# Thursday, June 19, 2003

Chris Goldfarb has some pointers/caveats about upgrading your build process from VS.NET 2002 -> 2003.   I’d add to that additional things to watch out for if you are using a build script that doesn’t use VS.NET.  We’re using NAnt to do our builds, and it uses the underlying .NET SDK compilers without regard to anything in the VS project files.  This leads to an even weirder upgrade, since you have to update your NAnt build file to reflect any changes required to build under 1.1 (and there are likely to be some, it took me most of a day to iron out all the issues) completely outside the context of VS.NET.  

The end result was that we had a full build working under 1.1 long before we had updated all our project files to VS.NET 2003.  This brings up some interesting problems when it comes to dependencies.  We have a fairly complex system with dozens of assemblies, and many of the project files reference assemblies from the build directory.  If your build directory is suddenly full of assemblies compiles against 1.1 and you still have 1.0 projects, chaos ensues.  All together it took the team 2-3 days to iron out all the issues and transition fully to 1.1.   As a side benefit, between the upgrade to 1.1 and moving to the latest version of NAnt (0.8.2) our build now takes about half the time it did before using essentially the same build script.  At worst it only took around 30 minutes, but 15 is still much nicer.

I guess the bottom line either way (and I think Chris reached the same conclusion) is that upgrading to 1.1 is not something you can do piecemeal, and you really have to tackle it all at once.  Embrace the pain and get it over with.

[Listening to: Man of Constant Sorrow - Dan Tyminski - O Brother, Where Art Thou?(03:10)]
Thursday, June 19, 2003 1:50:20 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  | 
# Wednesday, June 18, 2003

Scott Hanselman writes:

Schema Versioning: Changing a namespace is not versioning, it is new type creation. [meta-douglasp]

Ok...I can see that point of view...then does versioning (as we hope to know it) simply not exist in the world of Schema?

I would say that versioning does exist in the world of Schema, but you do have to work for it.  It is certainly true that there is no standard way of handling schema versioning.  There are ways to deal with it yourself, but they do require some forethought. 

You can add version attributes to the elements in your schema, and leave them open using xsd:any or xsd:string, etc.  Doug Purdy had some good suggestions in his TechEd presentation (WEB400: Loose Coupling and Serialization Patterns).  The bottom line is that you have to leave yourself an out in the schema, and add a version attribute, and you have to do those things up front in the first version.  By their very nature it’s not the kind of thing you can start in version 2 when you discover that you need to add something.  That’s the biggest hurdle right there.  You have to anticipate version 2 while you’re writing version 1.  Granted, it’s usually a safe assumption that things will change, and it’s not too much extra work to build in the flexibility, but it does require some work and some additional planning.

Wednesday, June 18, 2003 2:29:49 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  | 
# Friday, June 13, 2003

Scott Hanselman mentioned this site at the TechEd bloggers meeting. I'd heard of it, but hadn't actually checked it out. It's at http://www.pepysdiary.com/

What an interesting way to approach a historical document. You get to see each day in a man's life revealed as if he were writing about it right now, day by day like any other blog, only you're reading the life of a 17th century Englishman instead of a modern internet denizen. The text is heavily annotated with commentary, references to the dramatis personae, and even links to an English mapping site so you can bring up maps of the places described. The Internet has generated some new and interesting ways of examining historical documents, but I think this is the most interesting one I've seen in some time.

For all you aggregators, it's not obvious where to find their RSS links, but you can find them here.

[Listening to: Local God - Romeo + Juliet Soundtrack - Romeo + Juliet (03:56)]
Friday, June 13, 2003 5:13:50 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  | 
# Thursday, June 12, 2003

What a great book! Samurai William: the Englishman who opened the East by Giles Milton is all about the Englishman (William Adams) who was the real-life model for the main character in Clavell's Shogun.

Not only is it a very interesting subject (I had no idea that Europeans were so active in Japan so early) but Milton is a very readable author who knows how to combine hard core historical research with the kind of entertaining anecdotal history that makes it fun to read. I've had a long-standing interest in Japan, having spent a total of about 7 months there since highschool, and I've read a lot of early Japanese history, but most of those tend to overlook the European influence during that period. Milton has compiled a great deal of information about not only Adam's life in Japan, but what was going on with Europeans in the rest of Asia at the time. It ties in with his earlier work "Nathaniel's Nutmeg" (also a great read about the spice trade) in several places.

I also have a copy of Milton's "Big Chief Elizabeth" about the early English settlers of North America, but haven't had a chance to read it yet.

[Listening to: What Are Ya' At? - Great Big Sea - Great Big Sea (03:12)]
Thursday, June 12, 2003 5:02:05 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  | 

I'm in the middle of defining an interface between a set of hardware devices and a central server farm using XSD and WSDL. The semantics of the WSDL interface I understand pretty well, but what I'm wrestling with now is the schema of the data being carted back and forth. I want to use the same endpoint on the server side to recieve data from several different kinds of monitors, which understandable have quite different data reporting needs. The schema I'm working with right now (which I didn't right but consulted on) defines a set of basic structures common to all monitors, and the a separate schema for each type of monitor that extends those base types.

The issue I have with that is how to structure the datatypes in the WSDL. If I make the datatype in the WSDL the common type and just expect the get the derived types, that's one possibility. Another is to make the type in the WSDL xsd:any and just figure it out at the application level. Still another is to change the XSD so that the base types leave open placeholders (xsd:any) and that the concrete monitor types don't extend the schema, they just add their own extra data into the base type in a different namespace.

Right now I'm leaning towards defining the type in the WSDL as xsd:any and just worrying about it at the application level. The disadvantage is that you can't get the full schema information from the WSDL, but since this is essentially a closed system I'm not sure how much that matters. Hmmmmm.

I saw some good presentations at TechEd involving the benefits of loosely coupled schemas (Doug Purdy's was particularly interesting) so I understand what the options are, but that doesn't necesarrily make it easier. I suppose that's what we get paid for.

[Listening to: Someday Soon - Great Big Sea - Great Big Sea (04:18)]
Thursday, June 12, 2003 1:30:52 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  | 
# Tuesday, June 10, 2003

Having been home a few days now (and spending all day yesterday lying on the floor with my back out) I've had a chance to ponder this year's event. 

Overall, I'd say that I learned a lot, but that the overall conference was less exciting than in years past.  I think that's mostly due to the vagaries of the product cycle, with Everett fully “here” and things like Yukon and Jupiter a little too far out.  I spent most of my time on all things Web Services, which was quite interesting.  The biggest thing I noticed was the new mentality of “it's the WSDL, stupid”.  In times past the message has been to write you code and get WSDL for free, and now the message seems to be that if you want your web services to be compatible with non-.NET platforms, it's worth writing the WSDL / XSD first, then generating code from there.

The one possible dissenter was Clemens Vasters, who demonstrated some very ingenious ways of starting with the code, but tweaking the WSDL to match what you really want, and not what you get from the framework for free.  Overall I think the best sessions I went to were his AOP and WS internals talks.   

The party was also pretty good this year.  Smashmouth rocked, and the overall atmosphere of the event was pretty fun, even if maybe not quite as fun as TechEd 2000's party at Universal Studios Florida.   I must say that watching people climb an inflatable rock after too many margaritas was worth the price of admission this year.

Tuesday, June 10, 2003 2:59:25 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  | 
# Friday, June 06, 2003

 Humph.  I’d have to say this presentation was disappointing.  It was on the development of the London traffic congestion charging system, which is not only highly controversial, but arguably the largest deployed .NET application.  I was hoping to get some technical details about how they got it to scale, but instead it was pretty much just marketecture, which I haven’t seen a lot of here this year.  The main focus was around the fact that .NET beat out J2EE for this job, and that it was done quickly and at comparatively low cost.  OK, I get that about .NET.  The one interesting thing in that space was that Mastek, the India-based development shop that did the implementation, actually did two separate test projects during the RFI for the project, one in J2EE, the other in .NET (v1.0, beta 1).  It’s interesting to see the results of one company seriously trying to build the same application on both platforms, rather than the competitive Pet Store type comparison.  Their conclusion was that they could do the .NET implementation for 30% less. 

