Multi-tenancy stuff

I spent some time today researching various bits and bobs on multi-tenancy web apps, and I thought I'd store my findings here for posterity(!) and for discussion.

Windows Workflow Foundation links

Couple of useful articles.

WF not WWF
What to use WF for

Theories of Scaling

Mike and I went to a .NET usergroup meeting called "The Scaling Habits of ASP.NET Applications" by the excellent Richard Campbell (of DotNetRocks radio, Strangeloop etc) on Monday.


I highly recommend watching a screencast of his presentation(pptx), but this post tries to summarise his key points

Globalization in ASP.net

Scott Hanselman blog posting about MVC3 globalisation. Some useful titbits. He visits Globalization quite frequently, so it's worth keeping an eye on his blog.

http://www.hanselman.com/blog/GlobalizationInternationalizationAndLocalizationInASPNETMVC3JavaScriptAndJQueryPart1.aspx

Entity Framework entity splitting

We were talking about how we can be smarter about setting up models for objects where the required fields change depending on who is looking at it - e.g. Where an administrator is setting up a user they should only need to set up email address, username, dummy password and client. When the user logs in it should then force them to fill in more details, such as name and address. One way of doing this is documented below.

http://www.robbagby.com/entity-framework/entity-framework-modeling-entity-splitting/

Entity Framework 4.1 Release Candidate available for download

Update from CTP 5.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2dc5ddac-5a96-48b2-878d-b9f49d87569a

Procedurally generated culture sensitive validation for ExtJS.

So here's a quick update of what I've been doing in the last week.  My estimate for this was way of the mark but I encountered a couple of bugs in ExtJS concerning at which point ExtJS receives its validation data, and at which point we can hook in to use its nifty features, but now I think I've got the best part of a pattern down for how to go about building custom controls with culturally sensitive validation.

CSRF Prevention with MVC.NET

There's plenty of information on the inter-tube on the Cross Site Request Forgery Hack (CSRF, also known as XSRF and Confused Deputy - go on just Google those acronyms) so I'm only going to give a general overview of the exploit but know that it is a problem that has been around pretty much since the birth of of the internet, that browsers cannot prevent it (and have in the past aided it), and pretty much relies on a User's Trust / Stupidity.

Custom Validation via Action Filters

At the end of last week, I was tinkering with the Entity Framework 4.0 and MVC3;  MVC which we’ve been using a long time here and we all know and love, Entity Framework which quite frankly feels unfinished unless you have the CTP5 patch so that one can write true code-first with POCO’s.  Now I know it’s illegal to use CTP patches on production environments, but apparently this is the last CTP release before a full release first quarter this year, so we can begin prototyping with it at least.  Anyway getting to the point, during my tinkering, I think I may have worked out a means of custom validating objects in the controller, setting ModelState, and creating errors well before a controller method is invoked, essentially creating a validation layer that at run time sits between a UI post and the controller.  I'm sure I'm not the first who's done this, and this has been worked out and blogged a gazillion times before but I figure I'll have my say on the matter...

O/RM Schema Design Approaches

I've spent this afternoon looking at the various schema design approaches available to an O/RM user, in the context of Entity Framework (EF).

"A computer lets you make more mistakes faster than any invention in human history—with the possible exceptions of handguns and tequila."

and another one from the snowy wastes of that there internet:

"Walking on water and developing software from a specification are easy if both are frozen."

ViewEngines in Our Solution

So the three of us have been looking at the Razor view engine over the last couple of days and decided it has many advantages over WebFormViewEngine. A good summary can be found here (note that Declarative HTML helpers aren't really out of the box, see here).

Windows Identity Foundation

In Brief

Windows identity Foundation (WIF) is a component of Microsoft's identity and access management solution. It is a 'Federated' and 'Claims' based identity framework with the distinct goal of decoupling the mode of authentication from an application and/or service. On the face of it then, WIF appears to be an solution for externalising the authentication mechanism altogether, no longer necessitating the need to create custom identity providers and user account tables for disparate applications within and without an organisation. 

DotNetDevNet Usergroup meeting

Mike and I went to a great .Net usergroup meeting yesterday. After sitting through a couple of 10 minute presentations on Fogbugz(!) and Android development, the main part of the meeting kicked off. Presented by Steve Sanderson it was basically a quick run through of asp.net MVC3. I definitely recommend seeing Steve if you have the chance - no powerpoint, and lots of code!

Unit Testing Best Practice

I'll start this off with the things I think make good best practice for unit tests. Please feel free to add more or to correct me in the comments.

Ext.JS view implementation

Alistair wrote a great post on Friday recapping his visit to Bath. Amongst his points was a section on his concerns with implementing Ext.JS in an MVC environment, and an equally excellent reply from Nathan (at 2am when he was on holiday!)

Rather than further dilute Alis post covering a multitude of points, I thought I'd start a new post specifically for discussing our Ext.JS implementation.

Recap - from the bath visit

Hi guys, thought this might be a good place for this; just wanted to have a little recap of what we went over and any decisions made or points still up for discussion.

Phase 1 Backlog

Phase 1 Backlog in One Note

We need to put some initial estimates (using PlanningPoker) in over the next few days. As Mike is off this week and Nathan is off next week, I'll split it into two sessions, one with Nathan, Luke and Ali tomorrow, and one with Mike, Luke and Ali next week.

If (then else)

If you can keep your code clean while others are corrupting it,

And losing their data and blaming it on you,

If you can be sure that DVCS is right when all coders doubt you,

But make allowance for SVN being pretty nifty too,

If you can wait for compiles and not be tempted to turn off warnings,

Or, seeing a broken window, fix it,

Or, getting a harsh peer review, don't give way to stubborness,

And yet don't appear to be a guru, nor talk like one

Then you'll be a developer, my son.

(From Programmers Stack Exchange, Apologies to Kipling)

Welcome

Welcome to the new team blog!

Feel free to share articles, code, gotchas and any WTF code snippets you might come across ;)

Also any updates or general points for discussion.

Happy blogging!