Archive for the ‘Software development’ Category

My experience with Comodo code signing certificates

Saturday, March 15th, 2008


we plan to release a new product soon and I thought it would be a good idea to finally sign our installers so that our users perception of EmPowerTecs credibility improves even more :-)

So I looked into the various alternatives and found a posting on Joel Spolskys Business of Software forum which stated that a Comodo code signing certificate for one year can be bought for just 85 USD. At this price (and with the current USD/EUR exchange rate!) that’s a no brainer for me.

The ordering on the K Software website was smooth and Comodo processed the order fine. But the certificate did not work! I approached the Comodo support which answered extremly friendly and timely but a bit shallow. I had to restate my arguments several times until I got an answer that looked as if someone had actually read my mails. But nothing helped and finally the Comodo support said that I have to ask the reseller K Software for further support. Now, Mitchell Vincent of K Software was totally helpful and offered my a refund and a reissue (basically a complete new purchase). He also made upfront clear that Comodo is quite slow in processing the refunds but he took the responsibility to forward my new order only after Comodo has eventually made the refund. Finally, a couple of days later I had the code signing certificate correctly installed:

Signed executable

To save you the same hassles, here is what I have learned during the process. I think both K Software and Comodo should make these points totally clear during the order process.

  • Use the same machine for ordering and for installing (”collecting”, as Comodo calls it) the certificate. I use different virtual machines for development and for email and I ordered on the development VM and tried to install the certificate on the “office” VM. However, I was not aware that the innocent link in the email actually performs the installation.
  • Order and install the certificate as administrator. I usually work as restricted user.
  • Use Internet Explorer. I use Firefox normally. Although Comodo says that Firefox should work they recommend to use Internet Explorer.
  • Add to your trusted sites. I have scripting switched off for non trusted sites.

These points are probably totally obvious to Vincent Mitchell and the staff at Comodo but for me they where not. In particular I was not aware that the certificate is actually installed by a script in the browser.

If you don’t make the mistakes I have made its a pretty smooth process for a great price.

Finally, here is a link that helps you to integrate the code signing in your build.

Best regards,

Technorati Tags: , ,

Version information in managed C++ assemblies in Visual Studio

Sunday, February 3rd, 2008


in a newly created managed C++ project a file named AssemblyInfo.cpp is added to the project automatically by Visual Studio. The file contains the same information than the according file in C# projects but in contrast to the C# assemblies this information is not available in the Windows explorer and all other tools that expect the version information in the traditional form (as a resource in the dll). For example the setup program we use provides the capability to overwrite a DLL during installation only if the installed DLL is of lower version than the DLL contained in the setup program. But for this to work it needs to retrieve the version information from both DLLs and it fails to do so for a standard managed C++ assembly.

The reason is that the information contained in AssemblyInfo.cpp is not automatically added as a resource to the dll (but it is for C# projects). Here  are more details.

The bottom line is that you must explicitly add a resource of type “Version” to your managed C++ project to have version information in the traditional form. The information in AssemblyInfo.cpp is used only by .NETs runtime system.

The hard part however, is to synchronize the information contained in AssemblyInfo.cpp and the resource file. There is a Visual Studio AddIn that claims to support that, but I did not try it. We use a script to build our setup-programs and this script updates version information, generates configuration files, rebuilds all affected solutions and finally invokes the installer build program. I think we will add the update of the resource file from the AssemblyInfo.cpp somewhere in this tool chain.

Best regards,

The effect of being submitted to dzone

Monday, October 8th, 2007


One of my older postings was submitted to dzone (thanks gst!). In the first 5 days after the submission 738 visitors have viewed this entry and 434 of them have clicked on the link and hopefully :-) read my posting. So far, one comment was made.
The first two days we had no noteable traffic from dzone, then on friday about 40% of the overall traffic from dzone arrived, on saturday about 35%, on sunday about 15% and on monday about 10%.

dzone seems to be an interesting site, most of the articles seem to be of high quality. And it seems to have a significant community which keeps the fire burning. There are also quite a view postings about UML on dzone.

Best regards,

Technorati Tags: chooses to write their own UML tool

Thursday, September 27th, 2007

Hello, is a website that hosts various contests for software designers and developers. Topcoder seems to strive for rather high quality and therefore they also appreciate UML models for the software that will be developed in the course of a contest.

Until recently, they used Gentlewares Poseidon tool, partly because it had a free community edition so that no participant was forced to spend money just to participate in the contest. They have abandoned Poseidon now and have chosen to create their own UML tool. They do not really state their reasons for this decision, except that “this approach will allow us to develop a tool that is closely aligned with our members’ needs”.

When I read this, I thought “oh boy, please not another half hearted UML tool that nobody will ever use seriously”. To verify or disprove my bias I installed the tool in a Virtual Machine (so that I could delete it without any traces). My worst expectations have been fulfilled.

  • The tool is written in plain Java, making it look ugly
  • No reuse of existing software like the Eclipse Modeling Framework and/or the Graphical Editor Framework
  • Non intuitive user interface (granted, this is a subjective statement)
  • No online help, no documentation

Topcode UML tool

Seems like a heavy case of Not Invented Here syndrome.

Best regards,

Technorati Tags: ,

What is the Reference Model for Open Distributed Processing (RM-ODP)?

Wednesday, May 9th, 2007


Recently, there was an announcement on the Yahoo! Groups mda-discussion list for the 4th International Workshop on ODP for Enterprise Computing (WODPEC 2007). Since I have never heard of RM-ODP I took the opportunity to learn something new.

The RM-ODP is an ISO standard that is used to provide a framework for the documentation of distributed processing systems. This means it gives interested stakeholders of such systems well defined terms and concepts that they can use to describe a system (e.g. a software system). The concepts that are defined are, for example:

  • Class
  • Type
  • Component
  • Composition
  • Action

and some more.

Remarkably, they use UML to describe parts of this standard, e.g. UML profiles and metamodels for the “5 ODP viewpoints” (Magicdraw models). There is also an example available online (look in appendix B).

Interesting stuff, but not easy to grasp.

Best regards,

Technorati Tags: ,

Precise models can help to improve distributed software development

Monday, May 7th, 2007


In his paper 5 Practical Tips for Enterprise Architects Dan Massey states that one of the challenges of modern software development is the distribution of development teams across different geographical (and cultural, I’d like to amend) regions. This requires more efficient communication and one of the means to achieve this is to use formal methods which includes – among others – the usage of OCL.

The other recommendations are:

  • Establish, maintain and mandate architectural standards
  • Create a domain model and focus on becoming a business domain expert
  • Train teams on the architecture standards and domain model
  • Always consider your customer

Dan works for a tool vendor (Borland) so you have decide on your own how much you think his paper is inspired by the interests of the company he works for.

Best regards,

Technorati Tags: ,

Requiring registration for trial software – not good

Wednesday, May 2nd, 2007


Recently I stumbled upon a software that sounded very interesting to me. It seems to support the design of user interfaces with high integration in Enterprise Architect. When I wanted to download the trial version I was asked to register.
And they ask for a lot of mandatory information including a user name and password which is pretty ridiculous given my interest just to try a software. Since I do not see any necessity to provide this information I decided not to try this software. I’d be curious to know how many other users have just closed their browser window when they noticed the required registration. At least I have let them known my interest and opinion with a friendly email.

Best regards,

Efficiently testing with NUnit and log4net

Monday, April 16th, 2007


I have used Nunit for testing .NET based software (libraries) for quite some time now but I have not been entirely happy due to three reasons:

  • The only way to execute the tests was through nunit-gui or nunit-console. Both of these programs read the passed assembly via reflection and call the tests on the contained classes and methods. The problem with this approach is that there is no natural place to perform a single initialization and shutdown procedure that is contained in the component under test.
  • In particular it was not easily possible to configure log4net.
  • Finally, nunit-console and nunit-gui load the component under test in a separate AppDomain and this makes interactive debugging quite slow.

Recently, I have been so annoyed by these restrictions that I took some time to find a solution. On the NUnit Homepage I read that the new version 2.4 now allows more control over the creation of a dedicated AppDomain for the component under test (see the release notes).:

The new /domain option controls of the creation of AppDomains for running tests. The following values are recognized:

No domain is created – the tests are run in the primary domain. This normally requires copying the NUnit assemblies into the same directory as your tests.
A test domain is created – this is how NUnit worked prior to version 2.4
A separate test domain is created for each assembly

This sounded as if it could solve the problem of slow debugging when running under NUnit.
Still, the problem remained that there is no natural single point of initialization. What I wanted was:

  • Create a .NET console application
  • Add classes and methods and tag them as usual as test classes/methods with attributes.
  • Add one time initialization and cleanup code in the applications Main() method.
  • Run the executable in the Visual Studio debugger with breakpoints and automatically execute the tests as defined by the attributes.

I found a posting on Charlie Pooles NUnit blog that gave me the missing hint. All I had to do was to call the desired method in the relevant NUnit assembly:
class TestClass
static void Main(string[] args)

And that’s it!

Here is a summary:

  • Use NUnit 2.4 or newer
  • Create a C# or VB.NET Console application
  • Add required references including log4net and NUnit
  • In your applications Main method add all required initialization (and shutdown if necessary) code.
  • Set the compiled executable as target for debugging.
  • Add (at least) these arguments in the ‘Properties’ dialog of the project: /domain=none <your executable>
  • Add a suitable (standard log4net) App.Config file to your project

Console output of NUnit run

Technorati Tags: , , ,

Software Architecture Trends

Monday, March 19th, 2007


I always like to read printed conference announcements because they usually contain a short description of each session. These short descriptions are an excellent ways to see what’s currently ‘hot’. My latest copy of the MSDN Magazine contained an announcement of the Software Architect 2007 conference in June 2007.

I made a little game and counted the number of certain buzzwords in the session descriptions. One could think that those buzzwords with the highest number are the currently ‘hot’ topics. Please be aware that Microsoft is (the one) ‘Platinum Sponsor’ of this conference. So don’t expect much coverage of Java or UML. In the table below, each buzzword is counted once if it occurred one or more times in a session description.

Design orientied sessions 6
.NET 4
web service 3
Ajax 3
Pattern 2
Process oriented sessions 2
Identity 2
Agile 1
Biztalk 1
Domain Specific languages 1
Metrics 1
smart client 1
code generation 1
Visual Studio 1
Microsoft Motion 1

The ‘design oriented’ sessions column in the table above contains only those sessions that are independent of any technology. If a session was ‘design oriented’ but targeted for a specific technology (e.g. ‘The benefits of achieving a truly distributed SOA’) I added it to the technology. Interestingly, there was one session ‘Visualisation of SOA designs using UML and Enterprise Architect’ that mentions explicitly a non Microsoft UML modeling tool. I think this is another indication of Enterprise Architects high popularity.

Best regards,

Technorati Tags: