Thursday, November 29, 2007

Effective Use of Visual Studio 2005 - Named Commands

Command Window: Ctrl+Alt+A

Named commands are used to access VS features from Command Window. Visual Studio 2005 provides full intellisense support in the command window. I experienced that using named commands is much faster than accessing these features with mouse.

Named commands allow you to access and use menu commands in the command window. To use named commands, simply type the name of menu. Press '.' and VS will provide intellisense. Type the name of the menu option or select it from intellisense.


To access Find Results 1 window you have to

1. Click on the 'View' menu and then
2. Click on the 'Find Results' and
3. Finally choose 'Find Results 1'.

Now if you want to use named commands,
1. Press Ctrl+Alt+A to activate command window.
2. Type View.findresults1. You don't need to type full text. Intellisense provides yoy write text. Just press enter.

Some Examples of Named Copmmands:

  • Window.NewWindow: Open a new window on your code.
  • Tools.Options: Bring up Options dialog box.
  • Edit.ViewWhiteSpace: (Ctrl+R, Ctrl+W) Replace white spaces with a dot.
  • Convert tab to spaces: Ctrl+K, Ctrl+D
  • Window.ActivateDocumentWindow: Switch to document window.
  • Window.AutoHide: Hide command window. (Use Ctrl+Alt+A to show command window)
  • Window.AutoHideAll: Hide all windows except document windows. It will hide even pinned-up windows too.
  • Window.ShowEzMDIFileList: Show Easy MDI File List.
  • Window.Split: Split code window into two. Both windows show same files but you can scroll them independently. Issue same command to close splitting.
  • Window.Windows: Open 'Windows'  window. More Info
  • Edit.ClearAll: Clear Command Window.

Named Command and Keyboard Shortcuts

Usually VS features can be accessed in two ways: using keyboard shortcusts or  using named commands. But using named commands is easier than using keyboard shortcuts:

  1. You need to learn keyboard shortcuts. But named commands are not required to learn, as they are based of the menu navigation which is most commanlyt used.
  2. Keyboard shortcuts are customizable. You (or anybody else) can change them. If you are working on some other machine, you may not have same keyboard shortcuts.
  3. There is no help (intellisense) provided for keyboard shortcuts.


1. Easy MDI File List


2. Split code window



Wednesday, November 28, 2007

Effective Use Of Visual Studio 2005 - Handling Open Documents

Visual Studio 2005 provides some excellent document management capabilities. Most of the we are not aware of these features. One of the feature is open document tab groups. Unlike VS 2003, it shows only as much tabs as fits in the window width. There is no scrolling. Instead, VS 2005 provides dropdown menu to select from all open documents. Inseated of selecting open documents, you can also do some other functions.
I am planning to write a series on useful-but-less-known features of VS 2005. This is second post in the series. (read first post)
In continuation to my previous post on managing open documents, here are some more tricks.

Right click on the open document tab group. A context menu will appear with following options:
  1. Save default.aspx.vb
  2. Close
  3. Close all but this
  4. Copy full path
  5. Open containing folder
  6. New horizontal tab group
  7. New vertical tab group
Save default.aspx.vb
Allows you to save currently selected document. Currently selected document is the one which is open in the window.

Close currently selected document.

Close all but this
Close all open documents except the currently selected document.

Copy full path
Copy full path of the currently selected document to the clipboard.

Open containing folder
Open the folder that contains the currently selected document. The folder is opened in the windows explorer.

New horizontal tab group
Open another document window. The two windows are tiled horizontally. Both window will have document tab group. This is useful when you want to open on two group of documents simultaneously.

New vertical tab group
Same as above option. But this makes the windows tiles vertically instead of horizontally.

Tuesday, November 27, 2007

Effective Use of Visual Studio 2005 - Closing Selected Window

To close open documents selectively:
1. Go to Window -> Windows.
2. This will show list of all open windows (not just those which you see on the tabs).

3. Select the windows you want to close. Use shift (or ctrl) key for multiple selection. You can also use ctrl+A to select all windows.

4. Click "Close window(s)" button to close selected windows.

I experienced that the speed of loading a project into visual studio is directly proportional to the number of open documents. Generally, we open the document as we need it. And then we don't close it. Visual studio 2005 displays only a few number of documents on the tabs. Rest remains open but are hidden. You can click on the down arrow near the 'X' button of the document window to select the open document. To keep you project loading fast, always keep minimum number of open documents.

