ASP.NET: Designing and Developing a Line-of-Business Web Application Ammar Abuthuraya Developer & Platform Lead Microsoft ® Corporation

ASP.NET: Designing and ASP.NET: Designing and Developing a Developing a Line-of-Business Line-of-Business Web ApplicationWeb Application

Ammar AbuthurayaAmmar AbuthurayaDeveloper & Platform LeadDeveloper & Platform LeadMicrosoftMicrosoft®®

Corporation Corporation

What We Will CoverWhat We Will Cover

Definition of a line-of-business Definition of a line-of-business applicationapplication

Time Tracker as example of line-of-Time Tracker as example of line-of-business applicationbusiness application

Design and technology choicesDesign and technology choices Development techniquesDevelopment techniques Intranet security design and Intranet security design and

implementationimplementation

Session PrerequisitesSession Prerequisites

Level 200Level 200

Ability to read C# codeAbility to read C# code Working knowledge of ASP.NETWorking knowledge of ASP.NET Familiarity with MicrosoftFamiliarity with Microsoft®® Visual Studio Visual Studio®® .NET .NET

So Why This Presentation?So Why This Presentation? Provide overview of best practices forProvide overview of best practices for

Application architectureApplication architecture DevelopmentDevelopment

Outline key features of ASP.NET and the .NET FrameworkOutline key features of ASP.NET and the .NET Framework Promote the ASP.NET Starter Kits at www.asp.netPromote the ASP.NET Starter Kits at www.asp.net

AgendaAgenda IntroductionIntroduction Design goalsDesign goals Application architectureApplication architecture Data layerData layer Business logic layerBusiness logic layer Presentation layerPresentation layer Report creationReport creation GDI+ chart creationGDI+ chart creation MobileMobile GlobalizationGlobalization SecuritySecurity DeploymentDeployment

IntroductionIntroductionThe Time Tracker Line-of-Business The Time Tracker Line-of-Business Web ApplicationWeb Application What is a line-of-business application?What is a line-of-business application? Time Tracker allows users to track Time Tracker allows users to track

hours worked on a projecthours worked on a project Allows managers to monitor project Allows managers to monitor project

statusstatus Per userPer user Per projectPer project

Allows administrators to manage user Allows administrators to manage user accounts and projectsaccounts and projects

IntroductionIntroductionThe Time Tracker Line-of-Business The Time Tracker Line-of-Business Web ApplicationWeb Application

Illustrates best practices for intranet application Illustrates best practices for intranet application developmentdevelopment

Serves as a template for other line-of-business Serves as a template for other line-of-business applicationsapplications

Demonstration 1Demonstration 1Time Tracker Time Tracker FunctionalityFunctionality

Registering as a New UserRegistering as a New User

Creating New Users Creating New UsersCreating a ProjectCreating a Project

Creating Time EntriesCreating Time EntriesGenerating ReportsGenerating Reports

Logging on as a Less-Privileged UserLogging on as a Less-Privileged User

Time Tracker Starter KitTime Tracker Starter Kit

AgendaAgenda IntroductionIntroduction Design goalsDesign goals Application architectureApplication architecture Data layerData layer Business logic layerBusiness logic layer Presentation layerPresentation layer Report creationReport creation GDI+ chart creationGDI+ chart creation MobileMobile GlobalizationGlobalization SecuritySecurity DeploymentDeployment

Design GoalsDesign GoalsDecisions for an Intranet ApplicationDecisions for an Intranet Application

Emphasis on maintenance, not Emphasis on maintenance, not performanceperformance

Can utilize company’s existing user Can utilize company’s existing user informationinformation

Clean separation between logical tiersClean separation between logical tiers Enables code reuse by other applicationsEnables code reuse by other applications

AgendaAgenda Introduction Introduction Design goalsDesign goals Application architectureApplication architecture Data layerData layer Business logic layerBusiness logic layer Presentation layerPresentation layer Report creationReport creation GDI+ chart creationGDI+ chart creation SecuritySecurity MobileMobile GlobalizationGlobalization DeploymentDeployment

Application ArchitectureApplication ArchitectureLogical 3-tier DesignLogical 3-tier Design

AgendaAgenda IntroductionIntroduction Design goalsDesign goals Application architectureApplication architecture Data layerData layer Business logic layerBusiness logic layer Presentation layerPresentation layer Report creationReport creation GDI+ chart creationGDI+ chart creation SecuritySecurity MobileMobile GlobalizationGlobalization DeploymentDeployment

Data LayerData LayerDatabase Schema RequirementsDatabase Schema Requirements

User enters time for project and User enters time for project and categorycategory

User role authorizationUser role authorization Time entries require user project Time entries require user project

membershipmembership Project has one or more categoriesProject has one or more categories Projects can have one project managerProjects can have one project manager

Data LayerData LayerDatabase SchemaDatabase Schema

Data LayerData LayerStored ProceduresStored Procedures

Provide separation between database Provide separation between database and data access layerand data access layer

Performance benefitsPerformance benefits Added securityAdded security Can change with no effect to data layerCan change with no effect to data layer ListTimeEntries helps enforce role ListTimeEntries helps enforce role

authorizationauthorization

Data LayerData LayerData AccessData Access

Uses Data Access Application Blocks Uses Data Access Application Blocks (DAAB)(DAAB)

Time Tracker uses ExecuteDataSet Time Tracker uses ExecuteDataSet methodmethod

Reduces custom code from six or more Reduces custom code from six or more lines to one or twolines to one or twoDataSet ds = SqlHelper.ExecuteDataSet(DataSet ds = SqlHelper.ExecuteDataSet( ConfigurationSettings.AppSettings[ConfigurationSettings.AppSettings[ Web.Global.CfgKeyConnString],Web.Global.CfgKeyConnString], CommandType.StoredProcedure,CommandType.StoredProcedure, “ “ListAllProjects”);ListAllProjects”);


Business Logic LayerBusiness Logic LayerApplication-specific CodeApplication-specific Code

Implements how a company does Implements how a company does businessbusiness

Business Logic LayerBusiness Logic LayerApplication-specific CodeApplication-specific Code

Distinct from UI and database-specific Distinct from UI and database-specific codecode

Enables code reuseEnables code reuse Functionality available to Web servicesFunctionality available to Web services Implements security Implements security Classes wrap information from data Classes wrap information from data

access codeaccess code

Business Logic LayerBusiness Logic LayerTTUser ClassTTUser Class

Each name represents an instance of Each name represents an instance of the TTUser classthe TTUser class

Business Logic LayerBusiness Logic LayerTTUser ClassTTUser Class

Public properties that contain user infoPublic properties that contain user info UserIDUserID Role stringRole string

Methods interact with data access layer Methods interact with data access layer to:to: Return lists of usersReturn lists of users Return user informationReturn user information Manage user informationManage user information Log users in Log users in

Business Logic LayerBusiness Logic LayerCustom CollectionsCustom Collections

Derive from Derive from ArrayListArrayList Require less memory than Require less memory than DataSetDataSet and and

othersothers Provide cleaner separation between Provide cleaner separation between

data and presentation layersdata and presentation layers Each collection a class-specific object Each collection a class-specific object

(UsersCollection maps to TTUser )(UsersCollection maps to TTUser )

Business Logic LayerBusiness Logic LayerOther FeaturesOther Features

Static methodsStatic methods Belong to the type itselfBelong to the type itself Object needn’t be instantiatedObject needn’t be instantiated

ProjectGrid.DataSource = Project.GetProjects();ProjectGrid.DataSource = Project.GetProjects();

Retrieving user infoRetrieving user info Configure to MicrosoftConfigure to Microsoft®® Active Directory Active Directory®® or or

WindowsWindows®® NT NT®® SAM need to retrieve user info from SAM need to retrieve user info from account sourceaccount source

