Contact Information

Eli Weinstock-Herman (Tarwn)
Raleigh, NC   USA 35° 53' 6.69" N 78° 31' 9.74" W
Eli Weinstock-Herman, Contact Information


(from the Reading List page)
The Customer Support Handbook
Don't Make Me Think: A Common Sense Approach to Web Usability

ASP.Net – Single-sign on against Office365 with OAuth2

Original post blogged on Fri, Jun 24 2016 at

Recently I was experimenting with Office 365 as a single-sign on source for an existing ASP.Net application. Unfortunately, most of the documentation I found focused on the use cases of having Visual Studio automatically add it as part of a new project, multiple versions of a very similar looking OWIN sample using built-in (black box) OpenId calls, and using Microsoft.Identity.Clients.ActiveDirectory in not terribly well explained example code to (I think) call the OAuth endpoints.

The examples did not fit well with what I already know about the mechanics of OAuth, so that made it ha...

Improved TeamCity .Net Build Warnings

Original post blogged on Wed, Jun 01 2016 at

A few years back, I posted “Displaying .Net Build Warnings in TeamCity“. Many folks found it useful (and it served as a good reference the last time I needed to re-setup warnings). Recently, Mitch Terlisner reached out to me with a much improved version to share with folks that includes better build status output, an interactive warnings tab, statistics chart, and a custom metric to enable custom ...

ASP.Net – Ensure your Actions aren’t missing Authorization with Unit Tests

Original post blogged on Fri, Apr 08 2016 at

Have you ever found yourself working on an Action and noticed there isn’t a single Authorization attribute in sight? Or gone to edit an endpoint in WebAPI, only to realize you took a coffee break at exactly the wrong time and forgot to come back and add the authorization attribute…a month ago? Or the time you found an MVC endpoint with WebAPI Authorization attributes on it?

While relying on code reviews and regular reminders to the team can reduce occurrences of this, we’re human and can only catch so much. Instead, it would be nice if a warning popped up b...

MVVM – The User as an Asynchronous API (w/ Knockout)

Original post blogged on Fri, Mar 18 2016 at

Early into development of a fairly large modular SPA, we found ourselves needing to ask the user a series of complex questions during a complex chain of business logic. We built a quick little ViewModel and template to display to the user, added some assignable callbacks that it would generate buttons for, and called it good.

Except it wasn’t.

The first issue we ran into was the difficulty in writing tests around this already incredibly complex business case and trying to fake expected user interaction with the callbacks. The next issue was how difficult it was for the n...

MVVM Validation with KnockoutJS – Don’t put it in the View/HTML

Original post blogged on Wed, Mar 02 2016 at

When it comes to input validation for rich websites and Single Page Applications, a lot of the patterns out there rely on markup in the HTML/View. This works OK for smaller applications, but is terrible for larger applications that expect to be maintained and extended over time.

In the past couple years I have used Knockout on sites ranging from toy size (the SQL Azure post) up to a large modular SPA rewrite of a Silv...