Best Practices For Application Development - PowerPoint PPT Presentation

1 / 41
About This Presentation
Title:

Best Practices For Application Development

Description:

Don't disclose security sensitive information to remote callers ... http://www.paraesthesia.com/blog/comments.php?id=701_0_1_0_C. Command Pattern ... – PowerPoint PPT presentation

Number of Views:397
Avg rating:3.0/5.0
Slides: 42
Provided by: auth193
Category:

less

Transcript and Presenter's Notes

Title: Best Practices For Application Development


1
Best Practices ForApplication Development
  • Steven Wilssens Jelle Druyts
  • Compuware .NET Consultants
  • http//steven.wilssens.net
  • http//jelle.druyts.net

2
Goals
  • Write better code
  • Document your code
  • Apply design patterns in your code
  • Feel confident about your code
  • Be proud of your code

3
Agenda
  • Developing Code
  • Documenting Code
  • Designing Code
  • Testing Code
  • Building Code

4
Developing Code
5
Exception Handling
Developing Code
  • Handle exceptions consistently throughout your
    application
  • Make exception handling code simple
  • Best practices
  • Don't disclose security sensitive information to
    remote callers
  • Add context to exceptions by wrapping or
    replacing exceptions
  • Log and monitor all exceptions that occur

6
Logging
Developing Code
  • Log business and operations data for runtime
    application monitoring
  • Make logging code simple
  • Best practices
  • Provide tracing to support production debugging
  • Provide auditing for increased security
  • Change logging settings through configuration
  • Which messages go where (file, event log, email,
    ...)
  • How the messages are formatted (templates)
  • When to log (information, warning, error,
    critical)

7
Data Access
Developing Code
  • Read and write to commonly used databases in a
    simple and efficient way
  • Make data access code simple
  • Best practices
  • Perform multiple updates within one transaction
  • Handle different database providers transparently
  • Separate logical from physical databases
  • Change connection settings through configuration
  • Provider type (SQL Server, Oracle, OLE-DB, ODBC,
    ...)
  • Connection string

8
Caching
Developing Code
  • Eliminate expensive data retrieval by keeping a
    local copy
  • Make caching code simple
  • Best practices
  • Provide different cache invalidation mechanisms
    (absolute time, sliding time, file change,
    database change, ...)
  • Provide different cache stores (in-memory,
    database)
  • Use a local cache for offline operations on
    disconnected smart clients
  • Don't be afraid to use the ASP.NET cache anywhere
    for non-persistent storage (even in Windows Forms)

9
Cryptography
Developing Code
  • Encrypt or hash sensitive information before
    persisting it decrypt or compare when reading it
    back
  • Make cryptography code simple
  • Best practices
  • Never store passwords directly, only hash values
  • Only decrypt data if absolutely necessary (use a
    hash where possible)
  • Use symmetric keys to encrypt and decrypt data
    across multiple machines
  • Use Windows DPAPI for cryptography on a single
    machine without using keys

10
Security
Developing Code
  • Authenticate and authorize users using one or
    more security systems
  • Make security code simple
  • Best practices
  • Use an authentication system to see if a user can
    access a system
  • Use an authorization system to see if a user can
    perform a certain task
  • Cache authentication or authorization data for
    the duration of a logon session

11
Enterprise Library 2.0
12
Enterprise Library 2.0
Developing Code
  • Set of reusable components from Microsoft
  • Consistent
  • Extensible
  • Easy to use
  • Integrated
  • Source code you compile yourself
  • Free
  • Not a Microsoft product
  • Tested through many unit tests
  • Use only the blocks you need
  • Visual configuration tool

13
Key Changes From 1.x
  • Configuration Application Block no longer exists
  • Configuration now built on System.Configuration
  • Logging Application Block
  • Much improved flexibility and performance
  • Data Access Application Block
  • Simpler and much more powerful
  • Supports SQL Server, Oracle, OLE-DB, ODBC or any
    other managed provider
  • Security Application Block
  • Most of it deprecated in favor of .NETs
    Membership and Profile features

14
Enterprise Library 2.0 Blocks
Developing Code
Data Access
Logging
Caching
Core
Cryptography
Exception Handling
Security
Optional ProviderDependency
Block Dependency
15
Enterprise Library 2.0
16
Documenting Code
17
Why?
Documenting Code
  • Your code is not self-documenting
  • Undocumented code is untestable code
  • Easier to plan next version
  • Easier to return later
  • Brings new team members quickly up to speed
  • Creates happy customers

18
How?
Documenting Code
  • Put XML comments on your code
  • Document all public and protected members
  • Learn and use the XML tags
  • Write additional content
  • User's guide Known issues
  • Installation Configuration guide
  • Generate documentation
  • CHM, HTML, HxS, ...

