CONTENTS
INTRODUCTION
CHAPTER 1: ASP.NETANDJQUERY
Understanding Web Forms
View State
web.config Transformations
Simplified web.config
New ASP.NET Web Forms Templates
ASP.NET MVC
Versions of MVC
The Pieces of MVC
Model
View
Controller
Action Methods
Model Binding
URL Routing
Accessing a Database
MVC Tooling
Creating a New Project
Referenced Assemblies
Site Structure
Adding a Controller
Adding a View
Sample Application
Sample Application Database
Departments
ASP.NET MVC Framework Summary
jQuery
Manipulating DOM Elements with jQuery
Calling Server Code with jQuery
jQuery
Summary
About the Author
CHAPTER 2: ASP.NET PERFORMANCE
Looking at How ASP.NET Handles Page Requests
State Management and Caching
Understanding State in.NET
Working with Sessions
Running Sessions In-Process
Running Sessions Out of Process
Maintaining Sessions on SQL Server
Deciding on the State of Sessions
Working with Output Caching
VaryByParam
VaryByHeader
VaryByControl
VaryByCustom
Extending <outputCache>
Partial Page (UserControl) Caching
Looking at.NET 4's New Object Caching Option
Caching Web Services
Hardware Considerations
Using Performance Counters
Viewing Performance Counters Through an Administration Tool
Tips and Tricks
Keep Requests Down to a Minimum
Make Use of Content Delivery Networks
Enable the Browser to Cache Items Longer
Enabling Content Compression
Location of Content in Your Pages
Make JavaScript and CSS External
Summary
About the Author
CHAPTER 3: ETHICAL HACKING OF ASP.NET
Ethical Hacking—Is That an Oxymoron?
Filling Your Toolbox
Fiddler
Firebug
Internet Explorer 9 Developer Toolbar
Lens
Understanding Session Management
Session Management in HTTP
Session Management in ASP.NET
Attacking the ASP.NET Authentication
Deep Dive into ASP.NET Authentication
Stealing the Ticket
Tampering with the Ticket
Hijacking the Login Session
Protecting Your Application Against Login Session Hijacking
Cross-Site Request Forgery
Protecting Against CSRF Attacks
Additional Protection Against CSRF
Attacking the ASP.NET Session
ASP.NET Session Under the Covers
Guessing the Session ID
Stealing the Session Cookie
Testing Your Application Against Session Hijacking
Protecting Your Website Against Session Hijacking
Session Fixation
Protecting Your Application Against Session Fixation Attacks
Hacking the View State
Peeking into the View State
Testing Your View State Against Information Disclosure
Encrypting Your View State
Tampering with the View State
Reposting the View State
Tricking Event Handlers
Event Validation Internals
Hacking Event Validation
Pushing the Disabled Button
Pushing the Invisible Button
Protecting Your Site Against POST Attacks
Summary
About the Author
CHAPTER 4: HOW TO BUILD A REAL WORLD SILVERLIGHT 5 APPLICATION
Setting the Scene for the Application
Prototype First, Code Later—Using SketchFlow
Introducing SketchFlow
Finding Your Way Around SketchFlow
Creating the Application's Prototype
The Map of the Application
Screen Mockup
Testing the Prototype and Gathering Feedback
Data-Binding Primer
Hello, Data Binding
Binding Syntax
Binding Modes
INotifyPropertyChanged Interface
Converters
Creating a Data Bound Screen
WCF RIA Services in Action
Choosing the Service-Layer Technology
Hello to You, WCF RIA Services
Why WCF RIA Services?
Architecture and Concepts of RIA Services
Creating the Server-Side
Setting Up the Solution
Data Access Using Entity Framework
Creating the Actual Services
Convention Is the Rule
Meanwhile, in the Silverlight Project
Loading Data in the MovieSelection Screen
Polishing the Screen
Applying the MVVM Pattern
Different Parts, Different Roles
The View
The ViewModel
The Model
Choosing the MVVM Approach
Picking a Little Helper—MVVM Light
Refactoring to MVVM
The Model
The ViewModel
The View
At Your Command
Messaging
Creating Customized Controls
Control Templates
Summary
About the Author
CHAPTER 5: SILVERLIGHT—THE SILVER LINING FOR LINE-OF-BUSINESS APPLICATIONS
Getting Started
Hello, Business World!
The Application Class
The UserControl Class
Project Templates
Silverlight Application
Silverlight Class Library
Silverlight Business Application
Silverlight Navigation Application
Other Application Templates
XAML Is Object XML
Hosting Silverlight Applications
Providing Excellent IApplicationService
Choosing the Right Silverlight Framework
Getting SOLID: MVC, MVP, and MVVM
Dependency Injection and Inversion of Control
The Managed Extensibility Framework
MVVM Frameworks
Prism
MVVM Light
nRoute
Caliburn.Micro
Jounce
Taking Silverlight Out-of-the-Box
Dynamic Loading
Out-of-Browser Applications
Isolated Storage
Communication
The Future of Silverlight
Summary
About the Author
CHAPTER 6: TIPS AND TRICKS FOR DESIGNERS AND DEVELOPERS
Understanding the Differences Between Silverlight and WPF
Choosing XAML over Other Markups
Understanding the Separation of Concerns
Tips and Tricks for Designers
Naming Your Objects
Designing in Photoshop
Importing Assets from Photoshop
Using Sample Data for a Better Design Experience
Tips and Tricks for Developers
Showing Sample Data in Design Mode
Using Behaviors to Make Things Easier
Summary
About the Author
CHAPTER 7: MVVM PATTERNS IN SILVERLIGHT 4
Developing Your Own Framework
Getting to Know MVVM
Creating an MVVM Framework
Framework Goals
Framework Technologies
Getting Started
Defining ViewModels
Creating New Views and View Models
Registering Views and View Models
Displaying Views
Building Composite Screens
Displaying Dialogs
Communicating Between Views
Putting the MVVM Framework to Use
Existing MVVM Frameworks
Prism
MVVM Light
Caliburn.Micro
Other Frameworks
Additional Considerations
Data Binding
Commands
Data Access
Summary
About the Author
CHAPTER 8: WINDOWS PHONE “MANGO” FOR SILVERLIGHT DEVELOPERS
Hardware Foundation
Camera API
Camera Best Practices
Sensors API
Gyroscope
Compass
Motion
Sensors Best Practices
Software Foundation
Runtime Improvements
Tools Enhancements
Network Sockets
Silverlight/XNA Hybrid Applications
Local Database
Application Model
Fast Application Switching (FAS)
Multitasking
Background Agents
Notifications
Background Transfer Service
Integration Service
Secondary Tiles
Push Notifications
Contacts/Appointments Data Access
Summary
About the Author
CHAPTER 9: PRAGMATIC SERVICES COMMUNICATION WITH WCF
Sample Project
Service Orientation Revisited
Distributed Means Communication
Service Orientation
WCF Basics 101
Basic Toolset
The Power of the B
Less Is More
Application Scenario
Requirements
Application Architecture
Application Structure
Modeling Services
Contracts
Service Contracts
Operation Contracts
Messages
Message Contracts
Data Contracts
Fault Contracts
Paging Data
Metadata
Flat WSDL
Metadata URLs
Implementing Services
Validation
Mapping
Tracing
Hosting Services
Customizing Hosting
Testing with Console Hosts
Self-Hosting with a Windows Service
Web-Hosting with WAS
Bootstrapping
Consuming Services
Shared Contracts
Asynchronous Calls
Service Agent Pattern
Complementing Service Approach
Web Programming Model
Hosting and Consuming
Optimization Strategies
Tweaking
Streaming
Summary
About the Author
CHAPTER 10: SECURING WCF SERVICES USING THE WINDOWS IDENTITY FOUNDATION (WIF)
Identity in.NET Applications
Identity in the Base Class Library
Identity in WCF
Windows Identity Foundation
Security Token Handlers
Claims Transformation
Claims-Based Authorization
Recapping the Building Blocks
WCF and WIF
Prerequisites
Configuring and Enabling WIF
Windows Authentication
Username/Password Authentication
X.509 Certificate Authentication
SAML Token Authentication
Sessions
Recapping Configuring and Enabling
Transforming and Accessing Claims
Authorization
Tracing
Possible Solutions for Securing theMovie Database SOAP Service
Internal Users
Adding Windows Authentication
Claims Transformation
Authorization
Adding an External Content Provider
Adding the Service Endpoint for External Users
Adjusting Claims Transformation
The Client
Assessing the Solution
Possible Solutions for Securing theMovie Database REST Service
Internal Users
Token-Based Authentication
Summary
About the Author
CHAPTER 11: APPLIED.NET TASK PARALLEL LIBRARY
Problems and Solutions
Using Tasks
Task Class
Closures
Applying Tasks
Understanding TPL-Style Exception Handling
