Review / Comments / Notes - Dayton Cincinnati Code Camp, Saturday January 21, 2006
You can find the schedule/presenters at the following link along with any materials, code, or examples submitted by the presenters for sharing after the camp:
Session 1: ASP.NET 2.0 Web Parts – Chris Stolia-Davis.
My first session of the day. Chris mentioned that it was his first time doing an hour long presentation, but he did a pretty good job. His presentation was good, but I didn’t really take any notes because he said he would make them available on the Dayton Dev Group site (see the link above). My only small complaint about the session was that I had previously seen (and/or read about) most of what was presented, so there was nothing really new there for me.
Session 2: Practical ASP.NET Security – Josh Holmes, SRT Solutions, Ann Arbor, MI.
I was pretty excited about this session – I wanted to hear some real world security examples and some recommended best practices. Unfortunately, there were a lot of beginners in the audience who were amazed at the new Web Site Administration functionality, the login and personalization code and the other baked-in user goodies in ASP.NET 2.0 and VS.NET 2005. I’d say that Josh probably spent at least the first half of the presentation demonstrating this stuff. To be fair, it was a “Whiteboard Talk” so there was plenty of room for the audience to guide the conversation. However, because of that there wasn’t a whole bunch of time left for good tidbits for the more advanced in the audience.
Josh Holmes is a good presenter, though – I was really impressed. He seems to be very relaxed and down to earth. I hope to see/hear him speak more in the future.
Following are my notes from the session:
“Use wizards to make your life easier. Don’t use wizards unless you know what they are doing under the hood.”
Demo’d Web Site Administration Tool: Roles/users/permissions
Default provider hashes passwords
Make sure that sql user account has limited rights
Securing to the hilt – 2003 – encrypt it – put it in registry – set ACL on that registry key
2005 – learn all the things offered by aspnet_regiis, especially the configuration and encryption options, like encrypting portions of the web.config file (ConnectionStrings)
1. don’t assume your user is already authenticated
2. don’t roll your own encryption
3. do validate all input – use regular expressions, check numerics
For more information about sql injection and cross site scripting, check out a webcast on the ASP.NET Soup to Nuts site from Jan 9th.
Session 3 – Smart Device / Mobile Apps Architecture – Nino Benvenuti
This was another “whiteboard” session and was a bit out of my scope of areas where I normally focus, but I thought I would take a look anyway. Much of the stuff was way over my head because I really don’t work with smart devices and mobile apps, but I did learn a couple of things.
1. Nino Benvenuti is one smart dude
2. Checking your connection
a. Address is valid – IP okay?
b. DNS is valid – connection active?
c. Gateway is valid – routable? Can ping?
3. create a profile just for presenting that has lower resolution, etc. Nino calls his “Mr. Presenter”
Session 4 - Programming SQL 2000 Reporting Services – Brian Sherwin
Brian was a good presenter with plenty of examples and plenty of code. Pretty good stuff – the best part for me was when he started getting into using web services with reporting services.
My Notes for the session:
RDL – Report Definition Language
Debug Local run Individual report (?) – I don’t really remember what this means, but I thought I would record it anyway. It must have been something important since I wrote it in my notes.
Check out the utility “File Box Extender”
Code for web services:
Dim cred as new system.net.networkcredential
Cred.username = “username”
Cred.password = “password”
HTML Fragment, Device Info
Can use forms auth as well as windows
Session 5 – A Quick Intro to Ruby on Rails – Jim Weirich, Compuware
Jim Weirich is a fantastic presenter – I’m going to have to become a member of the Cincinnati XP user’s group in hopes of seeing him present again. He has an infectious personality – plus I think he was really excited about what he was presenting. Jim’s use of the “Takahashi Method” was my first exposure to it and I was duly impressed. Content-wise - it was a great introduction to Ruby on Rails and I now have the desire to look into it a bit more. This was my favorite session of the day by far.
PHP – simple, quick, but not structured
Java – complex, structured, but slow and expensive
DHH – Rails – 37 Signals – BaseCamp
Check out Ta-Da-Lists and Blinksale – sends invoices
Rails: Model = active record, view/controller = ActionPack
Rails – easy, flexible, hassle free database access
Controller/action/view are defined via URL
Current databases supported – MySQL, PostGres, SQLite, Oracle, SQL Server, DB2
Session 6 – Developing for Windows Media Center using XBOX 360 w/Media Center Extender – Jason Follas and Greg Huber, both from MI
I chose to attend this session for the last time slot. I figured it would be nice to wrap things up with something a little on the lighter and fun side. The presenters had a few technical problems here and there that slowed things down, but the topic itself was interesting enough and they get bonus points for allowing some of the crowd to play Xbox 360 before the session started.
The presenters will be doing another presentation in Detroit on February 15th – building an HTPC
Other HTPC software: Myth TV, GB-PVR, Media Portal, Beyond TV
You can host a winform .net control in an HTML page. In the object code you declare the clsid =”http:appname.namespace.controlname”.
Store app settings in iexplore.exe.config since it is running in IE
But need to use something else when running through the Media Center Extender
A Media Center SDK is available via MSDN
Finally, I know it is not normally done, but I would have loved to see some of the presentations repeated during the day. There were many times during the day when I had to choose between two or even three that I really wanted to see. Perhaps scheduling the ones most heavily attended (since there were pre-conference surveys) twice during the day would be good. Or maybe just having an "overtime" where the most heavily attended sessions could be presented again at the end of the day. Or maybe even videos could be recorded of each session and made available after the conference! I know I'm shooting for the moon here, but what the heck. That would be wicked.