I've written quite a few functional designs over the years and I've found that for users needing to validate it having visuals is key. In most cases prospective users don't understand what they really get until they see screens. On the opposite side of the spectrum telling developers what to do also is much easier with a screen, especially when you are debating what would be the best and most efficient (coding wise) way to give a user certain functionality. In these situations just getting a piece of paper and draw is the best you can do. The last few years I've done this on and off on my tablet. I can sketch on it, but the results are often so poor to see (and read!), that I can't possible put it in a functional design. This is where a good mockup tool comes in.

A good mockup tool should make you feel like you are drawing, but provide you with predefined controls to make your job fast and easy. Recently I came across Balsamiq Mockups, which is simply jaw dropping. Let's start with the result, which looks pretty much like a hand drawn thing. At first glance that may not seem like a big deal, but it is. It states clearly "This is a mockup, the actual thing may look different". If you give a user something that looks like a screen shot, that is what to expect to get. With this they know it will look differently when it is done, and this also makes it much easier to debate your choices and come up with better ideas (to quote David Platt, "Thy User Is Not You", so they will come up with stuff you didn't even dream about).

Ok, so the result is great, what about getting there? Well, that's a piece of cake, really. Balsamiq is as intuitive a tool as I've seen and I was able to create a pretty complex screen in about 10 minutes. There's a bunch of commonly used controls (and some less common), and you can easily find what you need. Also, you can download tons of additional controls from http://mockupstogo.net. Placing, moving, resizing etc. is all very easy because of the snapping support. Want to see for yourself? Look here.

The last things that I find refreshing is the licensing model and fee. It only costs $79 for a single license, and that comes with updates forever (and they update frequently, so they say). Because the tool is already so good, this means you can use it for years, without having to worry about support or having to get a new version.

This is just a great tool. I am sure I will be using it often.

Just a few days ago Moonlight 2.0 was released. Moonlight is an open source Linux implementation of Silverlight. Moonlight 2.0 should be compatible with Silverlight 2.0, but it also already supports some Silverlight 3.0 features, such as writeable bitmaps, some out-of-browser functionality, and the Silverlight 3 pluggable media pipeline (source: ARS Technica). For us this is very interesting, because we are working on a project involving Silverlight which will run in a public website. The client was worried about the possible reach, and this at least opens the door. According to Microsoft 60% of the PC's in the Netherlands now have Silverlight installed, so this is good news for our client.

Recently we moved our projects to a new TFS server. This means that all workspaces link to the old TFS, and you will get the error message "The path [path] is already mapped in workspace [workspace]" when you try to add a new reference to a project you've already worked on. I keep running into this every once in a while, because we develop from virtual machines and we have different ones for different projects. I also keep forgetting what to do, so this is partly a message to self.

You can solve this by opening the Visual Studio command prompt and typing:

tf workspaces /remove:[projectname]

If you want to remove all of them (which is the case when switching to a new TFS), you can use a wildcard, like this:

tf workspaces /remove:*

Thanks to Gergely Orosz's post on the topic.

I've been reading parts of this book on and off for a long time, and I've pretty much read the whole book and some sections more than once, so it is time for a review (even though this is an "older" book).

If you're a software developer, this is a must read. It gives you a kick in the head about what you should think of when you develop software. The examples David Platt uses in this book are very striking, and will make you think about what you've built yourself. You may feel embarrased sometimes and think "I did that too, shame on me!" However, in the end it will make you a better developer. Platt shows very well that IT is no longer about technology, but about the people operating the technology.

This book is also a fun read. Platt has a good sense of humor, and in some cases the stories he tells themselves are pretty hilarious. The only downside of the book is that at some point repetition kicks in. The message is clear, so you want to move on, but there are still more examples explaining the same thing.

We're doing a project where were talking to non-.NET web services and this means that sometimes we have to see what the exact message looks like. In case you ever need to do this: a MessageInspector will not (always) be suitable for this. This is particularly the case where you're using a certificate to sign the message. Signing happens after the MessageInspector is invoked, so it will just show you the unsigned message. One thing you can do is setup a URL you can post to that logs the incoming message as is. We have a "service" like that available to all developers, because it is a quick and easy solution that doesn't require installing additional tooling or modify code. Another option is to configure message logging (see the MSDN article Recommended Settings for Tracing and Message Logging).

At my company we we're looking at creating a generic STS that does not require Active Directory Federation Services 2.0, and we were also thinking about putting it up on CodePlex. Dominick Baier from Thinktecture beat us to it with StarterSTS. He's also posted some webcasts on how to use it. Good stuff, so instead rolling our own, we'll be using/extending this one.

A while back I blogged about testing VirtualBox. At the same time we've tested Windows Virtual PC, and it's been disappointing pretty much across the board:

1. It doesn't run on our company's Lenovo T61's, which displays some vague error message. Since most of our developers have a T61, this means they can't use it at all. Virtual PC 2007 and VirtualBox run fine, so it isn't clear why WVPC can't. We have some different machines where it does work, so we went on testing on those to see how well it works, in case Microsoft steps up and fixes the T61 problem and starts supporting 64-bit guests. See the remaining points for my experience...
2. The integration features of WVPC suck. Even something simple like dragging a file from the guest to the host or vice versa doesn't work. The reason is that with Integration Mode enabled, you're actually connected to the guest through Remote Desktop Connection. Microsoft has done this to leverage some of the advantages of RDP (as Ben Armstrong explains), but IMHO they should find a different way to do so.
3. Starting/stopping a guest takes forever, and renders my laptop inoperable while doing so. With VPC 2007 hibernating or restoring a hibernated VPC with 1.5 GB of memory takes several tens of seconds, but I can easily use all other applications while doing so. WIth WVPC just restarting a hibernated image tages 3-5 minutes and during that time my other applicaties are pretty much frozen. I can get a cup of coffee (if I'd drink coffee), eat a sandwich, and go to the John, during the wait. I have no clue why this works as bad as it does, because VPC does this perfectly fine.

The only thing that's been a positive experience is the performance once it has started. That said, I can't really tell if VPC 2007 or VirtualBox work better or worse, so I can't even praise WVPC on this point.

So for now it is back to VPC 2007, with our final decision on switching to VirtualBox postponed until we really need 64-bit support.

On a side note, we've been trying to get the open source version of VirtualBox working, and that appears to be quite a challenge. There are no binaries, so you need to compile yourself. Even though we have a recent build, getting all the prerequisits is hardly possible. Some of the needed SDKs are no longer available. Our conclusion up until now: the open source version is  not really viable (at least for Windows), and possible only there for marketing reasons ("see, we do open source").

Windows Identity Foundation introduces a new ClaimTypes class. It contains predefined claim type URIs for claims defined by OASIS and Microsoft. In the WIF SDK project templates for a custom STS this ClaimTypes class is mixed with the one already in System.IdentityModel.Claims, which is rather confusing. So, what's the difference?

Functionally: None. All claim type URIs in Microsoft.IdentityModel.Claims.ClaimTypes are identical to corresponding types in System.IdentityModel.Claims.ClaimTypes. That said, Microsoft.IdentityModel.Claims.ClaimTypes adds a few new claim types.

Technically: Claim types in System.IdentityModel.Claims.ClaimTypes are defined as static read only string properties, whereas in Microsoft.IdentityModel.Claims.ClaimTypes the claim types are string constants.

My advice: for clarity always use Microsoft.IdentityModel.Claims.ClaimTypes.

Earlier this year I was pretty negative about the Azure story from Microsoft. My main gripe was that (from my perspective at the time) it was not a write-once, run-anywhere story, so you couldn't run your current apps in Azure without modification. I'm very pleased about what I've seen now from PDC. Microsoft has opened up Azure in many ways, giving you much more control over what's happening. In fact, you can get your own virtual machines and have complete remote admin access. Also, they've been really thinking about how to tie your existing hosting environment to Azure and vice versa. It will be possible to connect a web app inside Azure securely to a database server in your own data center.

I must say I'm impressed at how well Microsoft has listened to all the feedback about Azure. With all the changes they've implemented I feel that it has now become interesting for some of the services my company is implementing, whereas previously we weren't even considering Azure.

Windows Identity Foundation, formerly known as "Geneva", has shipped. I've been talking about Geneva/WIF on several occasions and I absolutely love it. It opens the door for a whole new realm of authentication/authorization scenario's. SharePoint 2010 will be the first Microsoft Product to support it, apart from the new Active Directory Federation Services 2.0, which was part of the development effort and was formerly known as "Geneva" Server. Be sure to check it out!