Understanding AggregateException
Implementing Exception Handling
Understanding Cancellations
Applying Cancellations—Basics
Applying Cancellations—Register Action, Interlocked
Using Concurrent Collections—ConcurrentQueue
Understanding Continuations
TaskCompletionSource
Implementing Continuations
AsyncState
Using the BlockingCollection Class
Working with a BlockingCollection
Understanding SpinWait.SpinUntil
Summary
About the Author
CHAPTER 12: THE WF PROGRAMMING LANGUAGE
Getting Started
Declarative Workflow Syntax
Variables and Arguments
Expressions
Properties
“Dynamic” Properties
Controlling the Flow of Execution
Procedural Style
Exception Handling
Transaction and Compensation
Parallel Execution
Flowchart Style
Messaging
Building Custom Activities
Activity
CodeActivity
AsyncCodeActivity
NativeActivity
Understanding When to Use Custom Activities
Composite Activity
Life Cycle of an Activity
Using Persistence
Hosting Workflows Inside Windows AppFabric
Further Reading
Summary
About the Author
CHAPTER 13: PRACTICAL WPF DATA BINDING
Sample Application
Using MVVM
Understanding the Sample Application Structure
Understanding the Model
Understanding the ViewModel
Understanding the View
Using a Locator Class
Data Binding Overview
Understanding Data Context
Understanding Element-to-Element Binding
Understanding Binding Modes
Binding Based on Interfaces
Using Binding Commands
Using MVVM and DelegateCommand
Creating a ViewModel
Defining Commands with ViewModels
Binding Commands from XAML Code
Using Simple Data Binding
Value Conversion
Binding Multiple Properties
Binding to Lists
Filtering with CollectionViewSource
Displaying Item Details of Lists
Using Data Templates
Grouping
Using Hierarchical Data Binding
Binding Long Lists
Editing Data
Updating Data
Validation
Displaying Errors
Editing with a Grid
Summary
About the Author
CHAPTER 14: DRIVING DEVELOPMENT WITH USER STORIES AND BDD
Capturing Requirements as Features with User Stories
Problems with Formal Requirements Documentation
Using User Stories to Focus on Business Value and Promote Communication
Feature Scenarios and Story Acceptance Criteria
The Shortcomings of TDD
Focusing on Behavior with BDD
Outside-In Development
Turning Features into Code Using BDD Frameworks
Using NUnit in a BDD Style
MSpec
Ruby Cucumber and the Gherkin Domain Specific Language (DSL)
SpecFlow
The Tic-Tac-Toe BDD Kata
Capturing the Tic-Tac-Toe Features with User Stories
Getting Started with the Project
Scenario: Starting a Game
Integrating the Starting a Game Scenario
Scenario: Alternating Players
Behavior 1: Ask for the Next Player
Behavior 2: Place the Token
Behavior 3: Display the Game
Behavior 4: Display the Next Player
Integrating the Alternate a Player Scenario
Scenario: Displaying the Game
Behavior 1: Placing the Token on the Grid
Behavior 2: Confirming Placement of a Token
Behavior 3: Obtaining a Read-only View for Rendering
Integrating the Displaying a Game Scenario
Scenario: Winning the Game with Three in a Row
Behavior 1: End the Game if There Is a Winner
Behavior 2: Check for a Winning Line
Behavior 3: Displaying the Winner to the View
Behavior 4: Check the Grid for a Winner
Integrating the Winning a Game with Three in a Row Scenario
Completing the Game
Moving Forward
Summary
About the Author
CHAPTER 15: AUTOMATED UNIT TESTING
Understanding Unit Tests
Scope, LEGOs, and Connected Parts
Understanding Test-Driven Development
Understanding the Benefits of a Test-First Approach
Testable Code
Self-Documenting Code
Defensive Code
Maintainable Code
Code Smell Detector
Getting Oriented with a Basic Example
Assign, Act, Assert
Assign
Act
Assert
Code, Tests, Frameworks, and Runners
Code
Tests
Testing Framework
Test Runner
Using CI Servers and Source Control
Solution/Project Structure
Using NuGet to Blend nUnit and VS 2010
Methods with Fakes and Mocks
Faking with Dependency Injection
Mocking Frameworks
Class Attributes, Test Attributes, and Special Methods
Testing the Hard to Test—Pushing the Edges
Model View Controller (MVC)
Model View Presenter (MVP)
Model View ViewModel (MVVM)
Using Sensing Variables to Refactor Nontestable Code
Using Automated Unit Testing with Other Practices
Summary
About the Author
INDEX