Thursday, December 22, 2011

Access Modifiers in C#

Access modifiers specifies access level for a type or type member. C# has 4 access modifiers,
  • public
  • protected
  • internal
  • private
 
  • Access modifiers are not allowed on namespaces. 
  • Top level types which are not nested in other types can only have internal or public accessibility. The default is internal

public

access modifier for types and type members. There is no restriction for accessing public members. 

protected

Is a member access modifier. A protected member is accessible within it's class and derived class type. 



Since structs cannot be inherited its members cannot be protected. You can create protected classes as nested classes

internal

Access modifier for types and type members. Internal types or members are accessible within files of the same assembly. 

Types or members with access modifier protected internal can be accessed within same assembly or through the types derived from containing class.

private

Member access modifier. Private members are accessible only within body of the class or the struct. Nested types also can access private members.

Resources
Access Modifiers

Sunday, December 18, 2011

Security in ASP.NET MVC

Security is a major concern when developing web applications. 
Here we'll talk about security in ASP.NET MVC

Some of the main concepts to understand when dealing with security are,
  • Authentication
  • Authorization
  • XSS
  • CSRF (Cross site request forgery)

Authentication

In ASP.NET there are two main authentication mechanisms
  • Windows Authentication Provider
  • Forms Authentication Provider

Authorization 

Basically you can apply AuthorizeAttribute filter to actions and controllers to achieve authorization in MVC. See how to create Custom AuthroizeAttribute.

Role based security #

This is useful when you need to enforce policies where you have multiple users with different privileges. .NET framework role-based security supports authorization by making information about the Principal, which is constructed from an associated Identity.

What is a principal object?

A principal object represents the security context of the user. It includes the user's identity and the roles to which they belong. In .NET, IPrincipal defines the basic functionality of a principal object.

Resources

Principal and Identity objects (MSDN)
Key security concepts (MSDN)
Custom IIdentity or IPrincipal (SO)
http://nipunasilva.blogspot.com/2012/07/filters-in-aspnet-mvc.html
http://www.codeproject.com/Articles/654846/Security-In-ASP-NET-MVC 

Wednesday, December 14, 2011

Memory Basics : Stack and Heap

Stack and heap are closely related with memory. Actually both are stored in computers RAM. Let's firstly look at what they are.

The Stack

Is a special region of the computer memory which holds temporary variables created by each function. This is managed and optimized by the CPU itself therefore you don't have to worry about allocating memory or anything as such. 

When you enter a function the variables defined inside the function will be pushed into the stack and when you exit the function the variables will be cleared from the stack. 

The stack is always reserved in LIFO (last in first out order). The stack is set aside for a thread. Each thread gets a stack.

 
Understanding stack in  JavaScript (blog article)

In JavaScript sometimes you'll encounter Maximum call stack exceeded in JavaScript error. This happens when you exceed the  call stack size in JavaScript. You can replicate this with a simple code like below



The Heap

Is the memory set aside for dynamic allocation. Unlike stack there is no pattern for allocation or deallocation of blocks from the heap. You must manually destroy variables on the heap. 

Heap can have fragmentation when there are lot of allocations and deallocations happening. Heap is usually responsible for memory leaks as well. 

In .NET unless you're building a compiler, knowing how stack and heap works is not needed much. (Stack vs. Heap in .NET - Stackoverflow).

Resources

Wednesday, December 7, 2011

Interesting Findings - JavaScript

Design

Design considerations for JavaScript API (Smashing Magazine)
  • Fluent interfaces
    • Referred to as method chaining
  • Treating undefined as an expected value
  • Named arguments (Python has this but currently not possible in JavaScript)
  • Argument maps.
    • visual representation of the structure of an argument
  • Module Pattern Explained

Other

How JavaScript timers works
Controlling Robots

Testing

Exception Handling 

Here are some reference articles for Exception handling in JavaScript
- http://eloquentjavascript.net/1st_edition/chapter5.html

Catch JavaScript errors on server side. This way you can find more details about how your system performs in production environment. See articles.

Debugging

http://amasad.me/2014/03/09/lesser-known-javascript-debugging-techniques/
Powered by Blogger.


Software Architect at Surge Global/ Certified Scrum Master

Experienced in Product Design, Software Engineering, Team management and Practicing Agile methodologies.

Search This Blog

Facebook