I've got a new DevNugget up, and this one demonstrates how to consume an RSS feed in ASP.NET 2.0, using the XmlDataSource control and a DataList control bound to it, with a little XPath thrown in for seasoning. You can
view it here.
My latest DevNugget is up, this one focusing on
Code-Free Authentication and Authorization in ASP.NET 2.0. In it, I demo setting up a protected folder, configuring forms authentication and authorization using the ASP.NET web-based Configuration Tool, and adding a login page, all in less than 8 minutes.
This is very nicely done...
http://channel9.msdn.com/showpost.aspx?postid=118332
WARNING: there's a bit of mild potty humor near the end, if you're sensitive about stuff like that.
Here are a couple, for Visual SourceSafe, and ClearQuest:
VSS:
http://msdn2.microsoft.com/en-us/library/ms181246(en-us,vs.80).aspx
CQ:
http://msdn2.microsoft.com/library/ms181248(en-us,vs.80).aspx
The team responsible for these converters is looking for real-world testing, so if you use them (please back up first, after all, this is still beta stuff!), let me know what your experience is, and I'll be happy to pass the information along to the folks responsible.
One of my favoritest features in Visual Studio 2005 is Code Snippets. Code Snippets are XML-based definitions of commonly-used code that you can insert into your classes (VB, C#, or J#) or XML files via right-click or menu selection. In addition to a huge number of snippets that ship out of the box, you can also define your own Code Snippets and save them to your Code Snippets folder(s) (look under My Documents > Visual Studio 2005 > Code Snippets), and the IDE will pick them up automatically and make them available to you via the Insert Snippet context-menu item. There's even a built-in XML snippet that contains a skeleton definition for a snippet, to help you get started creating your own (just create a new XML file, right-click in the XML editor, select Insert Snippet, and then double-click the Expansion item and look for the Snippet entry).
One of the things that kind of bummed me out about snippets, though, was that there isn't any official support for inserting snippets into the markup of an ASP.NET web form (you can use snippets in code-behind, of course, just as with any class). When you right-click in the markup view of a .aspx page, no "Insert Snippet" item...boo-hoo.
Well, it's completely unsupported, and not guaranteed to always work, but I've found a hack workaround that allows you to insert snippets into an ASP.NET web form...simply open the .aspx file by right-clicking it in Solution Explorer, and selecting Open With..., then choosing the XML Editor. Now, when you right-click in the editor, you'll get the context menu item for Insert Snippet, and can insert any snippets saved into the XML snippets folder. So you can create a snippet containing ASP.NET markup, drop it into that folder, and take advantage of it via this hack.
Keep in mind that when you have a .aspx file open in the XML editor, you won't get proper Intellisense for ASP.NET tags, so it's best to open the file in the XML editor, insert the desired snippet, save, then close the file and reopen it normally to take advantage of Intellisense, etc.
A little birdie tells me that full snippet support is on the list for the next version of Visual Studio, but until then, this little trick should allow you to take advantage of snippets, even without official support...just don't email me any nasty-grams if it doesn't always work perfectly! As I said, it's a hack. :-)
Heh. Forgot about this at Tech-Ed over the summer...check out the video...too funny!
http://www.finalizer.net/
From the peeps at HQ:
Visit the Launch Tour 2005 Knowledge Center
Prepare yourself for the upcoming SQL Server 2005 and Visual Studio 2005 launch with the latest MSDN Webcasts, MSDN Virtual Labs, and Microsoft E-Learning courses. Learn more at the Launch Tour 2005 Knowledge Center.
A fellow DE who covers South Texas, J Sawyer, and a team of Microsoft developers (including local SQL guru Jim Dugan), have been working their tails off to put technology to use to help victims of Hurricane Katrina. The result: KatrinaSafe.com, a web application (and more) devoted to helping those who've been separated from their loved ones find one another.
At last report, it looked like their preliminary efforts had already come up with 9 nearly perfect matches, which is pretty amazing given that this is an application they've developed in just a matter of days.
My hat's off to J, and to all of the folks working on this application. They are great examples of how individuals, and the companies that support them, can make a huge difference in difficult times.
I'm pleased to announce my inaugural DevNugget, on creating and using File System-based web sites in ASP.NET 2.0.
What's a DevNugget? It's a short technical demonstration of a specific feature of interest to developers. Most DevNuggets are 5-8 minutes long, so they're a great way for busy folks to pick up small chunks (or nuggets) of information about new technologies. I'll be posting more DevNuggets soon, so check back regularly.
I've also added a new category for my DevNuggets, so if you want to track them via RSS, you can do that, too!
One of the basic tenets of secure coding is that ALL input is EVIL and should be validated and sanitized before being allowed into the application. This is also definitely an area where a lot of mistakes can be made.
The
PAG folks have written a set of modular How-To's to tackle the finer points of injection attacks and as such implement effective input validation in your ASP.NET Applications. The guidance covers both .NET 1.1 and 2.0.
Check them out:
Very important information…read it, and live it.
Nikhil Kothari, of the Web Platform and Tools team (i.e. - the folks responsible for ASP.NET)
posts a browser extension utility to help with ASP.NET development, including providing an indication in the browser of whether debug and tracing are enabled, as well as allowing the viewing of trace information and viewstate in a separate window from the main browser window. Neat stuff.
Here are some resources for folks interested in learning about the topic of Software Factories, which is a central concept in Visual Studio 2005 Team System.
Articles
Blogs
The following blogs have pointers to Software Factory info:
Description: This clinic will provide both Business Decision Makers (BDMs) and Technical Decision Makers (TDMs), Architects, Developers, Testers, and Project Managers with an introduction to Visual Studio Team System. This introduction will explain what the product is, how it relates to the software development lifecycle and how processes such as MSF fit it.
Entitled, appropriately enough, http://www.leastprivilege.com/.
Some good posts:
- A link to some good info on ASP.NET 2.0 configuration from local guru K. Scott Allen (who, I should note, will likely be speaking again at our upcoming Security Code Camp).
- A sample ASP.NET 2.0 Membership Provider that uses the <credentials> section of web.config for storing credentials.
One of the neat new features of ASP.NET 2.0 is the ability to develop web sites that exist simply as a folder within the file system...no IIS vdir, no admin privileges required, very simple. Browsing and debugging are accomplished using a local-only web server based on the Cassini web server that shipped with ASP.NET Web Matrix.
There are some tricks to this, however. Notably, things like authentication when calling web services. If you've tried calling a local file system based web service from a local file system based web site, you know what I mean. Attempting to call the web service results in a 401: unauthorized error.
Marcel de Vries describes a way to work around the issue here.
One of our great partners, in my district and others, is RDA Corporation. RDA stepped up for the community in a really big way last spring, contributing an entire track on Service-Oriented Architecture to help make our inaugural Code Camp a success.
One of the folks I work with at RDA just emailed to let me know about a great video and case study they put together with Microsoft about how they helped Independence Air cut their operating costs and reduce downtime on their website by moving to .net from linux. Independence Air relies on the web to keep their costs low, so they can offer low fares, so it's definitely worth checking out their story to understand why linux, though cheap to acquire, may not be so cheap in the long run. They're also a testament to the role that partners play in Microsoft's success, and in the success of our customers.
You can find links to the video and case study on RDA's home page.
Also of note: RDA was named Partner of the Year for Microsoft's Southeast District for their great work with Microsoft customers.
