VS 2005 Developer Launch - Chennai

The developer launch of VS2005 is happening at Chennai this Thursday(15/12/2005) at Le Royal Meridien. I just got the confirmation for my registration. I feel excited about attending the event and eagerly looking forward for the day!!!

Breaking Changes from Beta2 to RTM

MS has published the details of the breaking changes from .NET2.0 Beta2 to the RTM version.
The list goes like this:

Breaking Changes Overview

.NET Framework Version 2.0

• Threading Cancellation Functionality
• INullableValue Interface
• System.Nullable
• Boxing and Unboxing of Nullable

.NET Client

• MenuCommands Class
• Behavior Class
• ColumnWidthChangedEventArgs Class
• BindingContext Class
• DataGridViewRow Class
• DataGridViewCell Class
• Client Application User Settings
• Application Settings Serialization
• TreeView and TreeNode Classes
• BackgroundWorker Class
• MaskedTextBox Class
• GetPreferredSize Property of Form Controls
• Windows Forms API Changes
• CancelRowEdit Event
• AsyncCompletedEventArgs.Error Property
• RadioButton.TabStop Property
• MDI Automatic Merging
• BindingSource.Items Property

.NET Compact Framework

• EventArgs Classes

Common Language Runtime (CLR)

• XCertificateUI Class
• System.Threading.Thread Class
• KeyValuePair Class
• AssembliesVisibleTo Attribute

System.Data Namespace

• SqlDataReader.GetSchemaTable Method
• SqlNotificationEncryptionType Enumeration
• System.Data.SqlTypes.SqlStreamChars Property
• SqlDataReader.GetSqlValue Return Type

Globalization

• Persian Calendar Class
• DateTimeFormatInfo

ClassVisual Studio Tools for Office

• VSTView Interface

Visual C++ Programming Language

• ATL Server — CAtlHttpClient Class
• Floating-point Control Word Support Functions
• Dynamic Cast from Private Base
• MFC Wrapper for LoadLibraryEx()
• MFC -bit Message Map Support

C# Programming Language

• Compilation Error Due to Implicit Conversion
• Checked and Unchecked Expressions
• Nullable Does Not Satisfy IComparable Constraint Error
• Cannot Form a Delegate Over Nullable Error
• Operator "is" Returns true for T and Non-null T?

Visual Basic Programming Language

• TypeOf Statement
• Non-CLS Compliant Return Types
• Overriding Object Members in Structures
• Namespaces with Different Casing
• Implementing MustOverride Methods
• AppActivate Case-insensitivity
• AppActivate Right-Hand Title
• CreateObject Case-insensitivity
• Zero-Based Collection Object
• FileIO Enumerations
• FileLogTraceListener.CustomLocation Property
• FileLogTraceListener Date Format

ClickOnce Runtime Process

• ClickOnce Store Change
• WebBrowser Permissions

Visual Studio

• Visual Studio Settings
• Machine.config File Changes
• Visual C++ Beta Project Open Error
• Errors When Deploying Device Projects to the Device Emulator

ASP.NET

• Unique Class Names
• HTML Default Validation Schema
• Events for Non-Visible Controls
• ICallbackEventHandler.GetCallbackResult Method
• ASP.NET Personalization Database Schema
• Page.CreateStateFormatter Method
• Aspnet_regiis.exe Utility Argument Change
• WebPart File Format
• System.Web.UI.IPageHeader
• Relative References in the Configuration File
• Web Project Global Settings and Project Policy Settings

Check the Breaking Changes in Visual Studio and the .NET Framework for complete details. Just went through the document to have a bird's view of the changes, sounds good.

New Generation MS Certifications

Microsoft has come up with new certifications based on .NET2.0 technologies. Have a look at the details at The New Generation of Microsoft Certifications.

Case Study on Application Development with Whidbey & Yukon

Polaris Software Lab Triples Developer Productivity with Microsoft is a brand new case study that details the company's experience with one of its product Intellect-Collect that was ported to .NET from Java. The case study sounds pretty good. Just have a read and share your thought about it.

Hiring Good Programmers!!!

Stumbled over this article Hiring Good Programmers Matters. Was a good read and indeed true... Check it out.

Via: Sudhakar

Kid's Programming Language

Microsoft has signed on to promote a new programming language intended to replace BASIC as the first step students take towards learning how to code.

The Kid's Programming Language, or KPL, was developed under the direction of Jonah Stagner, and his colleagues, ex-Microsoft program manager Jon Schwartz and former NCR engineer Walt Morrison. The three run the software consultancy Morrison-Schwartz Inc.

"One of the things we realized is that we all learned programming on some flavor of BASIC when we started. You're not going to learn how to program in BASIC anymore," said Morrison, in an interview. "We wanted something that isn't 20 years old; modern technology that uses an integrated development environment, so we can take our kids and move them directly from this to the .NET environment."

KPL has its dedicated website and a descriptive article has been posted at MSDN's Code4Fun site.

Via: Yahoo News

Openings with Polaris

Polaris is looking for .NET developers with 1+ years experience who have a flair to work with the bleeding edge technologies. If you are one of them, you could send in your CVs to mahalakshmi.n@gmail.com.

WSS and Sharepoint Portal Server

I got an opportunity to learn Windows Sharepoint Services(WSS) and Sharepoint Portal Server. Pretty interesting. Searching for more resources and samples to understand better. If you have any good resource, please share.

Interesting Post on Method Overloading

A pretty interesting read on Method Overloading.

You Can Do It! (But that doesn't really mean that you should)

Via: Brad Abrams

Usage Rules for NULL

A useful article Four rules on Nulls. Was a good read.

The article starts with explaining what NULL actually is and puts forth four rules on NULL usage.

Rule #1: Use NULLs to indicate unknown/missing information only. Do not use NULLs in place of zeroes, zero-length strings or other "known" blank values. Update your NULLs with proper information as soon as possible.

Rule #2: In ANSI SQL, NULL is not equal to anything, even other NULLs! Comparisons with NULL always result in UNKNOWN.

Rule #3: Use SET ANSI_NULLS ON, and always use ANSI Standard SQL Syntax for NULLs. Straying from the standard can cause problems including portability issues, incompatibility with existing code and databases and returning incorrect results.

Rule #4: The ANSI Standard COALESCE() and CASE syntaxes are preferred over ISNULL() or other proprietary syntax.

Via: Anand

Recommendations for using Strings in 2.0

I read an article in MSDN by Dave New Recommendations for Using Strings in Microsoft .NET 2.0. Extract below:

Code owners previously using the InvariantCulture for string comparison, casing, and sorting should strongly consider using a new set of String overloads in Microsoft .NET 2.0. Specifically, data that is designed to be culture-agnostic and linguistically irrelevant should begin specifying overloads using either the StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase members of the new StringComparison enumeration. These enforce a byte-by-byte comparison similar to strcmp that not only avoids bugs from linguistic interpretation of essentially symbolic strings, but provides better performance.

Recommendations for String Use
When developing with the 2.0 version of the .NET Framework, keeping a few very simple recommendations in mind will suffice to solve confusion about using strings.

Do's:

1. Use StringComparison.Ordinal or OrdinalIgnoreCase for comparisons as your safe default for culture-agnostic string matching.
2. Use StringComparison.Ordinal and OrdinalIgnoreCase comparisons for increased speed.
3. Use StringComparison.CurrentCulture-based string operations when displaying the output to the user.
4. Switch current use of string operations based on the invariant culture to use the non-linguistic StringComparison.Ordinal or StringComparison.OrdinalIgnoreCase when the comparison is linguistically irrelevant (symbolic, for example).
5. Use ToUpperInvariant rather than ToLowerInvariant when normalizing strings for comparison.

Dont's:

1. Use overloads for string operations that don't explicitly or implicitly specify the string comparison mechanism.
2. Use StringComparison.InvariantCulture-based string operations in most cases; one of the few exceptions would be persisting linguistically meaningful but culturally-agnostic data.

A read of the article would surely give an insight towards best practices for string comparison.... excellent article...

A No Mouse-Click WebSite!!!

This site is cool.... visit http://www.dontclick.it you will know it!!!

