All posts by Pascal de Jonge

Notifications 2.0

Roadmap is growing, more data is coming in and more travelers are becoming dependend on our services which is a great! However, everything comes with a price. The huge amount of data that Roadmap is currently processing is going to increase with the time and therefore, it is absolutely important to have a stable platform in place that can handle and support the growth.

To achieve this goal we have taken a closer look into our backend processes and namely, how the current flow works with different types of data that we process as well as into the bottlenecks that we face when it comes to communicating to the travelers.

We have learned that we need to change a big part of our system to be stable, scalable and high available. Our main focus was based on two core processes – Timeline and Notifications.
Within this blog I will dive into the migration of Notifications; How did this work in the past, what kind of issues did we encounter and how did we gain control over these issues in the current process, bearing in mind we want to extend the process in a most efficient way in the (near) future. Continue reading Notifications 2.0

Application Authentication via https using NTLM

We at Roadmap take security very seriously. Everything we do and everything we touch or make, we think about security as it is part of how we work. In fact: it is in our DNA.

Recently we have been working on a way to generate monthly reports for our customers in a sweet automatic way. To be able to download these reports the report server need to verify the given NTLM authentication credentials which are provided by the application. This was a bit of a challenge as it did not work in the way we would assume.

When you want to download a file, the .NET Framework provides you and easy and simple code snippet, which works straight away:


        public void DownloadAwesomeness()
        {
            var url = new Uri("https://DomainNameHere");
            var location = @"C:\Temp\Destination.txt";
            
            using (var client = new WebClient())
            {
                client.DownloadFile(url, location);

                Console.WriteLine("We are done!");
                Console.Read();
            }
        }

This works perfectly. How hard can it be to add some extra credentials to the WebClient? As the WebClient has a Credentials property, we will set these.


        public void DownloadAwesomeness()
        {
            var url = new Uri("https://DomainNameHere");
            var location = @"C:\Temp\Destination.txt";

            using (var client = new WebClient())
            {
                client.Credentials = new NetworkCredential("username", "password", "domain");
                client.DownloadFile(url, location);

                Console.WriteLine("We are done!");
                Console.Read();
            }
        }

When you will run this you will notice that the client.DownloadFile(url, location); will throw an ‘403 – Access Denied’. Before you start changing any usernames and/or password because you are doubting yourself if you did something wrong, let me help you out here: You didn’t do anything wrong. More interesting is; what is actually going on? What is happening with the credentials? Continue reading Application Authentication via https using NTLM