I've been a proponent of development inside virtual machine for years. At my previous employer I pretty much moved the whole dev-department from host based development to VM development in 2004 when Virtual PC 2004 came out. Up until now I've always been pretty happy with Virtual PC considering its cost-benefit ratio (it's free and only was only slightly less powerfull than paid offrings from other vendors). However, with Windows Virtual PC Microsoft has seriously dropped the ball. Where all hypervisor based VM software enables you to run 64-bit guests, Microsoft only supports that with Hyper-V on Windows 2008 Server. Since we're not letting our devs run Windows Server on their laptops for several reasons, this is rapidly becoming a problem. Windows 2008 R2 is not available in 32-bit and SharePoint 2010 will also not run in a 32-bit environment. Because of this we've been forced to look for alternatives. VMWare Workstation was our first bet, but it'll take converting all our current VHD images, and I was not really impressed by the overall performance and manageability. Today we started testing VirtualBox and I'm impressed. It'll run our existing VHDs natively, also those that use differencing disks. In fact, the media manager makes it very intuitive to work with differencing disks and shows you the disk hierarchy. It also runs very smoothly, even before installing the add-ons in the virtual images.

VirtualBox comes in a free open source version that you'll have to compile yourself (how hard is it for Sun to also post the binaries?). It lacks some features, such as USB support, but we don't need the additional features. Even so, we are still considering the commercial license just for ease. It's only $50 per machine, with $30 for a subscription (starting at 50 users minium, so not for us though). Unless Microsoft steps up its Virtual PC development and offers 64-bit support within the next six months or so, we will likely move to VirtualBox.

As many BizTalk developers we've been using the SSO (Single Sign On) database for more than just SSO. We've been storing configuration data in that database too. This used to be a work around, and we were using some custom tool to edit the entries in the SSO database. However, we recently learned that Microsoft has release an MMC snap-in to manage the values. You can download it here. Microsoft itself states this about the tool:

This tool provides the ability to add and manage applications, add and manage key value pairs, as well as import and export configuration applications so that they can be deployed to different environments.

That apparently means that even Redmond has "officially" accepted that SSO is used for configuration as well.

As an MVP I've had the fortune of being involved early in the VS2010 beta. Because the number of beta participants is relatively small in the beginning, Microsoft is able to have a much more interaction with the testing population and excplicitly goes out for feedback and discussion of some of the features. VS2010 is a great example of Microsoft putting that to good use. Something simple like the Add Reference dialog has improved greatly in VS2010, as Scott Guthrie explains here. I remember the discussion about it, because there were quite a few different ideas about what should come up first and what you use the most. As you can see, Microsoft decided that the Projects tab is the most likely to be used first, so I'm assuming most developers agree on that (I do anyway).

BTW, the rest of the series on VS2010 and .NET 4.0 provides a good overview of what you can expect of the new release.

Recently I found myself having to debug a large stored procedure that calls all sorts of sub-procedures. Also, the data set was rather large and it only failed sometimes. SQL Management Studio in this scenario isn't very helpful for several reasons:

• The number of PRINT messages that it'll show is limited, so if the error is out of range... tough luck.
• Even with PRINT messages it can be hard to pin down which statement is actually in error.
• Line numbers are never accurate.
• It seems View Dendencies sometimes misses out on dependencies.
• View Dependencies doesn't show the number of times a proc is called from another proc.

SQL Profiler, which also comes with SQL Server is a much better tool when it comes to pin-pointing the erronous statement(s), after which you can modify your code to show an error message that prints the values causing the hickup. When you use SQL Profiler, be sure to select more than just the default events. Click Show All Events and select all Error events, as well as the Stored Procedure events that show Starting and Completed of SQL statements with stored procedures. Then, once the root procedure is done, do a Find through the trace for "Error", and you can see exactly which statement is causing the error.

 

 

My company regularly works on public facing websites, and as such it is imperative we test the sites we create with most common browsers. Naturally that means at least Internet Explorer, FireFox, Safari, and Opera. With the last three we just download and install om some test (virtual) machine. With IE however this is somewhat more complicated (although not impossible to run different versions of IE side by side. However, Microsoft provides a set of Virtual PC images known as the Internet Explorer Application Compatibility VPC Image. These images enable you to test different versions of IE on different versions of Windows. These images have a limited lifetime (between 1-4 months), so you'll have to download a new set on a regular basis, but other than that this is really handy. The following configurations are available:

• Windows XP SP3 with IE6
• Windows XP SP3 with IE7
• Windows XP SP3 with IE8
• Windows Vista with IE7
• Windows Vista with IE8

Unfortunately these configurations are all en-US, so if you want to test with say a Dutch version of Windows, you'll have to create your own images (which is what my company has done, even for en-US).

Today http://orchard.codeplex.com/ went live. Orchard is an open source Content Management System that the folks from Redmond are working on together with the ASP.NET community, and which I've been following with much interest. Orchard is based on ASP.NET MVC, which means I'd favor it over something like Umbraco when it is mature enough. Why? Because this should mean that it blends easier with your regular development efforts, rather than having to deal with an entirely different templating technology. Umbraco for instance uses XSLT, and even though I wrote a book a about XSLT and my company is well versed in XSLT because we do a lot of BizTalk, it is troublesome for plain ASP.NET developers.

Keep in mind that Orchard is relatively new and a lot of scenario's are still not supported. But at the pace the team is going, you'll soon see more advanced stuff being possible. You can make yourself heard about what you'd like to see through CodePlex or through one of the sessions at TechEd or PDC this month.

Lately I've been making time to read more again, and I thought I'd share my findings. My most recent read is Solid Code: Optimizing the Software Development Life Cycle by Donis Marshall and John Bruno. My feelings about this book are mixed. On the one hand, it gives a good overview of software engineering practices. On the other hand, an overview is all that it is. It doesn't really do a good job at giving any details. That said, I think it is a good read for junior/medior developers to get a sense of all the stuff they should be aware of when building software. For senior developers and architects a quick scan to see if they have a gap somewhere is enough. From there you can explore books specialized at the topic(s) you need to know more about. Some of the topics covered include, design, testing, performance, scalabiltity, and security.

As an aside, I've read several books now that cover Agile development methodologies. What strikes me everytime is that the given examples are always about product development, and this book is no different. Product development and custom software projects however are very different. In product development you can work with fixed budget and fixed time, and cut features if either budget or time doesn't allow you to create them. Custom software projects can't do this as easily. Clients are not going to give you a bag of money and a schedule and say "we'll see what makes it into the final version". The client wants to know what he/she is going to get for the money they pay. This means that in custom software projects, you need to have a much more detailed view up front of what needs to be implemented. I'm not saying this precludes Agile development practices, but there is a certainly a difference at the start of the project, because a large chunk of the design work has to be done earlier in the project lifecycle.

Every once in a while (when I use a new dev environment) I hit this error:

Saving Changes in not permitted. The changes you have made require the following tables to be dropped and re-created. You have either made changes to a table that can’t be re-created or enabled the option Prevent saving changes that require the table to be re-created

Each time I forget how to fix this, so by posting here I know I'll never forget. Check Pinal Dave's blog post on this error (hint: it's in the Option menu). Thanks Pinal!

I was working on this little app I wrote a while ago and wanted to add some features requiring (de)serialization. So, I took the original class and made it a DataContract so I could use it with the DataContractSerializer. The class then looked more or less like this:

[DataContract]
public class MyClass
{
    List<Trip> m_Items = new List<Item>();

    [DataMember]
    public IList<Item> Items
    {
        get { return m_Items; }
    }
}

Serialization went fine, but when I tried to deserialize the same object, I got a null reference exception. Of course you say, you should have added a method tied to de OnDeserializing event, because the constructor of the object doesn't work and hence the m_Items field is never initialized. The code I added to solve this looked like this:

[OnDeserializing]
protected void Init(StreamingContext context)
{
    m_Items = new List<Item>();
}

To my surprise I still got the same exception. I finally figured out that the problem was the type of Items. It is was an IList<> instead of a List<>. To avoid tying a class to a specific implementation of a list, I usually use an interface, which is good practice in most cases... however, not when you want to do deserialization :).

At BataviaLabs we were debating coding guidelines the other day and came across this one: do you use #if or the ConditionalAttribute to indicate to the compiler if a method should be compiled. Let me elaborate...

