Ruminations of J.net idle rants and ramblings of a code monkey

Presentation from North HDNUG Meeting

Community | User Groups
It’s a long ride out there but it was good to get back to the North Houston .NET User’s Group and see everybody on that side of town. Here’s my slide deck from the meeting last night … Hyper-V for Developers.

Houston TechFest Sessions

Community | StreamInsight | .NET Stuff | User Groups
Houston TechFest is tomorrow at the Reliant Center. And, of course, I will be speaking. This year, I am doing two sessions: Back to Basics: .NET Essentials You May Have Forgotten (3:40 PM – 4:40 PM) Now that the .NET Framework has been out for 10 years and so many tools are available to make things easier, many developers seem to have forgotten some of the core principles of .NET. In this presentation, I'll review the fundamentals of the .NET Framework and what makes all of that magic happen. From the CLR to IL to memory management and garbage collection, we'll touch on these core concepts that every developer should know. I originally did this presentation at HDNUG and it was very well received – better than I had thought it would be. However, because the timeframe is a bit more limited at TechFest vs. HDNUG, I’ll need to pare this down a little bit so I don’t go over. Introducing StreamInsight 2.1 (4:50 PM – 5:50 PM) StreamInsight provides real-time analytics on large volumes of data with a response time measured in milliseconds, bringing a new level of capabilities to the Sql Server platform. This session will provide an overview of StreamInsight, its capabilities and use cases. It will also provide details on StreamInsight 2.1, what's been added and how it makes your real-time applications easier and more robust. I originally delivered this at Sql Saturday in Baton Rouge. I’ve tweaked and honed it a bit. Some will be familiar to my other StreamInsight intro presentations – how it works, etc. There are some updates on more use cases that we’ve seen “out in the wild” in the past year or so. StreamInsight is coming into its own now too … we are seeing more and more interest and adoption as folks get a better understanding of where it can add to their business. I hope to see you there!

Speaking at Sql Saturday in Baton Rouge

Community | User Groups | StreamInsight
Next Saturday, August 4th, I will be speaking at Sql Saturday #150 in Baton Rouge. As usual, I will be talking about StreamInsight. In this case, I’ll be talking about StreamInsight 2.1 and the new adapter model based on Observables and the Reactive Extensions. I hope to see you there! In other notes, I know I’ve been bad about blogging lately. I also know that I’ve not kept up to my intended schedule. I do have a lot of stuff queued up to write about and I’m working on the first one. I’m planning a series of posts that will build on each other and exploring several different topics with StreamInsight. I’m not going to spoil the surprise though … you’ll have to come back to read them but I do promise that they will be good, in-depth articles that detail pieces of a real-world architecture of a StreamInsight application.

Houston TechFest 2010 Sessions

Community | Events | TFS 2010 | User Groups
It’s almost time for TechFest again … it’s amazing how quickly the time flies! It’s seems like only yesterday that I told Michael what my sessions would be, thinking, of course, that I’d have plenty of time to do them. No, it wasn’t yesterday either – it was a few months ago. But … I’m just now starting to do the presentations. While there is a blurb about the sessions on the TechFest site, I also wanted to post them here – with some more information. Customizing TFS Process Template – Level 300 Or maybe it’s level 400. This is not going to be your every day talk about customizing process templates; there is plenty of that out there. While I may mention (and even, very briefly, show) the TFS Process Template Editor Power Tool, that’s not what I’m going to focus on. I’ll be digging into the core of what makes these templates work and how they are configured behind the scenes. This means that we’ll be playing in the XML behind the templates. We will look – deeply – at how the templates are constructed and where all of the pieces are. I’ll also share some code utilities that I’ve developed to help create process templates from an existing Team Project; specifically, I’ll show code to export work items and work item queries. I’ll also mention how to do custom plugins for the Project Creation Wizard, allowing you to really “kick it up a notch!” Team Foundation Build 2010 With Team Foundation Server 2010 Build Server, the build services got a complete redesign, moving away from an MSBuild-based build process to a more flexible and extensible build process based on Windows Workflow Foundation 4.0. I will talk about TFS build, the architecture and how to configure build controllers and agents. From there, I’ll be digging into the Build Process Templates, how to customize and extend them with out-of-the-box activities as well as custom activities, as well as some tips and tricks about how to manage extensions and your build environment. Finally, I’ll talk about the upgrade path from TFS 2005/2008 builds (yes, there is one) and some of the gotchas that you may experience on the way. I’ve not yet decided which activity to use as an example, but I’m leaning towards using the one that I wrote to change the build workspace as a part of the process. Or the zip activity. Or both? We’ll see. Keep in mind … this is the kind of stuff that I do all day, every day, day in and day out. Those of you who know me also know that I’m not one to settle for touching on the surface but get deep into the technical aspects … these sessions will be no different. They will not be your typical TFS sessions. There will be code - and a goodly chunk of it - that works with the mysterious and very poorly documented TFS APIs.

