Geeks With Blogs
Scott Muc Another .Net Developer Named Scott

The Ajax Revolution with Derek Hatchard

I was hoping to hear about some more advanced talk about the trials and tribulations of using Ajax in this session but it turned out to be a basic demo of the simple AjaxToolkit controls and some effects. Nothing was new to me so there's not much to talk about. If you've seen the AjaxControlToolkit demo page and the demos then you've seen it all.

Security Through Partial Trust with Don Kiely

Security is always an issue with web development and I always like to keep it in mind when developing. Partial trust is a layer of security that runs on top of managed code. Security in .Net involved Code Groups, Security Policies, and Trust Levels.

The default trust level for an application domain can be edited in the securityPolicy element in the machine.config. The trust element can be changed and will then follow the policies dictated in the policy config files. Primary benefit of medium trust is that it does not trust unmanaged code and also sandboxes the file IO to the Application Directory.

The permission sets are determined by the code group that is discovered via the evidence exposed by the assembly. Assemblies that get loaded must match a Code Group for the trust level.

Adjusting the trust level involved editing the web site web.config and changing the trustLevel element. This would be cool to add to our website but we deal with so many different directories that it would take a long time to change the security and get the website working again.

The permission files are simply serialized forms of the Permission object. This means you can write apps to create PermissionSets which gives you Intellisense if using an IDE. Get the resulting XML and add that to the policy file.

This stuff is freaking cool, but I can see why it hasn't gone mainstream. There's a lot of complicated setup and configuration involved that isn't obvious unless you really know what you're doing.

I managed to win a book which was nice as well!

Power ASP.NET Debugging with Don Kiely

The debugging features of VS are more impressive than I was expecting. I've used debugging when writing applications in school, but never realized that powerful debugging would be at such a level for web applications. Unfortunately it does mean switching my dev environment to VS, but I'll do some research to see if Sharp Develop can perform similar debug actions.

Introduction to MS Build with Claudio Lassala

I'm a big fan of NAnt and I heard MSBuild was similar so I thought this session would be interesting to see if there are any differences that would compel me to switch. At then end of the session I got the impression that MSBuild was almost exactly like NAnt except with some keywords changed around. I think I'll stick with NAnt as it works well in the Mono community. If two tools do something exactly the same and implement it just as well, the next thing I always use to measure the usefulness of the application is its portability. I probably should have asked about Mono and MSBuild support but I was getting groggy and I'm in no hurry to switch from a build framework that works great.

Posted on Thursday, May 17, 2007 11:57 AM Devteach 2007 | Back to top

Comments on this post: Devteach 2007 - Day 3

No comments posted yet.
Your comment:
 (will show your gravatar)

Copyright © Scott Muc | Powered by: