Wednesday, November 18, 2009

WCF RIA Services

What is WCF RIA Services? Well it is .NET RIA Service renamed, to more accurately represent the communications framework that is being used.

See: WCF RIA Services aka .NET RIA Services now available

The MSDN Doc page: http://msdn.microsoft.com/en-us/library/ee707344(VS.91).aspx

Get Started with WCF RIA Services: http://silverlight.net/getstarted/riaservices/

Silverlight 4 Beta Available

Get the news here: Silverlight 4 Beta : The Official Microsoft Silverlight Site

Silverlight 4 development will require Visual Studio 2010.

Visual Studio 2010 can be installed side-by-side with Visual Studio 2008 SP1. Please read the known issue on installing Visual Studio 2010 if you already have the Silverlight 3 SDK installed.

Silverlight 4 on MDSN: http://msdn.microsoft.com/en-us/library/cc838158(VS.96).aspx

What’s New (partial listing)

Printing (finally): Silverlight 4 adds printing support that allows developers to control whether their Silverlight application can print itself, how the content is formatted when printed, and determine the content that will appear. For example, you could add a print button to your Silverlight application that opens the Print dialog allows the user to choose the printer, and then prints the Silverlight content.

Implicit Styles: Silverlight 4 introduces new styling features that allow you to create a style as a resource that can be used implicitly by all elements of a target type. This allows application developers to customize the look across multiple instances of a control and modify the appearance of these control instances by changing the implicit style.

Right Mouse Click: Silverlight 4 adds the ability to right click a visual element to perform custom actions such as displaying a menu that provides contextual commands or invoking commands for a Silverlight game.

Programmatic Clipboard Access: Silverlight 4 adds the ability to programmatically access the clipboard to format and modify data during copy, cut, and paste operations. To copy data from a Silverlight application to the clipboard use the Clipboard.SetText method

Silverlight as a Drop Target: Silverlight 4 now supports being a drop-target for the common drag-and-drop practice of clicking on a virtual object and dragging it to a different location or onto another virtual object. Both Windows and Mac platforms support this feature. Silverlight only supports dragging of file(s) from local client and dropping them onto a Silverlight application. It does not support dragging of folders (directories).

ObservableCollection<T> Constructor Accepts IList and IEnumerable (yay!): Silverlight 4 also can take advantage of new constructor overloads that allow it to initialize an ObservableCollection<T> from an IEnumerable or IList.

More can be found on Tim Heuer’s blog: http://timheuer.com/blog/archive/2009/11/18/whats-new-in-silverlight-4-complete-guide-new-features.aspx

Wednesday, November 11, 2009

RIA Services : The Official Microsoft Silverlight Site

Brad Abrams announced last week that Microsoft has launched an official community site for RIA Services.

You will see that the latest version available of RIA Services is still the July 2009 CTP.

I expect to see a new release next week at PDC.

RIA Services : The Official Microsoft Silverlight Site

Thursday, July 9, 2009

Silverlight 3 released and available for download.

See Mary Jo Foley's piece here.

Also, tomorrow is the launch for SL3 and Expression 3. It starts at 10 AM PDT I am told - that's 1 PM on the East Coast.

Go to www.seethelight.com tomorrow to enjoy all the silvery goodness.

Wednesday, June 24, 2009

Entity Framework CTP 1

The ADO.NET team at Microsoft has released an update to EF since the Beta release of VS2010/Net4.

They are calling it Entity Framework Feature CTP 1. Some of these features are not scheduled to be in .NET 4 when it releases, so if you want them, download the CTP and give them feedback.

Microsoft OracleClient Deprecated in .NET 4.0

From InfoQ:

Microsoft announced System.Data.OracleClient will be deprecated after .NET 4.0. Classes in the namespace will be marked obsolete in .NET 4.0 and removed from future releases. OracleClient is the ADO.NET provider for Oracle developed by Microsoft and shipped as part of the .NET Framework Class Library.

