James Kovacs' Weblog

Browsing Posts published by james

Security in ASP.NET 2.0

2005-10-21 No comments

Many of the new features in ASP.NET 2.0 are meant to simply common tasks in web development. How many of us have dragged two labels, a pair of text boxes, a checkbox, and a submit button onto an .ascx and hooked everything up to create a Login control? Now the Login control and its helpful counterparts like LoginStatus, LoginView, etc. are part of the toolbox along with wizards to hook up with wherever you’re storing your user information. (And there was much rejoicing…)


There are other new security features in ASP.NET 2.0 that simplify common tasks. Dan “Security Man” Sellers has been busily blogging about some of these cool new features. I would highly recommend:


Security Trimming and Site Navigation: Need to filter your menu based on the permissions of the logged in user? ASP.NET 2.0 does this for you now. (N.B. You’ll still want to protect the pages using Forms Auth. Not showing unavailable options makes for a nice UI experience, but not a secure site does it make.)


Challenge Questions and Password Reset: Forgotten your password? Let’s reset it and email it to you after you answer the challenge question. This is standard fare for many websites and is now available out of the box. Dan lets you in on the magic necessary to make it all work.


ASP.NET 2.0 Provider Model: Dan points you to some great resources on learning the new provider model. As an architect, this is something I really need to spend some time wrapping my head around. At 120 pages worth of information, it should give me lots to read on the bus ride to/from the office.


Dan has got more great stuff coming down the pipe. So be sure to tune in. Subscribed!

ASP.NET none

NHibernate 1.0 Released!

2005-10-15 No comments

The NHibernate team has released version 1.0 of its excellent object-relational mapping (ORM) framework. NHibernate is a .NET port of the popular Hibernate framework seen in many Java projects. For those of you unfamiliar with ORM, you describe the mapping of your object model to your database using a meta-model, which for NHibernate is stored in XML. Once you’ve got the meta-model in place, you simply ask NHibernate to fetch a Customer. NHibernate crafts up the appropriate SQL (including any required joins) to fetch the data, populates the customer object, and returns it back to you. (NHibernate can do a lot more than this for you including ensuring that commits of multiple objects are done transactionally.) You might be worried about the SQL that NHibernate creates, but it is efficient. One of the developers has asked that if people encounter inefficient SQL, send it to the team and they will try to resolve it.


Congrats to the entire NHibernate team on reaching such a momentus milestone in your project!

.NET General none

Member of the Calgary .NET User Group Executive Committee

2005-10-12 No comments

Daniel Carbajal asked me to join the Executive Committee for the Calgary .NET User Group and I gratefully accepted. I’m looking forward to deeper involvement with this great group of folks to continue to build a strong .NET community in Calgary.

Miscellaneous none

Tools of the Trade slidedeck posted

2005-09-29 1 comment

Thanks to everyone for coming out to the Double Header last night. I enjoyed presenting to the Calgary .NET User Group again and look forward to presenting to the group in the future. I have posted Tools of the Trade: Must-Have .NET Utilities. Links to all the tools are included in the presentation. (Some of them were rather long. I don’t know about you, but I just love typing GUIDs into my address bar.) :-S


As for the second presentation, Microsoft Integration Technologies: When to Use What, I’ll have to look into whether I can get permission from Scott Woodgate and/or Microsoft to post it here.

.NET General, .NET Tools, Presentations none

Joining Allstream

2005-09-21 2 comments

I have joined Allstream as Leader of Application Development. (Don’t worry – I’m staying in Calgary.) With the new position, you’ll be seeing me much more frequently on the speaking circuit as I talk about .NET technologies and how to apply them to development in the ISV and enterprise.

Miscellaneous none

Calgary .NET User Group Double-Header!

2005-09-21 No comments

I’ll be presenting a double-header at the Calgary .NET User Group on Wednesday, September 28, 2005 from 6-9pm. It will be hosted at the University of Calgary, ICT Building, room ICT122 (http://www.ucalgary.ca/map/). Pre-registration is required on the User Group website. Hope to see you there!