Monday, November 26, 2007

Microsoft Popfly - Share Visual Studio Projects On The Web


Popfly allows you to build gadgets and web pages. It also allows you to share your creation. Popfly provides online visual tools for creating Web pages and gadgets. You can host, share, rate, comments and even remix creations from other popfly users.

Here are some things you can do with Popfly:

Add some fun to your Facebook page, web site, or Windows Live Spaces page.

You can easily spice up your Web site or blog with Popfly by adding customized games like Whack-a-mole or asteroids with pictures of your friends and family or create custom quizzes or polls that you can easily embed on your Web site.

Build a Home Page:

You can build a custom home page, say for your school’s sports team and choose from over 150 different themes, 10 styles, and 30 unique color themes for a unique visual design. You can then easily add things like team photos, a team schedule from an RSS feed, video from previous games, Virtual Earth maps with directions to game locations and more, all without writing code.

Mix and Re-mix Photos and Videos:

Popfly makes it easy to create and share beautiful slideshows using pictures from Flickr, Windows Live Spaces, Facebook or to embed a podcast or a video player hosting videos from Soapbox or YouTube and share it on your Facebook profile, Windows Live Spaces page, or any Web page.

Unify Your Online Personality:

Popfly enables you to customize and stitch together your online persona in one place. You can create mashups that show what you dug on, what you are buying or selling on eBay, you Halo 3 game scores, what Facebook events you’re attending, what your friends are doing on Twitter, and much more.

Share Visual Studio Projects:
Popfly offers a powerful web programming environment to bring in new data sources, create new ways to display information, or even create and share full Visual Studio projects.

Popfly Explorer for Visual Studio and Visual Studio Express:

Popfly Explorer is a plug-in for Visual Studio that lets you:

  • Effortlessly create and host a Popfly web site
  • Access your Visual Studio solutions from anywhere
  • Share Visual Studio solutions with friends
  • Add mash-ups to your web pages


Thursday, November 22, 2007

How To Purchase A Laptop

Question: How many people are required to purchase a laptop?

Answer: Five.

Question: And what is the flowchart of purchasing a laptop?

Answer: Acquire 100% resources --> Drink beer --> Have lunch --> Go to theatre --> Watch movie --> Then release 60% of resources and utilize 40% resources to buy laptop --> The process is exhausting so re-energize 40% resources with more beer.

Don't believe me? Read the story below (it's real):

Bob is a software professional who is working for a large MNC. Currently he is posted at client side. He has a team of six people who share good chemistry. Today one of his team mate Mr. M decided to buy a laptop. His office is very near to largest electronics market so it was decided that team will go to buy laptop in the lunch time.

Unfortunately, nobody in the team brought their car today. Usually people use company provided cabs for commute from home to office and back. So they decided to hire an auto. Bob and his mates asked many auto driver but all denied. Finally it was decided that they will take bus. After long wait bus stand, finally a bus arrived. Frustrated after waiting long time, they were onboard in fraction of seconds. Things seemed to be on the right path when they discovered that they had boarded wrong bus. After changing the bus at the next stop, they finally went to the market.

While passing through the theatre M proposed for watching the movie. Mr. V proposed for having lunch. Se it was decided that they will watch the movie after lunch and they they will buy laptop. The restaurant was unfortunately close to the beer and wine shop. It allowed carry and drink facility. Mr. D proposed for beer and Mr. G immediately approved. V and M gave silent approval. Bob doesn't take alcohol so his vote was neutral. Since nobody opposed the idea, they decided to have beer first, and than lunch and then movie. Purchasing laptop was last in the list.

Things went well as planned. They had beer and then had lunch. After lunch every body enjoyed movie. D and G want to have more beer. But theatre management didn't allow them to go outside while the show was running. By than, it was evening and almost dark. The office cab would leave in the one hour. So it was decided that first they will go to office and M and D will come back to buy laptop. D wanted to drink more beer. He proposed to drink one more beer and then go to office and then come back to buy laptop. Bob along with G and V opposed it. Going to office after having beer was not appropriate. So finally it was decided that M and D will purchase laptop, have more beer and than went to home. Bob, G and V will go back to the office.

