Bereits Ende Juni fand der WebCast "MSDN Architecture Webcast: Introducing the Web Service Software Factory" von Don Smith statt, welcher eine Einführung in die Web Service Factory des Patterns & Practices Teams liefert.

Bereits Anfang des Monats hat die Patterns & Practices Group den Guidance Explorer auf den Weg gebracht:

"Guidance Explorer is a tool to find and use relevant patterns & practices guidance. Guidance Explorer installs with a guidance library including performance and security topics for .NET and ASP.NET applications. The guidance library contains checklists and guidelines covering design, implementation and deployment topics. The tool and the library will evolve over time to include additional types of guidance."

Damit sollte das Durchsuchen 1000er PDF-Seiten der Vergangenheit angehören...

Bereits seit Donnerstag ist der May CTP der Service Factory zum Download verfügbar.

Highlights des CTP's:

• An entire guidance package dedicated to securing your services using:
• X.509 certificates
• Kerberos
• Direct authentication using Windows, ADAM, or SQL
• A MEX based policy generator to help you secure your client applications
• A partially complete Interop configurator to help you apply security policy based on your interop requirements
• Improved documentation
• A new reference implementation

Unter dem Titel "The Developer Highway Code" hat Microsoft UK ein PDF für Entwickler bereitgestellt, in dem die folgenden Themen behandelt werden:

• Integrating Security into the Lifecycle
• Security Objectives
• Web Application Security Design
• Threat Modelling
• Security Architecture and Design
• Security Code Review
• Security Deployment Review

Berücksichtigt werden .NET 1.1 und 2.0.

Don Smith hat 2 Videos zur Einführung in die Service Factory erstellt:

• Service Factory: A Brief Introduction
• Service Factory: Contracts

The MSDN article ".NET Pet Shop 4: Migrating an ASP.NET 1.1 Application to 2.0" shows the best practices for building enterprise, n-tier .NET 2.0 applications that may need to support a variety of database platforms and deployment scenarios.

It also shows the ASP.NET 2.0 improvements like Membership or MasterPages that simplify development of n-tier applications with .NET 2.0.

As promised last week, Enterprise Library for .NET Framework 2.0 has been released on friday. You can download it from here.

And there's a new patterns & practices project: The first Smart Client Baseline Architecture Toolkit deliverables are available to the community.

From the announcement mail:

"We are working on a new project whose goal is to provide comprehensive, end-to-end guidance for building Smart Clients. We know CAB provides a good starting point, but it is certainly not enough. How about adding offline capabilities to a CAB based application? What if you need to add an authorization service? How would you structure a project? How to integrate Enterprise Library blocks?

These are some of the questions we want to provide answers to with this new deliverable.

Also, there is already an interesting amount of content available. As some of you know we have now weekly builds and the third one is ready for download in the project's community site.

This 3rd drop includes:

- A Reference Implementation (a more comprehensive example of a well written CAB application than the BankTeller Quickstart included in CAB)
- A Visual Studio Guidance Package (automation to generate the most common artifacts using GAT right from Visual Studio)
- Some initial documentation"

The pattern's and practices team has launched the Security Guidance Blog for .NET Framework 2.0.

"This download describes the patterns & practices Security Engineering approach that can be used to integrate security into your application development life cycle. The Security Engineering approach contains activities for identifying security objectives, applying secure design guidelines, creating threat models, conducting security architecture and design reviews, performing security code reviews, security testing, and conducting security deployment reviews."

Download patterns & practices Security Engineering Explained pdf file.

What are the odds!

I'm actually implementing the provider model design pattern to an ASP.NET 1.1 application and just today Microsoft has published 10 articles on the ASP.NET 2.0 provider model:

• Introduction to the Provider Model
• Membership Providers
• Role Providers
• Site Map Providers
• Session State Providers
• Profile Providers
• Web Event Providers
• Web Parts Personalization Providers
• Custom Provider-Based Services
• Hands-on Custom Providers: The Contoso Times