Related link: http://www.libertyassociates.com

I have not even started planning Programming C# 5th edition, nor do I know what will be in C# 3 (nor do I know if we’ll wait for C# 3) but here are some questions for you all…

What would you think of my eliminating each of following chapters in the next edition either (a) because few C# programmers really deal with the issue or (b) to focus more on new developments in C# 3.

• Assemblies and versioning
• Attributes and Reflection
• Marshaling and Remoting
• Threads and Synchronization
• Streams
• COM

I think it would be hard to eliminate COM, there are too many COM controls and ActiveX controls out there, and C# is pretty good at working with them.

The Streams chapter seems essential, can’t quite imagine cutting that.

On the other hand, aren’t Threads and synchronization too esoteric (and/or superfluous) in the presence of overlapped I/O?

It seems to me that Marshaling and Remoting and Assemblies and Versioning are both extremely esoteric at this point, and could easily be cut (is that your experience?).

Attributes and Reflection could probably be cut down to a pair of notes (one on attributes, leaving out user-generated attributes) and the other on reflection (moved to the COM chapter).

I’d love to get your thoughts, either here (as a comment) or if you like, on my private (free!) discussion forum where I posted the same question.

Thanks!

Jesse

In Massachusetts, where I live, politics is a contact sport. And Microsoft finds itself in the middle of the fray — it could even become an issue in the next gubernatorial campaign.

Recently, the Commonwealth of Massachusetts announced that as of January 1, 2007, the state government would have to use applications that work with the OpenDocument format. This has big implications for Microsoft, because Office doesn’t handle it, but other suites like StarOffice, OpenOffice.org, KOffice and IBM Workplace do. The move would mean a big migration away from Office.

Microsoft, as you might expect, lashed out at the plan, and called it “inconsistent and discriminatory.” It found a friend in the Commonwealth’s Secretary of State, Bill Galvin, a Democrat, who says he has “grave concerns” about the switch. He even said his office won’t make the switch, and will stay with Microsoft Office. At least one other power Democrat in the State Senate agrees with Galvin.

There’s a good chance Galvin will be running for governor. The state has a Republican incumbent, Mitt Romney, whose administration backs the OpenDoc plan. To make matters more confusing, Romney may try to run for President.

Confused yet? If you’re not, you’re not following things.

In any event, don’t be surprised if it all becomes an issue in the next gubernatorial campaign. Who ever would have thought the day would come when document formats would become a political hot button?

What do you think about the Massachusetts decisiona about OpenDoc?

What are the best new application you’ve used recently? Most likely, it’s something Web-based, like Gmail, Google Maps (now known as Google Local), the Flickr photo-sharing site, or the Amazon A9 search site.

Those sites all use AJAX (asynchronous JavaScript and XML) which combines several existing technologies, including CSS, JavaScript, XHTML, XML, and XSLT, to build Web applications that look and work more like desktop software than they do Web sites.

They also provide a glimpse of the future, one in which when broadband connections are everywhere available, there’s no need to have bloated applications like Microsoft Office on your PC. Power up your computer, automatically connect to the Web, and you’ll have productivity applications available just by heading to a Web site.

Imagine Google Office. It would be free, and have a word processor, spreadsheet, and presentation software. Would you spend several hundred dollars to buy Microsoft Office if something like that were available for free on the Web?

A lot of people were hoping that Sun and Google were going to announce something like that a few weeks ago. But they were looking for the wrong thing — for Google to distribute OpenOffice.org on its Web servers.

That’s not the future. The future is an AJAX-built productivity suite. And I’d be willing to be that you’ll see it in the next few years.

Do you think an AJAX application could kill off Microsoft Office?

Related link: http://opendocumentfellowship.org/petition

The OpenDocument Fellowship, a volunteer organisation with members around the world, has called on everyone who uses MS Office, or who has an interest in open standards, to sign a petition at http://opendocumentfellowship.org/petition.

The petition, available in several languages, states:
“I request that Microsoft fully support the OASIS (Organisation for the Advancement of Structured Information Standards) OpenDocument Format for Office Applications in its MS Office product. This should include the ability to read, edit and write OpenDocument files reliably, according to the format specification.”

