Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I don't know if anyone can point me in the right direction of writing code to send a file by AS2?
A colleague of mine wrote a C# implementation of AS2 for one of our clients some time ago (he used .NET 1.1) so I can tell you that what you want to do is certainly achievable.
To do this you would need to get a copy of the AS2 RFC as well as any other RFCs that the AS2 one references (the various HTTP ones for example).
You will also need something to test your work against - some other implementation of AS2 that you can send your messages to.
This is the approach my colleague followed and at the end of the process he had made an AS2 transport which has been in production for around 7 years, dealing with several multi-national companies who used Drummond certified products.
You do not absolutely need to go down this track - you can send a valid AS2 message just by supplying the right AS2 headers in an HTTP post, but then you would only be implementing a bare minimum subset of the AS2 standard, which would not include the encryption, authentication and non-repudiation aspects of the protocol that make it worth using.
If you only want to send AS2, perhaps with basic encryption and signing, this could be feasible.
I would, however, strongly advise against you writing your own AS2 implementation unless you a) absolutely must or b) are sure you will only be sending basic messages with simple encryption and signing.
I say this because:
The code is non trivial
You will run into issues around certification
The certification issue is possibly the biggest hurdle. All the big vendor AS2 offerings (e.g. Gentran, WebSphere, BizTalk) are Drummond certified. What this means is that they have passed a series of tests administered by the Drummond Group Inc. establishing that their implementation of AS2 can interop with all other implementations.
Drummond certification is a time consuming and costly process, and without it you are always viewed as being suspect. Even if you implement a flawless AS2 sender, your code will always be the place fingers are pointed.
As far as alternatives go, there are several free or relatively inexpensive AS2 implementations like OpenAS2 (only Java) or Boomi (commercial but not too expensive) up to full blown B2B engines like Websphere and BizTalk.
I've not heard of AS2Box previously, but it does sound like it could meet your needs (though typically people using AS2 would not want to go through an untrusted third party).
As with anything, it really depends on the specifics of what you need to do.
This is a bit late, but for keeping this answer up to date: Now with Azure Biz Talks services, it's not too bad just to use BizTalk. Here is a good example:
http://code.msdn.microsoft.com/windowsazure/Windows-Azure-BizTalk-EDI-8ebd429f
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
I release a bunch of tools for free, but recently I have began to sell an application, that has private research, and people have been able to get my source code, and one person publically released my entire source. I spent a lot of time on this program, just to have someone crack it, and release my entire source.
How can I go about protecting my program? I have tried HWID, but people are still able to crack it. I know I am limited by C#, but it the most convenient to use. I just need a way to protect my programs from people trying to do this.
You could have a look at the many obfuscation tools that are out there, for example these:
http://gapotchenko.com/eazfuscator.net
http://orangeheap.blogspot.nl
http://confuser.codeplex.com (succeeded by https://yck1509.github.io/ConfuserEx/ and then again by https://github.com/XenocodeRCE/neo-ConfuserEx)
http://ntoolbox.com)
Well, the problem with languages like C#/Java is that they are generally much easier to de-obfuscate. The way to secure this is generally to put this stuff into a webservice, but you said you couldn't really do that. What about porting specific non-trivial functions over to a language like C, and obfuscate that. Your C# program could then use reflection to make calls to this external/unmanaged dll. It would increase the difficulty for de-obfuscating, but the problem is that if someone wants it bad enough, they can figure it out as it is client-side.
It may be that legal action is the only real solution here, but this is not a site for legal advice, and I am not qualified to give it if it were.
Additionally, this could be a business decision. Consider Making your software open-source and post a donation link. I am also not qualified to give business advice, but this is worth considering. It may actually increase your revenue, not to mention the other benefits that come with releasing open-source software.
There's Dotfuscator (http://www.preemptive.com/products/dotfuscator/overview). But the best solution in some cases is to offer what you do as a web site (Software as a Service).
Consider this tool for example to convert VB to C#: http://converter.telerik.com/
Or this tool to format JSON: http://jsonformatter.curiousconcept.com/
This may or may not work for you. I don't know what the nature of the software you're trying to protect is.
No, your code needs to contain the information needed to decrypt itself, its an impossible problem to solve.
Your best solution is to put your intellectual property on a server in the cloud that only you have access to. Give your customers a unique login, audit their access to check for abuse, off load as much grunt work onto your customers machines, but keep your algorithms locked into the cloud.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
We're going to develop an ASP.NET MVC 4 web application which needs to be workflow based.
The scenario is something like this:
The Scenario
Users make request to get loan of a bank by submitting a form,
operators find the requests in a grid in their dashboard, they see the
details and if it is okay they send it to boss, and send it back to
users to fix or complete the request, if not. The boss decides to pay
loan or not, if yes and the price is below something it goes to fund
section, if it is above something the request goes to another boss and
so on..
Requirements
In each state there might be some additional relevant data attached, for example the points of user calculated on time of sending the request.
A process manager (admin) exists who can cancel any request wherever it is or pass the request to anyone he wishes.