If you have a method you only want to compile in a debug scenario, you have the following options:

1) Use #if DEBUG as shown below

class Program
{
    static void Main(string[] args)
    {
#if DEBUG
        SomeMethod();
#endif
        Console.WriteLine("End");
        Console.ReadKey();
    }

#if DEBUG
    internal static void SomeMethod()
    {
        Console.WriteLine("SomeMethod");
    }
#endif
}

2) Use the ConditionalAttribute as shown below

class Program
{
    static void Main(string[] args)
    {
        SomeMethod();
        Console.WriteLine("End");
        Console.ReadKey();
    }

    [Conditional("DEBUG")]
    internal static void SomeMethod()
    {
        Console.WriteLine("SomeMethod");
    }
}

The difference between these two methods is enormous. The first sample is very explicit. Any code you don't want to compile into the production build is placed between #if DEBUG and #endif. If you try to call SomeMethod in a production build, the compiler will give you a compile error. The ConditionalAttributeon the other hand doesn't require you to remove the calls to SomeMethod. If a method is marked [Conditional], any calls made to that method are removed from the build by the compiler. A proviso here is that [Conditional] only works with methods that don't return a value (i.e. void).

I much more prefer #if DEBUG, because it is explicit. I can't run into a situation where from reading the code I'm thinking "SomeMethod is being executed", but it actually isn't because the compiler removed the call. Comments anyone?

When testing a UI, especially a web UI, it is imperative you do so at all resolutions you expect your users to use. So, how do you size the browser to 1024x768 on a 1680x1050 screen? The answer is a little tool called Sizer. It allows you to set a window to a prefixed size or you can drag the window size and it will show the actual size as a tooltip.

I keep forgetting how to force the transaction log in SQL Server to shrink, so I'm posting here primarily so I know where to find the how to :). Often the log does not shrink when you try to shrink from SQL Managent Studio. The solution, before you shrink the database do:

BACKUP LOG <DatabaseName> WITH TRUNCATE_ONLY

Thanks to Pinal Dave for this one (see his post SQL SERVER - Shrinking Truncate Log File - Log Full)

We have an ASP.NET application that we normally run under Forms Authentication using the ASP.NET Membership API. For a particular client we changed this to using Windows Authentication instead. On the production environment, we were running into the following exception:

A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)

We checked all the connection strings the app uses... all good. Finally, we figured out what was wrong. We had removed the Membership section from web.config so it was going back to the default in machine.config. That setting uses the LocalSqlServer connection string, which we don't use. However, in the default machine.config, this points to the App_Data folder using SQL Server Express. In most environments, this wouldn't be an issue immediately, because SQL Server Express would just create the  aspnet database and use that. However, in a hardened environment SQL Server Express is either not there (our case) or has no rights to create the App_Data folder and/or place create a new database. ASP.NET doesn't know this... it just can't access the SQL Server instance it is looking for, hence the above exception.

I'm delighted to be speaking again at VSLive in June. This time at the Venetian hotel in Las Vegas. I'll being doing two sessions on Monday, June 8:

• Understanding Transactions in WCF, which deals with why, how, and when to use transactions in WCF.
• Advanced Access Control with WCF, which deals with claims based authorization and the Geneva Framework.

Over lunch I will be available for 1-on-1 Q&A, but if you run into me at other times outside my sessions I'm open for questions too.

Checkout the full conference agenda for all the great sessions and speakers at VSLive, Las Vegas. I can really recommend going there, because the sessions are great and the speakers very accessible. I also think the Venetian will be a great venue (I have never stayed at the Venetian, but I have been inside and it is definitly something to see).

Thanks to Microsoft for my new MVP Award. It is nice to get the recognition. A thank you is in order to the people that enable me to do the work that got me the award, starting with my wife Annette and my children Jarod and B'Elanna. They have a workaholic for a husband/dad, but don't complain about it (much). Others that receive a thank you are my partners at BataviaLabs who give me the freedom to write and speak at conferences, our team at BataviaLabs that help me code all my wild ideas, and the people that publish my articles and invite me to speak at their conference.

I read this post from Steven Martin at Microsoft and frankly I'm disappointed. Microsoft is not the only company building cloud computing services, but they have a clear advantage over most of the providers: they own the operating system. As such, a unique selling point would definitly be that they can provide you with cloud services, but also enable you to run your applications in your own data center without modifications. If I build an application for the Windows platform, I want to build it once and be able to run in on any server infrastructure. As it looks now, this is not possible. Once built for the cloud, it must remain in the cloud unless you refactor the application for use in your own environment. I really hope Microsoft sees that this is a mistake and that it will actually gain them clients if they allow this. There is another factor here and that's trust. I'd like to have a backup scenario in case Microsoft fails to deliver. With the Azure platform as is, there is no backup scenario. You either go for it full-blown, or you don't. It is my belief that many people will decide not to go with Azure in the first place because of this. In fact, I am now much more reluctant to tell my clients about Azure as an option.

Recently I encountered an exception related to System.Security.Permissions.FileIOPermission while trying to send email from ASP.NET (dasBlog actually). This has nothing to do with rights set on folders! It is a trust (code access permission) issue, and it will happen if your application is running under Medium Trust. Elevating the trust level will definitly help. From what I've read, defaulting to the system defined SMTP settings (i.e. removing any SMTP settings form web.config) will also work, but I have not tried this yet.

Thank you for all who attended my sessions in San Francisco. Below are the slides and samples for my sessions.

VTH4 - Understanding Transactions in WCF Slides (561.73 KB) | Samples (540.1 KB)

VTH16 - Supporting POX/REST with WCF Slides (369.58 KB) | Samples (302.82 KB)

VTH25 - Simplify WebPart (and Control) Development with WebPart Skinning Slides (359.85 KB) | Samples (447.66 KB)

The VTH25 samples include the full installer. However, be sure to change the uploadskinfeature.bat to point to the correct server. You can read more about the VirtualPathProvider I mentioned in VTH25 session here.

The wonderful folks at VSLive! have invited me again to do three sessions at their San Francisco event from February 23 to February 27, 2009. These are the sessions I'll do (all on Thursday 26):

• Understanding Transactions in WCF
• Supporting POX/REST with WCF
• Simplify WebPart (and Control) Development with WepPart Skinning

The first two are obviously about WCF. The last talk is primarily about SharePoint, but the discussed techniques will work with ASP.NET WebParts and WebControls as well.

I really like VSLive! because they have some great content and top tier speakers. The speakers (myself included of course) are also very accessible, because the event is not as huge as some of the other conferences these days. So if you intend to go to a conference this year, VSLive! is going to be worth your money.

Have you ever wondered if/when a transaction in WCF upgrades to the DTC? There two simple ways to check this:

1. Open Performance Monitor and add a new counter. Get the counter Active Transactions from the Distributed Transaction Coordinator section.
2. Open Component Services and go to My Computer in COM+. There is a folder for Distributed Transaction Coordinator, through which you can view the DTC statistics.

In both cases, you'll see the active transactions jump from 0 to 1 when a transaction upgrades to DTC. This happens when you cross a service boundary. If you just use a transaction within the service, WCF will stick to the Lightweight Transaction Manager as long as you stay within you AppDomain or access a single database (SQL Server 2005 and up).

For those of you that attended my sessions in Dallas, here are the demo's for

• POX/REST Strategies with WCF (194.22 KB)
• Understanding Transactions in WCF (396.18 KB)

If you attended the latter, you'll remember that I wrecked my prepared demo (note to self: never change configs just before a session). I finally figured out what was wrong. I changed some configuration on the server side and I thought I did the same on the client. Apparently I did not, because when I updated the service reference on the client it worked.

At a session about ASP.NET DynamicData at VSLive in Dallas, one of the attendees asked me about my thoughts of DynamicData becoming a part of ASP.NET MVC. I commented that currently DynamicData is very much based on the current ASP.NET paradigm of pages and controls, whereas ASP.NET MVC is not. ASP.NET MVC presents a new way of thinking to the ASP.NET world and I find it hard to believe that millions of developers will jump on the ASP.NET MVC bandwagon immediately after its release (let's face it, it hasn't even been released yet) and leave their old coding styles behind. You need to learn to think differently first. Also, if ASP.NET MVC becomes the primary ASP.NET paradigm, there is a whole lot of code that is still using ASP.NET the way most of us do at the moment. That said, ASP.NET MVC is very interesting.

Ok, so back to the original question. If you look at Scott Guthrie's post about the ASP.NET MVC Release Candidate, you'll see that there is scaffolding support on based on the model, instead of table based scaffolding using in ASP.NET DynamicData. The model based scaffolding enables you to create different views of the model in no time.This is very cool, because it provides you with way more control over what is happening than in DynamicData. And because it is based on the model, you're not tied to database objects, but rather to business objects. How you persist those is up to you.

I still think ASP.NET DynamicData and ASP.NET MVC are going to live side-by-side for quite a while, and that they will use concepts that were created for one or the other. The main reason for this belief is based on my earlier comment: I think ASP.NET MVC and ASP.NET "Classic" will run side-by-side for a loooooong time. I do feel that ASP.NET MVC ultimately provides us with more flexibility and will at some point become the more dominant paradigm.

 

At VSLive in Dallas last week I promised to follow up with a post about securing an ASP.NET Dynamic Data application. Your first concern is not exposing all the tables, so although it demo's well, never set ScaffoldAllTables to true. That however, does still not solve how you can provide read-only access to certain users, while providing edit access to others. The most elegant way to do that is at the Data Model level, using a custom security attribute. There's a great sample on how to do that on the Dynamic Data Samples on Codeplex. The specific sample you want is Secure Dynamic Data.

If you don't want to spend the time to understand how security at the Data Model works, you can also just use ASP.NET Roles to secure specific parts of your site. Since securing folders/files that way has been around since ASP.NET 1.x, that should be easy enough :). There is a gotcha though: you cannot secure dynamic folders. In other words, a Dynamic Data path /SomeTable/List.aspx is not securable, because SomeTable is not an actual folder. With three simple steps you can get around this.

Step 1: Create a folder corresponding to a specific role, for example "Readers".

Step 2: Create a web.config in that folder limiting access to the role(s) you want to give access.

Step 3: In globas.asax, route the tables and actions that apply to the specific role to that folder, like this:

routes.Add(new DynamicDataRoute("Readers/{table}/{action}.aspx")
{
    Constraints = new RouteValueDictionary(
        new
        {
            action = "List|Details",
            table = "EvaluationSubjects|Reports",
        }),
        Model = model
});

 

I will be speaking at VSLive! again, this time in Dallas from 8 until 11 December. I'll be doing the following sessions:

• Introduction to ASP.NET Dynamic Data (Tuesday 9 December, 11:15 AM)
• POX/REST Strategies with WCF (Thursday 11 December, 1:45 PM)
• Understanding Transactions in WCF (Thursday 11 December, 4:45 PM)

VSLive! is a very nice and relaxed event with great content. So it's a great opportunity to learn new stuff and new people. If you want to attend the Dallas show and see me speak, you can get a $300 discount by entering the discount code SPVAN. I hope to see you there.

I've been working on a small Windows Mobile app and I had a really weird problem. While working in the emulator everything worked fine. However, when I deployed it to my Smartphone (HTC S710), it didn't show the labels. Textboxes etc. worked fine, but the labels didn't show up, no matter what I did. Some of the things I tried:

• redeploy
• changing the font of the labels
• making sure there was no overlap between labels and textboxes

It took me about an hour to get it working. I went into the settings and because there wasn't anything about screen/font settings I finally looked at those of the startup screen (option 4), thinking that this didn't have anything to do with my app. As it turned out the culprit was a color scheme that I downloaded from the Windows Mobile site called EarthView.

I while ago I created the control shown below. It acts a multi-select ListBox from the API perspective, but works by selecting items and moving them over. Pretty much all elements can be styled, such as the headers, the ListBoxes and the buttons. I'd love to have one with some JavaScript that allows drag-n-drop, but that's too much work for me. Feel free to copy and extend the source code(3.15 KB).

I run a a development team and we're working on some functionality that we're likely going to share between different projects. The problem is that part of the functionality are some adminstration pages that we want to be able to develop separately, deploy as part of customer's. The requirements we have are roughly the following

1. We can version the pages separately, so that when we patch the shared functionality, we don't have to rebuild/redploy the entire site.
2. We don't have to copy files from one project (the project with shared functuionality) to another (the project that is customer specific).
3. In our source control the customer's website is really a separate project and not a branch of the project with shared functionality.
4. The administration pages should be themed to the customer's site and additional admin pages may be added custom for the customer's website.

The best way, we figured, was to deploy the shared functionality as a seprate assembly, similar to a precompiled website. A precompiled website however is one thing, AFAIK you can't dump two precompiled websites into the same application. I did figure out a way to deploy the site as an assembly, by putting the admin pages inside an assembly as an embedded resource. We then pull the pages out using a VirtualPathProvider. There are great implementations out there using the VirtualPathProvider, such as serving a website from a ZIP-file and from a database (which is what SharePoint does).

If you don't know what a VirtualPathProvider is, let me quickly fill you in. When ASP.NET gets an aspx page for the first time, compiles that page and stores the result in a system directory. Only when you change the file will ASP.NET recompile the page. Now, the file system that ASP.NET gets the page from is virtualized, which means that ASP.NET does not know how the underlying file system is implemented. By default this is the normal Windows file system, but you can create a provider that uses another storage mechanism. As long as it works just like the file system, this will work fine. You can use a database, XML file, ZIP file, web service, or whatever as the underlying file system. All you have to do is create a few classes, including an implementation of the VirtualPathProvider, register the provider in global.asax, and you're off. The great thing is that because you're supplying ASP.NET with the page, your page benefits from ASP.NET (pre)compilation. This means that if you build a CMS with content in a database, the database is only hit the first time the page is requested and the content is compiled into the page.

So, what we can do is put the aspx pages inside an assembly as an embedded resource and serving the pages from there. Because the pages are inside a regular .NET assembly, it can be linked into a project and be updated when there is a patch, without affecting the application's it is contained in. All we have to do is redeploy the assembly. It sounds a bit weird, but it actually works, as you can see in the attached demo (51.54 KB). Be aware that this is really just a demo. It is just meant to prove it works. The logic to get directories is flawed (which has something to do with the fact that directories are not preserved in embedded resources), and possibly more is. However, you can access the following pages:

• \AdminHome.aspx
• \Default.aspx
• \NewFolder1\HTMLPage1.htm (only works in VS webserver or IIS7 in integrated mode)

Default.aspx is kind of funny, because the code behind class is compiled in the class and the page itself embedded. Enjoy!

I've now read several books on SharePoint development, such as Developer's Guide to the Windows SharePoint Services v3 Platform , Microsoft harePoint 2007 Development Unleashed, and Programming Excel Services. I've found each of these books lacking, particularly the last two. The Unleashed book is more a reference than anything else and especially in the more advanced topics I really didn't find what I was looking for, which is not what you'd expect from an Unleashed title. The Excel Services book is a disappointment if you are looking for good information about Excel Services. If you want to learn to develop WebParts it is quite good however. In that sense the book has been completely misnamed. I hope that my next pick will be better (that said, two of the three books were given to me).

I just moved my blog to a new server and in the process did a long overdue upgrade of dasBlog. Unfortunately now all download links fail and some images are missing. I will be correcting this, but if you find a link/image that doesn't work, please drop me a line. Thanks.

Jeff Prosise made a nice blog entry about hiding the root node in the SiteMapPath-control. Some people, like myself, experienced an issue when the current node and the root node ar actually the same. Somehow the check that should avoid that issue fails. I believe because the current node is in fact a clone of the current node, and as such not equal to the current node (i.e. root node) itself. To get around this, I have changed the code somewhat to do the check on the actual nodes. The body of the HideRootNode-method is now as follows:

// Return root node in case this is the root.
if(SiteMap.RootNode == SiteMap.CurrentNode) return SiteMap.CurrentNode;

// This is not the root node, so rebuild path without root.
SiteMapNode node = SiteMap.CurrentNode.Clone();
SiteMapNode current = node;
while (node.ParentNode != SiteMapNode.RootNode)
{
    node.ParentNode = node.ParentNode.Clone();
    node = node.ParentNode;
}
node.ParentNode = null;
return current;

Thanks to Jeff for his original insight. It saved me a lot of time.

Log4net is a great tool for logging in a .NET application and everything is well documented. Finding what you need can be a pain though. If you checkout the configuration manual, you read about all the appenders and a little about the pattern of the message that is logged. You can set that pattern if you want. What they fail to provide however is a reference of the tokens you can use in a pattern (for instance %exception). They only show a sort of default pattern. After digging for about 10 minutes, I finally found the list within the SDK reference. It would be great it someone were to add I direct link to there from the configuration manual.

Visual Web Developer 2005 has a great feature for graphically impaired people like myself. In a page you could go to the Layout menu and select Insert Table. The dialog then had all sorts of table templates (see picture). In the 2008 version this dialog (in fact the entire Layout menu) is gone and replaced by a run-of-the-mill insert table dialog. Why on earth did Microsoft take this out?