Microsoft has stated that the company will support the OpenDocument format in MS Office if there is customer demand. This petition will demonstrate that customer demand already exists.

OpenDocument (short for OASIS Open Document Format for Office Applications) is an open, XML-based file format from the OASIS standards group. It’s been a hot topic recently because of the controversy over a decision by the State of Massachusetts to require it as an office format for the state’s internal archives. Less noticed has been the fact that the European Union has stated that OpenDocument fulfills its criteria on open standards for office documents.

OpenDocument is designed not just to handle all office type files but also to integrate with the Internet. Users whose data is stored in OpenDocument format will never again face the problem of not being able to access data because the application that created it is no longer supported.

Open standards already enable users of different computer systems (both hardware and software) to access the Internet and communicate with each other. ODF enables users of different computer systems and software to freely exchange and use files. Vote for ODF!

For more information, see the Fellowship’s website, http://opendocumentfellowship.org.

What’s your take on this campaign to demonstrate public support for OpenDocument?

We’re knee-deep in our Windows DevCenter survey and OnDotNet survey, and I thought I’d take a look at the results so far, to see what you’re telling us.

Here’s a shocker: a whopping 73% of Windows DevCenter visitors and 66% of OnDotNet visitors say Vista won’t be released until 2007 or after. Are you telling me that you really doubt the word of Chairman Bill?

Another big surprise: On Windows DevCenter, 60% of you are developing for Linux, compared to 81% for Windows XP, 57% for Windows 2000, and 48% for Windows Server 2003. Just where exactly are you hiding those Linux boxes?

OnDotNet visitors, though, hew more to Microsoft products — only 29% develop for Linux, versus 75% for Windows XP, 60% for Windows Server 2003, and 53% for Windows 2000. No big surprise there.

There’s a lot of other good stuff in these surveys, and when it’s done, we’ll summarize the results for you and publish them on Windows DevCenter and OnDotNet. We like to share.

To help make the survey information as accurate as possible, I urge you to head to these surveys and add your two cents:

Windows DevCenter survey

OnDotNet survey

Plus you can win some great prizes including T-shirts, $100 O’Reilly gift certificates, and subscriptions to MAKE Magazine

When do you think Vista will be released?

Good news for those who suffer from Mac-envy because they wish that the Windows had the kind of widgets that come with Mac OS X — widgets are coming not only to Vista, but the Windows XP as well.

Widgets are neat little utilities that sit on your desktop and do all kinds of cool things — update a weather report, gather RSS feeds, report on your Internet connection in real time, and so on.

Microsoft recently made the surprising announcement that “gadgets” — the Windows equivalent of widgets — will be brought to XP some time after Vista ships.

Good for Microsoft. One would have expected that they’d keep gadgets only on Vista, to force people to upgrade. The fact that they’re bringing gadgets to XP, along with Internet Explorer 7, means that they won’t be abandoning the current version of Windows. In fact, the company has also announced that at some point there will be an SP-3.

By the way, you don’t have to wait for Vista if you want gadgets. You can get them right now. Konfabulator, owned by Yahoo, makes gadgets available for free. Give them a try and let me know what you think.

Are you looking forward to gadgets…and have you tried Konfabulator?

Related link: http://www.leastprivilege.com/MoreOnProtectingStaticResourcesWithASPNET20.aspx

I forgot to mention that there are also special directories in ASP.NET that generally cannot be browsed, e.g. App_Data and App_Code (there are more). App_Data seems to be the “designated” directory to put files that should under no circumstances be downloadable (e.g. file deployed SQL server databases).

Yesterday I showed the HttpForbiddenHandler which will emit a HTTP 403 - this leaks information, namely that the file exists but the client is not authorized to view it, better would be to generate a generic 404 (not found) status code.

