Scott Hanselman

Avoid using Impersonation in ASP.NET

October 23, '06 Comments [2] Posted in ASP.NET
Sponsored By

The MSDN Docs are very careful not to recommend using impersonation it affects connection pooling when talking to databases downstream. The suggestion that one takes care when using impersonation has been in place since its inception.

Know Your Tradeoffs with Impersonation

Be aware that impersonation prevents the efficient use of connection pooling if you access downstream databases by using the impersonated identity. This impacts the ability of your application to scale. Also, using impersonation can introduce other security vulnerabilities, particularly in multi-threaded applications, such as ASP.NET Web applications.

You might need impersonation if you need to:

· Flow the original caller's security context to the middle tier and/or data tier of your Web application to support fine-grained (per-user) authorization.

· Flow the original caller's security context to the downstream tiers to support operating system level auditing.

· Access a particular network resource by using a specific identity.

(http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/PAGGuidelines0001.asp)

ScottGu has a good post on how to use declarative authorization to restrict access without impersonation. This works great with Forms Authentication and Custom Principals like we use at Corillian. Here's one of his examples:

   1:  using System;
   2:  using System.Security.Permissions;
   3:   
   4:  [PrincipalPermission(SecurityAction.Demand, Authenticated = true)]
   5:  public class EmployeeManager
   6:  {
   7:      [PrincipalPermission(SecurityAction.Demand, Role = "Manager")]
   8:      public Employee LookupEmployee(int employeeID)
   9:      {
  10:         // todo
  11:      }
  12:   
  13:      [PrincipalPermission(SecurityAction.Demand, Role = "HR")]
  14:      public void AddEmployee(Employee e)
  15:      {
  16:         // todo
  17:      }
  18:  } 

There's all sorts of wacky things one can do with impersonation, but it you ask yourself WHY you need it, perhaps you'll find a simpler solution.

One of my bosses always says "Guy walks into support, sez he needs a bigger mobile phone antenna. Doe he need a bigger antenna or does he really want better reception? Don't let your users dictate your solution with their statement of the problem."

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Is there a good reason to mark a class public?

October 23, '06 Comments [13] Posted in Learning .NET | Programming | TechEd
Sponsored By

Paul Stovell was watching a talk I gave with Keith Pleas at Teched US 2006 on building your own Enterprise Framework. The basic jist was that architecting/designing/building a framework for other developers is a different task than coding for end users.  

One thing that is valuable for context is that Keith and I were playing roles in this presentation. Keith was playing Einstein in his Ivory Tower, the developer who wants perfect purity and follows all the rules. I was playing Mort the realist, the developer who just wants to get the job done. We went back and forth with white slides for Keith, Black for me, each of us declaring the extreme view, then coming together on the final slide with some pragmatic and prescriptive guidance.

Paul had an issue with the slide on Extensibility where I, as the hyper-realist, said:

  • If they extend it, they will break it
  • Use Internal more
  • Seal first, ask questions later

He said:

Frankly, I think this is crap.
[Paul Stovell

For goodness' sake, Paul, don't sugarcoat it, tell me how you really feel! ;) Just kidding. He has some interesting observations and (some) valid points.

If you are developing a framework or API for someone else to use, and you think you know more about how they plan to use your API than they do, you've got balls. [Paul]

I mostly agree with this. However, you certainly need to have SOME idea of what they are using it for as you're on the hook to support it in every funky way they might used it. It is reasonable to have some general parameters for how your API should be used. If you design it poorly, it will likely get used in ways that may end up giving the developer a bad experience or even breaking the app.

For example, in a logging service we had a method called ConfigureAndWatch that mirrored the log4net ConfigureAndWatch. It's meant to be called once per AppDomain, and never again. Because it was not only poorly named (since we too the internal implementation's name) and it didn't offer any suggestions (via exceptions, return values, or logging of its own) some users would call it on every page view within ASP.NET, causing a serious performance problem. There's a number of ways this problem could be solved, but the point is that there needs to be a boundary for the context in which an API is used. If we had constrained this more - and by doing that, we think we know more than they do - then some problems would have been avoided.

Scott goes on to give an example whereby he actually made every class "internal" in his API, and waited for users to tell him what classes they wanted to extend, and extended them one by one. [Paul]

This little bit of inspired brilliance was not my idea, but rather Brian Windheim's, an architect at Corillian. We had an application that consisted largely of base classes and developers were insisting that they needed infinite flexibility. We heard "infinite" from the developers, but not the business owner. Brian theorized that they didn't need as much extensibility as they thought, and shipped a internally basically sealed version. When folks needed something marked virtual, they put it in a queue. The next internal version shipped with something like 7 methods in one class marked virtual - meeting the needs of all - when originally the developers thought they wanted over 50 points of extensibility.