Unfortunately the presentation was almost totally devoid of technical details.  For a 300 level presentation for developers, I would expect more than two slides on the implementation.  The only interesting technical details was that they used the same set of business object for both intra- and extranet sites, but the extranet used a wrapper that hid the privileged methods, and a firewall was used between the presentation and business tiers to limit the public site’s access to only the wrapper class.   

Friday, June 06, 2003 11:48:39 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  | 

While the presentation itself was a bit slow, the content was very interesting.  It was about how Microsoft, Unisys and others built a highly scalable system for use by law enforcement and the public health system to send and receive alerts such as Amber Alerts and public health warnings.  The biggest factor influencing the design was the fact that they control essentially the entire system, from the back end datacenter all the way to the workstation setups.  This allowed them to take advantage of a lot of features not normally available to “Internet” applications.  For starters, they chose a WinForms app on the client side to provide the best performance and richest user experience.  They use .NET remoting (over TCP using the binary formatter) to get the best performance over the network, which also allows them to hook up bidirectional eventing so that new bulletins can be distributed rapidly without poling.  The client app uses MSDE to cached frequently used data like addresses and geographical data.  Each local client can be configured to either communicate with a local hub system, or with the back end datacenter. 

Since they had to accommodate 25,000 installed workstations, and an addressbook projected at 100M users it makes sense to take advantage of some heavyweight code on the client side to get the best scalability.  Overall it was a good example of how to build a really large system, although it depends so heavily on being able to control the whole system that it may not be applicable in very many cases. 

I’ll looking forward to comparing and contrasting with DEV372 (coming up this morning) which is a case study of the London traffic billing system.  More on that later.

 

Friday, June 06, 2003 10:34:03 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  | 
# Thursday, June 05, 2003

 Hallelujah brother!   I have seen the light of AOP!  I read last year’s MSDN article on AOP and thought that it was a dang good idea, but the implementation was a little on the questionable side.  It took advantage of undocumented goo in the .NET remoting infrastructure to do interception.  Cool, but not necessarily something I’d go into production with.  And it doesn’t work on ServicedComponents.  Clemens Vasters showed how to do AOP in about 4 different contexts, including ASP.NET WebServices, EnterpriseServices, WinForms and using the remoting interception method.  Best of all, he showed how to use the same metadata in each context.  Very cool stuff, and all the samples will be posted to his blog

I was particularly impressed by two things:  the way he explained why AOP is interesting and useful using real world examples, and the AOP examples in ASP.NET web services, which is a great way to abstract the use of SOAP extensions.  Check out his samples for more details. 

 

Thursday, June 05, 2003 3:17:19 PM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  | 

The good news is that just about everything that I don’t like about implementing WS-Security with WSE v1 has been addressed in v2.  Because it supports WS-Policy, you can now set up declarative rules enforcing security policy without the class developers having to do any coding.  With v1, every web method must remember to check for the existence of a UsernameToken (if that’s what you are using) and each component created on the client side must remember to add the right token(s) to the SoapContext.  While not insurmountable, it’s still a pain.  With version 2 you can set up a policy that is used on both server and client, and the individual client and server components can blissfully go about their business, with the security just taken care of by WSE.  Not only does that make it much easier to implement, and more secure, since you aren’t depending on developers to remember to do the right thing, but since they don’t have to do any additional work, it’s easier to convince them that WS-Security is a good idea (which it is).

The new support for WS-Trust, and specifically of WS-SecureConversation is a big boon to performance.  It allows you to do one heavyweight authentication, using Username or x509, etc. then have the server generate a new light weight token for use during the rest of the conversation.  Much less of a burden on server resources.

There is also new support for non-RPC programming models, so that you can use one-way or multicast messages and more.  And you don’t have to host your web services in IIS, which allows for lots of new deployment possibilities. 

The only drawback to this session was that a great deal of the material overlapped with the content of  WEB401 (on the new security support). 

 

Thursday, June 05, 2003 11:56:47 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  |