Here - they suggest to use the HttpNotFoundHandler. Unfortunately this handler is internal and cannot be used by your code (at least on RC1). It is easy to write your own handler to accomplish the same task.

public class NotFoundHandler : IHttpHandler

{

  public bool IsReusable

  { 

    get { return true; }

  }

  public void ProcessRequest(HttpContext context)

  {

    throw new HttpException(404, context.Request.Path + ” not found”);

  }

}

Put that e.g. in App_Code and add the following to web.config:

<httpHandlers>

  <add path=“*.xml“ verb=“*“ type=“NotFoundHandler, App_Code“ validate=“True“ />

</httpHandlers>

When you now try to browse a .xml file, you will get a nice generic “the resource cannot be found”.

Related link: http://www.kidsprogramminglanguage.com/download.htm

From TechWeb:

“Microsoft has signed on to promote a new programming language intended to replace BASIC as the first step students take towards learning how to code. The Kid’s Programming Language, or KPL, was developed under the direction of Jonah Stagner, and his colleagues, ex-Microsoft program manager Jon Schwartz and former NCR engineer Walt Morrison. The three run the software consultancy Morrison-Schwartz Inc. “

You can download KPL from: http://www.kidsprogramminglanguage.com/download.htm

One cool feature is that you can directly translate KPL code into C# and VB.NET, making KPL a very good language for getting kids started on programming and then eventually moving into .NET programming using C# or VB.NET.

Will you get your kids to learn KPL?

Related link: http://www.leastprivilege.com/ProtectingNonASPNETResourcesWithASPNET20.aspx

A common problem I see in audits is, that people throw all kinds of files into their ASP.NET vdir (like .xml, .mdb etc) and just assume that these files will be protected by ASP.NET authentication & authorization. This is not the case.

IIS passes all ASP.NET related requests (.aspx, .asmx etc) to the ASP.NET AppDomain, everything else is served directly by IIS. If you want that your static files (or .asp files - more on that later) are handled by ASP.NET and its security system, you have to configure IIS to pass these requests to ASP.NET, too. This is done in the configuration settings of you IIS web application. In the script mappings dialog you configure which extensions are passed to which ISAPI extension - if you want to add specific extensions, add a new script mapping in the upper half of the dialog (have a look at which .dll the .aspx extension is configured for and use the same one for your static file).

Another option is to map every extension to ASP.NET. This is done in the wildcard mapping section in the lower part of the dialog. Just add the aspnet_isapi.dll here and all requests will be forwarded to ASP.NET. Be sure to uncheck “verify if file exists”, otherwise “virtual” URLs like WebResource.axd won’t work anymore.

By configuring a HttpForbiddenHandler you can now selectively deny files from being accessed via the browser.

<httpHandlers>

      <add path=“*.xml“ verb=“*“ 

        type=“System.Web.HttpForbiddenHandler“ validate=“True“ />

</httpHandlers>

Well, before ASP.NET 2.0 this was not very practical because now the ASP.NET runtime has to serve all requests which resulted in a major performance degradation. In ASP.NET 2.0 the underlying architecture has changed to provider better support for this scenario. All unknown file extensions are now handled by a class called DefaultHttpHandler.

<add path=“*“ verb=“GET,HEAD,POST“ type=“System.Web.DefaultHttpHandler“ validate=“True“ />

This special handler accomplishes, that requests for static (or non-ASP.NET files) only pass the “front half” of the HTTP pipeline (including the important Authenticate and AuthorizeRequest events). Right before the point where page execution would normally begin, ASP.NET bounces the request back to IIS. This is much faster and gives you the best of both worlds. You can use the ASP.NET security infrastructure (e.g. forms authentication) to protect the files but you don’t lose the performance of IIS request processing.

If you need more control, you can derive from DefaultHttpHandler and customize its behaviour. If you override the OverrideExecuteUrlPath method, you can modify the request path that gets handed back to IIS. You can also add new HTTP header to the request by adding entries to the ExecuteUrlHeader collection. This enables you e.g. to protect a classic ASP application with ASP.NET forms authentication and you can pass the user and role information via headers from ASP.NET to ASP.