Part of the reasoning for this decision is the increasingly availability and improvements of 3rd party ADO.NET data providers for Oracle. There have been significant performance improvements and enhanced multi-version compatibility among the popular Oracle providers:

Saturday, June 13, 2009

Caliburn v1 Release Candidate available

Rob Eisenberg has a blog post in which he details the important changes since the beta release of Caliburn.

What is Caliburn?

Caliburn is a toolkit to help you build Silverlight and WPF applications that are compliant with a number of UI design patterns (MVVM and Command Pattern being the relevant ones for me).

I’ve been working with Prism for a few weeks and now I have to figure out how to get Prism and Caliburn to play nice together.

Tuesday, June 9, 2009

.NET RIA Services V1 Roadmap

Dinesh Kulkarni, from the RIA Services team, has published a roadmap for RIA Services. No guarantees here, but they hope to release a beta at PDC in November. The next CTP will be in July.

It's a bit disappointing to me. I had heard a rumor that RIA would release with Silverlight 3 in July. Perhaps it referred to the CTP. According to the roadmap, they are making changes to the underlying protocol (moving to ADO.NET Data Services), so you know that will take a lot of time.

Highlights from his post:

kick it on DotNetKicks.com

July 2009 CTP

  • This is a preview, not the V1 release. We plan to drop go-live restriction from EULA – still use it at your own risk.

  • Try to get significant known breaking changes (the ones we don’t know about will come later)

  • Feature enhancements (e.g. code-gen hookpoints to add your custom code, improved library support, better shared code support, query for singletons, cleaner user model and better extensibility support for Application Services etc.)

  • Usual fare of bug fixes, API improvements etc

  • Enable a first set of better together experiences with  ADO.NET Data Services (add a DomainService to Data Service for writing app logic / expose DomainService as DataService)

PDC 2009 Beta

  • Additional core feature work (list TBD, under consideration – hierarchy support, presentation model)

  • Work on Visual Studio 2010 / .NET 4 support

    • Drag-drop support for databinding

    • Run in medium trust

  • Move to ADO.NET Data Services as the underlying protocol

First part of 2010: RTW

  • Polish beta release (bugs, perf, stress, security, localization, …)

  • Small design changes / tweaks

  • Keep up with changes in other products

A note on Platforms and tools

  • In each CTP, we will be keeping up with corresponding public Silverlight drops as and when they are scheduled (sorry, I don’t have that schedule)

  • For RTW, we are planning Visual Studio 2010 / .NET 4  as the primary story. Support for previous version TBD (depends on feedback about relative importance / cost / options)

Friday, May 22, 2009

Will Visual Studio 2010 put Expression Blend out of business?

Not according to Jesse Liberty.

You will want Blend 3 for its terrific designer and animation capabilities and VS for its development capabilities. Microsoft is trying to make these tools the best for their target audience, rather than one tool that does everything merely adequately.

The other point Jesse makes: Because it is a few months old at this point, the Blend 3 beta won't work with .NET 4 projects yet. If you want to work on projects in VS 2010 and Blend 3, create them as .NET 3.5 projects.

Good news and bad news for Silverlight 3 development

According to this post by Tim Heuer, the good news is that you can install the Silverlight 2 and 3 SDKs with Visual Studio 2010 Beta 1. You will get multi-targeted Silverlight development (i.e., either Silverlight 2 or 3) and an editable design surface.

Do not install the Silverlight 2 or 3 Tools packages, it won't work on VS 2010. And the Silverlight Navigation App template is not included with the SDK, only with the tools package.

You also need to install the Silverlight 3 Beta Developer runtime.

The bad news: .NET RIA Services will not install on VS 2010 Beta 1.

Monday, May 18, 2009

Visual Studio 2010 (.NET 4.0) Beta 1 released

The first Beta release of VS 2010 is available starting today for MSDN subscribers.

