Almost every article ever written about database transactions includes the example of an ATM machine dispensing money. The articles will describe how the bank uses a transaction to prevent people from overdrawing the account during simultaneous access, or how the bank can rollback a transaction if an error occurs at the ATM. They are all wrong. About 7 years ago I went to a local ATM, punched in my PIN, and asked the ATM to withdraw $80 from my account. The machine thought about the request for a bit, and then started to make the happy fluttering noise ATM machines...

One of the thorny areas in writing a distributed application is keeping the logical thread of execution authenticated and authorized as calls hop from server to server. If you want to flow the original client’s identity across these servers you’ll quickly run into the “single network hop” restriction of NTLM (sometimes called the “double hop” issue). A client’s identity can only make a single hop. The first hop happens from the web browser to the web server. The web server can impersonate the client when accessing local resources, but it make a second hop to a third machine. Larry Osterman...

Karl Seguin’s site (OpenMyMind.net) has some good articles for ASP.NET developers. The two articles on creating multilingual websites (Part I, Part II) jump out at me, and the “Mastering Page-UserControl Communication” is a must read if you are starting to write user controls which interact with the parent page. (Hint: using Request.Form or FindControl to pull values from a user control is path filled with peril).  

Maxim Karpov has a nice post about his VSLive! experience. Max is a bright guy and a blast to hang out with. I’m still tying up lose ends and requests for information from my presentation on SQL Server Reporting Services Integration. If you have any performance or exporting problems, make sure you have Service Pack 1 in place. To determine the version of Reporting Services, go to the base URL for the report server (typically http://machinename/reportserver/). At the bottom of the browser page will be the version number - 8.00.878.00 is SP1. To see what is the future holds with Service Pack...

Raymond is wondering what people think of CodeBetter.com. Let me tell you what I think. The real problem with group blogs is the number of people who post breaking news – like “Microsoft is going to release IE7!”. Oh, wait – that’s not a problem on CodeBetter.com. It’s good to see the CB’ers function as a group. Instead of sounding like a scratched CD, they feed off each other to build better content. It’s collaborative and interesting. CodeBetter.com is what a group blog should be. I like Darrell’s agile news, Brendan’s forays into the .NET framework, Geoff’s quirkiness, and then...

This week I’m going to tie up some lose strings from my VSLive! presentation… One can programmatically interact with Reporting Services across the network by sending requests via an URL, via a web service request (SOAP), and via Windows Management Instrumentation (WMI). Of these three – I spend no time covering WMI because it’s typically not an interface used to deliver features to end users. I’ll provide some more information here. In general, WMI exposes classes to configure and mange both hardware and software on computers throughout the network. Reporting Services provides WMI classes that let us query and make...

When we write unit tests, we write a piece of test code to verify a piece of production code. The trouble is, production code has the nasty habit of relying on dependencies that are hard to control. Dependencies may be infrastructure dependencies like SMTP servers and databases, or may be software dependencies that are non-trivial to setup and get into the correct state for testing. Mock objects remove these dependencies and simplify unit test code. A mock object is a stand-in replacement for a real-world domain object. For more details about mock objects, see “Mock Objects to the Rescue!”. When...

Let me start by pointing to Tom Hollander, who is looking for feedback and input to build the next version of Enterprise Library. I now return you to my irregularly scheduled ramblings... Unit testing is here to stay. The only questions about unit testing revolve around the details. Do we test non-public types and methods? Do we use mock objects? I’m always interested in seeing real unit testing code from other projects to understand what decisions others have made. (For an intro to unit testing, see: “Improve the Design and Flexibility of Your Project with Extreme Programming Techniques”). Enterprise Library...

The word excessive is a relative term. What might seem excessive to you could be normal to me, and vice versa. Walt mentioned last week that he has a client who insists on shipping everything in a single assembly – which sounded excessively restrictive to us. On the other end of the scale, someone in the newsgroups posted about the slow startup time of an ASP.NET application composed of 300 assemblies. 300! Certainly 300 is an excessive number, right? Loading a DLL isn’t a hugely expensive operation - but it doesn’t come free either. Years ago we used to use...

I didn’t get a chance to blog about the morning keynote by Eric Rudder, but plenty of others have, including Sam, Rocky, and Richard. I went to hear the Don Box and Steve Schwartz breakout session on Indigo. Don wrote some Indigo code with VB.NET – I have pictures to prove it. Indigo is looking exciting – but during the presentation I became a bit distracted. I realized in a few hours I’d be giving my presentation in the same building as these people - felt a bit humbled - wondered what I had gotten myself into - and went...

I’m sitting in the keynote at VSLive! by Soma Somasegar (VP, Developer Division, Microsoft). Interesting statistic: In February of 2002 there were 300 “.NET developer wanted” ads on monster.com, today there are over 10,000. Also interesting: in 2002 many of these ads wanted developers with 3+ years of .NET development experience. Gotta love the people that come up with those types of ads. The Enterprise Library was plugged during the keynote, but the general thrust of the speech was to promote smart clients. I believe the success of Microsoft’s smart client push hinges entirely on ClickOnce. In my experience it’s...

I’m still poking around the common validation areas of Enterprise Library. The ArgumentValidation class has 6 public static methods: public static void CheckForEmptyString(string variable, string variableName) ... public static void CheckForNullReference(object variable, string variableName) ... public static void CheckForInvalidNullNameReference(string name, string) ... public static void CheckForZeroBytes(byte[] bytes, string variableName) ... public static void CheckExpectedType(object variable, Type type) ... public static void CheckEnumeration(Type enumType, object variable, string) ... CheckForEmpty string has the following implementation:    21 public static void CheckForEmptyString(string variable, string variableName)    22 {    23    CheckForNullReference(variable, variableName);    24    CheckForNullReference(variableName, "variableName");    25    if (variable.Length == 0)    26    {    27         throw new ArgumentException(SR.ExceptionEmptyString(variableName));    28    }    29 } I like this approach to validation. It feels much cleaner to...

I’m not right all of the time – just ask anyone I work with! I’ve been waiting for someone to take me to task over something I’ve written badly, and this evening I was introduced to Dinis Cruiz in his post Some Comments to Misleading and False Information…”.   Dinis makes a great point – an application domain is not a secure boundary if code is running with full trust. Unfortunately, it seems most ASP.NET shared hosting providers are running ASP.NET code with full trust. I’ve updated my article on application domains to make this point stand out.

When looking at the code for a product or library, I find I’m always drawn to look at the error handling and validation pieces. Since every piece of software has these pieces in one form or another it’s always interesting to compare and contrast the different practices and methodologies used throughout the industry. The newly released Enterprise Library, being from the patterns and practices group, obviously had some thought put into this area, so I was keenly interested to peek at the code. Here is one of the constructors from the Enterprise Library’s ConfigurationBuilder class:    66 public ConfigurationBuilder(string configurationFile)    67 {    68    ArgumentValidation.CheckForNullReference(configurationFile,...

We know HttpApplication events like BeginRequest, AuthorizeRequest, and Error can be extremely useful for implementing functionality like URL re-writing and custom authentication schemes. We can choose to catch these events in one of two places: inside of the methods provided by Global.asax, or inside a custom HttpModule. I favor the global.asax approach only if the logic inside the events is heavily application specific. In general, an HttpModule is the best approach for a number of reasons. Firstly, I don’t want global.asax to become a dumping ground for code snippets that need to execute during the request lifetime. Using one or...

It’s difficult to say there was a beginning, really. Let’s just say it started from a singularity. There was no space. No time. No reports. In 1961, IBM put forth the first official release of the Report Program Generator (RPG) language. The universe of reporting expanded rapidly. Reams of paper began to spill onto the desks of corporate middle managers across the globe. Neatly formatted tables of numbers exploded in every direction – driven by the deafening cadence of teletype printers.  March of 1962 is the first known use of the following phrase: “I swear, if the finance people request another report format change, I’m...