Warning: Be sure to validate and authenticate the headers you pass with ExecuteUrlHeader, e.g. by adding a MAC using a secret that is shared between ASP and ASP.NET (HMACSHA1 would be a possibility).

While Google and Yahoo over the last year have been busy introducing countless innovative Internet services, including RSS readers, podcast sites, blogging services, putting massive libraries online, and even a bid to provide free WiFi service in San Francisco, Microsoft has been uncharacteristically quiet.

Can you name a single, innovative, forward-thinking Internet service Microsoft has introduced in that time? I can’t.

What’s its biggest online news of late? It’s redoing Hotmail so that it looks more like Outlook. Mercy — stop the presses!

Why has Microsoft fallen so far behind? It’s not just that the company is distracted by trying to get Vista out the door. I think that it’s recognized that it’s lost the Internet war, and so it’s not even trying any more.

I don’t think that’s a bad thing. Better the company focus on its core mission — to provide the best operating system and applications possible — than to spend resources on something that, frankly, Google does a whole lot better than Microsoft will ever do.

So I for one am glad that Microsoft has apparently ceded the Internet to its competitors. That means it can focus better on Vista and the upcoming new version of Office.

Do you think Microsoft has given up on providing innovative Internet services? Let me know

Related link: http://www.nhdn.com/DNN/

I will be presenting on the topic Creating Personalized Sites with ASP.NET 2.0 and C# at the New Hampshire .NET User’s Group on 10/20/05

Topics will include: forms-based security, roles and personalization including: anonymous personalization, personalization with user-defined types, master pages, themes and skins and personalizing with web parts and catalogs

The meeting begins at 6pm on 10/20/05 at:
Boston University Corporate Education Center
72 Tyng Road
Tyngsboro, MA 01879

Your comments are always welcome…

Related link: http://opendocumentfellowship.org

On 10 October 2005, the Open Document Fellowship announced its existence, stating that its mission is to promote the new internationally agreed standard for digital documents, Open Document Format (OpenDocument). The Fellowship, formed in September, has attracted support and interest from around the globe.

The Fellowship’s aims include providing factual information about the Open Document Format, such as the degree to which companies and their products are committed to supporting the format, and making sure that OpenDocument can be always supported by any software application or company. The organisation also supports the development of software tools to complement the format.

Founding members include Gary Edwards (OASIS OpenDocument TC), Mark Taylor (Executive Director of the Open Source Consortium), and Richard Rothwell (Chair of SchoolForge UK).

Founding member Adam Moore, Friends of OpenDocument Inc., said:

“As a true Open Standard, OpenDocument is available for the benefit of all. It levels the competitive playing field and provides wider opportumities for innovation, diversity and choice. This choice and diversity is a natural evolutionary consequence of the market maturity of general productivity software. We believe all responsible citizens in the digital market place will embrace ODF as the central focus for document production.”

Users whose data is stored in OpenDocument will never again face the problem of not being able to access data because the application that created it is no longer available to them. Open standards already enable users of different computer systems (both hardware and software) to access the Internet and communicate with each other. ODF enables users of different computer systems to freely exchange and use files.

For more information, see the Fellowship’s website, http://opendocumentfellowship.org,
or send an email to

ian.lynch@opendocumentfellowship.org
or find your regional contact at

http://www.opendocumentfellowship.org/Main/Contact

Related link: http://forums.delphiforums.com/LibertyBooks

I have started a free on-line study course on my book-support forum on Delphi (you need to join Delphi, but it is free). [http://forums.delphiforums.com/LibertyBooks ]

Please be sure to go to the folder marked “Programming VB05 Course”

Every week or two we’ll start on a new chapter, but I’ll keep the threads going for older chapters so you can begin at any time.

I will post questions and commentary, but the bulk of the course will consist of interaction between readers and each other and questions and comments for me.

The required text is Programming Visual Basic 2005 which you can buy at a discount through my web site: http://www.LibertyAssociates.com - click on books. You’ll also find source code and related material.

Each time I start a new chapter, I’ll put a quick note up on this blog to let you know.

We’ll begin immediately with chapter 1: Building Windows -Applications, Design and First Forms

Looking forward to this. Thanks.

