Sunday, 28 December 2014

Generic

One of the benefits of generics is that more checking is done at compile time, so you're more likely to have working code when it all compiles, this makes the experimentation simpler.

Reference : C# in Depth, 3d Edition

Friday, 26 December 2014

Validation

Ensure that you correctly handle validation errors, and avoid exposing sensitive
information in error messages. In addition, ensure that you log validation failures
to assist in the detection of malicious activity.

Reference : Microsoft Application Architecture Guide (Second Edition)

Thursday, 25 December 2014

Exception Management

Differentiate between system exceptions and business errors. In the case of business errors, display a user friendly error message and allow the user to retry the operation.In the case of system exceptions, check to see if an issue such as a service or database failure caused the exception, display a user friendly error message, and log the error message to assist in troubleshooting.

Reference : Microsoft Application Architecture Guide (Second Edition)

Tuesday, 8 April 2014

Avoid Obsolete Comments

According to Robert C. Martin:

"A comment that has gotten old, irrelevant, and incorrect is obsolete.  Comments get old quickly.  It is best not to write a comment that will become obsolete.  If you find an obsolete comment, it is best to update it or get rid of it as quickly as possible.  Obsolete comments tend to migrate away from the code they once described.  They become floating islands of irrelevance and misdirection in the code."

Sunday, 19 January 2014

Why do we host a WCF service in IIS ?

IIS is well known to most developers, particularly .NET developers, so not much needs to be said by way of introduction. Suffice it to say that many organizations will already have an IIS instance running, there will probably be personnel dedicated to its maintenance, and most developers have already used it extensively.

IIS is already integrated with ASP.NET. As such, it has out-of-the-box support for many useful features such as isolation of application pools, process recycling, idle shutdown, and process health monitoring. It also enables message-based activation. If your application needs to have high availability and be scalable, IIS is an ideal choice. IIS can easily be clustered. It can be hosted behind a firewall. It can be run behind a load balancer. By nature, it’s well suited to processing high request volumes.

Although it is also a strength, IIS has been targeted to many attacks in the past because of publicized security flaws. Its prevalence makes it an attractive attack target for many hackers. But the costs here are more than offset by the benefits provided precisely by its popularity. Most importantly though, IIS limits the bindings you can use and support. IIS only supports message transport via HTTP. As you might recall from the discussion on bindings, the http-based binding set is easy to use, but it’s also quite limiting, and because you can use only HTTP, it makes this option unusable for many.

Refrence : Developing Windows Azure and Web Services Exam Ref 70-487