TechFest Sessions

Community | Events | User Groups
Sessions, that is, that I’m doing or participating in. :-) First, I’ll be participating in Zain’s session on VIrtual Worlds and Virtual World Evangelism. I’ll only be showing a bit of stuff for a few minutes … really just to showcase some of the things that can be done in Second Life. Next … the one that I signed up for originally … the OWASP Top Ten. This will review the vulnerabilities on the OWASP Top 10 (duh!), explaining each one and explaining how the .NET (and ASP.NET) platform can help you mitigate these vulnerabilities. It’s been very well received when I’ve done it on other occasions and it’s security … something that I’m pretty passionate about. Finally … this just in and HOT off the presses (as in, I just finished writing the demo!) … I’ll be doing a session on add Url Routing (from Fx 3.5 SP1) to existing applications. It’s already the magic goo behind MVC and Dynamic Data … but there’s no reason that you can’t use it for your current apps to provide clean, purty Urls in your applications. I’ll start at the very beginning with an ASP.NET app with all kinds of ugly Urls - they grew organically, so there’s no consistency in the names which, of course never happens in the Real World(tm). Then I’ll add routing in step by step by step … culminating in adding in a configurable (as in, from the web.config), reusable routing component for adding to these types of applications. Should be pretty cool. I’ll post the code for this when I’m done and I’m certainly using this in CSK. So … with that, I’m outta here and I’ll see (some of) you tomorrow at TechFest!!

New Houston User Group: Houston D2Sig (Silverlight/WPF)

Events | User Groups
Hello Houston … we have a new user group in town. After some delay due to an unwelcome visitor whose name begins with “I”, the Houston Developer 2 Designer (D2) SIG is holding its inaugural meeting this Thursday. Regular meetings will be on the first Tuesday of the month, but this first one was moved to Thursday so that it didn’t prevent anyone from voting (which you are doing, right???). Inaugural Houston-Area D2 SIG Meeting for Silverlight & WPF Designers and Developers Announced (Free) When: First Tuesday of Each Month 6:00 – 8:00 PM (First meeting is Thursday, November 6, due to Election Day) Where: Microsoft-Houston Offices (2000 West Sam Houston Parkway) This special interest group (SIG) is a community effort open to all interested participants. Each month, a different presenter from various organizations will present to interested attendees. The group is dedicated to exploring modern user experiences (UX) which are part computer programming and part artistic design. While traditionally there has been little overlap in the two disciplines, users now expect a good experience with a professional look. Covered topics will range from development in Silverlight, WPF and related technologies such as Microsoft Surface to design of rich interactive experience for graphical designers. The group strives to provide a good balance of content that appeals to both developers and designers. The inaugural meeting, to be held on Nov. 6th, 2008 introduces the SIG and the covered topics and technologies in general, before proceeding into this month’s presentation delivered by industry renowned expert, author, speaker, MVP, President of EPS Software Corp., and Publisher of CoDe Magazine, Markus Egger. Markus’ presentation will include the following topics: Introduction to Silverlight ans WPF (Windows) Creating a Silverlight Application Silverlight and WPF news from PDC! A first look at Microsoft Surface RSVP Requested Attendance of the SIG meetings is free. To allow us to plan the meetings better and to judge interest ahead of time, we ask people to RSVP here. (Signup through VPF Conversion is temporary and will be replaced in the future with www.d2sig.org.)

