The art of simplicity

Security is a hot topic today(certainly with the recent Sony hack ). Integrating security into an application cannot be an afterthought but should be an integrated part of the software development lifecycle. One approach to tackle this problem is the Security Development Lifecycle as adopted by Microsoft: The Security Development Lifecycle (SDL) is a software development process that helps developers build more secure software and address security compliance requirements while reducing development cost. Threat modeling is an invaluable part of the Security Development Lifecycle (SDL) process. By applying a structured approach to threat scenarios during the design phase of development helps teams more effectively and less expensively identify security vulnerabilities, determine risks from those threats, and establish appropriate mitigations. One tool to help you do this is – Microsoft Threat Modeling Tool 2014 . It’s available as a free download from Microsoft Download Cent

After importing a database using the SQL Server Data Tools in Visual Studio, I got a compilation error on my database project: SQL71501: User: [user] has an unresolved reference to Login [user] The SQL Server Data Tools by default only import the database specific objects. A database login, which is a global database server object, is not imported. This explains the error. But how can we fix this? In previous versions of the SQL Server Data Tools, you had 2 types of Database Projects; the normal Database Project and also a Database Server project. However in VS 2013, the Database Server project no longer exists. So we need a different solution. I first tried to solve it using Schema Compare.  I clicked on the 'Options' button in the Schema Compare window and selected the "Object Types" tab. There I choose to include logins. But when I ran the Schema Compare, it didn’t made any difference.  I probably did something wrong, but as I was short on time, I took

The Team Foundation Server logs of a client was filling up with errors about a failing job: LabManager VMM Server Background Synchronization . This runs every few minutes and tries to keep the LabManager server up to date.   The reason why this job fails on our system is because the Lab Management functionality is no longer in use. We used it when we were still on Team Foundation Server 2012. But when we moved to Team Foundation Server 2013, we didn’t upgrade the Lab Management part as well. So the Lab Management parts were gone and we didn’t de-register it first. I wanted to get rid of these errors and decided to look for a solution. First thing I tried was using the tfsconfig command and ask TFS to delete the lab management part: tfsconfig lab /delete /collectionName:<collectionname> But this failed with a TF255384 error complaining that the Virtual Machine Manager Administration Console could not be found on the application server. I didn’t want to install it

Hangfire is a great library to schedule and execute asynchronous work in a web application. One of the things I like about this library is that you can start with a simple background process inside the Application Pool and when your jobs get larger(and take more time) you can move them to a separate process. Here are the steps to move your Hangfire jobs outside your web application: Step 1 – Change the Hangfire configuration inside your web app to disable the Hangfire server functionality(note that the job information is stored inside a database): Step 2 –Schedule your jobs(like you did before): Step 3 – Inside another project, a console application in this case, you can host the Hangfire server:

As a certified Scrum Master, I do most of my projects using Scrum (or Scrum but… ). I really like the transparency and continuous feedback that Scrum brings to the table. But I also notice that Scrum isn’t the perfect fit for all kinds of projects. It’s suited well for Green-Field/Brown-Field projects but I struggle applying Scrum to a Maintenance project or where one team is working on multiple projects at the same time(which is not done in Scrum). After reading the following article – No projects, Beyond projects – I stopped trying to use Scrum as the hammer that works for every nail(and screw). In this article, the author promotes an alternative model to think about work. He calls this the Beyond Projects model or more descriptive Continuous Work, or Steady State Work Model, or Work Streams. The author doesn’t mention it, but it sounds familiar to Kanban …

I keep finding new stuff inside Angular 1.3. One of the things I found is the bindToController attribute. I’m an advocate of using the controllerAs syntax to get rid of the $scope variable. The only problem before is that in a directive you still had to use $scope…until now. Let’s first have a look at what the AngularJS documentation has to say about the bindToController attribute: When an isolate scope is used for a component (see above), and controllerAs is used, bindToController: true will allow a component to have its properties bound to the controller, rather than to scope. When the controller is instantiated, the initial values of the isolate scope bindings are already available Before scope variables were not included in the controller scope when controllerAs was used. This means that the directive's scope variables were not bound to the object created by controllerAs.  The bindToController attribute fixes this. Enough talk, show me the code:

Last week I encountered a strange problem. Without changing anything to my code, my Angular application started failing. I had no clue why… until I noticed that Batarang , a Chrome Extension for Angular.Js had been updated. It looked completely different and injected some custom JavaScript into my application. As far as I could remember, it did not do that before. Could it be? I disabled the extension in Chrome and yes, my Angular.js application started to work again. Anyone who had the same problem with the latest AngularJS Batarang extension? Note: I’m using Angular 1.3 but a colleague had the same issue with Angular 1.2