/// ltsummarygt /// Write a new log entry to the
default category. /// lt/summarygt /// ltparam
name"message"gtMessage body to log.lt/paramgt public
static void Write(object message) ...
19
Documentation Tools
Documenting Code
  • CR_Documentor
  • NDoc (being updated for .NET 2.0)

20
Designing Code
21
Designing Code
Command Pattern and Enterprise Library 2.0
22
Testing Code
23
Testability
Testing Code
  • Allow unit testing of major part of application
  • Tests must be deterministic
  • Tests must be automated
  • Tests must be efficient (execute quickly)

24
Dependency Principles
Testing Code
  • Communicate with interfaces or base classes
  • Separate interface definitions from
    implementations
  • Use dependency injection to late-bind objects
  • Externalize environment dependencies
  • Externalize non-deterministic behavior
  • Externalize timing behavior

25
Unit Testing .NET
Testing Code
  • NUnit
  • Visual Studio Test

26
General Principles
Testing Code
  • Test cases must be independent
  • Reproduce bugs as test cases
  • Test only public members
  • Place tests in separate projects
  • Have a test project per test target
  • Use source control on test projects

27
Test-Driven Development
Testing Code
  • Write unit tests before or in parallel with
    production code
  • Unit tests help define the system
  • Unit tests are debugging drivers
  • Developers write the tests
  • Its better to write and run incomplete tests
    than not to run complete tests

28
Test Driven Development
29
Code Coverage Basics
Testing Code
  • Records which parts of an application's code is
    being exercised by a test suite

30
Code Coverage Best Practices
Testing Code
  • Use code coverage to monitor your tests'
    effectiveness
  • Project managers can aggregate results as a
    project status indicator
  • Team members can analyze source for specific
    missed lines of code
  • Set a high, but realistic target

31
Code Coverage Pitfalls
Testing Code
  • Best quantifiable measure
  • Doesnt say a lot about quality of tests
  • Beware of developer shortcuts

32
Code Coverage
33
Building Code
34
Daily Build Definition
Building Code
  • Daily builds are the results of a fully automated
    process which, by using source code, compiles,
    validates, and packages a software solution
  • Daily builds dont have to run each day, as long
    as they run frequently

35
Introducing Daily Builds
Building Code
  • The build is the heartbeat. If there aint no
    heartbeat, its dead!
  • Must be fully automated
  • Difficult to do
  • No excuse for not doing daily builds The more
    complex your system is, the more you need it

36
Daily Build Benefits
Building Code
  • State of project becomes more transparent
  • You always have a product that can potentially
    ship
  • Current test target always available
  • Anti-surprise device
  • Reduces overall integration effort

37
Team Build
38
Key Points
  • Developing Code
  • Use Enterprise Library 2.0
  • Documenting Code
  • Use XML comments and NDoc to generate CHM files
  • Designing Code
  • Command Pattern can be used to integrate many
    enterprise library 2.0 features
  • Testing Code
  • You can take a pragmatic or a formal approach to
    unit testing
  • Building Code
  • Use build verification tests to verify soundness
    of a build

39
  • Enterprise Library 2.0
  • http//msdn.microsoft.com/practices
  • http//practices.gotdotnet.com/projects/entlib
  • Code Documentation
  • XML Comments Quick Reference
  • http//jelle.druyts.net/2005/01/16/XMLCommentsQuic
    kReference.aspx
  • NDoc
  • http//ndoc.sourceforge.net/
  • CR_Documentor
  • http//www.paraesthesia.com/blog/comments.php?id7
    01_0_1_0_C
  • Command Pattern
  • http//steven.wilssens.net/

40
Thank You!
  • Thanks for your attention
  • We'll be happy to answer all your questions
  • Right after the session
  • Compuware Booth
  • Community Booth Ask-The-Experts
  • VISUG Booth

41
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Best Practices For Application Development" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!