Via:Sudhakar

Problem with IIS

I renamed my PC and now find that my IIS is not starting. It gives authentication failure error. I tried starting the PC with the last best known configuration and starting in Safe mode etc. but in vain. Looking for a solution to this problem...

VS.NET 2005 Beta2

After some hiccups I was able to successfully install Beta2, but now facing problems in compiling Beta1 code in Beta2. Would post my experiences with Beta2 soon.

TechEd 2005

TechEd 2005 just happened in Chennai and, unfortunately, I couldn't attend the meet. Waiting for thr presentations to be uploaded, so that I can download and get a feel of the sessions.

WSE Series III : Sending Attachments thru Web Service

There are three different methods of sending attachments naely,

1. Base64 Encoding
2. SOAP attachments
3. DIME and WS-Attachments

Base64 Encoding:

In this method the attachment is included as binary data encoded in Base64 format inside a SOAP envelope. The XmlTextWriter class can be used to generate Base64 encoded attachments. The XmlTextReader class can be used to decode that binary stream back into the original data format. This mechanism is very resource intensive and the size of the encoded data is much higher than the actual data size. Say for example a 14KB binary file can become a 19KB text when encoded. Base 64 encoding has been around for some time and has probably received a bad rap for the opaque data problem. Base 64 encoding has some extremely nice benefits, such as its seamless integration in SOAP envelopes, it is a well-known standard, and it has better size efficiency than structured XML.

Interoperability: Excellent. Base-64-encoded data is understood on every platform that understands XML. Whether the opaque data included is in an interoperable form may be another question that is not already positively answered, like it is with the XML Representation approach. However, if you are sending opaque data and you are doing so with a Web service, then the interoperability issue has probably already been positively addressed.

Composability: Excellent. The fact that the data lives within the SOAP envelope means that all the WS-* specifications that Microsoft has developed with its partners will work seamlessly with a base-64-encoded XML element.

Efficiency: Modest. Although base-64-encoded data is usually more efficient from a message-size perspective than structured XML, as mentioned earlier, it still bloats the data by about 33% even when only single byte characters are used. The character set for base-64-encoded data does not require multi-byte characters, so if you can use UTF-8 encoding you can avoid the extra 100% increase in size. Of course you cannot mix single and multi-byte encodings within a single XML message, so if the rest of your SOAP envelope requires multi-byte encoding, then you have to live with the two-fold increase.

When to use: Base 64 encoding is probably the best way to pass opaque data if transport size efficiency is not your first concern. It will work seamlessly with higher-level WS-* protocols and is smaller than a standard XML encoding.

SOAP Attachments:

This is a much familiar method of binding a SOAP message with MIME enabling the usage of MIME encapsulation. In this mechanism there is a primary SOAP message and one or more attachments. SOAP with Attachments was the first attempt by Microsoft (along with Hewlett Packard) at solving the opaque data/attachments problem.

Interoperability: Potentially decent in the future with some notable exceptions. SOAP with Attachments is simply a W3C Note; it is not a W3C Recommendation or even a W3C Working Draft. Presumably, after the profile is final and conforming implementations are available, they should be interoperable. The problem is that when it comes to the attachments profile, WS-I is ignoring the fact that SwA breaks the Web services model. Among other issues, SwA specifically does not work with WS-Security at this time.

Composability: Poor. Without an encompassing SOAP envelope to build upon, SOAP with Attachment messages do not compose well with the WS-* specifications. In particular, a non-SOAP-message-based transport cannot support the recently finalized OASIS WS-Security specification.

Efficiency: Good. Although not as efficient and streamlined as the DIME and WS-Attachments approach, opaque data can be sent in its raw form without base 64 encoding. There are issues with buffering incoming data due to the lack of a length header on the message sections, but it is a viable solution to the problems around sending potentially large, opaque blocks of data.

When to use: If you have interoperable SOAP with Attachments implementations on all the platforms that you might want your Web service to be accessible from, then you might consider using SwA. If you find you are really only communicating between computers running the same platform, then the reason for using Web services (interoperability) is moot, and you might as well use a proprietary communication mechanism. Finally, you will specifically want to avoid SwA if you need OASIS-compliant WS-Security type signatures or encryption on your opaque data.