There is a great write-up on Jason Zander's blog -
http://blogs.msdn.com/jasonz/archive/2009/05/18/announcing-vs2010-net-framework-4-0-beta-1.aspx

Highlights:

  • New templates and tools can be downloaded from VS Gallery within Visual Studio.
  • Support for TDD
  • dynamic keyword for Office programmability
  • many VB language improvements (I won't go into them 'cuz I'm a C# guy)
  • many improvements to C++ support (again, not my bag)
  • F# included with VS 2010
  • improvements to the WPF editor
  • Silverlight editor now built-in
  • HTML snippets for ASP.NET coding
  • JavaScript IntelliSense improvements
  • JQuery included
  • Team Arch does standard UML now. I'm not big into UML, but I find Sequence Diagrams pretty useful.
  • Architectural Explorer lets you browse through your Namespaces and view the structure of your app; then generate Sequence Diagrams automatically. Looks cool.
  • Test Plan management improvements ("Camano", now called Microsoft Test and Lab Manager, will be available as a scaled-down VS edition)
  • TFS improvements: branch management, visualizations, drag-drop merging.

Wow. I am looking forward to a test-drive.

.NET RIA Services minor bug fix release - May 2009 Preview

See the announcement on Brad Abrams blog - http://blogs.msdn.com/brada/archive/2009/05/11/net-ria-services-may-2009-preview.aspx

Brad states that the Go Live for .NET RIA Services will be right around the time that Silverlight 3 releases.

Thursday, May 7, 2009

Authorization Strategies for the Business Layer

It's tempting to design a Business Layer that accepts User identity information and attempts to authenticate and authorize the user. However, security is a cross-cutting concern, and as such, should not be intertwined with your business logic.

kick it on DotNetKicks.com

The strategies presented here will extract the authorization component from the business logic and embed it as a separate concern within the Business Layer. I'm going to ignore the authentication function, and focus on determining what authority an authenticated user has to call functions in the Business Layer.

Two-step Business Layer Factory

try
{
using(IFactory factory = AuthenticatedFactory.New(user, pw))
{
IOrderProcessing processing = factory.CreateOrderProcessing();
return processing;
// or
// container.RegisterInstance<IOrderProcessing>(processing);
}
}
catch (AuthenticationError e) { }
catch (AuthorizationError e) { }
finally
{
// clean up
}



The authentication is done in the AuthenticationFactory. If the AuthenticationFactory has dependencies on a data layer or LDAP provider, you can trade in the static New method approach for a dependency injection approach:



public class AuthenticatedFactory 
{
public AuthenticatedFactory(IDataLayer dataLayer)
{
DataLayer = dataLayer;
}
// more code
}



Get your factory this way:



using (IFactory factory = container.Resolve<AuthenticatedFactory>())
{
factory.User = user;
factory.Password = pw;
// get the business layer
}



Fine-grained Authorization using Sub-classes



One strategy for the Business Layer is to have coarse-grained authorization to the BusinessLayer. The user is either allowed to access that particular Business Layer, or an AuthorizationError is thrown. To make the access more fine-grained, the IOrderProcessing class that is returned can be tailored to the privileges that the authenticated user has. In either case, the factory method CreateOrderProcessing with determine the access level for the user.



For example suppose the IOrderProcessing interface offers three methods: LookupOrder(), EnterOrder() and ApproveOrder(). There are three levels of access: managers can access all three, clerks can access the first two, and salespeople can only access LookupOrder(). This can be accommodated by four classes and the factory determines which to return to the application.



public class NoAccessOrderProcessing : IOrderProcessing
{
public virtual Order LookupOrder() { throw new AuthenticationError(); }
public virtual void EnterOrder(Order o) { throw new AuthenticationError(); }
public virtual void ApproveOrder(Order o) { throw new AuthenticationError(); }
}

public class SalespersonOrderProcessing : NoAccessOrderProcess
{
public override Order LookupOrder() { /* code here */ }
}

public class ClerkOrderProcessing : SalespersonOrderProcessing
{
public override void EnterOrder(Order o) { /* code here */ }
}

public class ManagerOrderProcessing : ClerkOrderProcessing
{
public override void ApproveOrder(Order o) { /* code here */ }
}



This approach has the advantage of removing the authorization logic from the business logic, but it embeds the authorization logic in your class hierarchy. The designer of the business logic will need to be aware of the authorization model at design-time. However, if you know that the functions permitted to each role are going to be static, this approach has merit.



Single business class with Static-bound delegates



An alternate approach uses indirection through delegates. This strategy will move the logic entirely out of the class hierarchy and into the Factory class. The public methods on the business layer will call delegates that are, by default, set to the methods that perform the actual business logic. The Factory can disable certain methods by setting the delegates to null prior to handing the business layer object to the application.




public delegate Order LookupHandlerType();
public delegate void ProcessOrderType(Order o);

public class OrderProcessing : IOrderProcessing
{
public LookupHandlerType LookupHandler;
public ProcessOrderType EnterHandler;
public ProcessOrderType ApproveHandler;

public OrderProcessing(IDataLayer dataLayer) {
DataLayer = dataLayer;

LookupHandler = _LookupOrder;
EnterHandler = _EnterOrder;
ApproveHandler = _ApproveOrder;

}

private IDataLayer DataLayer { get; set; }

public Order LookupOrder() {
if (LookupHandler == null)
throw new AuthorizationError();
return LookupHandler();
}

public void EnterOrder(Order o) {
if (EnterHandler == null)
throw new AuthorizationError();
EnterHandler(o);
}

public void ApproveOrder(Order o) {
if (ApproveHandler == null)
throw new AuthorizationError();
ApproveOrder(o);
}

// business logic in these methods
private Order _LookupOrder() { return new Order(); }
private void _EnterOrder(Order o) { }
private void _ApproveOrder(Order o) { }

}

public class Factory
{
public IOrderProcessing CreateOrderProcessing()
{
// set these based on role user is in.
bool manager = false;
bool clerk = true;
bool salesperson = true;

//var processing = container.Resolve<IOrderProcessing>() as OrderProcessing;
OrderProcessing processing = new OrderProcessing(new MyDataLayer());



if (!manager) processing.ApproveHandler = null;
if (!clerk) processing.EnterHandler = null;
if (!salesperson) processing.LookupHandler = null;
return processing;
}
}



Dynamic-binding Authorization



As a further refinement, rather than statically binding to the Handler delegate properties, we could have the names of the Handlers stored in a database or file and use Reflection to set them to null if the role disallows access.



    public class DynamicFactory
{
public IOrderProcessing CreateOrderProcessing()
{

//var processing = container.Resolve<IOrderProcessing>() as OrderProcessing;
OrderProcessing processing = new OrderProcessing(new MyDataLayer());

//get user role, list of prohibited methods from authorization database
//
var prohibitedHandlers = new List<string>()
// { "ApproveHandler", "EnterHandler" };
//disable access
foreach (string handler in prohibitedHandlers)
{
var field = processing.GetType().GetField(handler);
field.SetValue(processing, null);
}
return processing;
}
}

I've presented some strategies for authorizing access to your business layer objects. It's important to keep authorization code separated from your business logic, since it is a cross-cutting concern and since security models will likely change over time, it makes sense to encapsulate the access in a Factory type object that can evolve over time. The key is that the business logic object that is handed to the application is already configured for the privileges that the user has and the authorization checking does not need to be embedded in the business logic.


kick it on DotNetKicks.com

Monday, May 4, 2009

Windows 7 news

  • If you have installed the Windows 7 Beta, starting July 1, your computer will shut down every two hours, and it will expire on August 1, 2009.
  • Windows 7 Release Candidate is now available for MSDN subscription download.
  • Windows 7 Release Candidate will be available for public download tomorrow May 5.
  • Windows 7 Release Candidate will expire June 1, 2010. Bi-hourly shutdowns will start March 1, 2010.
  • In both cases (Beta and RC), there will be no upgrade path to a retail, licensed version. You will need to wipe and re-install.
  • Windows 7 includes IE 8, Windows Media Player 12 and .NET 3.5 SP1.