Tools of the Trade: Must-Have .NET Utilities
The number of .NET development tools available is extensive and can be quite daunting, but there are a few that should be in every developer’s toolbox. James will examine a wide range of freely available tools including “The Holy Trinity” (NUnit, NAnt, and NDoc), source control, continuous integration, static and dynamic code analysis, debugging, and related tools. The talk will include numerous demonstrations as well as discussion about the practical application of these tools to a development project.

Microsoft Integration Technologies: When to Use What
Ever wondered when to use which integration technology? In this session understand the technologies in the Microsoft platform targeted at Integration including: MSMQ, Indigo, SQL Server Service Broker (SSB), Host Integration Server (HIS), BizTalk Server (BTS), SQL Integration Services (SSIS) and SQL Server Replication. Get a handle on the core use-case for each of these technologies, check out hello-world demos, and see it all happen inside Visual Studio .NET 2005. If you want to understand the breadth of technologies and when you should use which – come to this session.

Presentations none

New AB.NET season starting up

2005-09-20 No comments

The Alberta .NET User Group is starting a new season and this one is kicking off with a former collegue of mine, Ron Matyjanka, presenting one of my talks, Tools of the Trade – Must-Have .NET Utilities. Pre-registration is required, which you can do on the AB.NET website. If you can’t make Ron’s talk, I’ll be presenting an updated version of Tools of the Trade – Must-Have .NET Utilities at the Calgary .NET User Group in the near future. I’ll post details here when the time and location have been firmed up.

.NET General, .NET Tools, Presentations none

Grokking JSON and AJAX

2005-09-20 No comments

There’s a lot of flurry around the web these days over JSON (JavaScript Object Notation) and AJAX (Asynchronous JavaScript and XML). Steve Maine has a great piece comparing JSON to XML and looks at the problems that the technology has ahead of itself based on the pains that XML has overcome in the past. Recommended!

ASP.NET none

Catching Exceptions in Windows Forms apps

2005-09-20 1 comment

Another thing that’s been kicking around for awhile and I figured it was time to persist to long-term storage. Here are the three top-level places in a WinForms app where you absolutely need exception handling routines to ensure that all exceptions are caught:



  1. try/catch around Main()
  2. Attach a System.Threading.ThreadExceptionEventHandler to Application.ThreadException
  3. Attach a UnhandledExceptionEventHandler to AppDomain.CurrentDomain.UnhandledException

Note that simply having a try/catch around Main() is insufficient as you will not catch exceptions that occur during the execution of event handlers or asynchronous callbacks.

.NET General, WinForms none

Windows Explorer sucks less today (for me) too!

2005-09-16 No comments

Scott Hanselman recently blogged about how Internet Explorer was spontaneously disappearing on him. Coincidentally in the past week or so, I recently had the same problem start to happen. Windows Explorer just started to disappear for 5-10 seconds and then reappear. This would happen a few times per day. I was guessing that it wasn’t spyware or malware because I’m careful about what I install on my box and I also run as a non-admin. So the chances of infection are slim.


So I fired up Autoruns and took a look. Given Scott’s suspicions above about something inproc with IE, I decided to start there. Rather than adopting a scorched earth policy, I decided to start disabling the browser helper objects. COmeaHelper Object for Omea Reader (by JetBrains) – guessing those guys know what they’re doing. Leave it alone. IeCaptureBho for Google Desktop Search – guessing those guys know what they’re doing too. TamperIE by Bayden Systems – cool program, but probably less well-tested than the other two. Let’s try disabling that one. Guess what? Explorer hasn’t disappeared on me for days.


Thanks, Scott, for pointing me in the right direction. I would also concur with Scott that [Windows|Internet] Explorer both run more stably when you’re not running other crap in their memory space. The same is true for Windows. From what I’ve read, most blue screens are not caused by crappy Microsoft software, but by misbehaved drivers trashing the kernel memory space. Windows made a huge leap forward in stability when they required drivers to be verified and signed. (By “required” I mean that the user doesn’t get an annoying pop-up box noting that the driver hasn’t been verified.)

Miscellaneous none
Powered by WordPress Web Design by SRS Solutions © 2024 James Kovacs' Weblog Design by SRS Solutions