What happened next is that they follow the plan. In the night Bob called M to confirm weather they had purchased the laptop or not. M had purchased it.

Who is Bob? It's a suspense. I will revel it at the appropriate time.

Technorati Tags: , , , ,

Tuesday, November 20, 2007

Visual Studio 2008 and .NET 3.5 Released

Microsoft shipped Visual Studio 2008 and .NET 3.5 today. Here are some resources for VS 2008:

1. ScottGu's weblog is the primary and authentic source of information।
२. Somasegar's Weblog
3. Paul Andrew blogged about a downloadable poster of commonly used types and namespace in .NET 3.5 (in pdf format), which is worth checking out.
4. View ASP.NET 3.5-specific videos at Microsoft's official website.
5. Brad Abrams wrote about Design Guidelines, Managed code and the .NET Framework 3.5 in his blog.
6. Here is a 31 minute video at Channel 9.
7. VS 2008 is not shipped with MSDN. You can Download MSDN Library for VS 2008 from here.
8. The details about VS 2008 express edition (free) are available here.

Monday, November 19, 2007

Benefit of Using Technorati Tags on your blog


Today, I received a mail from one of my old friend. he happened to visit my blog and was surprised to see Technorati tags there. He called me up to ask what these tags are and why I used them on my blog. In his own words,

"Yaar, your blog seems to be advertising for this web site called Are you being paid for this?"

I was quite surprised to see the reaction of Technorati tags. Then  I told him what Technorati tags are and why I use them on my blog.

Later on I thought that many other people might also be thinking in the same way. So I decided to post a blog entry on this matter.

Tags are keywords or topics which you place at the bottom (or anywhere) of your blog post to catch the attention of Technorati and other search engines. Technorati is a search engine which indexes the blog which uses its tags. Technorati doesn't pay anything to me anybody to place a Technorati tag on his blog. They even don't pay me to write these stuff though I am advocating to use Technorati tags on your blog. (I wish they should pay me for that. Ha ha ha). Instead it helps the blog author in many ways (see below).

A common question arises - why Technorati do all this? The answer is that when you place a link of Technorati tag on your page, you increase the popularity of Technorati. When millions of blogs do the same thing, Technorati gets great page rank and a very very large number of hits on its pages. Technorati puts ads on its pages and the amount one charges to display an ad is directly proportional to number of hits on that page. So Technorati earns money indirectly. But that is not the concern of a blog author. As an author of a blog, I get many free of cost benefits by using Technorati tags.

The benefits of using Technorati Tags on your blog:

1. It gets your page recognized by Technorati and other blogosphere search engines thus increasing the chance of people finding your blog.

2. It gets your blog indexed on search engines like Google, yahoo etc. driving more inward traffic to your blog and increasing popularity and readership.

3. It increase page views per visit because readers can find more on a topic that interests them.

Technorati Tags: , , , , ,

Thursday, November 15, 2007

Putting Application In Offline Mode Using app_offline.htm


Today, I was updating a stored procedure of SQL Server Express Edition 2005 within the Visual Studio 2005. At the same time, I tried to open a page of my application in internet browser using IIS (localhost). And I got the error stating:

'The application is currently offline. Remove app_offline.htm file from applications root directory.'

I never heard of app_offline.htm file before. As a habit I pressed 'F5' to refresh the page and it worked fine. 'What the hell was this?', I thought. I googled about the file in error message and learned some interesting facts. Here is what I found:


When ASP.Net found a file names app_offlinne.htm in the root of a web application directory, it shut-down the application, unload the application domain from the server, and stop processing any new incoming requests for that application. ASP.NET also then respond to all requests for dynamic pages in the application by sending back the content of the app_offline.htm file (for example: you might want to have a “site under construction” or “down for maintenance” message).

Visual Studio 2005 And app_offline.htm

SQL Server 2005 express edition does not support multiple processes. Only single process can access database at a time. So when a database is accessed through visual studio, runtime cannot access the database. This will result into the internal server error.  To prevent this, VS 2005 places app_offline.htm file in the application's root directory. The file contain above message. This causes to put the application in offline mode. Please note the accessing database means opening any component of the database (I.e. table, view, stored procedure etc.) into the design window. When design window is closed, VS 2005 removes app_offline.htm file.