Jesse

Let me know what you think of this idea

Related link: http://www.leastprivilege.com/ASPNET20DeploymentMode.aspx

ASP.NET 2.0 features a new configuration element called deployment. If you set this in machine.config - debugging, tracing and detailed errors are turned off machine wide. This is a nice switch for admins to make sure a dev didn’t forget to set the correct values in his local application.

<deployment retail=“true“ />

Related link: http://www.devradio.com/PermaLink,guid,c7bc4fef-d03a-4c54-a94c-78c14dcbc993.aspx

I’m pleased to say that I was interviewed by Microsoft’s Joe Stagner on DevRadio.com’s Inside Out program. The segment runs about 90 minutes, and is set up for either podcatchers or for listening on line or even downloading to your machine.

Joe is fantastic, and keeping an eye on his show and his blog is highly recommended.

Well, I am very pleased to say that I have completed my book ‘Essential Microsoft Operations Manager’ and sent the last of my revisions to my editors.

I continue to be surprised that there are no books available yet on this topic, though there are very active weblog and discussion boards.

I’ll leave it to O’Reilly to announce the release date, but I suspect it will be pretty cold outside (in North America) when it does hit the bookshelves.

In writing the preface, I was asked, why did I write this book and why is it of value? I can answer that in how I approached the writing of each chapter. My starting place was always what would I want to know if I were doing all this for the first time and what documentation and research can I find about it? For the most part, especially the chapter on SQL and the databases, I found very little out there. So I set about researching and writing the material that I had looked for. More than a few times at the end of a chapter, I found myself saying, I wish someone had written this material so I could have read it in preparing to write this chapter.

The book is not perfect, nothing ever is, or will be. But I hope to have the opportunity to advance it along that path

I believe that this book is going to give the novice MOM administrator a solid foundation to perform 80% of the tasks that they will ever have to do with MOM; and it will give them a strong starting place from which to learn how to perform the remaining 20%.

Ultimatley, why did I write this book, simply because it was needed and I was frustrated at the lack of what was available.

Thanks to O’Reilly!

Last month I wrote about one of the best new little tools I’ve come across recently, SyncToy, a PowerToy from Microsoft that lets you synchronize files and folders with a simple click or two.

Now Microsoft is back with another freebie — this one an update to the old standby, MSConfig. MSConfig is an excellent tool for troubleshooting Windows startups, and for selectively turning off and on programs and utilities to run at startup.

The update, downloadable here, adds a new tab to the utility, which lets you run a baker’s dozen of useful Windows utilities, such as System Restore, the Registry Editor, the Add/Remove applet for adding and removing programs, and more.

Will this change your life at the keyboard? Of course not. But because you don’t use these utilities all day, you often forget where they can be found — and sometimes that they even exist. So it’s a great time-saver, which is all we can really ask for of simple utilities.

If you’ve got a simple free utility you like, let me know, below.

What are your favorite free utilities?

Anyone hoping that the recently announced Google-Sun partnership would change the technology landscape has to be sorely disappointed. Beforehand, rumors were rife, primarily that Google would make available a free, Google-powered and Google-branded version of the OpenOffice.org office suite.

Instead, the announcement was about as exciting as reading Sun technical documentation. Here’s what it amounts to: Sun will distribute the Google Toolbar. Google will buy lots of servers from Sun.

Somebody wake me up, please.

There was plenty of the usual marketing gobbledygook, with meaningless, sleep-inducing terms like “dynamic, interactive technology solutions.” In the end, though, there wasn’t a whole lot there. As for OpenOffice.org, the companies only said there would be “further collaboration” between the two about it. Microsoft Office will continue to rule for the foreseeable future.

How much did Google care about this announcement? The company didn’t even bother to write a press release.

I can’t say that I blame them.

What do you think about the Google-Sun partnership?

Related link: http://www.leastprivilege.com/ASPNETWebProjectSystem.aspx

ScottGu has a series of article which contain excellent information about the new web project system in Visual Studio 2005. part1. part2. part3. part4.