Wednesday, October 21, 2009

Microsoft Application Architecture Guide (eck?)

So i just stumbled across an unfamiliar offering from the familiar Microsoft Patterns & Practices group. Of course, any architecture guide provided by Microsoft immediately invokes thoughts of design-time application development. Unfortunately, although i admit i havent checked all that recently, Microsoft attempts to train everyone to do everything with the GUI. Why write code to databind a control when you can just drag-drop? Those of us with enterprise-level experience designing and building applications know that that drag-drop and other GUI features promoted by Microsoft quickly back you into a corner and don't lend themselves well to being incorporated into design patterns and architectural patterns generally accepted in the community (MS/Java etc). Admittedly there are many GUI features i enjoy and the VS IDE is indispensible but thats apples and oranges.

I spent about 2 mins skimming through the doc linked above and im not sure its worth going back...I suggest you head over to the GOF or buy the 'Patterns of Enterprise Application Architecture' by Martin Fowler book instead.

(This post was written from a custom application development perspective)

Wednesday, June 3, 2009

Project Natal - Touch free HID

Wow i have never been so excited about a new HID since the announcement of the EmoticEpoch. If you havent read about this new XBox360 centered offering, its time! If you are an XNA platform developer, you are probably foaming at the mouth by now :P

Check it out

Microsoft .NET Framework Application Development Foundation Training Kit - Chapter 1 - 'Rich' Notes

This is the first of many posts to come to aid in reviewing what i have learned from the Training Kit prior to taking the MCTS Exam 70-536.

Structs vs Classes

Custom Operators (==, + etc.)

Reference vs Value Types

Nullable Types (can only be value types)

Generics & Constraints on Generic classes

class Program
static void Main(string[] args)
DelegateTest test = new DelegateTest();
test.OnTimeChangedInstance += new DelegateTest.OnTimeChanged(test_OnTimeChanged);

private static void test_OnTimeChanged(DateTime d)
class DelegateTest
public delegate void OnTimeChanged(DateTime newTime);
public OnTimeChanged OnTimeChangedInstance;

public void RunTest()
if (OnTimeChangedInstance != null)

Type Forwarding
Allows you to move a type from assembly X into assembly Y for an application that is currently deployed and only has knowledge of assembly X without having to recompile the application. In assembly Y you create the type as it was in assembly X. Then in assembly X you remove the type that was moved to Y and replace it with an Assembly attribute that specifies the new location of the moved type. E.g. move type Car from assembly X to Y would result in assembly X no longer containing type Car, Assembly Y now containing Type Car and Assembly X adding the attribute [assembly:typeforwardedto(typeof(Y.Car))].

Conversion Between Types
• System.Convert – converts between types that implement System.IConvertible.
• Cast operator – (int) obj.
• Type.Parse, Type.ToString
• Type.TryParse, Type.TryParseExact.
• Narrowing/Widening Conversions – Narrowing Conversions occur when the range or precision of the source type exceeds that of the destination type.

How to Implement Conversion in Custom Types
• Define conversion operators to simplify narrowing (explicit in c#) and widening (implicit in c#) conversions between numeric types.
• Override ToString to provide conversion to strings, override Parse to provide conversion from strings.
• Implement System.IConvertible to enable conversion though System.Convert. The interface has ~ 17 methods to implement – ToBoolean() etc.

• Is the conversion between reference and value types.
• Should be avoided due to overhead
• All struct’s you create inherit from system.object which exposes the ToString method. Why would you want to override the ToString method in a struct? Avoids boxing the custom struct (value type) to the object type (reference type) in order to call ToString.

Thursday, April 30, 2009

Yahoo Pipes - A new spin on RSS

Today I watched the introduction to the Yahoo Pipes Beta at It’s a little like Biztalk for RSS with a focus on a user rather than a machine process. You can take data from multiple sources, mangle/transform, and plop it back out again for general consumption via RSS. Quite interesting, in fact it gets me thinking about some other similar ideas…

Wednesday, April 22, 2009

Microsoft StyleCop - What is it? And what about FxCop?

I have been in many discussions about how to ensure a certain level of predictability and quality in source code. For those that haven't already discovered it Microsoft StyleCop brings to the table a new offering to complement FxCop in the land of static code analysis. It is important to understand that StyleCop is not a replacement for FxCop and that the two can (and should) live together harmoniously.

Here is a snippet from the initial release (full text here)

"We are very excited to announce the release of a new developer tool from Microsoft, Source Analysis for C#. This tool is known internally within Microsoft as StyleCop, and has been used for many years now to help teams enforce a common set of best practices for layout, readability, maintainability, and documentation of C# source code."

Securing Microsoft Code - CAT.NET & AntiXSS

In the past, securing custom written code has been typically an afterthought and usually not accounted for in the design of an application. These days, securing an application is not only critical for avoiding potential lawsuits, but also more widely accepted as worth investing resources into. With the advent of this new mindset and the fact that security has drawn such widespread attention from the media, we find ourselves (developers mostly) being asked to address potential security threats before code is placed into production.

We arent necessarily given any more time to create our applications, but yet we are expected to ensure they are secure. So how do we accomplish this? Well, a number of tools exist out there to analyze an existing (or in development) application by performing a surface scan of the applications endpoints e.g. Accunetix. However, what about addressing the security aspect as we write our code, or better yet, what about some libraries of code that we can include to make our applications secure without having to do additional work? In comes Microsoft to the rescue with some new offerings.

Managing Cross-Site Scripting Using CAT.NET and AntiXSS

Wednesday, April 15, 2009

Sharepoint & Visual Studio 2010 Development Preview

I just came across an excellent video demonstrating the new sharepoint development environment supported by Visual Studio 2010.

Most notable is that we should finally be able to build, debug, and deploy sharepoint artifacts (web parts etc) as easily as a simple web application. Here are the highlights:

1) Extended Server Explorer - enables a detailed hierarchical view of a sharepoint instance (similar to the functionality provided for a SQL Server instance) allowing you to view the currently deployed webparts, lists etc. There are also other related enhancements like the Package View - similar to solution View but detailing the deployment structure of a solution.

2) Project Template Support - additional template types specific to sharepoint. You no longer have to figure out what a sharepoint solution needs - VS does that work for you.

3) Deployment enhancements - like what you may have seen with Biztalk deployment and also VS for Database deployment - one-click deployment experience. This is a huge step above the seemingly endless mess of manual intervention (and learning) currently involved.