I've been doing stuff with LINQ to SQL for a while now and there's one thing that keeps bugging me: Proper exception handling. IMHO LINQ to SQL should encapsulate the database. I mean, I don't care which database (SQL Server, Oracle, whatever) I'm working with, but if I call SubmitChanges on the DataContext, I'll get a SqlException if it fails on the database. I know that currently LINQ to SQL only supports SQL Server, but the model is just as valid for any other (relational)database. To my surprise there is no LinqException or something that encapsulates the SqlException, so now I have to write code that is aware of the fact that I'm dealing with SQL. You can of course solve this by using the Exception Handling Application Block, so you don't deal with specific exceptions in code, but it still feels funky.

Recently my latest (Dutch) book was released, titled XML - de basis. For that book I did an interview with Chris Lovett from the Microsoft XML Team. Below is the unedited version of that interview. There's a lot of cool stuff in the interview which I unfortunately had to cut for the book, because otherwise it wouldn't fit the number of pages available for the interview. Fortunately, my blog doesn't have that limitation :).

Please tell us who you are and what you do.
My name is Chris Lovett, and I’m an architect on the Data Programmability Tools team in SQL Server, and I work on XML tools that ship in Visual Studio. As an architect I do lots of different things including: hands on product development on the XML editor in Visual Studio 2008 “Orcas”; cross-group collaboration to make sure all our tools fit together; playing with other concepts like XML Notepad; and thinking about and communicating our strategy and future directions for our technology.

How long have you worked for Microsoft and what did you do before your current position?
I have worked on pretty much every XML core technology from Microsoft starting with MSXML in 1997, then to System.Xml in the .NET frameworks v1, and 2 and for the last few years I’ve been focusing on building XML tools in Visual Studio – for example, I was the primary developer on the XML editor in Visual Studio 2005. Before Microsoft I worked at IBM on OS/2 applications, then I joined the IBM Apple/IBM joint venture called Taligent, then I started my own company in Sillicon Valley with a bunch of friends from Taligent during the height of the .com boom and that’s what led me to Microsoft. A lot of the .NET Framework works with XML in some form or another.

Why is XML such a key component and what were the challenges you faced because of that?
For one thing the .NET frameworks were designed during the peak of the XML hype curve J, but more seriously, many folks at Microsoft were waking up to the fact that not everything had to be buried in code. Some things could be very neatly described at a higher “declarative” level and HTML showed the world that “markup” is a great way to do that. So XML became the way to specify configuration information (.config files), and build information (MSBuild files), and setup information (WIX), object remoting with SOAP, and security permissions and so on. All of these domain specific uses of XML were then supported by our core System.Xml classes. It’s interesting to note that even those teams that didn’t swallow XML back in .NET v1.0 are fixing that, for example, we have the new AJAX work from the ASP.NET team and we have XAML in the Windows Presentation Framework (I’m a huge fan of WPF by the way. I’ve done a lot of UI development in the last 20 years and I have to say WPF totally rocks). So XML is touching everything from database, management, communications, content publishing and now even into the user interface layer. I was amazed at the last PDC just about every talk showed some snippet of XML somewhere during their talk.

I remember when we started XML at Microsoft most people thought we were crazy. The biggest challenge was convincing people the cost of parsing and storing verbose XML tags was worth it and our team has been working on performance, and scalability ever since. But the technical challenges are easy to overcome. The real reason XML become a key component of .NET, (and Windows, and SQL Server and Office) is because it achieved true cross-platform interoperability and because it was good enough for that job, which leads to the next question…

What do you (personally) like the most about XML and its associated standards?
Simplicity, cross-platform interoperability and huge adoption. The great thing about XML is that it is humble. It’s not trying to solve world hunger. Just invent your own tags, group them into structures that make sense for your domain and viola. It is very simple and it is this concept that helped HTML take the world by storm. XML then improved on HTML by providing a clean separation between data and UI. It brought MVC to the masses so to speak.

The other day my 12 year old son was all excited and just had to show me what he discovered. He was editing Age of Empires XML files to tweak the behavior of the game using Notepad. I asked him how he knew that he could do that and how he knew the XML syntax. He didn’t know what “syntax” meant, but he knew how to edit XML ! Then the same week my doctor was all excited when he heard I worked on XML because he was involved in a software purchasing decision at our local hospital and it came down to their level of XML support. I couldn’t believe my ears.

The funny thing is that most programmers don’t really like XML. Probably because it doesn’t use curly brackets J, so most programmers treat XML a bit like the ugly duckling. But the reality is that the whole world gets markup – to them markup makes our programming world more approachable. There are still way too many programmers that don’t get this.

What would be your #1 tip to people learning XML, XML Schema, XSLT and XQuery?
First of all I would say that XML 1.0 is the foundation. A must have. Can’t go wrong there, learn it, and learn how XML encoding works – that’s the number one issue people have with XML 1.0 – people don’t take the time to understand how UTF-8 encoding works which is a pretty important foundation to XML. Don’t worry too much about DTD, because we now have XML schema.

XML Schema (XSD) is a layer on top of XML 1.0. When you need a way to describe your XML structure in “standard contract” XSD is handy and most importantly – it’s there and it’s a standard. So don’t re-invent the wheel, but I’m not going to say that XSD is the be all and end all of data modeling, because it isn’t. A lot of things are missing, which is why people had to invent things like Schematron, and why Microsoft is working on EDM and SML and so on. Model driven development is now on the peak of the hype curve so I expect that modeling will be a battle ground for a long time to come. So take a pragmatic approach to XSD - use it if it fits your purpose. Some folks use other modeling approaches then have a tool that spits out the XSD – and that’s fine too.

Same goes for XQuery and XSLT – I think of these as being yet another layer above XSD. We did XSLT and XQuery because we figured that XML is data therefore people will want ways to query and transform that data. Makes sense, and I’ve done a lot of XSLT development, I still use it for specific tasks, but some things are a bit tedious. I find myself escaping to script a lot. XSLT 2.0 is a good improvement, but again, these things are not going to be the be all and end all of query and transformation languages.

For example, I’m a huge fan of the work they are doing in VB 9 with XML literals connected to our new Language Integrated Query (LINQ). It makes a lot of sense, because instead of having to “escape” to script, you just write the code you need right there in place – you have a complete general purpose programming language at your finger tips. VB-XML integration is big leap forward for VB programmers and allows those developers, who may not be as familiar with the standard XML technologies like XSLT, to easily process XML data inside their programs. It’s a huge advantage to the VB programmer and we think it helps make VB an extremely compelling language for XML programming – it makes me want to write VB again, and I’ve heard many others say the same thing. However, it is VB-specific so development teams that need cross-platform interoperability at the query/transform layer are likely to stick to the standard technologies like XSLT and XQuery.

There’s a very interesting tension going on here where general purpose languages like VB and C# are moving up into declarative space with LINQ but not going all the way into declarative, versus SQL, XQuery and XSLT which are fully declarative with no side effects, which are therefore more optimizable, but sometimes rather incomplete as programming languages go and rather hard to author in some cases. I really don’t know how it’s going to end up. I think we should continue innovating on both approaches and see what happens. It should be very interesting.

As for all the myriad other XML standards out there, there’s a lot of hype that you have to sort though. To me it’s a funny thing to see programmers going to town making XML more complicated with layer upon layer of new concepts. I remember going to a conference and people were telling me “stop! – we can’t take any more”. There is genius in simplicity. I’m glad to see the renewed focus on simple REST-ful XML based services for this reason. If simple works, why complicate it. Conversely, if it isn’t simple, chances are people just won’t use it.

What can we expect from Microsoft in the future in the XML arena? Will support for XQuery 1.0 and XSLT 2.0 become part of Microsoft’s offering?
Microsoft is a pretty big place, so it’s hard for me to know all that is going with XML across the company. But I do know about .NET, Visual Studio and SQL server. As I’ve mentioned before we are shipping the XML support in Visual Basic 9.0 with XML literals, XML axis properties and integration with LINQ to XML. LINQ to XML is our API which we are adding to the XML runtime in .NET 3.5, it is a new XML object model that is designed to work well with the Language Integrate Query capabilities of C# and VB. We are also shipping some cool new features in the XML tools in Visual Studio 2008, including an incremental parser with extensibility API based on LINQ to XML that 3rd party XML designers can build on. We are also adding data breakpoints in the XSLT debugger and we have a new command line tool named “xsltc.exe” which takes XSLT and generates a .NET assembly which you can then deploy with your app instead of the XSLT source so you don’t have to compile XSLT on the server. Anton Lapounov has a great blog that talks about that. There is not much else new in the System.Xml runtime because Visual Studio 2008 is essentially a service pack release of the .NET 2.0 runtime, so we’ve fixed some bugs there. We are also working on some XML features in Silverlight and we put up a preview of our LINQ to XSD work on MSDN. We are working on a new XSD designer and you will see a CTP on MSDN pretty soon.

