Use DMVs to determine based on past executions which indexes would be beneficial in that database.

The following SQL should be run in Production SQL server (off hours). It basically uses DMVs to determine based on past executions which indexes would be beneficial in that database. It recommends what indexes could be created on the specified tables.

 migs.avg_total_user_cost * (migs.avg_user_impact / 100.0) * (migs.user_seeks + migs.user_scans) AS improvement_measure
 'CREATE INDEX [missing_index_' + CONVERT (varchar, mig.index_group_handle) + '_' + CONVERT (varchar, mid.index_handle)
 + '_' + LEFT (PARSENAME(mid.statement, 1), 32) + ']'
 + ' ON ' + mid.statement
 + ' (' + ISNULL (mid.equality_columns,'')
 + CASE WHEN mid.equality_columns IS NOT NULL AND mid.inequality_columns IS NOT NULL THEN ',' ELSE '' END
 + ISNULL (mid.inequality_columns, '')
 + ')'
 + ISNULL (' INCLUDE (' + mid.included_columns + ')', '') AS create_index_statement
--, migs.*, mid.database_id, mid.[object_id]
FROM sys.dm_db_missing_index_groups mig
INNER JOIN sys.dm_db_missing_index_group_stats migs ON migs.group_handle = mig.index_group_handle
INNER JOIN sys.dm_db_missing_index_details mid ON mig.index_handle = mid.index_handle
WHERE migs.avg_total_user_cost * (migs.avg_user_impact / 100.0) * (migs.user_seeks + migs.user_scans) > 10
ORDER BY migs.avg_total_user_cost * migs.avg_user_impact * (migs.user_seeks + migs.user_scans) DESC



We have been undergoing a major upgrade to our tech stack and here is what we are implementing now…  WOOT WOOT



žCloud Formation – A service that allows the entire stack to be built, provisioned, provisioned, and torn down demand.

žELB – A load balancer that works with autoscaling to create and destroy servers as needed by the traffic load.

žEC2 – Cloud-based virtual machines.

žEFS – A network file system that allows multiple EC2 instances to share a file system, even across availability zones.

žS3 – A Simple Storage Service designed to hold static resources, such as images and documents.

žRDS – Relational Database Services that cross availability zones, provide high availability, provide fail-over, and provide backup.

IdentityServer3 Custom Views for login

So in my endeavors to support Facebook, Google, Outlook and etc login providers the middle ware IdentityServer3 on git has proven worth its weight in gold.

If you need to customize the views for a client, let us suppose a customer wants the login page to be branded for their company logo….What??… the nerve of them.. lol… Seriously, it is extremely easy… See this link: [ branding ]  Perhaps they want to use a bootstrap theme, different layout or various validation rules… See that link…


My next post will be about using this with an Angular2 application. Much easier than I even thought!

IdentityServer3 Login Form + Anonymous Auth on IIS

When you deploy to IIS be sure to edit the web sites Authentication settings

Anonymous Authentication: Enabled

Basic Authentication: Disabled

Windows Authentication: Disabled

Digest Authentication: Disabled

Forms Authentication: Disabled

ASP.NET Authentication: Disabled

With this setup, you will not automatically be logged in via your Domain Account, but instead prompted to login via the Middleware Login Page.

If you want your users to use their windows login, you can enable Windows Authentication.


IdentityServer3 + MVC Login Infinite loop

I upgraded an existing MVC3 Project that once used Web Form login and Active Directory as a means to authenticate a user,  to now  use a login process similar to sites that let you use OAUTH2 but pick either facebook, google or other identity service provider.

When I finished the upgrade process I was getting the login form via the IdentityServer3 middle-ware, but when it tried to redirect to the original site (client) it was just loop and loop… and … well you get the point by now….

To fix the issue: (found numerous solutions here…)

The short is that I needed to either add the session_onstart in global aspx or add a CallbackPath.

GLOBAL.ASAX file fix:

 protected void Session_Start(object sender, EventArgs e)
 /// When using cookie-based session state, ASP.NET does not allocate storage for session data until the Session object is used. 
 /// As a result, a new session ID is generated for each page request until the session object is accessed. 
 /// If your application requires a static session ID for the entire session, 
 /// you can either implement the Session_Start method in the application's Global.asax file and store data in the Session object to fix the session ID, 
 /// or you can use code in another part of your application to explicitly store data in the Session object.
 base.Session["init"] = 0;

The  CallBackPath solution goes in your code where you are configuring your owin process app.UseOpenIdConnectAuthentication  — do this in the client application.

 app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
 ClientId = "app_jcrl",
 Authority = Constants.BaseAddress,
 RedirectUri = "",
 PostLogoutRedirectUri = "",
 ResponseType = "code id_token",
 Scope = "openid profile read write offline_access",
 CallbackPath = new PathString("/home/index/"), // Critical to prevent infinite loop 
 TokenValidationParameters = new TokenValidationParameters
 NameClaimType = "name",
 RoleClaimType = "role"

IDisposable with Structuremap

I was reading documentation on StructureMap 4X web site pertaining to Nested Containers and ran across this bit of history, “The original use case and impetus for building this feature was a simplistic message handling system that dequeued messages from a Sql Server table (please forget for a second the wisdom of using Sql Server as a queueing system).” “Nested Containers (Per Request/Transaction) Edit on GitHub…” StructureMap – Nested Containers (Per Request/Transaction). Structuremap, 21 Feb. 2017. Web. 21 Feb. 2017.

What is important for me is that our older software uses HTTPContext to manage the lifecycle for the Container scope (Hybrid) of StructureMap container, but the OWIN web host and ASP.NET Core does not have HTTPContext.  “Session and application state in ASP.NET Core.Microsoft Docs. N.p., 14 Jan. 2017. Web. 21 Feb. 2017.