There might be multiple transitions available which state can move along them, the state should check the conditions and choose one transition.
Meanwhile operators can
Pass requests between each other (if they're allowed to), for example if they are too busy or they're going on vacation (substituent)
See history of requests and see what data changed in round-trips (versioning)
Write notes before sending the request to next one or return it to someone.
The Question
In above scenario, which technology is more suitable and why?
Workflow Foundation
BizTalk
or libraries like:
Simple State Machine
Jazz
stateless
State Machine Compiler
I would not use BizTalk for this, even though I was a BizTalk developer for a number of years, and implemented similar workflows using it.
The reason is that I have come to the conclusion that modelling complex business workflows in BizTalk is an anathema to what BizTalk really does well, which is high performance message routing and transformations, and host integration capabilities.
However, neither would I use WF for this. I think that MS have made WF needlessly difficult to work with. I worked with WF3 which was the first version, so perhaps things have improved. But as far as I know MS removed state machine workflows from WF4 onward and now only supports sequential workflows.
So in answer to your question, I think neither are suitable for this purpose.
Why not start with NO technology stack except for ASP.NET MVC, JQuery, and SQL Server. This seems to be the MS web development standard at the moment. Likely you're already licensed for this.
Even though you seem to have your requirements up front, you'll likely find that some or even most of the requirements you have listed are subject to change or even removal.
So start with one or two core user stories which can be delivered quickly in small iterations and then continue to add features like that. When you get the point where you need to start looking at other technologies or frameworks then that is the time to reassess the decision. At this point I would personally look at using NServiceBus sagas as another option to manage your long running processes.
I think making a decision about tech stack too early in the planning process can work against you in many ways.
Sorry does not address your original question directly.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I'm writing a video on demand solution. I want to take care of the end to end process, from ingestion of content to playback.
I have decided to utilise IIS Smooth Streaming for the method of delivery, which means all the video content must be encoded as H246 Adaptive Streaming Video.
I originally started using Azure for this project, but I as dove deeper I realised this really was too big a platform for what I need. It loaded unnecessary work and complexity for what I'm trying to achieve.
The 'issue' I'm having is with choosing an appropriate method to encode uploaded content. There are many encoding packages available but I can't find one which meets my criteria.
I'm happy to use an off the shelf package or write something with an appropriate SDK.
Must operate on Windows Server 2012
Must operate while the interactive user is logged off (i.e. as a windows service)
Ideally notify when the job is complete (can be an indirect method)
Ideally create a thumbnail
Invoking the encode process can be simple command line, watch folder or API / SDK
Must on on my server, not a cloud service
Must encode H264 Adaptive Streaming for IIS
I've tried:
Expression Encoder - Doesn't work in 2012, and no longer developed by MS
Sorenson Squeeze - Almost works, but leaves itself open when launched from command prompt so each time it encodes so I'd end up with 100's of instances
Azure .. too big & expensive
I know Sorenson has an server product which can be self-hosted, but this is cost prohibitive.
MainConcept have several SDK's and I've emailed them, however they don't list prices so this to me means expensive. (You may have noticed cost is a big factor. I'm one guy and a company)
Can anyone recommend a .NET SDK (c#) SDK or encoder package which will hit my criteria?
Many thanks
Take a look at http://www.ffmpeg.org/
While not a .net solution, it's free, and meets most of your criteria
I've not used it for adaptive streaming video, but apparently it supports it
It's all done from the command line - depending on what you want to do, you may need to write a wrapper for it (we had to do this for monitoring folders/databases and for notifications when complete), but i've successfully used it in the past to encode tens of gigs of video on a daily basis
You can write your own service in c# or directly run it in IIS application with the needed permission.
Using ffmpeg :
http://vbffmpegwrapper.codeplex.com/
https://code.google.com/p/ffmpeg-sharp/
Using vlc:
https://code.google.com/p/libvlc-sharp/
http://libvlcnet.codeplex.com/
Rhozet Promedia Carbon is the tool you're looking for. Supports all your needs. You can request a free demo. They handle all the licensing for the formats.
http://www.harmonicinc.com/product/promedia-carbon
Any tool you might want for this is going to be cost-prohibitive due to licensing.
As others have mentioned, your other option is FFMpeg
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
I have been trying to find out how to programmatically interact with Component-Based Servicing (CBS) which is basically the TrustedInstaller and other services. With the goal to be able to query CBS for what packages are installed and get any other information they may have on installed packages. Here is a link to a overview of it.
Basically using C/C++/C# (not picky) I would like to interact with this via an API. This link is the best documentation from MSDN that is API related that I could find and it isn't much. Then here is another MSDN documentation area that that gives some details but nothing really about an API I can use to interact with it. This one is under package manager which is how you can interact via command line in a limited way to install CBS based packages. The best quote from that last link is:
"CBS provides various APIs (which are
not publicly available) to its client
installers to service the operating
system components."
Which may say it all, but I am not ready to give up yet. The home for all or at least most of this is %WINDIR%\servicing which has CbsApi.dll for starters, while it appears to be registered as a COM DLL it doesn't publicly expose any classes or functions to do anything. It seems also that most of the details that the API access are in the sub-folders such as Packages, Sessions, Editions, Version, etc.
I know not many people would be trying to do this except for myself and Greg Lambert who has a couple blog posts from a two years back basically asking the same questions and trying to figure out this "not public" API. It didn't look like he cracked this nut yet either.
So now I am at the point to reach out for help and ask the community if anyone has worked out the hidden API for this, or may want to take on the challenge and see want they can find out. Any information that helps me to take a step closer is appreciated.
The correct way to programatically access the CBS is through the API's to its clients. Depending on what you are trying to accomplish, this would involve the Windows Installer or the Windows Update Agent API, both of which are documented in the Windows SDK.
The CBS instelf is an implementation detail and shouldn't be used directly. Thr reason there is so little information publically avaiable is a combination of the fact that relying on implementation details rather than contracts is a bad practice and there is simply easier and more reliable ways to accomplish anything you'd do with CBS directly.
This part of the Windows Installer SDK deals with querying for installed components.
Maybe things have changed, because I just found MS's Component Based Servicing Reference, documenting a COM interface.
Side note: I got here via a comment on Raymond Chen's blog and its response, which made wonder "what is Component Based Servicing, why is it a disaster, and what does it have to do with auto-sort?". I still don't know the answer.
Disk space filling up is a common problem in Windows 7 due to the disaster that is Component Based Servicing.
[It wouldn't be a problem if you could disable auto-sort in Explorer, though. -Raymond]
The CBS is basically for Windows Updates and other servicing operations. Since they are released by Microsoft itself, the clients of CBS are internal teams at Microsoft. The API's are not released publicly. The tools and xml files needed for writing Windows Updates, etc. are internal to Microsoft. There is no way that third party applications can use CBS technology.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
I've been looking for a simple key/license system for our users. Its partly to stop piracy (avoid users from sharing the application around) and the other half to track the number of 'licensed users' we have. I have already read a few good suggestions on SO but I'm curious as to how people have implemented the 30 day evaluation criteria.
Do you generate a key that stores the date somewhere and do a comparison each time or is it a little more complicated - deleting the file/removing the registry shouldn't deactivate.
Are there any example implementations out there that can give me a head start? The irony is that our PM doesn't want to license a third-party system to do it for us.
This is for a Windows Forms application.
Have you checked out the Rhino-Licensing project by Ayende Rahien. You can also see his blog post about licensing a commercial product which led him to develop this solution.
There are two separate challenges: i. How do you prevent a copied app from running. ii. How to prevent users from ripping out/bypassing your prevention scheme. The first one is usually done by taking a hard to copy signature of the user's system (e.g. Hard Drive ID + Processor ID + RAM, etc) and using it as the seed/key AND activating it on-line by calling "home".
The Second issue is harder to do in .Net since the source code can be in someway extracted and recompiled to exclude your protection system. The key here is to make it cheaper to buy the license than to remove the protection at the user's end. You may find that for most products, the suggestion to use a customized engine to encrypt your product libraries that also contain your copy-protect and decrypt it at initial run-time, might be enough.
I am not sure you can actually protect a .NET - There may be commercial solutions that do the trick. The reason is .NET code can be seen through Lutz Roeder (Thanks Jasonh for the heads up) Red Gate's Reflector (It was formerly by the named guy above). The best way to deal with it is to look for code obfuscation which makes reflecting more trickier, I can point you to one place I know of that does this for free - Phoenix - NtCore.Com.
The more esoteric solution would be to create a .NET hosting environment in C++, load the binary image (which could be encrypted) and the hosting environment than undecrypt it in memory - have heard of that theory but not sure how that would be done in practice. Please do not use your own protection scheme as there could be a weakness.
Someone once said - "Security through obscurity"....
Hope this helps,
Best regards,
Tom.
I worked on a project that handled this by putting some critical functionality (for example data storage, reporting, or payments) on an external server we ran, and requiring the user to log in to this server to get the functionality.
Customers can make backups, share, or run the application locally, but to access this critical function they have to type a password in to our application and connect to our server. Customers knew the password allowed changing their data, so they would not want to share the password with other people.
This was handy because we do not care how many copes of the application are out in the wild, we only track server connections. We included machine-identifying data like MAC address in the connection data, so we can track which machines are connecting.
I'm not just saying this because my company sells the OffByZero Cobalt software licensing solution for .NET: your PM should know that software licensing is very hard to get right, and if you roll your own, you'll be supporting it for the foreseeable future.
Take a look at the article Developing for Software Protection and Licensing; it explains how to choose a solution, why you should obfuscate your application and gives a number of tips for structuring your code to be harder to crack.
In particular it makes the point that the vast majority of companies should outsource their software licensing, as it makes no sense to spend developer time on building and maintaining a complex system that isn't your core business.
What is more important to your company: adding an important new feature to your product, or tracking down a peculiar permission behaviour on an ancient version of Windows that's clobbering your licensing system?