Using app_offline.htm As A Feature

You may use app_offline.htm feature to put your application in offline mope for any purpose. This provides a convenient way to take down your application while you are making big changes or copying in lots of new page functionality (and you want to avoid the annoying problem of people hitting and activating your site in the middle of a content update). It can also be a useful way to immediately unlock and unload a SQL Express or Access database whose .mdf or .mdb data files are residing in the /app_data directory.

You should keep an eye on a feature of IE6 called "Show Friendly Http Errors".  This can be configured in the Tools->Internet Options->Advanced tab within IE, and is on by default with IE6.  When this is on, and a server returns a non HTTP-200 status code with less than 512 bytes of content, IE will not show the returned HTML and instead substitutes its own generic status code message (which personally I don't think is super friendly <g>).

So if you use the app_offline.htm feature, you should make sure you have at least 512 bytes of content within it to make sure that your HTML (instead of IE's friendly status message) shows up to your users.  If you don't want to have a lot of text show-up on the page, one trick you can use is to just add an html client-side comment with some bogus content to push it over 512 bytes.

Once you remove the app_offline.htm file, the next request into the application will cause ASP.NET to load the application and app-domain again, and life will continue along as normal.


  1. Andy Gray wrote an interesting story on how his application stops working and starts giving error 404 when he killed visual studio process.
  2. Phill Scott writes his experience about suddenly getting error 404 and finding the app_offline.htm file culprit.
  3. Chris Ullman, author of Beginning ASP.NET 2.0 also had similar experience.


I must thank ScottGu for providing useful details about this mysterious file. I could not found any official documentation from Microsoft about this. But ScottGu's blog is as authentic and Microsoft's documentation.

Cetrification in Ethical Hacking

Wanna become a hacker?

Now is the chance to hack corporate networks without worrying legal suits. Become a Certified Ethical Hacker. An ethical hacker works to identify vulnerabilities in computer systems so they can be made less susceptible to criminal hackers' malicious attacks. Without breaking laws or stealing data, ethical hackers uncover weaknesses by attacking IT systems using the same under-the-radar techniques criminal hackers employ. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.

"Ethical hackers typically have very strong programming and computer networking skills and have been in the computer and networking business for several years. ... These base skills are augmented with detailed knowledge of the hardware and software provided by the more popular computer and networking hardware vendors." says C.C. Palmer, an IBM technologist.

An ethical hacker's evaluation of a system's security seeks answers to three basic questions:

  • What can an intruder see on the target systems?
  • What can an intruder do with that information?
  • Does anyone at the target notice the intruder's attempts or successes?

While the first and second of these are clearly important, the third is even more important: If the owners or operators of the target systems do not notice when someone is trying to break in, the intruders can, and will, spend weeks or months trying and will usually eventually succeed.

EC-Council (International Council of E-Commerce Consultants) provides certification in ethical hacking (CEH). The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

You need to undergo CES training before passing exam. CEH training is typically an intense, five-day course that emphasizes the creative, ever-changing ways hackers gain access to IT systems. "Labs take students through real-world scenarios, which require them to use creativity and demonstrate the ability to solve unusual problems," says Steven DeFino, a course instructor at New Horizons Computer Learning Centers in Salt Lake City.

CEH courses are offered at EC-Council-authorized training centers around the world. Topics covered include:

  • Perimeter defenses.
  • Hacking tools.
  • Session hijacking.
  • Password cracking.
  • Firewall evasion.
  • Intrusion detection.

More Information on CEH

CEH Certification Path

Ethical Hacking Explained

Tuesday, November 13, 2007

Microsoft Security Summit 2007

Microsoft is organizing a one-day workshop on software security in Mumbai, Pune, Kolkata and Chennai.. The summit is useful for:

  • Software Developer
  • Analysts
  • Architects
  • Project Managers


09.00 - 09.30 hrs :


09.30 - 11.00 hrs

Microsoft Platform Security – An Overview

Get a detailed view on the different components of the security development lifecycle, latest updates on security challenges, trends and statistics.