As for XQuery, you probably know we have a subset of XQuery already supported inside SQL Server. We currently have no official plans that we can announce on a client side XQuery engine but we are definitely interested in expanding client side query processing. LINQ offers a path to this (for both relational as well as XML). ESQL provides another client-side investment. We are open to customer feedback on the relative importance of client side XQuery compared to all these other possibilities. Meanwhile we are doing some XQuery improvements in SQL Server 2008, adding LET, better datetime support, and lax validation.

As for XSLT 2.0 - we’ve heard from customers and understand the improvements in XSLT 2.0 over XSLT 1.0, but right now we’re in the middle of a big strategic investment in LINQ and EDM for the future of the data programming platform which we think will create major improvements in programming against all types of data. But we are always re-evaluating our technology investments so if your readers want to ramp up their volume on XSLT 2.0 please ask them to drop us a line with their comments.

Meanwhile I was rather surprised by the positive feedback to my little XML Notepad 2007 tool. It now has over 1 million downloads and is still going strong. Not bad for a couple weeks work and no marketing. So something about this tool hit the sweet spot. The interesting thing there is it reaches out to the non-programmer community and I think that is the key and it has the right balance of simplicity and usability. A Swedish customer said it is “logam” – just enough. I think you should expect to see more from Microsoft in the future that helps to make XML something that everyone on the planet can deal with easily and in a way that integrates deeply with everything else Microsoft provides.

As the XML hype is wearing off, folks are realizing that not everything that made it through the standards process needs to be implemented. So I think you will see Microsoft continue to innovate on new XML technologies and tools like LINQ to XML and VB 9.0 XML and you’ll see Microsoft taking a more pragmatic customer-demand-driven approach to standards. Microsoft will probably never implement every standard that comes out but I’m confident you will see Microsoft continue to be committed to the really important XML standards, like XML 1.0, and any other standard that is essential to achieving cross-platform interoperability, including Open XML. There is enormous power in the cross-platform reach of XML and the huge industry adoption it has and I’m happy to see that Microsoft is continuing to do some really innovative work with XML.

For those interested in the demo of Using Windows Workflow Foundation in ASP.NET, you can download it here (269 kb). Note: this is the demo with the "double bookkeeping". The request/response inside a workflow isn't stable enough yet for release.

For those people interested in the demo's I did in the session Create Scalable Apps with Async Processing at VSLive! this week, you can download here (600 KB). To "install" the demo's, create a Visual Studio solution with two websites (one for each folder in the zip file). Run the web service to get a port number, then update web.config in the AsyncPages folder so that web services reference that port number (or take the port number currently in web.config and set the web service to run on the specified port). Enjoy!

I'll be at VSLive! in Las Vegas next month. On Tuesday, October 16th, I'll be speaking about two topics:

• Using Windows Workflow Foundation in ASP.NET
• Create Scalable Apps with Asynchronous Processing

The first is an introductory session about Windows Workflow Foundation (WF) and adresses how to deal with WF in ASP.NET. Because WF is not request-response by nature, this is more challenging than you would think. The second session discusses ASP.NET 2.0 Async Pages and Handlers and shows you how to use this with web services and databases.

Hope to see you there!

MOSS 2007 has it's own theming engine, separate from the ASP.NET theming engine. A downside of the MOSS approach is that you require an IIS reset to change a theme. Not very nice, so we wanted to use ASP.NET theming instead. This however causes problems with all pages in the _layouts folder, because they don't have <header runat="server" />. That tag is necessary, because ASP.NET needs to add CSS references and such to the <head> tag. Without that tag you receive the following error message:

Using themed css files requires a header control on the page

The solution is to define no theme for the pages in the _layouts folder. Since the pages in that folder are mainly dialog-type screens for SharePoint operations, this is not a problem from a look & feel perspective. That said, there are situations where you create your own pages and put the in the _layouts folder. For those pages you can apply a theme, providing there are no (MOSS) webparts and such on the page. In web.config this would look something like this:

<location path="_layouts">
  <system.web>
    <pages theme="" />
  </system.web>
</location>
<location path="_layouts/MyCustomPage.aspx">
  <system.web>
    <pages theme="MyTheme" />
  </system.web>
</location>

Last year I wrote a book (in Dutch) about ASP.NET 2.0. For that book I did an interview with Scott Guthrie, General Manager of the .NET Developer Platform group at Microsoft. In the book the interview is of course translated and also edited to fit the book. Below is the original unedited version.

Who are you?
My name is Scott Guthrie. I am the General Manager of .NET Developer Platform group within Microsoft, which means I run the development teams that build the CLR, .NET Compact Framework, ASP.NET / Atlas, Windows Presentation Foundation (aka Avalon), Windows Forms, IIS 7.0, Commerce Server, and the Visual Studio development tools for ASP.NET and WPF.

How long have you worked for Microsoft, and in what did you do up to becoming General Manager?
I’ve been at Microsoft for 9 years.  I’ve been focusing on frameworks, tools and servers for developers pretty much the entire time.  Prior to my current role, I ran the teams that built ASP.NET, IIS 7.0, and Visual Web Developer.

You are generally seen as the (co-)creator of ASP.NET. How was ASP.NET conceived and where did you get the ideas from?
We actually started the ASP.NET project in late 1997 and early 1998.  At the time ASP was still relatively new, and we initially weren’t sure whether there was anything left to-do in the web space (little did we know)!  We then spent a lot of time talking with developers and customers using ASP and quickly realized that there were a lot of things left to resolve. 

Some specific issues/requests that came up again and again from customers: provide the ability to write much cleaner code that provided good code/content separation (rather than mixing code up in the HTML), provide the ability to write applications using a variety of coding languages (and not just VBScript and Jscript), deliver a more robust execution environment (avoiding memory leaks and crashes that could bring down the server), provide a much cleaner configuration/code deployment model, deliver a built-in security architecture, enable built-in output caching support to improve scalability, and more.

A colleague of mine (Mark Anders) and I spent about 2 months brainstorming ideas about how we could build a programming model that delivered all of this.  Eventually we decided we needed to put together a prototype to try out the concepts, and I ended up coding it up over the Christmas and New Year’s holiday in 1997/98 (I was a hardcore geek then <g>).   We showed off the prototype to a lot of people within the company, built a lot of excitement, and got the go ahead to build a team to deliver it.

What are the main differences between ASP.NET 1.x and ASP.NET 2.0?
We spent a lot of time working with customers to identify where they spend their time writing code today within web applications, and then worked to add new features in ASP.NET 2.0 to help simplify these tasks dramatically.  Some examples: Master Pages allow you to easily define a consistent layout across your site/application, the new Membership/Roles API provides an easy way to manage users/passwords/roles and allows you to build flexible secure application in only a few minutes, the new GridView/DetailsView/DataSource controls enable you to easily provide data entry and editing views on top of data (including 3-tier data access support), Web Parts provide the ability to enable portal-style layout within any page and enable drag/drop end-user customization that works both in regular ASP.NET applications and SharePoint solutions, Localization support has been added to make it much easier to build multi-lingual applications that can adjust at runtime depending on the culture/language of the incoming user, SQL Output Caching enables developers to output cache any content within a site and have it automatically be invalidated and re-generated when backend data changes on a site (dramatically improving performance), Site Navigation and Menu controls make it much easier to build menu structures and navigation across your sites, Health Monitoring makes it easier to monitor how your application is doing once it is deployed, and there are many more features I could keep calling out.

If you could give one tip to people learning ASP.NET 2.0, what would it be?
I’d recommend spending time on the new http://www.asp.net web-site in the “Getting Started” and the “Learn” sections.  We are putting out several new videos and tutorials each week on the site that help show how you can take best advantage of new features with ASP.NET.  These can make it significantly easier to take full advantage of the platform and build great applications.  I’d also recommend subscribing to my blog: http://weblogs.asp.net/scottgu.  I try and post 1-2 tips/tricks a week that you can use.

What do you (personally) think is the coolest feature of ASP.NET 2.0?
Master Pages is probably the most popular feature that virtually everyone takes immediate use of – so in terms of popularity that is probably the coolest.

