virtual root, which is not writable (I set the ACLs to only allow writes to the above three directories). I tried changing the trace file path to ~/logs/openidConsumerTrace.txt (which is a virtual directory and has the appropriate write ACL), but this did not resolve the problem. At this point I was ready to roll back to the previous version and work on switching to another (perhaps hosted) blogging platform, and in my despair I simply commented out the whole system.diagnostics section; oddly enough, this resolved the problem…

Now I know dasBlog is free and there’s little or no point complaining, so I hope this post helps someone handle the problem. And if anyone from the dasBlog team is reading this… please be a little more careful with undocumented dependencies?

Thursday, 26 March 2009 15:32:08 (Jerusalem Standard Time, UTC+02:00)  #    -
Development | Software
# Monday, 23 March 2009

I’ve been meaning to change the site’s theme for ages, and as often happens with these things this gave me an excuse to overhaul various aspects of the site. Here’s a bunch of stuff that’s changed:

  • Upgraded to dasBlog 2.3 and tweaked a whole bunch of settings. Hopefully this will enable all sorts of interesting stuff, such as OpenID commenter identification and coComment support. I’ll post my upgrade experiences separately;
  • Switched the theme to a slightly tweaked version of the dasBlog “business” theme by Christoph De Baene (thanks for the help, Ken!);
  • Got rid of the “advocacy” section on the right. I still strongly advocate Firefox, Vorbis and (among others), but there doesn’t seem to be much point in placing banners just for that;
  • Updated the blog-roll with my latest list.

Some code examples on the site may look a little weird on account of the CSS changes; over the coming days/weeks I’ll be fixing those, as well as recompressing images and other behind-the-scenes changes that will hopefully make the site look better and load faster.

Monday, 23 March 2009 14:38:33 (Jerusalem Standard Time, UTC+02:00)  #    -
# Thursday, 19 March 2009

Update (8 May 2009): Eli Ofek pointed out in the comments a little-known but effective tool called the Managed Stack Explorer. Although it features a basic GUI, it can effectively be a .NET equivalent of jstack if you add to the path; then it’s just a question of typing mse /s /p <pid>. It’s a little slower than jstack but worlds better than the alternative suggested below.

I’ve been working mostly with Java over the last year, and the .NET code I write is usually limited to interface code between our .NET-based and Java-based components. A long while away from production-grade code on Windows means I need to brush up on my production debugging skills.

On today’s menu: thread dumps, or per-thread stack traces if you will. With Java code (at least starting with Java 5) this is as easy as jstack <pid>; with .NET it turns out to be quite a bit more complicated:

  1. Download and install the appropriate Debugging Tools for Windows version for your architecture (x86/x64/Itanium)
  2. If you need information about Windows function calls (e.g. you want to trace into kernel calls), download and install the appropriate symbols. This isn't strictly necessary if you just want a thread dump of your own code.
  3. If you need line numbers or any other detailed information, make sure to place your assemblies' PDB files where the debugger can find them (normally you just put them next to your actual assemblies).
  4. Start->Programs->Debugging Tools for Windows [x64]->windbg
  5. Attach the debugger to your running process using the menu
  6. Load the SOS extension with ".loadby sos mscorwks" for .NET 2.0 (".load sos" for .NET 1.0/1.1)
  7. Take a thread dump using "!eestack"
  8. Detach using ".detach"

Quite a bit of work for something as trivial as a thread dump. I hope .NET diagnostic and debugging tools improve with time (Process Explorer is definitely a step in the right direction).

Thursday, 19 March 2009 17:16:24 (Jerusalem Standard Time, UTC+02:00)  #    -
# Sunday, 15 March 2009


Don’t ya think?

Sunday, 15 March 2009 11:19:18 (Jerusalem Standard Time, UTC+02:00)  #    -
# Wednesday, 11 March 2009

So I had to find myself a new job. Delver was about close down, the employees (including yours truly) were handed notices and the next few weeks were spent searching for my next job. I guess breaks come not only when you least expect them but also from the least likely direction: Delver was bought by Sears and made into SHC Israel, not to mention the company’s first overseas headquarters and development center.


You’ve read correctly: Sears. Not Amazon, not Google, not Microsoft. Delver, a strictly web-based startup, wasn’t acquired by a web company; not even by a technology company at that. Instead we were acquired by one of the United States’ largest retailers. Why, you ask? Well, with any luck you’ll find out in a few months :-)

Wednesday, 11 March 2009 17:34:35 (Jerusalem Standard Time, UTC+02:00)  #    -

I was making modifications to one of our components, and running all of the unit tests revealed that all database-dependant integration tests were failing:

com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure

Last packet sent to the server was 0 ms ago.
<snip> (cut for brevity’s sake)
at com.mysql.jdbc.ConnectionImpl.createNewIO(
at com.mysql.jdbc.ConnectionImpl.<init>(
at com.mysql.jdbc.JDBC4Connection.<init>(

Strange error message, but as it turns out the inner exception was far more revealing: Connection refused: connect

As can be expected, the local MySQL server was up and running, and I was able to connect with the command line tool as well as with SQLYog, so it was obviously not a problem with MySQL or the local firewall. Next up I tried to telnet to the appropriate port (the easiest way I know to check port-level connectivity) without success:

Can't connect to localhost

I next tried to connect to the loopback IP (, and experienced a major WTF moment when the connection succeeded. I use Windows Server 2008 and, as it turns out, it supports IPv6 out of the box. localhost has a slightly different meaning under IPv6 (it maps to ::1), and as I understand it traditional IPv4 traffic is tunneled over the looback IPv6 connection; I’m not yet familiar enough with IPv6 to draw any conclusions on why the above shouldn’t work, but the bottom line is there are several ways of resolving the problem:

  1. Edit your hosts file (it’s hidden under Windows Server 2008, but you should be able to Start->Run->notepad %SYSTEMROOT%\System32\Drivers\etc\hosts) and change the mapping for localhost from “::1 localhost” to “ localhost”. This does resolve the problem, although I can’t say what impact this will have on IPv6-enabled applications.
  2. Set the TCP stack to prefer IPv4 to IPv6 when attempting to connect (it’s the reverse by default). According to this forum post, this entails setting the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpip6\Parameters\DisabledComponents to the DWORD value 0x20.
  3. Disable IPv6 altogether for your network connection: remove the IPv6 protocol from your network connection component list. At this point in time IPv6 is still very rare so I doubt this will cause any significant issues, but YMMV.

For me, changing the hosts file was the quickest solution because it works and is easy to revert. I’ll have to keep a very careful eye on the behavior of my machine though.

Wednesday, 11 March 2009 13:02:08 (Jerusalem Standard Time, UTC+02:00)  #    -
Development | Software
# Monday, 02 February 2009

If you've ever tried to develop using PHP on IIS7 (Vista), you'll find that errors in your script result in the default IIS7 "friendly" HTTP 500 error page, which is useless for debugging. This happens in both FastCGI and ISAPI modes.

To save you hours of crawling through the 'net, the solution (found on this forum post) is very simple:

  • Start a command prompt;
  • Copy-paste the following: %windir%\system32\inetsrv\appcmd.exe set config -Section:system.webServer/httpErrors -errorMode:Detailed
  • Run iireset
  • Enjoy.
Monday, 02 February 2009 19:58:44 (Jerusalem Standard Time, UTC+02:00)  #    -
# Sunday, 25 January 2009

Unfortunately the startup I work for (Delver) did not survive the current market crisis and has failed to secure additional funding. As a result I’m on the market again, and am looking for senior developer and/or software team lead positions, especially those with relocation opportunities. My résumé can be found here, and the most recent version can always be found under Navigation on the right side of this website.

Have an interesting job offer? Get in touch!

Sunday, 25 January 2009 18:07:16 (Jerusalem Standard Time, UTC+02:00)  #    -
# Sunday, 18 January 2009

Update: I was wrong, and private setters do not appear to work (strange, I’m sure I verified this in my test code, but it didn’t work in practice). See below.

It’s been ages since I used XmlSerializer, or even written meaningful amounts of code in C# for that matter, which is why I was utterly stumped by this problem. Try running this code:

[XmlRoot( "test" )]
public class Test
    private readonly string _string1;
    private readonly string _string2;

    public Test( string string1, string string2 )
        _string1 = string1;
        _string2 = string2;

    [XmlAttribute( "attr" )]
    public string String1 { get { return _string1; } }

    [XmlElement( "element" )]
    public string String2 { get { return _string2; } }
/// ... XmlSerializer xs = new XmlSerializer( typeof( Test ), "" ); XmlSerializerNamespaces xsn = new XmlSerializerNamespaces(); xsn.Add("", ""); // Gets rid of redundant xmlns: attributes StringWriter pw = new StringWriter(); xs.Serialize( pw, new Test( "1", "2" ), xsn ); Console.WriteLine( pw.GetStringBuilder().ToString() );
You’ll get an InvalidOperationException stating that “Test cannot be serialized because it does not have a parameterless constructor.” A quick look at the documentation (or a search which may lead you to this post on StackOverflow) will get you the answer: add a parameterless constructor and mark it private. Run the test code again and this time no exception will be thrown; however, you probably won’t be expecting this result:
<?xml version="1.0" encoding="utf-16"?>
<test />

The solution? Add a setter to each of your serializable properties. Don’t need a setter because the class is immutable? Mark it as private and you’re good to go. Tough – you’re going to need one anyway, private/internal/protected setters don’t appear to work. If you must use XmlSerializer you should throw a NotImplementedException from these setters, but in my opinion the resulting contract clutter implies you should simply avoid XmlSerializer altogether.

Although this behavior makes sense in light of how XmlSerializer can be used for both serialization and de-serialization, what threw me off was that no exception is thrown – the contract doesn’t require a setter property, and the serializer output is corrupt. Beware!

Sunday, 18 January 2009 17:03:06 (Jerusalem Standard Time, UTC+02:00)  #    -
# Monday, 12 January 2009

A couple of months ago I decided to give Twitter a try, and this ended up a permanent fixture in my online life. As it turns out it’s an excellent tool for posting small bits of information such as links, so I’ll be posting there much more often, but I’ll keep the in-depth posts to the blog.


Either way you can see my Twitter page here (or follow via RSS).

Monday, 12 January 2009 13:06:29 (Jerusalem Standard Time, UTC+02:00)  #    -
Send mail to the author(s) Be afraid.
<2009 March>
All Content © 2017, Tomer Gabel
Based on the Business theme for dasBlog created by Christoph De Baene (delarou)