11.00 – 11.30 hrs

Tea Break

11.30 – 13.00 hrs

Application Platform Security

As a developer who has written applications for any one of these platforms, you must have noticed similarities in .NET and J2EE. For anyone who has developed applications on both J2EE and .NET, you must have noticed the differences between them that make designing applications for both these platforms way different from each other. In this session we are going to talk about the similarities in the approaches of both .NET and J2EE and how you can cross leverage your skills across these platforms. We will also talk about underlying core differences and how you can make use of these feature differences to write more secure applications. As an added bonus we will show you how you can use a few common tools to detect security holes in your code.

13.00 – 14.00 hrs


14.00- 15.30 hrs

Data Platform Security

The Web provides a convenient, cheap, and instantaneous way of publishing data. Now it is extremely easy to disseminate information, it is equally important to ensure that the information is only accessible to those who have the rights to use it. Never before has information security had so many vulnerable points. As the computing industry moves from the mainframe era to the client/server era to the Internet era, a substantially increasing number of points of penetration have opened up. New security procedures and technology are pioneered daily, and this session explains the various security systems involved with solving the current problems via the Server Security, User-authentication security, session security and more. For each layer of security added, the system becomes more protected. Like a chain, however, the entire shield may be broken if there is a weak link. And this session will take a sneak preview of how database security and the various database environments are up for the challenge.

15.30- 16.00 hrs

Tea Break

16.00- 17.30 hrs

Web Platform Security

A security compromise of online web applications could result in huge losses of data and valuable customer information, causing irreversible losses. Popular web platforms such as ASP.NET and Linux/ Apache/ MySQL/ PHP should be designed to minimize security risks occurring due to a bug in the code or a vulnerability in the overall environment. Validating user input, handling user data securely, protecting vital configuration data, blocking common hacks such as injection and cross-site scripting, etc. are some of the basic features required in developing secure web applications. Learn how the LAMP platform and ASP.NET/IIS handle these various security scenarios and why ASP.NET/IIS can provide you with a much safer and secure environment for hosting web applications.

Date Time and Venue


21st Nov 2007. GRAND HYATT. Register Now!


Friday, 23rd Nov 2007. Taj Blue Diamond. Register Now!


Thursdays, 06th Dec 2007. Taj Bengal. Register Now!


Friday, 14th Dec 2007. The Park. Register Now!


Technorati Tags: ,

Monday, November 12, 2007

Microsoft Code Names

Microsoft Codenames

Microsoft codenames are the codenames given by Microsoft to products it has in development, before these products are given the names by which they appear on store shelves. Many of these products (new versions of Windows in particular) are of major significance to the IT community, and so the terms are often widely used in discussions prior to the official release. Microsoft usually does not announce a final name until shortly before the product is publicly available.

Visual Studio Codenames


Visual Basic 1.0. The first version of Visual Basic. The standard dialogs and controls created by the Visual Basic runtime library all have "Thunder" as a prefix of their internal type names (for example, buttons are internally known as ThunderCommandButton).


Microsoft Visual C++ 4.1. After Zamboni, an ice resurfacing machine.


Visual Studio 98 (6.0). Ski Resort in Colorado


C#. Short for: C-based Object Oriented Language


Visual Studio .NET 2002. After Rainier, a small town south of Seattle. Mount Rainier is a dormant volcano.


Visual Studio .NET 2003. After Everett, a large city near Seattle.


Visual Studio 2005. After Whidbey Island in Puget Sound. A little farther from Seattle than Everett.


Visual Studio 2008. Named after Orcas Island, located in Puget Sound. Farther still from Seattle.


Team System-only release after Visual Studio 2008. Named after a resort located on Orcas Island.


Visual Studio Team System. Unknown, although it is the name of a North American manufacturer of snowboards.


Successor or Orcas. An island 'much further out' than Orcas or Whidbey. Also, where the development team plan to celebrate its completion.


Visual Studio Team System's Source Control System. Named after the Cape Hatteras Lighthouse in the Outer Banks region of North Carolina.


Visual Studio Team System load testing suite. Named after the Ocracoke Island Lighthouse on Ocracoke Island, also in North Carolina.


Team Foundation Work Item Tracking. Named after the Currituck Beach Lighthouse in Corolla, North Carolina.


Team Foundation Server SDK. Named after the Bodie Island Lighthouse in North Carolina.


Visual Studio Team System's designers for architects.

Includes Application Designer, Logical Data Center Designer, System Designer, and Deployment Designer.


Visual Studio 2005 Extensions for WinFX. Named after Fidalgo Island, located in Puget Sound in the San Juan Islands.


Online version of Visual Studio. Currently a research project.


.Net CLR


LINQ. Language Integrated Query Language extensions to expose query syntax natively to languages such as Visual Basic .NET and C#


Microsoft Surface.  Table-top style computer with multi-touch touchscreen interface.


Windows CE .NET-based technology for smart displays.


Experimental operating system based on the Microsoft .NET platform, using software-based type safety as a replacement for hardware-based memory protection. Project homepage.


    Windows Presentation Foundation

Hail Storm

    .Net My Services. Project to make MSN-hosted user data available to the same users at non-Microsoft web sites; never released


    Windows Communication Foundation


    Silverlight 1.0


    Silverlight 1.1


In Microsoft jargon, the "toaster" is the hardware equivalent of fictional entities, such as the Contoso company or the URI, used in documentation and sample code as placeholders to be redefined by third-party developers.


A framework that takes advantage of Windows Communication Foundation and the Entity Data Model (EDM) to allow developers to expose data in the cloud.


Shared Source Common Language Infrastructure (SSCLI)


An implementation for ASP.NET of Ajax native to the .NET Framework 2.0.

Windows Codenames


            Windows XP


            Windows XP SP2


Windows Vista/ Windows Server 2008 (In Development). Named after the Longhorn Bar in the Whistler-Blackcomb resort


Windows Vista Service Pack 1


Windows Media Player 11 for XP


Windows Media Player 11 for Vista

SQL Server Codenames


            SQL 6.5


            SQL 7.0


            SQL 2000


            SQL 2005


            SQL 2008

Windows Live Codenames




    MSN Messenger


    Microsoft Office Communicator 2005

Sunday, November 11, 2007

Happy Diwali

Diwali is the celebration of enlightenment. This year, Diwali fulfilled one of my dream. I always fantasized about wearing traditional India dress - dhoti kurta in office. But you are not allowed wearing such dress in office - damn office protocol. On Diwali, our admin department was kind enough to let us wear ethnic wear. I took the opportunity and wear dhoti kurta.

Diwali is a five day celebration. The first day is called dhanteras. Traditionally, utensils are purchased on this day. Second day is chotti Diwali also called Naraka Chaturdashi. This is said to be the Diwali of shopkeepers. People buy sweets, crackers etc, on this day. The third day -Diwali is the main festival. People wear new clothes and distribute sweets. People worship the goddess of wealth - Laxmi along with Ganesha, the son of Lord Shiva. The next day is Govardhan Puja. The go-dhan i.e. cattle especially cow is worshiped this day. The last day is Bhaiduj, the day to express love between brothers a sisters.

Every corner of the city is lighted with candles and diyas. Now-a-days people use electric lights. The city seems like beautiful heaven. People burn crackers and fire works.

But I have some concerns. First, why we celebrate Diwali. Common belief is that Lord Rama returned to Ayodhya on this day after killing Ravana, the king of Lanka. Then why don't we worship Lord Rama? Some people believe this day as the beginning of Hindu financial year. So we worship goddess Laxmi. That's OK. Then why do we waste money in crackers?

We do worse to our environment on this auspicious day. Crackers cause lots of air pollution and noise pollution (report). People suffering with heart disease are prone to attack because of the loud and sudden noise of crackers. The amount of poisonous gases such as sulphur dioxide, carbon monoxide in the air increases beyond limits on Diwali. Even you are not able to breath smoothly.

In India, we have less electricity than we need. And we waste thousands of megawatts of electricity on a single day. Does this do any good to us or our country? As a responsible citizen, we must think about these problems.

The true celebration of Diwali, however, means something else. Diwali comes after a chain of festivals. First comes navratras. This is a nine day festival where people keep fasts and pray different goddesses. People prey shakti (The Power) which governs the world. The aim of navratras is to purify our behavior. It is the process of aatm-shuddhi i.e. purification of one's thoughts. After navratra, comes Dussehra. This is celebrated as the victory of good over the evil. This means that by dushhera, we have cleared and purified our thoughts. A pure heart is subject to enlightenment. So now we are on the path of enlightenment. Then came Diwali - the festival of enlightenment. By now, our thoughts are purest and our heart is full of enlightenment.

So Diwali is about the lightning of our inner self and not about wasting electricity and polluting air. I hope, next time before purchasing crackers, we will think about it.

Tuesday, November 06, 2007

What is KISS?

The term KISS is an acronym of the phrase "Keep It Simple, Stupid", and the KISS principle states that design simplicity should be a key goal and unnecessary complexity avoided. It serves as a useful and frequent verbal exhortation (or even dedicated policy) in software development, animation, engineering, and in strategic planning (especially military operations). Other versions of the phrase include "Keep It Simple & Stupid" (most recently used in west-European literature), "Keep It Sweet & Simple", "Keep It Short & Simple", "Keep it Simple, Sweetheart", and "Keep it Simple, Sherlock".

The principle roughly corresponds to Occam's razor, and to Albert Einstein's maxim that "everything should be made as simple as possible, but no simpler."

Etymology: The acronym KISS is known to have been in use during the U.S. Apollo program in the 1960s.

Technorati Tags: , ,

Monday, November 05, 2007

The Bluetooth Story


Microsoft scripting guys published an interesting story about the origin of Bluetooth at Microsoft TechNet. Here it goes:

The Bluetooth “personal area networking” protocol was named in honor of Harald Bluetooth Gormson, son of King Gorm the Old, the one time King of Jutland. (We’re not sure if Gorm the Old is the name that the King was given at birth; that would be pretty cool, though, wouldn’t it?) We found it interesting that Harald’s middle name was Bluetooth. After all, Scripting Guy Jean Bluetooth Ross has spent her entire life (79 years and counting) thinking she was the only person to have that middle name. Good news, Jean: you’re not the only Bluetooth after all.

At any rate, Harald became King sometime around 958, upon the death of his father. Over time, Harald conquered all of modern-day Denmark and Norway, and, along the way, kind of, sort of converted to Christianity. He had a son named Sweyn Forkbeard who, no doubt in retaliation for being given the name Sweyn Forkbeard, eventually led a revolt that cost his father both his throne and his life.

But Harald got the last laugh; after all, how many Forkbeard-enabled devices do you see these days?

Note. There seems to be some disagreement as to where the name Bluetooth came from. Some scholars insist it comes from the old Norse words for “dark-skinned” and “great man,” meaning that Harald had dark skin and, well, was a great man. Others say it’s because Harald actually had a blue tooth. Fortunately, Peter Costantini, the oldest living Scripting Guy, went to junior high school with Harald, so we’ll ask Peter about that.

Just as soon as he wakes up from his nap.

After we disposed of the question “Where did the name Bluetooth come from?” a second question popped into our heads: how can you tell if a computer is Bluetooth-enabled? That turned out to be a much tougher question to answer; in fact, we never did find anything that could tell us definitively whether or not a computer was Bluetooth-enabled. (Or at least not a definitive way to do this programmatically; it’s easy enough to verify that a computer is Bluetooth-enabled by using the Windows Control Panel.) However, based on the fact that Bluetooth is a network protocol, we managed to come up with the following a script, a script that correctly determined whether a handful of test computers were Bluetooth-enabled:

Technorati Tags: , , , , , , ,

Thursday, November 01, 2007

ASP.Net Session



What is Session:
Session is an object at server side which helps in implementing the mechanism to identify a revisiting user over a stateless protocol like HTTP.

What is Session State
The session object stores the information about a session (like session key). It may also store other information in the form of session variables. The collection of values stored in session object is called session state.

State Management
The management of session state is called state management. Different server technologies implement different mechanisms for the state management. supports both, client side state management as well as server side state management.

At client side, following techniques are used for state management:
- Cookie
- Hidden Field
- View State
- Control State
- Query String

At server side, following are the techniques, used for state management:
- Application State
- Cache Object
- Session State
- Database

In, there are three ways to manage session state:

- In-process session state
- Out-of-process session state
- database

These states are configured in web.config file's session state element.
<SessionState mode="Off | InProc | StateServer | SqlServer | Custome" />

InProc Session State
when session state is InProc, objects are stored as live reference in the HttpRuntime Internal Cache. The session state is held in memory.
- If worker process or application domain recycles, all session data is lost.

- If a web site is maintained on more than one machine, a user may be redirected to any other machine. when the user returns to the original machine, a fresh empty session is created. So InProc session state will not work here.

- If web gardening is used on a multi processor system, where each worker processor has an affinity for a particular CPU, don't use InProc session state.

Accessing Session Object:
the EnableSessionState of @Page directive controls the access to a session object for a page. The different values for EnableSessionState attribute are:
- (i) True: read/write access to session object. Acquires a write lock on the session object. No other page, requested from the same session, can access session object.
- (ii) False: no access to session object.
- (iii) ReadOnly: Only readonly access to session object. Acquires a reader lock on the session object.

Out-of-process Session State
when mode is set to state server in web.config, maintains out-of-process session state. Out of process session is maintained by aspnet_state.exe file. It runs as a window service and listenes to TCP port 42424. The port can be changed using the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspnet_state\Parameters\Port.
The aspnet_state service is not started by default. It can be started using MMC service or by running following command:
net start aspnet_state.

To use out-of-process, mode is set to StateServer in config.sys file.
  <SessionState mode="StateServer" StateConnectionString = "tcpip=" />

Since session state is managed on the local machine, so local host's IP is given. You may use a separate machine as state server. In that case, IP of state server should be given in the StateConnectionString. 42424 is the default port. Any port may be used after changing the registry but it should be open.

Out-of-process session state leaves the worker process (aspnet_wp.exe or w3wp.exe) and enters into the state process (aspnet_state.exe). Therefore out-of-process state can't be stored as reference. The objects are passed between processes in binary serialized form. So any object which is used in out of process session state must be instantiated from a serializable class.

A class can be made serializable in the following way:
<Serializable()> _
Public Class MyClass
End Class


public class MyClass{

SQL-Backed Session State
skipped for now.

Cookie-less session state
Include cookiless = "UseUri" in web.config file.
<SessionState Mode = "InProc" Cookieless = "UseUri" />

In Cookieless session state session-id is embedded into the URL. it seems to be a directory in the URL path.
- The session key consists of ASCII values and visible to everyone. They can be easily tempered.
- The session is lost, if a relative URL is invoked directly by typing its address. This is because, in this case session key will not be embedded in to the URL.
- To generate URL at server side, HttpResponse.ApplyAppPAthModifier method should be involved. For example

View State
View State is a encrypted hidden field which contains the key-value pair of the values of controls at a page. ViewState can be enabled or disables using the enableViewState attribute of @Page directive. The web server controls also have this attribute.

Objects or variables can be added to view state manually as follows:
ViewState["MyKey"] = myKey

Any object, which is to be added to the view state must be derived from a serializable class.

Since view state is encrypted, a developer cannot look into it. Some tools are available to examine the view state. One such tool called View State Decoder is available at Some tips on using view state are also available at A tool to generate machine key is also available at

Securing View State
The <machinekey> element of web.config is used to assign validation key to view state. A algorithm is used to protect view state.
<machineKey  ValidationKey = "AutoGenerate, IsolateApps"
  decryptionKey = "AutoGenerate, IsolateApps"
  validation = "SHA1" /> automatically generate a 128 bit key. IsolateApps tells to generate a unique key for each application using application's id. The available validation methods are SHA1, MD5 and 3DES. SHA1 and MD5 are used for temper-proofing while 3DES is used for encryption.

At the page level, in the <pages> configuration, Auto or Always values can be specified to viewStateEncryptionMode attribute. Auto encrypts the view state only when a control requests encryption using Page.RegisterRequiresViewStateEncryption method. Always specifies that the view state should be encrypted always.

Series of Events during The Life of A HTTP Request:

Begin Request
Authenticate Request
determines who the user is
Authorize Request
determine rights of user
Resolve Request Cache
determine weather request can by-pass additional processing
Acquire Request State
session state associated with request is about to be acquired
PreRequest Handler execute
application code of page execute at this point. HTTP handler is called
Post Request Handler Execute
get fired just after HTTP handler is called
Release Request State
session state is stored based on web.config setting
Update Request Cache
resulting output is ready to be added to cache
End request

Related Posts