I think the new ASP.NET 2.0 AJAX Extensions product we are shipping later this year is also really, really cool (note: this was formerly codenamed “Atlas”).  This will provide a free, fully-supported AJAX library with suite of ASP.NET 2.0 server controls that enable you to easily add AJAX functionality to your ASP.NET 2.0 sites. 

What are the long term goals for ASP.NET, and what will we see of that in the coming years?
The next release of ASP.NET will have a lot of great additions.  You will see even richer support for the AJAX Extensions built-into the next release, as well as much richer support for building more interactive user experiences that take full advantage of the browser.

You’ll also see ASP.NET take advantage of the new LINQ technologies that are coming out with .NET, and which will enable really rich data modeling and mapping support with code which will dramatically improve the productivity of working with data.  When LINQ is combined with the ASP.NET 2.0 GridView, DetailsView and other data controls, you have a tremendously easy and powerful programming model for building AJAX enabled data applications.  I’m really excited to see the applications people build with it.  It is going to be a very exciting future!

I've been working with ASP.NET 2.0 for a long time now and I thought I'd seen most of it. Today I found something that must have flown under my radar all this time: the Health Monitoring API. Functionally this API is similar to log4net and the Enterprise Library logging Application Block. Although both of these work well I prefer functionality that comes "out-of-the-box", because you don't have to do anything to get it, it works, and your pretty sure it'll be kept up to date by the folks in the product team(s). So even if you're using another logging mechanism, be sure to check out the Health Monitoring API. How To: Use Health Monitoring in ASP.NET 2.0 from the  Pattern & Practices group is a good starting piont.

Thanks to all that came to my sessions at VSLive in Orlando on Tuesday, and thanks for the great feedback. Below are the demo's for the two sessions. Updated slides decks will be made available on the attendee website.

• Creating Scalable Apps With Asynchronous Processing (66,94 KB)
• Using Windows Workflow Foundation in ASP.NET (268,41 KB)

Some of you asked which tool I used to demo the perf difference between sync and async (demo 1). Although you could use perf tools that come with VS2005 I used Application Center Test (ACT) that comes with Visual Studio 2003, because it is very easy to setup and shows nice graphics (which was most important for this demo). You can also use the free Web Application Stress Tool. The ACT script I used was (substitute "slow.aspx" with "slowasync.aspx" for the async test), with 50 browser connections:

Randomize()
If Rnd(10) < 5 Then
    Test.SendRequest("http://testserver/Demo01/Fast.aspx")
End If
Test.SendRequest("http://testserver/Demo01/Slow.aspx")
Test.SendRequest("http://testserver/Demo01/Fast.aspx")

Note: I've run this test in several setups with different hardware. In my Orlando session I showed numbers from ACT on the host to the web in a VPC. In my San Francisco session ACT was on a Dell D600 with the web running in a VPC on my Dell D800, which is a better way to test (in the Orlando setup ACT is drawing perf from the same CPU). The async perf is much better (even in percentages) with the SF setup. Be aware that there are a lot of variables: CPU capacity, memory, and last but not least... network interface. In another test setup I hardly saw any difference between sync and async. Why? Because the network was the bottleneck :(.

I've always felt that SVG wouldn't make it into the mainstream. Flash does about everything SVG does and is available on 99.9% of the desktops. In addition there are scores of Flash developers/designers out there. The only thing SVG had going for it was the support of Adobe, but I always thought they were in it because SVG was a potential Flash-killer. With the acquisition of Macromedia, Adobe doesn't need a Flash-killer anymore. In fact they probably wished SVG never saw the light of day. Last year Adobe anounced that they will discontinue their SVG Viewer browser plug-in, saying that SVG is a mature technology and that there are loads of mature implementations now. The directory of SVG viewers tells us otherwise. Now that Microsoft has put forward Silverlight, a Flash (and potentially HTML) killer, the future of SVG looks pretty grim. The two companies that in the past would benefit most from the rise of SVG now both would like SVG to be a thing of the past.

Download the demo's here (34.39 KB)

During the session I promised to give put a sample here about using delegates for asynchronous processing, but what's the use if you can just read it on MSDN: Calling Synchronous Methods Asynchronously. Again, be aware that you shouldn't use this in ASP.NET!!! This is for console, desktop, and Windows Services only! In ASP.NET this would exhaust the thread pool pretty fast.

Download the demo's here (85.85 KB). If you want the slides, send me an email.

If you want to do the AspCompat demo, don't forget to register the VB6 component from the command line with regsvr32.

We were recently faced with the error message The project file ' ' has been renamed or is no longer in the solution in Visual Studio 2005. The problem is that from this message you have no idea what is actually the matter. We finally figured out that this happens when a Web Project contains references to assemblies or projects it can't find. Here's how you solve this:

1. Right click the Web project and select Property Pages.
2. A window will open which lists all the references, either to the bin-folder, GAC or other projects in the solution.
3. Remove those that show (unavailable) behind it.
4. Chances are that now you can't build because the reference is not there. Simply add the reference again and you should be OK.

I've been invited to speak at VSLive in San Fransisco ASPLive from March 25 to March 29. I will be doing two sessions on ASP.NET:

• Understanding Multi-Threading (in ASP.NET)
• Creating Scalable Apps with Asynchronous Processing

The first session takes a closer look at the fact that ASP.NET is a multi-threaded environment and what that means for us (web )developers. The second session looks at asynchronous pages, handlers and modules, to increase the scalability of our apps without adding new hardware. For more information checkout the session abstracts on the VSLive site.

I hope to see you there.

Since January 1st Slovenia is using the Euro, so all e-commerce need to change to the euro. More accurately, the culture settings for Slovenia in Windows need to be changed. Unfortunately there is no patch available yet for Windows and you can't change the settings through the Configuration Panel (it'll change back automatically). Until the patch arrives, the following code can remedy the situation:

CultureInfo culture = (CultureInfo)Thread.CurrentThread.CurrentCulture.Clone();
culture.NumberFormat.CurrencySymbol = "€";
culture.NumberFormat.CurrencyPositivePattern = 2; // € 19.95
culture.NumberFormat.CurrencyNegativePattern = 12; // € -19.85
Thread.CurrentThread.CurrentCulture = culture;

This changes the culture settings at thread level. Adding this to Application_BeginRequest in global.asax works like a charm, but don't forget to check the initial culture first...

For some reason the traffic on my blog has exploded. Not from regular users, but because of Trackback and Pingback. The log is full of requests to these to services. I have turned them off, because I don't have the time to fix it (if I felt like doing it in the first place).

UPDATE: I figured out why my traffic jumped. My blog was victim to a spam attack, which added numerous trackback URLs. Unless I figure a way out to get around that (or Dasblog has), I'm not turning on trackback ever again.

When you make columns invisible in a GridView-control the values in those columns are ignored when doing an update. If the update function, stored proc, or whatever expects these values (particularly when you use CollisionDetection="CompareAllValues"), the update will fail.

The solution:
- Add the names of the invisible columns to the DataKeyNames-properties separated by a comma, so the values are available.
- Create an event handler for the GridView.RowUpdating and add the code below. This copies all "key" values to the old and new values so the update will work.

IDictionaryEnumerator restoreOldValues = e.Keys.GetEnumerator();
while (restoreOldValues.MoveNext())
{ 
   e.OldValues.Add(restoreOldValues.Key.ToString(), restoreOldValues.Value.ToString());
   e.NewValues.Add(restoreOldValues.Key.ToString(), restoreOldValues.Value.ToString());
}

I was looking for something totally different, but came across this article on the Oracle Technology Network about the differences between PHP and ASP.NET. First of all I was sort of puzzled by the obvious pro-PHP stance taken by Oracle (at least in this article). I expect Oracle to be biased towards Java, which their product line supports, but as far as PHP and ASP.NET are concerned they're just web technologies and both can use Oracle. As long as Oracle is used, what does Oracle care which of the two technologies is used? Secondly the pro-PHP bias I mentioned is very obvious if you look at the comparisons of speed and security. PHP faster than ASP.NET? I don't think so... and most tests seem to agree with me. The argument Sean Hull uses is that ASP.NET is much bulkier when it comes to the actual code being executed. Maybe so, but the CLR compiles and optimizes that plenty. Then when it comes to security Sean Hull comments that ASP.NET runs on IIS, which according to him must be qualified as unsafe because of its history. He goes on to comment that Apache is much safer. I guess he forgot to check the latest stats on securityfocus.com and secunia.com. The number of vulnerabilities in IIS6 found in its entire existence is 3 (or 5, depending on how you count), compared to the 32 (or 39) found in Apache 2.x during rougly the same period I would say IIS looks pretty good. Looking at the same timeframe (2003-2006) even IIS5 has had less vulnerabilities (14). 3+ years is quite a long time when it comes to the web, so history in that sense gives the edge to IIS, not Apache. Looking at the stats that is, the sentiment (or perception if you will) is still that IIS is (or could be) unsafe. I guess the time it takes to change someones perception is longer than 3+ years, so I guess Microsoft must battle perceptions that are nog longer justified.