C# SIG Presentation

I have uploaded (finally) the presentation that I delivered to the C# SIG last Wednesday, July 16 to my SkyDrive. You can download it here. I did make some little modifications to it though ... and they address one of the outstanding questions of the evening ... how does ASP.NET Role-based security work with ASP.NET Dynamic Data? Well, it's pretty simple and straightforward, actually. Some background first. ASP.NET Dynamic Data uses SP1's UrlRoutingModule to map requests to the correct table ... with the name of the table appearing as a directory on the web site. So, when editing the "Products" table, the URL will be http://mydatasite/Products/[NameOfView]. Adding authentication and authorization for the entire site is a no-brainer; just add the authorization element into the web.config with the proper entries and you're done. Doing it for individual tables is just about as easy; in this case, you just need to add a location element to your web.config and configure the settings for the location. For example:<location path="products"> <system.web> <authorization> <allow roles="Products"/> <deny users="*"/> </authorization> </system.web> </location> In this case, we have defined a role called "Products" that can edit (and view, of course) the products table, but no one else can. This will behave exactly as would a "real" folder in any ASP.NET web site using role-based authorization with the built-in RoleManager (regardless of where the roles are actually coming from!). As I said, I added this to the demos that I uploaded. All access to the site is authenticated; no anonymous users are allowed. There are 2 roles - Products, which can edit the Products table and HR, which can edit the Employees table - and 3 users. All users have the same password (Pass@word1). Here's the breakdown: User ID Role User1 HR User2 Products User3 <No Role>   You can, of course, get a bit more complicated than this, but you'd have to do some additional customization of the different pages to do that.

CORRECTION: C# SIG Tomorrow

Community | User Groups
In my previous post, I said that I'd be talking about ADO.NET Data Service. I'm not sure what happened to my brain, but that's not what I told Harry. I will actually be talking about ADO.NET Dynamic Data. Hope to see you there tomorrow!!

Presenting at the C# SIG

Community | User Groups
Boy, I'm on a blogging roll today, eh? I've got one more in the works that'll go out by the end of the day too.  The ol' keyboard is taking quite the pounding. :-) I announced this last night at HDNUG, but Bill reminded me that some folks may not remember it all (there was a lot going on last night) and besides, I meant to blog it anyway. Bobby Schaffer's Beginning C# SIG and Harry Nystrom's C# SIG will be meeting at the Microsoft offices on Tuesday, July 15. Bobby's SIG will be kicking off at 6:00 PM, where he will be talking about Inheritance in C#. Harry's SIG kicks off, I think, at 7 (maybe 7:30) and I will be there talking about ADO.NET Data Services, a killer-cool piece of .NET Framework and Visual Studio SP1, currently in beta. For each SIG, I'll also be giving away a copy of Visual Studio 2008 Professional ... so, yes, that's 2 copies of Visual Studio 2008 Pro!!! Food? Hmmm ... yeah ... typically it's BYOF (that's bring your own food). But ... ya know ... yeah, what the hell ... I'll spring for pizza & drinks.

Content from OWASP User Group

Security | User Groups
I had a blast speaking at the Houston OWASP User Group last night. I did a review of the OWASP Top Ten and we had a lot of good discussion and conversation around secure application development and some of the implications. Though a relatively small group, it was pretty lively and really good to hang with some folks that care deeply and passionately about secure application development. This presentation was one that I had put together a while ago but, while reviewing it for this presentation, I really wasn’t very happy with it. So, of course, I made a number of changes to it and added a bit of stuff. It certainly seems to have gone over very well, so I’m pretty pleased with it now. Still, for those of you that were there, feel free to let me know what could be improved … I think I’ll take this presentation and turn it into a webcast. And, without further ado, here’s the content. Keep in mind that the demos are pretty simple … they really have only enough to show some mitigation strategies for particular vulnerabilities so they aren’t part of an overall application.