WPF Model-View-ViewModel Toolkit

The WPF team at Microsoft has released a toolkit (version 0.1) that addresses developing UIs with the M-V-VM pattern.

It's definitely a first-pass (e.g. no VB.NET support), but they are looking for feedback on this effort. There is also a bit of confusion as to how this compares to the Silverlight development pattern in RIA Services. See this StackOverflow discussion.

The toolkit includes:

  • A Visual Studio 2008 template (Visual C# Express 2008 also supported)
  • Documentation
    • General introduction to M-V-VM
    • Walkthrough using the VS template
  • A complete WPF application demonstrating the M-V-VM pattern

Here's a post about ViewModel and how it enhances the UI's testability.

Check it out here: WPF Model-View-ViewModel Toolkit


kick it on DotNetKicks.com

Monday, April 20, 2009

Speed up your MSDN Library experience

This tip comes courtesy of Scott Hanselman's blog.

MSDN is now available in a low-bandwidth mode.

Step 1) Goto http://msdn.microsoft.com/en-us/library/default(loband).aspx

Step 2) Click on the link Persist low bandwidth view. It is located in the upper right corner.

Step 3) Enjoy the speedy page access.

kick it on DotNetKicks.com

Saturday, April 11, 2009

Book Recommendation: Framework Design Guidelines (2nd ed.)

The authoritative work by Brad Abrams and Krzysztof Cwalina on .NET framework design was recently updated.

The Book: Framework Design Guidelines: Conventions, Idioms, and Patterns for Reusable .NET Libraries (2nd Edition)

The Blog: http://blogs.msdn.com/brada/archive/tags/Framework+Design+Guidelines/default.aspx

The Blurb:

Framework Design Guidelines, Second Edition, teaches developers the best practices for designing reusable libraries for the Microsoft .NET Framework. Expanded and updated for .NET 3.5, this new edition focuses on the design issues that directly affect the programmability of a class library, specifically its publicly accessible APIs.

This book can improve the work of any .NET developer producing code that other developers will use. It includes copious annotations to the guidelines by thirty-five prominent architects and practitioners of the .NET Framework, providing a lively discussion of the reasons for the guidelines as well as examples of when to break those guidelines.

Microsoft architects Krzysztof Cwalina and Brad Abrams teach framework design from the top down. From their significant combined experience and deep insight, you will learn

  • The general philosophy and fundamental principles of framework design
  • Naming guidelines for the various parts of a framework
  • Guidelines for the design and extending of types and members of types
  • Issues affecting–and guidelines for ensuring–extensibility
  • How (and how not) to design exceptions
  • Guidelines for–and examples of–common framework design patterns

 

Tuesday, April 7, 2009

Enterprise Library 4.1 Hands-On Labs

Microsoft Patterns and Practices has released some Hands-on Labs for Enterprise Library 4.1.

.NET 3.5 and VS 2008 are required.

This set of Hands-on Labs is a guide to learn about the application blocks included with Enterprise Library 4.1 and to leverage their capabilities in various application contexts. It includes Caching, Cryptography, Data Access, Exception Handling, Interception, Logging, Security, Validation, and Unity Hands-on Labs.

Docs for Enterprise Library 4.1 (10/2008) are here.

LINQ Links

The MSDN Site: http://msdn.microsoft.com/en-us/vbasic/aa904594.aspx 

Wikipedia: http://en.wikipedia.org/wiki/Language_Integrated_Query 

LINQ (Language Integrated Query) was delivered in .NET 3.5 and Visual Studio 2008. It addreses O/R mapping issues by making query operations like SQL statements part of the programming language. It also offers built-in support for querying in-memory collections like arrays or lists, XML, DataSets, and relational databases.It also allows you to develop queries in your native development language (with IntelliSense).