One of the great things about a DataSet, from a code generation perspective that is, is that it is defined in an XML Schema with some added features for TableAdapters and such. I wrote a very simple code generator that takes a DataSet definition and an XSLT stylesheet and generates a code file. I also made it possible to call an XSLT stylesheet for each table in the DataSet so I could create Data Transfer Objects and such from the table definition. I had some trouble to get it going though because of a namespace issue. The namespace that you expect to be the default namespace isn't in actual fact as I'll explain with the following fragment:

<xs:schema id="TrackingTracingDataSet"
           targetNamespace="http://tempuri.org/MyDataSet.xsd"
           xmlns:mstns="http://tempuri.org/My.xsd"
           xmlns="http://tempuri.org/MyDataSet.xsd"
           xmlns:xs="http://www.w3.org/2001/XMLSchema"
           xmlns:msdata="urn:schemas-microsoft-com:xml-msdata"
           xmlns:msprop="urn:schemas-microsoft-com:xml-msprop"
           attributeFormDefault="qualified" elementFormDefault="qualified">
  <xs:annotation>
    <xs:appinfo source="urn:schemas-microsoft-com:xml-msdatasource">

From the above fragment you would think that the default namespace is http://tempuri.org/MyDataSet.xsd, because the default namespace is declare with the statement xmlns="http://tempuri.org/MyDataSet.xsd. The actual default namespace is however defined in the source attribute of xs:appinfo element, so the default namespace is urn:schemas-microsoft-com:xml-msdatasource.

Recently one of my collegues was trying to create a Web Setup project for an application in VS2005 and he commented "I can't add the Primary Output of the application to the setup, just the content." This is where VS2005 (or actually ASP.NET 2.0) differs from VS2003, so I explained that this was normal behavior and that his application didn't need to have an application assembly because ASP.NET 2.0 compiles everything on the fly. His reply was that you wouldn't want to have your source code sitting in the production enviroment, and he is absolutely right. The solution to this is precompiling your applications with aspnet_compiler.exe. This packages all your files, inlcuding the contents of your .aspx files in an assembly which is used to run the site. The .aspx files are still there, but these are just placeholder files with no contents. By default the .aspx files can't be edited (well, you can but that doesn't change what is sent to the browser), but this can be controlled. Checkout the MSDN article How to: Precompile ASP.NET Web Sites for Deployment on how to use aspnet_compiler.exe. For a complete rundown of precompilation see ASP.NET Web Site Precompilation.

Updated August 13, 2006 to reflect Sander's comment.

On my old blog (in Dutch) I commented that I thought the WindowsImpersonationContext was clumsy and I wrote a replacement that you can use as follows:

Console.WriteLine("Current user: " + WindowsIdentity.GetCurrent().Name);
WrapperImpersonationContext context = new WrapperImpersonationContext(domain, username, password);
context.Enter();
// Execute code under other uses context
Console.WriteLine("Current user: " + WindowsIdentity.GetCurrent().Name);
context.Leave();
Console.WriteLine("Current user: " + WindowsIdentity.GetCurrent().Name);

Recently a visitor noted that the code wasn't quite right (missng a view using statements, and I found some other small issues. The correct code (including namespace references) is below. It takes care of all that nasty calls into the Win32 API. The one thing you need to be aware of is that it requires permissions to call into a DLL (i.e. run unsafe code), which is why I added the attributes that indicate this. Unfortunately that renders this class useless in a hosted environment, unless you strong sign the assembly and pursuade the host to allow your assembly to run in Full or High trust. This however is a problem you will run into regardless your use of this class. As soon as you call LogonUser you need at least High trust. If this is something that should be possible under lower trust by default it's up to the folks in Redmond to add this functionality to .NET and handle it as such.

using System;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Security.Permissions;
using System.ComponentModel;

public class WrapperImpersonationContext
{
   [DllImport("advapi32.dll", SetLastError = true)]
   public static extern bool LogonUser(String lpszUsername, String lpszDomain,
   String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

   [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
   public extern static bool CloseHandle(IntPtr handle);

   private const int LOGON32_PROVIDER_DEFAULT = 0;
   private const int LOGON32_LOGON_INTERACTIVE = 2;

   private string m_Domain;
   private string m_Password;
   private string m_Username;
   private IntPtr m_Token;

   private WindowsImpersonationContext m_Context = null;

   protected bool IsInContext
   {
      get { return m_Context != null; }
   }

   public WrapperImpersonationContext(string domain, string username, string password)
   {
      m_Domain = domain;
      m_Username = username;
      m_Password = password;
   }

   [PermissionSetAttribute(SecurityAction.Demand, Name = "FullTrust")]
   public void Enter()
   {
      if (this.IsInContext) return;
      m_Token = new IntPtr(0);
      try
      {
         m_Token = IntPtr.Zero;
         bool logonSuccessfull = LogonUser(
            m_Username,
            m_Domain,
            m_Password,
            LOGON32_LOGON_INTERACTIVE,
            LOGON32_PROVIDER_DEFAULT,
            ref m_Token);
         if (logonSuccessfull == false)
         {
            int error = Marshal.GetLastWin32Error();
            throw new Win32Exception(error);
         }
         WindowsIdentity identity = new WindowsIdentity(m_Token);
         m_Context = identity.Impersonate();
      }
      catch (Exception exception)
      {
         // Catch exceptions here
      }
   }

   [PermissionSetAttribute(SecurityAction.Demand, Name = "FullTrust")]
   public void Leave()
   {
       if (this.IsInContext == false) return;
       m_Context.Undo();

       if (m_Token != IntPtr.Zero) CloseHandle(m_Token);
       m_Context = null;
   }
}

 

This is a great tool that helps you create a sound threat model of your application, leading to a more secure application. Do yourself a favor and download it.

See Scott Hanselman's blog for details (no use repeating his post): http://www.hanselman.com/blog/FreePowerShellIDE.aspx

You can watch the top sessions (including Gates') on It's Showtime, as is the case with sessions from TechEd and other events.

I think Microsoft has made a smart move in renaming WinFX (including .NET 2.0) to .NET 3.0 (see blog post by Soma Somasegar). First of all there was a lot confusion about what .NET and WinFX are, and secondly WinFX is often confused with WinFS (the new file system). Us developers can all do with a little less confusion finding out way through development technologies.

I recently downloaded the Windows Workflow Hands On Labs for WF beta 2 and found the samples to be less than perfect. For instance the state management example (Lab 04) doesn't even build because there are some workflow fields set to private instead of public. Remedy that and the application will run. Not that it'll help... it crashes almost immediately. Looking at the code I can see that it is not beta 1, but I assume that it is pre-beta 2. This is a big disappointment because I'd like people within my company to do the labs to get to know WF. I hope the WF team tests and debugs the current hands on labs and puts out a new download that works well with beta 2.

Since I started as a programmer, I have hardly ever developed Windows applications. I mostly did web and components, GUI stuff is not my can of beans. That said, I do want to keep tabs on what's happening in with Windows GUI development, so I bought Programming Microsoft Windows Forms (a streamlined approach using C#) by Charles Petzold. I can tell you it was not the type of book I expected. What I expected was to learn how to build Windows applications, using a database and so on. Basically everything you need as a beginner to start developing full fledged apps. To my surprise the book is actually JUST about the GUI. There is the least amount of "clutter" of stuff that is not related to the GUI. In addition the whole book is setup so you can develop with just Notepad. The result is that the book has a very clear build up to how Windows Forms actually works. As such it was an enjoyable read for me.

The recent post by Scott Guthrie on Localization in ASP.NET 2.0 made me realize that most developers I know (myself included) don't know that much about localization. That's kind of ironic because I live in The Netherlands where the primary language is definitly not English. You would expect that in countries like that localization would be a big issue. It is not (well not here anyway).

Yes, it was bound to happen sooner or later, and now it has. I finally started a blog... well, I already had one, but it was only in Dutch. This time around I am bilingual, although chances are pretty huge that the Dutch and English content won't match. For now I've set the default language (or category actually) to English, under the assumption that I will do most posts in English... we'll see.