DIME and WS-attachments:

Direct Internet Message Encapsulation (DIME) is a lightweight, binary message format that can be used to encapsulate one or more application-defined payloads of arbitrary type and size into a single message construct. Each payload is described by a type, a length, and an optional identifier. Both URIs and MIME media type constructs are supported as type identifiers. DIME and WS-Attachments is a faster and more efficient solution to the attachments approach to opaque data compared to SOAP with Attachments, but has the same composability problems as SwA.

Interoperability: Modest. Although DIME is a simpler protocol than MIME that would bode well for its interoperable possibilities, efforts for creating widely interoperable DIME and WS-Attachment implementations have stopped. As with SwA, there is no recommendation for DIME or WS-Attachments at this time. Microsoft tools currently only support a DIME approach to attachments.

Composability: Poor. As is the case with SwA, a non-SOAP envelope approach to messaging like DIME and WS-Attachments limits the ability of the higher-level Web service specifications to properly work upon a message.

Efficiency: Very Good. DIME is a simple binary format for transmitting raw data and has support for such efficiencies as chunking and jumping easily between message records.

When to use: Web services are all about interoperability, and if DIME and WS-Attachments does not provide wide interoperability, then there is little reason to use it. If you are not interested in interoperability but believe DIME is attractive for its performance reasons, then you would probably be better off using other proprietary, high-performance solutions such as .NET Framework Enterprise Services. DIME and WS-Attachments also suffer from the same limitations as SOAP with Attachments, in that it is only viable if you do not require higher-level capabilities for your Web services. At this point the only real reason to be using DIME and WS-Attachments would be to interoperate with an existing DIME and WS-Attachment implementation.

VS.NET 2005 Beta2

I received my VS.NET 2005 Beta2 DVDs which I had ordered online last week. The pak includes VS2005 Team Suite, VS2005 Team Foundation Server and Yukon Dev Edition Evaluation CTP valid for an year.
Yesterday I tried to install Beta2, but the directions said I have to remove my previous 2.0 Beta1 installation. I was not sure... so postponed the installation to this weekend...

Indigo Book on Blog

Scott Seely, Yaniv Pessach, and Brian Nantz are writing a book on Indigo for Addison Wesley and have taken a new approach suggested by Robert Scoble. They are posting portions of the book for public feedback on a blog so that the rest of the world can watch as the book takes shape and to guide the content to the most useful information.While the blog contains a lot of links to Indigo information on the Internet, they have also released portions of book content such as Indigo instrumentation, Indigo configuration, and most recently the first portion of the manageability chapter.Watch the book take shape and get lots of other great Indigo information at ThatIndigoBook Blog.

Via: The ServerSide .NET

Look and Feel changed

I changed the look and feel of my blog yesterday. I felt though the previous look and feel was good, it was taking some long time to load the page, an impact of the extensive use of images. Now the page opens faster that it used to...

Back Again to my Blog World...

I am very very happy to return to my blog world. All these days I had to do my blogging either from my work place(due to tight schedule, that has become impossible) or from some net cafe outside(that too became impossible since I reached home late). Thanks to my parents who got me a net connection at home (got connected yesterday). I hope to blog atleast one new post everyday. Thanks for all who have had the patience to look for my second article on the WSE. This long pending article was in draft and completed it today and published(the article is published backdated since I drafted it long back).

Presentation Skills

I was going thru Karthik's blog, he has started blogging very recently. He has posted on this session and I found this link on Presentation skills very useful. It is a blog entry of Mr.Venkatrangan , MSRD.

WSE Series II: WS-Security

Web Services sound great with all its Discoverability and Interoperability, but this involves data transmission through the Internet as SOAP messages. While SOAP provides a standardized interface for accessing Web Services, since SOAP messages are transmitted as a stream of human-readable XML, intercepting the message or tampering it becomes much easier. Also requirements of some Web Services mandate access control to its services. This speaks the need for designing the Web Services from the ground up to use the best available security features and best practices. Until recently there were some gaping deficiencies in the Web Services domain, particularly in the Security like ability to handle security, authentication, encryption, digital signature, routing and attachments at the message level, rather than using out of band or OS-proprietary techniques.