LINQ to XML: It is recommended that developers switch over from coding against the XmlDocument DOM to LINQ's XDocument

LINQ to SQL: Deprecated... use LINQ to Entities

LINQ to Entities: Entity Framework Learning Guide

Books:

Wednesday, April 1, 2009

Silverlight 3 Beta

http://silverlight.net/getstarted/silverlight3/default.aspx

Silverlight 3 Beta was unveiled at MIX09. It is a preview release which continues Silverlight’s track record of rapid innovation - introducing more than 50 new features, including support for running Silverlight applications out of the browser, dramatic video performance and quality improvements, and features that radically improve developer productivity.

Important notes:

  • This is a developer beta release only! This means there is no “go-live” licensing available and the end-user runtime of Silverlight 3 is not available. The tools below are intended for software developers only.
  • Once you install the Silverlight 3 Beta Tools for Visual Studio, your development environment will be a Silverlight 3 Beta environment.  Visual Studio 2008 SP1 does not support multi-targeting for Silverlight applications so you will be unable to develop Silverlight 2 applications once these tools are installed.  We recommend that you install the Silverlight 3 Beta tools on a separate environment if you still need to have the ability to develop Silverlight 2 applications.
  • Ensure that you have either Visual Studio 2008 SP1 or Visual Web Developer Express 2008 SP1 installed as it is a prerequisite for the Silverlight 3 Beta Tools for Visual Studio.

Wednesday, March 25, 2009

Google Chrome withstands security testing

From Ars Technica:

A recent contest at CanSecWest, an event that brings together some of the most skilled experts in the security community, has demonstrated that the three most popular browser are susceptible to security bugs despite the vigilance and engineering prowess of their creators. Firefox, Safari, and Internet Explorer were all exploited during the Pwn2Own competition that took place at the conference. Google's Chrome browser, however, was the only one left standing—a victory that security researchers attribute to its innovative sandbox feature.

Monday, March 23, 2009

Dependency Injection, is it for you?

People have been trying to convince you how great Dependency Injection is. Maybe they're calling it Inversion of Control. Either way, you're not buying it.

If you haven't been able to see the benefit, try reading Justin's blog post: To Inject or Not To Inject (warning: it is long, but worth it).

Justin focuses on complex configuration scenarios, but I like to recommend DI for its reusability. Self-configuring and "service locator" configuring tends to constrain you to using a particular type of configuration infrastructure, making it difficult to reuse your components, not to mention unit testing.

Roundup - .NET Application Development Platforms

I've put together a collection of links from around the web on tools and technologies for developing .NET Line-of-business applications.

Silverlight 3 (beta) - Microsoft

Silverlight Labs - Microsoft

Silverlight Toolkit - CodePlex

WPF Hands-on lab (Southridge) - Microsoft Redmond

WPF Hands-on lab (Order Manager) - Microsoft Switzerland

WPF - CodePlex

Composite Application Guidance for WPF and Silverlight (Prism) - Microsoft P&P

Building a Framework for Silverlight - SilverlightShow

Caliburn - Rob Eisenberg

CSLA.NET (WPF and Silverlight) - Rocky Lhotka

DevForce WinClient - IdeaBlade

DevForce Silverlight - IdeaBlade

Nintex Workflow - Nintex

UPDATE: I added RIA services after listening to Brad Abram's talk on .NET Rocks. It was announced at MIX09.

RIA Services - Microsoft

RIA Services on SliverlightShow.

Friday, January 9, 2009

Welcome to Windows 7

7

Do you like to get your hands on the latest and greatest?

Microsoft is posting a beta of its next generation Windows OS later today at the Windows 7 Web page.

Enjoy.

Thursday, January 8, 2009

SharpDevelop

If you are interested in a free Open Source Development Environment for .NET check out #develop (pronounced SharpDevelop). It supports C#. VB.NET and Boo.

Currently it only does .NET 1.1 and 2.0, but they are working on support for .NET 3.5, which will also add IronPython and F#.