DevDays 2005 Belgium - Day 1 - Full Report
Alright, currently it's a very busy time, but some people asked for more info about the previous DevDays 2005, so here is my attempt :)
First of all, I haven't taken any pictures this time, because I had to give my bag away at the start, and the camera was in there.
The first presentation after Bill Gates' keynote was by Philippe Destoop about Closing The Gap Between Development And Operations: A Developer's Perspective.
The main problem lies withing a lack of communication between developers and operations. Depending on the size of a company Operations has either little power or unlimited power. In either case, not talking to Operations can lead to your company suffering loss when your application crashes, or when Ops have a lot of power, prevent your app from being deployed.
The solution to this is to work together with Ops during development and to make them like your app ;)
You do this by communication a lot and by implementing monitoring and control functionality into your app, to be used by Ops later on.
The good thing is, a lot of the code needed to do this already exists, in the form of the Enterprise Library. More particularly, the Logging and Instrumentation Application Block.
Using this block you can raise events and timed events to about anything you want. Making it possible for Ops to receive these events in their monitoring programs and do something with it.
You can view some examples of code in the presentation.
Next presentation was IT Fortress: Developing On A Secured Infrastructure by Raf Cox.
He talked about security, first examine what you want to protect and why, then choose a technology to protect it with, and don't be shy of using built-in technology of the OS, it's better then re-inventing it.
In a secure environment you have to be aware as a developer that your application isn't as "free" as it might be in your development environment. It can be run as a normal user, not fully trusted, with limited network access.
You always have to think about possible security bugs, if you don't, they will be there and hackers will know them.
After this he explained the possible authentication choices in Windows, how Basic Authentication, SSL and Kerberos works.
You can use Windows for authorization as well. By using the Authorization Manager it is possible to define common roles in your organization with common used operations and define their permissions in the manager in a central place. After this applications all can use this information.
Last part of the presentation was about using least privilege. You can read all about it in the presentation.
Third presentation of the day was by Clemens Vasters about Interop & Integration: Best Practices For SOA With Today's Technologies.
During this presentation everything that has been shown is readily available, no future products were used, which is a nice thing for a presentation! :)
The presentation was based on a demonstration example to explain how service-oriented architecture works.
Basically every functionality in the example is a service, when you take a look at the big overview it looks like a very modular system where each service has one well-defined task and works together with other services.
Some properties of these services are autonomy, where each service control and hide their state, services also are never hard linked to each other and are platform independent, so no returning DataSets.
Services also contain "edge code", which is code specifically written for the borders, and do nothing but forward to the real code that handles the logic, which are basic classes.
This was a very energy-rich session, with a lot of new information, which is still being processed by my brain :)
You can view all the diagrams in the presentation.
Next presentation was Best Practices For Windows Forms Development by Marc Ghys and Bart Debeuckelaere.
The first issue was to improve performance for Smart Clients. This can be done by using a lot of caching, compress the SOAP messages, and possibly use ngen.exe to precompile your assemblies. Also when you have to do something intensive, do it when the user expects it, for example, make a web-service call when a user clicks a submit button while showing a loading msg, and not when he leaves a textbox for example.
Next was how to secure webservices, by using the integrated authentication mechanisms in Windows and by using WSE.
Other things during this presentation were creating your own controls to provide a consistent look and feel in your application, using code generation to save time and to have consistent code. Then some info was given about ClickOnce, but the demo failed and then the time was up. But you can view the presentation for more info.
At the end of the day there was a community block left. These were the Lightning Talks where I talked about Alternate Data Streams. And these are the only photos I have of the day, taken by Tom Mertens, tnx!
This concludes day 1, tomorrow I'll try to do the same for day 2, I also ran out of time now ;)