Posts

Showing posts from November, 2004

Community Server - a web based knowledge management platform

"The easiest description of Community Server is: an online collaboration and knowledge management platform designed to allow people to share information and ideas more easily." Community Server (currently in beta) plans to have fully integrated systems of Forums, Blogs, and nGallery with forward compatibility with Microsoft's new Membership, Roles, and Profile features. Will integrate into DotNetNuke as a portal container (which will share the forwards compatible Membership, Roles, etc. work).

10 Tips for Writing High-Performance Web Applications

Rob Howard 's 10 Tips for Writing High-Performance Web Applications : 1. Return multiple recordsets 2. Efficiently page data access 3. Connection pooling 4. Use the ASP.NET Cache API 5. Per-Request Caching 6. Background Processing 7. Page Output Caching & Proxy Servers 8. Run IIS 6.0 for Kernel Caching 9. Use GZip Compression 10. Watch That Server Control View State And some interesting facts : C# code is NOT faster than Visual Basic code Codebehind is NOT faster than inline Components are NOT faster than pages Every functionality that you want to occur between two apps need NOT be implemented as a Web service

Authentication for an app with few users

A simple way to handle authentication in a Web application using ASP.NET when only a few users are involved is to specify the user credentials in the Web.Config file itself or get the user details from a XML file ....without using any database! In the Web.config authentication section, the user names and passwords can be listed out as clear text or encrypted (MD5/SHA1). Using FormsAuthentication.HashPasswordForStoringInConfigFile Method a clear text password can be hashed . Related links: Securing an ASP.Net application Single sign-on with Forms Authentication

SQL Server Notification Services

"Notification Services is essentially an application framework that lets you develop custom notification applications.These applications monitor a data source for a predefined event. When that event occurs, the application notifies subscribers and devices. You can build these types of notification applications from scratch, but Notification Services gives you a solid foundation for development projects by providing you with a robust, scalable, tested framework that you can use for your own notification applications. Microsoft originally developed the Notification Services framework to satisfy internal needs, then later turned the technology into a product for distribution. A Notification Services application monitors certain predefined events and can intelligently filter and route the information about those events to a variety of different target devices by using a personalized delivery schedule. Notification Services applications consist of three basic components: event...

Microsoft .NET Compact Framework FAQ

The Microsoft .NET Compact Framework is the smart device development framework for the Microsoft .NET initiative. It brings the world of managed code and Web services to smart devices, and enables the execution of secure, downloadable applications on devices, such as personal digital assistants (PDAs), mobile phones, and set-top boxes. Check out the frequently asked questions & the answers .

Sessions in ASP & ASP.Net

The session ID is a read-only value that uniquely identifies the current clients to the Web server. In classic ASP, session IDs are assigned in a sequential manner-the session ID 706616433 is followed by the session ID 706616434, and so on. The classic ASP session ID is stored on the client's machine in the form of an encrypted nonpersistent cookie. For example, the session ID 706616434 would be stored on the client machine as the cookie ASPSESSIONIDGQQGQGCS=JHMBOBKCBINEHLPKJHOPABBE. ASP.NET has made a few changes to the session ID. When using ASP.NET , the session ID is a 120-bit string consisting of URL-legal ASCII characters Source: Builder.com

use ALTER TABLE rather than Enterprise Manager

Your best bet for changing the size of a column in a large table is to use the ALTER TABLE command rather than Enterprise Manager. This is because when Enterprise Manager changes the size of a column, it creates a copy of the table, does an INSERT/SELECT operation to change the column format, drops your original table, then renames the new table to the same name as the old table. Source: SQLMag

Pixie - Color Picker

Pixie is a colour picker & mouse tracker. It gives the hex, RGB, HTML, CMYK and HSV values of the colour of the element on the screen that you point with your mouse . It also shows the current x y position of your mouse pointer. Useful for Webmasters and Designers. Cool tool!

Patterns & Practices

The Microsoft Patterns and Practices (P&P) website is a veritable gold mine of information on architecting and developing .Net based applications among other things. Check out these P&P guides ... Its Events sections features live, recently recorded and archived webcasts on various facets of web development using Microsoft technologies.

How much is too much...or too little

Capacity planning is the process of planning for growth and forecasting peak usage periods in order to meet system and application capacity requirements. Planning the resources for a large site and keeping it up is quite a job. Check these stats of www.asp.net and CodeProject to know what's involved. www.asp.net General statistics Over 4,000 files 23% ASP.NET Page files (.aspx) 46% Code-behind / BLL / DAL 31% Resource files: images, etc. Server cluster hosts many applications www.asp.net (plus online starter kits) weblogs.asp.net / blogs.msdn.com forums.asp.net / www.dotnetnuke.com May 2003 ~485GB bandwidth usage 2mm Unique visitors 42K downloads of .NET Framework 23K Forum Posts May 2004 ~1.5TB bandwidth usage 2.9mm Unique visitors 62K downloads of .NET Framework 28K Forum Posts Original Hardware Specs. 2 Web Servers Windows Server 2000 Dual-750 MHZ Processors 500 MB RAM 1 Database Server Windows Server 2000 Sin...

ValidateRequest Property and Cross Site Scripting (XSS)

The @Page directive in ASP.Net features a new boolean attribute named ValidateRequest that prevents cross-site, one-click attacks and indicates whether request validation should occur. If ValidateRequest is set to true, ASP.NET checks all input data against a hard-coded list of potentially dangerous values. For example, if the page contains an input field with some HTML text embedded, the attribute causes ASP.NET to throw an exception during the postback processing. ValidateRequest is enabled for all pages but can be disabled both at the application level (in the section of the web.config file) and for the individual page.” The Cross Site Scripting (XSS) problem features in OWASP's (Open Web Application Security Project) Top Ten Most Critical Web Application Vulnerabilities. Here is a quick overview of the Top 10 Vulnerabilities: Unvalidated Input: Information from web requests is not validated before being used by a web application. Attackers can us...

Dead links

The credibility of a website is undermined if it contains dead links. It's a good idea to run the Link Checker occassionally by submitting your URLs online to the Validator at W3C so as to identify any non-existent links and take corrective action.

Tips for Google Search Optimization

SSW has interesting guidelines on various software development activities including Rules to Better Google Rankings Here are the paraphrased Tips for Google Search Optimization: Have at least 3 inbound links on your website and a good internal linking structure. Get all the great keywords in the first few paragraph's of every page so that spiders can't miss it. Use the META-Description & Meta-KEYWORDS tags. The keywords you use must be relevant and must appear in the body text. Trying starting with 3 to 5 'key' words from your Title. Where possible combine the words into logical phrases and we recommend using all lower case letters (and NO LEADING SPACES) when specifying keywords You can control the internal linking structure of your website which in turn effects the Page Rank distribution for all your individual pages. Google is case sensitive when it comes to URLs, it isn't when it comes to the keywords you put into the search box...

Google is a Web God

To me, Google is to the Web what the wheel is to the human civilization. C# MVP, Ph.D., Mensa guy Peter Bromberg shares useful Google Search Tips and Tricks in the Eggheadcafe article also titled "Teach a Man to Fish"

Six Free Microsoft Security Resources

Six Free Microsoft Security Resources: Microsoft Baseline Security Analyzer (MBSA) is a best practices vulnerability assessment tool for the Microsoft platform Port Reporter tool logs TCP and UDP port activity and provides you with a useful logfile. The newly released GUI-based Port Reporter Parser tool can help you quickly scan through these logfiles based on IP addresses, ports, services, user accounts, host names, and so on. Software Update Services with SP1 (SUS) allows you to control patch deployments in your organization. SUS will pull down from the net all critical patches, security packs, and security updates that are currently available. Then you can selectively test and deploy those needed in your organization. Security Events & Webcasts (reaches out to 500,000 IT pros worldwide) Windows XP and Windows Server 2003 Security Guides Windows XP SP2 Read the full article in the TechNet Magazine and check out the other Security-focused arti...