With the recent announcements about new WPF features , it’s time to re-introduce some WPF related blog posts. When browsing through the CodeProject articles, I noticed this great post about WPF performance: http://www.codeproject.com/Articles/784529/Solutions-for-WPF-Performance-Issue This is one of the most complete performance guides I’ve ever seen and certainly useful for every WPF (and even XAML) developer. Here is the list of topics covered: Basic knowledges of WPF rendering. Pixel Snapping in WPF Application WPF Visual Rendering Detect issues with WPF performance suite - Performance Profiling Tools for WPF Detect Software Render Detect Undesired Rendering Make a trade-off between graphique's quality and performance. Disable Pixel Snapping and Anti-Aliased option RenderOption UIElement.CacheMode and BitmapCache Make a trade-off between architecture and performance

A/B testing is a technique whereby different users get a different version of an application of website. This allows you test new features ‘in the wild’ and allows to check which experience or functionality is preferred. Facebook uses this technique a lot, but it’s also a useful technique for the ‘non-facebooks’ of the world. Doing A/B testing in Azure Websites is really easy. It is supported out-of-the-box by using multiple deployment slots. Let’s walk through the steps: Open the Azure Management Portal. Use the new portal available at https://portal.azure.com/ . The A/B testing functionality can only be configured there. Create a new Website. Choose a URL, Web Hosting Plan(Deployment slots are only available when you use a Standard plan), Resource Group, Subscription and Location(or just use the defaults ). Click on Create . Once the website is created, open the blade of the site and look for the Deployment slots section. Click on Deployment Slots to load the

After configuring a Continuous Integration build for a TypeScript enabled web application, the build turned red with the following error message: C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v11.0\TypeScript\Microsoft.TypeScript.targets (118): "tsc.exe" exited with code 1. On the build server I had installed the TypeScript components for Visual Studio 2013 , but for this particular project we were still using Visual Studio 2012. I was able to fix the problem by installing the TypeScript 1.0 Tools for Visual Studio 2012 on the build server.

If you want to save some time when building Angular.js applications, have a look at SideWaffle . SideWaffle is an extension for Visual Studio. It contains both item- and project templates suitable for building websites, Windows apps, Windows Phone apps, WPF, Visual Studio extensibilty project and a lot more.  More information can be found at the official website: http://sidewaffle.com/

Most of the time you’ll use your Angular filter inside your view, but sometimes it’s useful to use it from inside your controller. To do this, you have to inject the ‘filterFilter’ service:

Site Extensions allow to enhance the management experience of Azure Websites. There is already a small set of extensions out there, but nothings stops you from creating your own(you have to create them as NuGet packages). The list of available extensions can be found at http://www.siteextensions.net/ . This is also the place where you can upload your own extensions and share them with the rest of the world.

Wen using the OWIN cookie authentication middleware inside ASP.NET Web API, I noticed that I didn’t got an unauthorized (401) HTTP code when I was not authenticated. Instead the response was a 200 status code with a JSON response body: {"Message":"Authorization has been denied for this request."} This is not what I want. To change this you have to reconfigure the CookieAuthenticationProvider on the cookie authentication middleware:

If you are a SpecFlow user certainly check out the Helper classes inside the TechTalk.SpecFlow.Assist namespace. The helpers offer a wide range of functionality. I use it most of the time to translate the parameter table to a typed object: More information can be found here: http://www.specflow.org/documentation/SpecFlow-Assist-Helpers/

On my current project we are using SpecFlow to create our BDD style tests. I really like the experience so far. One of the things that you have to understand when using SpecFlow is that the end goal is a set of re-usable steps that allow you to specify new scenario’s (and tests) fast. In our case we already have a set of steps that we want to re-use in multiple test projects. Therefore I created a separate assembly where I put some of my shared steps classes.This is a supported scenario inside Specflow, the only thing you need to do is to specify the assembly name inside your app.config: <specFlow>     <!-- For additional details on SpecFlow configuration options see http://go.specflow.org/doc-config -->     <stepAssemblies>       <stepAssembly assembly="Tests.SharedSteps" />     </stepAssemblies>     <unitTestProvider name="MsTest" />   </specFlow> However when I opened

The Visual Studio Platform team released a new extension for Visual Studio 2013; Macros for Visual Studio 2013 . From the documentation : Macros for Visual Studio 2013 is an extension for Visual Studio 2013 that enables the use of macros to automate repetitive tasks in the IDE. The extension can record most of the commands in Visual Studio including text editing operations. Features Record and playback active document operations and Visual Studio IDE commands Playback multiple times Manage and persist macros with a Macro Explorer Assign keyboard bindings to any macro Macros recorded as JavaScript files that call VS DTE APIs Macro editing in Visual Studio with DTE IntelliSense Stop playback Sample macros

In a demo app I  used the LocalDB functionality to host my database files. This should have saved me some time. However when I ran the application, I ended up with the following error message: {"Cannot attach the file 'C:\\Projects\\SampleApp\\App_Data\\sample.mdf' as database 'sample'."} Looking at my connection string data inside my web.config, everything looked fine: <add name="DefaultConnection" connectionString="Data Source=(LocalDb)\v11.0;Initial Catalog=Sample;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\Sample.mdf" providerName="System.Data.SqlClient" /> But when I opened up the App_Data folder, I found an empty folder. Aha! It seems like you have to create the database file yourself. I opened up the solution, right clicked on the App_Data folder and choose Add –> New item…