With WS-Security, getting down to the business of providing interfaces and programming toolkits that all "speak the same language" has become easier and developers can begin to use the benefits of these efforts. A SOAP message, on its own, can be authenticated, its integrity verified, and it can be encrypted in whole or in part using the mechanisms defined in WS-Security. The architectural model of WSE is built on a "pipeline" of filters that process inbound and outbound SOAP messages. This is built on the pre-existing SOAPExtension classes, and developers who have experimented with SOAP Extensions for compression, encryption, logging and other purposes will find the implementation familiar.

WS-Security and the WS-Security addendum are published at http://msdn.microsoft.com/ws/2002/04/security and http://msdn.microsoft.com/ws/2002/07/Security respectively. Since the release of WS-Security it is emerging as the primary industry standard for secure Web service communication. This spcification fully leverages the existing XML signature and XML encryption protocols and optimizes them for use in SOAP message-based Web services environment to support the transmission of security tokens as well as encryo\ption and digital signatures. WS-Security describes the folowing SOAP header elements:

• Security - the root WS-Security element in the SOAP header
• UsenameToken - A child element that supports simple username and password authentication mechanisms
• BinarySecurityToken - A child element that supports binary-based security tokens such as Kerberos tickets and X.509 certificates
• SecurityTokenReference - A child element that supports referencing remote security tokens that are available at a URI
• KeyInfo - A chil element that supports inclusion of key information (derived from XML signature)
• Signature - A child element that supports signing one or more parts of a SOAP message (based on XML signature)
• ReferenceList - A child element that supports referencing one or more encrypted elements in the body of a SOAP message (based on XML encryption)
• EncryptedKey - An element that supports encryptionspecifically for keys (based on XML encryption)
• EncryptedData - A child element that supports including additional encrypted data in a SOAP header (based on XML encryption)
• Timestamp - The WS-Security Addendum specification that supports including timestamp info in the SOAP header that can be used to prevent replay attackes when an attacker tries to reuse an ols message.

The subsequent posts we will discuss the other WSE specifications.

Being out of date helps at times!!!

Just read a post at Logu's blog on how implementation of standards across browsers has helped a hacking idea that was lingering for past couple of years (from 2002) is now implemented practically. This is about a security threat posed by the implementation of a standard called IDN(Internationalized Domain Names) by browsers. All URL's are vulnerable especially when accessed thru Mozilla-based browsers, Safari, Opera and Omniweb. This is basically a URL-spoofing thing, but the good part is Internet Explorer is free from this vulnerability, just because it has not yet implemented this IDN.

For more read HOMOGRAPH ATTACKS.

Via Anand.

WSE Series I: Introduction

I have decided to post my understanding on WSE as a series of posts starting with an introduction today.

What is WSE?
The Web Services Enhancements aka WSE is a .NET class library that augments the .NET Framework and related technologies to provide an implementation of various WS-* specifications including WS-Security, WS-SecureConversation, WS-Trust, WS-Policy, WS-SecurityPolicy, WS-Addressing, and WS-Attachments. WSE allows you to add these capabilities at design time using code or at deployment time through the use of a policy file.

What are the specifications covered by WSE?

1. WS-Security
   
2. WS-SecurityPolicy
   
3. WS-SecureConversation
   
4. WS-Trust
   
5. WS-Referral
   
6. WS-Addressing
   
7. WS-Policy
   
8. DIME
   
9. WS-Attachments

We shall look into each one of them in future posts.

Contract First Web Service

I have now got a chance to study Contract First Web Services and WSE. I hope to post my understanding on these soon. By the time if anybody comes across information on these I would thank you if you could share your knowledge with the community.

Immediate Opening

There is an immediate opening for the role of Project Managers at Nigeria. Interested please post your CVs to mahalakshmi.n@gmail.com immediately.

Update: Now they require Tech. Leads, Project Leads and developers too. .NET/SQL2000/Oracle/C# or VB.NET. Need to have good ASP.NET skills.