The point of Brian's exercise was to find a balance between extensibility, both explicit and implicit, and supportability.

When you mark something virtual or make a class public, as a developer framework designer explicitly expressing support for the use of that API. If you choose to mark everything virtual and everything public as Paul advocates, be aware of not only the message you send to the downstream developer, but also the unspeakably large combinatorics involved when that developer starts using the API in an expected way.

Cyclomatic complexity can give you a number that expresses the complexity of a method and offer valuable warnings when something is more complex than the human mind can comfortably hold. There are other tools (like NDepend and Afferent Coupling, Lattix and it's Dependency Structure Matrices and Libcheck and its measure of the churn of the public surface area of a framework) that can help you express the ramifications of your design decisions in fairly hard metrics and good reporting.

If you mark all your classes and methods public,  be informed of these metrics (and others) and the computer science behind them and acknowledge that you're saying they aren't right for you. Just be aware and educated of the potential consequences, be those consequences bad or good.

Can you honestly rely on people who are "just playing" with a technology to tell you which bits they will need to be extensible 12 months into the future?

You totally can't. When you're designing for Users, you do a usability study. When you're designing for Developers, you need do a a developability study.

Microsoft actually does more of this than most folks think. Sure there's the Alphas, Betas and CTPs, but there's also TAP (Technology Adoption Programs) programs, Deep Dives where folks go to labs at Microsoft and work on new technology and frameworks for a week while folks take notes. These programs aren't for RDs or MVPs, they're for developer houses. If you're interesting, ask your local Microsoft rep (whoever organizes your local Nerd Dinners perhaps) how you can get into an Early Adopter Program for whatever technology you're hoping to influence. They really DO listen. We just came back from a Deep Dive into PowerShell and got not only access to the team but a chance to tell them how we use the product and the direction we'd like to see it go.

Scotts [sic] philosophy, and that of many people at Microsoft (and many component vendors - Infragistics being another great example), seems to be to mark everything as internal unless someone gives them a reason to make it public.

That's not my philosophy, and I didn't say it was in the presentation. It was part of the schtick. The slides looked like this with Keith as Ivory Tower Guy first, then Me as Realist guy, and the "in actuality" slide last with guidance we could all agree on. However, I still think that marking stuff internal while you're in your design phase is a great gimmick to better understand your user and help balance good design with the important business issue of a supportable code base.

The salient point in the whole talk is be aware of the consequences of extremes and make the decision that's right for you and your company. (Very ComputerZen, eh?)

  

Paul's right that it is frustrating to see internal classes that do just what you want, but simply marking them public en masse isn't the answer, nor is marking everything internal.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

PowerShell CMDLET Visual Studio 2005 Item Template

October 20, '06 Comments [7] Posted in PowerShell
Sponsored By

Jason Scheuerman from my company has created a PowerShell Cmdlet Visual Studio 2005 Template so you can create PowerShell Cmdlets using File|Add New Item.

In the screenshot at right, I've select File|Add New Item and entered get-thing.cs as the name of my new Cmdlet.

If you want to use this Item Template, drop this zip file into your C:\Documents and Settings\<YourUserNameHere>\My Documents\Visual Studio 2005\Templates\ItemTemplates.

Don't unzip it, just put the ZIP itself in that folder.

You can learn more about creating Cmdlets (they're different from PowerShell Scripts (PS1 files) in that they can integrate more tightly with the pipeline and they can use parameter binding) at MSDN.

There's more about the difference between Cmdlets and scripts in my interview with Jeffrey Snover at Hanselminutes.com.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Onkyo TX-SR674 HDMI Upconverting Receiver

October 19, '06 Comments [10] Posted in Reviews
Sponsored By

Our Home Theater, er, Living Room, has consisted of the same Sony Receiver and random collection of goo since I worked at 800.com. Since we got HDTV it got really difficult to manage the system because the Sharp LCD has 5 inputs and the older Sony Receiver has 5 inputs and we had to do all this video + audio switching. "Put the TV/Video on Component 1 and the Audio on Optical 2" - you get the idea.

The Harmony Remote made a huge difference, and I still love it, but the receiver has been showing its age and every once in a while it will just stop making sound. Then 15 minutes later, it'll make a loud click and start up again. The Sony 925 Receiver isn't a "video switching receiver" for anything other than composite analog signals, of which I have none.

I started doing research on a new receiver using the kitchen remodel and living room repainting as an excuse. I figured since I'd have the whole thing ripped up anyway, why not put it back together right.

I decided on the Onkyo TX-SR674S (S for Silver) for a number of reasons.

  • It offers decent price/performance balance. I'm not an audiophile, nor do I care to be, so I'll never buy a $1000 receiver, and I will continue to use the same speakers I have had for the last 10 years until they burn up. I would like a receiver that can utilize what I have though.
  • It does video switching, but also HDMI video upconversion. That's not upscaling, now. Meaning, if a 480p signal comes in the Component Connector, it'll just go out to the HDMI as 480p. This means that I have one wire going to my Sharp LCD, and that's HDMI. This means I can set my TV's input and forget about it. It's also clearer than using Component Cables. Additionally my Replay TV that outputs via S-Video is also upconverted to HDMI and looks very clear. It will however deinterlace 480i and output 480p.
  • XM Satellite Radio (it's ready for it). I have XM in my car (actually Greg has mine as he's driving across the country and I pressured him to take it for a whirl) and I love it.  While we do listen to XM via the Media Center via the XBox, I would like it to be more integrated. It also has Radio Disney and XM Kids that I'd rather Z listen to over TV. (No TV for the baby) All I had to do was get an XM Antenna and it just worked. Slick.
  •  Audyssey 2EQ™ room acoustics correction. This is a fancy equalizer that includes a microphone and runs your speakers and room through a 12-step series of tests. In the process it learns the distance of your speakers to your ears and adjusts the dB level of each speaker individually to make up for crappy acoustics. It nailed the distances of my speakers and noticed that my Center Speaker is 2 feed farther back than my front speakers and added +1dB to the Center's level to compensate. Very nice, and I understand the Audyssey is well thought of amongst folks more into this stuff than I.
  • 1080p ready - It'll handle 1080p if need be, although I'm pretty much standardized on 720p. However, I've gotten rid of my Sony DVD/VCR combo (or, rather, I'd like to - $50OBO in Portland, you pick up) and I'm using the Xbox 360 as my only DVD player. The recent updates to the Xbox have pumped up the video quality and it's now absolutely better than the Sony Progressive. I'm looking forward to the HD-DVD player this holiday season.
  • Powered Zone 2 - If I ever want to run audio upstairs or outside, the receiver has a separately powered second zone.

All in all, I'm VERY happy with the receiver and how much cleaner the whole system works now and I recommend this receiver highly.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Hanselminutes Podcast 37 - Interview with ScottGu

October 18, '06 Comments [4] Posted in
Sponsored By

My thirty-seventh Podcast is up. This one is a surprise interview with Scott Guthrie or "ScottGu", General Mananger within the Microsoft Developer Division (DevDiv) or as I like to call him, "He from which all good things flow." ScottGu took time out of his busy schedule to talk to me about Ajax, Ajax Extender controls, CSS adapters and more.

I hope enjoy this additional interview-format show. When I get the opportunity to interview folks that I've always wanted to chat with I assume you've always wanted to chat with them too! I'm striving to avoid wasting your time, so I'll include interview shows like this one interspersed with the 'standard' Hanselminutes format, so don't worry, we're always trying to improve the show and your requests for show topics are all put in a big queue. :)

We're listed in the iTunes Podcast Directory, so I encourage you to subscribe with a single click (two in Firefox) with the button below. For those of you on slower connections there are lo-fi and torrent-based versions as well.

Subscribe: Feed-icon-16x16 Subscribe to my Podcast in iTunes

Links from the show are also always on the show site, although this show had no links to speak of. Do also remember the archives are always up and they have PDF Transcripts, a little known feature that show up a few weeks after each show.

 Our sponsors are XCeed/nsoftware, CodeSmith Tools and the .NET Dev Journal.

There's a $100 off CodeSmith coupon for Hanselminutes listeners - it's coupon code HM100. Spread the word, now's the time to buy. This coupon is good for the CodeSmith Professional With 1 Year Premier Support option.

As I've said before this show comes to you with the audio expertise and stewardship of Carl Franklin. The name comes from Travis Illig, but the goal of the show is simple. Avoid wasting the listener's time. (and make the commute less boring)

  • The basic MP3 feed is here, and the iPod friendly one is here. There's a number of other ways you can get it (streaming, straight download, etc) that are all up on the site just below the fold. I use iTunes, myself, to listen to most podcasts, but I also use FeedDemon and it's built in support.
  • Note that for now, because of bandwidth constraints, the feeds always have just the current show. If you want to get an old show (and because many Podcasting Clients aren't smart enough to not download the file more than once) you can always find them at http://www.hanselminutes.com.
  • I have, and will, also include the enclosures to this feed you're reading, so if you're already subscribed to ComputerZen and you're not interested in cluttering your life with another feed, you have the choice to get the 'cast as well.
  • If there's a topic you'd like to hear, perhaps one that is better spoken than presented on a blog, or a great tool you can't live without, contact me and I'll get it in the queue!

Enjoy. Who knows what'll happen in the next show?

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.