Month: March 2014

ASP.NET MVC4 – Just get it running without having to implement Membership/RoleProvider?

For those of you who wish to build a simple Hello World application with ASP.NET MVC 4 (New Project \ ASP.NET MVC 4 .NET Application \ Internet Application \ Razor|ASPX View Engine, accept all defaults), you’d run into nasty surprise as soon as you hit F5 and try to run the new application:

Server Error in ‘/’ Application.

Configuration Error

Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.

Parser Error Message: Could not load file or assembly ‘MySql.Web, Version=, Culture=neutral, PublicKeyToken=c5687fc88969c44d’ or one of its dependencies. The system cannot find the file specified.

Source Error:

Line 249:      <providers>
Line 250:        <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="LocalSqlServer" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />
Line 251:        <add name="MySQLMembershipProvider" type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=, Culture=neutral, PublicKeyToken=c5687fc88969c44d" connectionStringName="LocalMySqlServer" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="false" passwordFormat="Clear" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />
Line 252:      </providers>
Line 253:    </membership>

Alternatively, simply add FIX 1 below and you’re go to go. (FIX 2/3 are optional)

<add key=”webpages:Version” value=”″ />
<add key=”webpages:Enabled” value=”false” />
<add key=”PreserveLoginUrl” value=”true” />
<add key=”ClientValidationEnabled” value=”true” />
<add key=”UnobtrusiveJavaScriptEnabled” value=”true” />

<!– FIX 1: Add these, you’re not using WebMatrix “WebMatrix.WebData.SimpleMembershipProvider” –>
<add key=”enableSimpleMembership” value=”false”/>
<add key=”autoFormsAuthentication” value=”false”/>


<!– FIX 2: For simplicity’s sake, mode = None –>
<authentication mode=”None”>
<forms loginUrl=”~/Account/Login” timeout=”2880″ />

<!– FIX 3. Use System.Web.Providers.DefaultMembershipProvider –>
<membership defaultProvider=”DefaultMembershipProvider”>
<clear />
<add name=”DefaultMembershipProvider” type=”System.Web.Providers.DefaultMembershipProvider” connectionStringName=”DefaultConnection” enablePasswordRetrieval=”false” enablePasswordReset=”true” requiresQuestionAndAnswer=”false” requiresUniqueEmail=”false” maxInvalidPasswordAttempts=”5″ minRequiredPasswordLength=”6″ minRequiredNonalphanumericCharacters=”0″ passwordAttemptWindow=”10″ applicationName=”/” />
<roleManager defaultProvider=”DefaultRoleProvider”>
<clear />
<add name=”DefaultRoleProvider” type=”System.Web.Providers.DefaultRoleProvider” connectionStringName=”DefaultConnection” applicationName=”/” />



SOA – Perspective from IT vendors vs Perspective from Financial Services

SOA (Service Oriented Architecture) is to re-factor different logical components into different “Services” – typically, “Services” means “Web Services” – obvious advantages?

  • Enterprise components can be efficiently re-used
  • Components developed in different languages (Java/.NET/C++/Perl…etc) can talk to each other.
  • Services can be hosted on Cloud [Optional]

Here’s IBM version of Enterprise SOA from @simonlporter (Pic from Simon’s tweets, pic url


Typically, architecture perceived by IT vendors are very generic, with intention that structure be adaptable to biggest number of clients from different sectors and industries. For example, in above diagram:

These are generic Enterprise Services.

Businesses typically elaborate this structure and layer on top sector specific implementations. From perspective of Financial Services, in particular, asset management firms, hedge funds, investment banks, you’d see for example:

  • Market Data Service (For example aggregate across multiple data vendors Bloomberg, Reuters, Morningstar…etc)
  • Yield Curve Service
  • Deals Execution, Allocation and Audit Service (Pre-trade/post-trade analysis, Compliance…etc)
  • Position Service (Trading positions)
  • Risk Management Services (VAR calculations, Derivative pricing, sensitivity analysis. Stressing and Scenario Analysis)
  • RFQ (Request for Quotation, for structured OTC products)

Despite the differences, a well layered IT architecture in the bottom is critical in how easily businesses can layer sector-specific application services on top. Unfortunately, very often, this is not the case. Anti-patterns commonly observed:

  • One application logs to enterprise logging service, and another logs to another database with different log table schema
  • One application load balance computations using BMC Control-m ( ), another to Applied Algo ETL Suite  (, yet another build their own.
  • Equity derivative trading desk uses home grown risk engine for derivative risk management.  Swap desks uses VBA sheets. Convertible trading desk could be using a vendor solution such as Derivation ( – all risk system computes derivatives sensitivity Delta/Gamma/Vega/Theta… and persists EOD figures in different database tables, each with different schema.

Architectural break down typically happens during corporate mergers, or a result of ineffective IT governance – typically characterized by constantly changing or divergent chain of command.

This said, while properly layered SOA is critical for large enterprises, for small hedge funds, too much layering may not be economically feasible. It is thus a delicate balance for CIO’s and IT managers to remain vigilant so the business, its management architecture, and technical architecture evolve in lock steps.