Seeing the Forest AND the Trees

Technology for a better world.

Code Reviews April 12, 2008

Filed under: .NET,Security,WCF — pdxbob @ 3:57 am
Tags: , ,

There was a time when I cringed at the idea of having a formal code review of my code. Well, I’ve been programming for over twenty years and my first five years in the business was for a company that was transitioning from startup to sustained business mode, and there was just no time for good process. Since then I’ve been fortunate to work with people who care about the quality of their code as well as the business objectives. I worked on a team that was broken up last year by shifting corporate priorities due to acquisitions. We practiced scrum, some TDD, some pairing, and most importantly, we developed a code-review practice that was comfortable for everyone. Every other Friday afternoon at 3 we meet in a common area in the company cafe building where one person would walk through code. It was usually something they wrote, but we also wanted to select code others had written because we all picked up whatever task was at the top of the backlog, leading to a more well-rounded team. We reviewed comments, design, coding guidelines, all within the scope of the particular piece of code being reviewed. It worked reasonably well. And the late Friday time had the effect of relaxing everyone.

That team was special because we built a product from scratch and we developed a lot of trust in each other. Today was the last day at work for Philippe, a guy who wasn’t on that team but who worked on the security products development group at my company.  As I had developed an interest in building secure software, I had some interaction with him during the security code review process that he and his team conducted on our product. I took the recommendations that they made and designed and implemented a plan for handling as much of it as was possible in our impossible schedule .  When I said goodbye today, Philippe told me that he really enjoyed working with me back then because I took seriously the engineering of security into the product.

As I was flipping through my aggregator (Google Reader) tonight, I came across Joe Duffy‘s blog post on multi-threaded code review. Joe is one of the key members of the Microsoft team building the Parallel Extensions to the .NET Framework, and is currently writing a book on concurrency development for Addison-Wesley. His blog post is fairly long but then, writing concurrency code is difficult and making sure that it is validated is of critical importance. There is too much to re-state here. Even listing highlights doesn’t give it enough justice. If you’re writing multi-threaded code, go read this blog entry.

Back on security, related to code review I thought I’d point out that the Microsoft Patterns & Practices group has come up with security guidelines for WCF that includes a lot of how-to and application scenario documentation as well as videos. It is crucial to be aware of the common security traps such as buffer overflows and cross-site scripting attacks.  With WCF, however, there is a whole boatload of additional concerns because of the C: Communication.  A WCF service may need to impersonate the caller in order for a component on the receiving end can authorize them for some activity. The P&P team has nicely written docs for explaining how to do this. Or you can watch the video if you’re so inclined. This is great material for identifying questions and concerns for use in a security code review.


Trying out technical books March 23, 2008

Filed under: .NET,WCF — pdxbob @ 6:34 am
Tags: ,

I have a ‘bookshelf’ subscription on O’Reilly’s Safari service which allows me to have up to ten books on my online shelf at any one time, with each book required to stay on my shelf for a minimum of thirty days, a maximum of infinity. This has been a great service for only $15/month. I typically have most or all of the ten slots filled, and I’ve never read any book from start to finish.

One of the uses I make of the service is to check out books to see if I want to purchase it. Although I had originally liked the idea of reading books online, my eyes have registered enough of a complaint that I now just read bits and pieces rather than try to read several chapters in continuous sittings. So I’m currently learning WCF and the first book I went to was Juval Lowy‘s Programming WCF Services book because it was written by Juval, one of the best teachers I’ve heard, or read, for complex Microsoft technology. I went to the beginning of chapter 2 on Service Contracts and started reading about operator overloading. In my haste, I didn’t completely grasp why he was spending so much time on overloading when all I, as the reader, just wanted the basic story about service contracts.

I was still thinking that I would probably buy his book (also the top recommendation on WCF books from Stuart Celarier) so off to Barnes & Noble I went (where I get 10% off in the store — still a slight premium over normal shipping from Amazon but I don’t have to wait a few days). I found another WCF book, Essential Windows Communication Foundation, by Resnick, Crane and Bowen, three Microsofties working in the Boston area (my original home city).  After looking through the first chapter, I liked these things about the book:

1. the typeface: there is something about the typeface used (it’s name is not provided in the book) that appeals to my middle-age eyes.

2. although they might not go into as much depth as Lowy, I figured the authors knew enough to give me a good start with WCF.

3. the first chapter was well written.

I bought that book thinking that I’ll read isolated parts of Lowy’s book online when I wanted more in-depth coverage.

Now, a few days and four chapters into Essential WCF, I’m disappointed and am going to exchange it for Lowy’s book. Here is why:

Chapter 2 was choppy and clearly not as well written as chapter 1. There was some repetition of material from the first chapter as well, which in and of itself is not a bad thing but after reading another two chapters I realized that there is not a coherency to the book. When I got to chapter 4 on Bindings I was royally disappointed to see that they wasted a lot of pages showing code and configuration that differed in only the selection of the binding selection in configuration. There was no depth — just a superficial how-to.

I then went to Lowy’s book online at Safari and started reading some of chapter 1. Man, what a difference! He spoke to me in language and style that I really enjoyed and his recommendations were nicely explained. Moreover, some of the marketing-speak that you sometimes hear from Microsoft technologists in the field (sorry guys, but it’s noticeable) was absent in Lowy’s text.

Although I would probably have learned a little faster from purchasing Lowy’s book, I at least do have some basic understanding of service contracts, data contracts, the various bindings and some other WCF details from reading the Essential WCF book. It’s not a complete waste of time. If I were just going to implement basic WCF web services, that book offers all of the detail. But I work in the Shared Services (aka plumbing) engineering team at my company and need to be able to make difficult choices that may ultimately be codified in templated service bindings. So tomorrow I’m exchanging the Essential WCF book for Programming WCF Services.


WCF Impressions: Separation of Concerns

Filed under: .NET,WCF — pdxbob @ 12:57 am

Someone at my company’s recent developers conference pointed out that a key tenet of WCF is separation of concerns. So let’s explore what this means. WCF allows you to write services, whether they be “web services” or “queueing services” or whatever type of service you need. A service is some code that you write as part of a typically larger system. The service will be consumed by another program residing anywhere you choose to expose it: on the local machine, across a LAN, over the web, etc. When you conceive of a service, you want to think about (1) what the service will do, (2) where it will be called from, and (3) what constraints (e.g., performance, security) to put on the service. Prior to WCF, .NET allowed you to create an ASP.NET web service, also called an ASMX. The developer still had to think about those three questions mentioned above but they also had to code, in the service class/method code, all of the details related to how the service would be implemented for performance, security and who could be a consumer (who in the general sense). WCF separates out these things into configuration files so that, in the process of writing the service code, you can just concentrate on what the service will do. How the service is called, how performant and secure it is, these can be defined in configuration.

Why is this so important? Say you want to expose a service to both a customer through a well-known web page interface, but you also want to expose the service to an administrative WinForms or console program running on a local LAN. Security considerations are likely to be different and knowing that the admin program is running on the LAN is also likely to influence how the service can be most efficiently called.