DirectoryHelper classDirectoryHelper class Retrieves user first and last name from account sourceRetrieves user first and last name from account source Easily extendableEasily extendable


Presentation LayerPresentation LayerIntroductionIntroduction

Provides user interfaceProvides user interface Communicates directly with business Communicates directly with business

logiclogic Separate from data access and Separate from data access and

business layersbusiness layers Can develop multiple UIs that use code Can develop multiple UIs that use code

from other layersfrom other layers

Presentation LayerPresentation LayerUser ControlsUser Controls

Banner and all tabs are user controlsBanner and all tabs are user controls

Presentation LayerPresentation LayerDataGrid with Inline EditingDataGrid with Inline Editing Define EditItemTemplate ColumnDefine EditItemTemplate Column Fill column with another ASP.NET Fill column with another ASP.NET

server controlserver control <asp:TemplateColumn runat=“server” /><asp:TemplateColumn runat=“server” />

<EditItemTemplate><EditItemTemplate>

<asp:DropDownList … /><asp:DropDownList … />

</EditItemTemplate></EditItemTemplate>

</asp:TemplateColumn></asp:TemplateColumn>

AgendaAgenda IntroductionIntroduction Design GoalsDesign Goals Application ArchitectureApplication Architecture Data LayerData Layer Business Logic LayerBusiness Logic Layer Presentation LayerPresentation Layer Report CreationReport Creation GDI+ Chart CreationGDI+ Chart Creation SecuritySecurity MobileMobile GlobalizationGlobalization DeploymentDeployment

Report CreationReport CreationProject ReportProject Report

Created per selected projectCreated per selected project Grouped by project, category, Grouped by project, category,

consultantconsultant Created with nested DataList controlsCreated with nested DataList controls Data source assigned at run timeData source assigned at run time

DataSource=‘<%# DataSource=‘<%# ListCategory((int)DataBinder.Eval(Container.DataItem, ListCategory((int)DataBinder.Eval(Container.DataItem, “ProjectID”)) %>’“ProjectID”)) %>’

Report CreationReport CreationResource ReportResource Report

Compiles time entry lists Compiles time entry lists Can contain one or more consultantsCan contain one or more consultants Created with a DataGrid nested in a Created with a DataGrid nested in a

DataList controlDataList control


GDI+ Chart CreationGDI+ Chart CreationChart PageChart Page

Separate page needed to render chartSeparate page needed to render chart Uses query strings to pass graph dataUses query strings to pass graph data Returns Portable Network Graphics Returns Portable Network Graphics

(PNG) format(PNG) format

GDI+ Chart CreationGDI+ Chart CreationChart ClassesChart Classes

ChartItem—a single data pointChartItem—a single data point ChartItemsCollection—collection of ChartItemsCollection—collection of

data pointsdata points Chart—abstract classChart—abstract class

Defines Draw() method that must be Defines Draw() method that must be overriddenoverridden

Limits data points for derived graphsLimits data points for derived graphs

BarGraph—performs calculations for BarGraph—performs calculations for graph generation graph generation


SecuritySecurityAuthenticationAuthentication

Forms authentication on installForms authentication on install Easily modified to MicrosoftEasily modified to Microsoft® ® WindowsWindows®®

authenticationauthentication Active DirectoryActive Directory NT Security Authorization Manager (SAM)NT Security Authorization Manager (SAM)

Make changes in Web.config Make changes in Web.config

SecuritySecurityAuthorization and TechniquesAuthorization and Techniques

Roles-basedRoles-based ConsultantConsultant Project ManagerProject Manager AdministratorAdministrator

Roles define:Roles define: page access page access Tasks user allowed to performTasks user allowed to perform

User input cleanedUser input cleaned

DemosDemos

Demonstration 2Demonstration 2Code WalkthroughCode Walkthrough

Review the Data Access LayerReview the Data Access Layer

Review the TTUser Class Review the TTUser Class Review the UsersCollection Class Review the UsersCollection Class

Review the TTSecurity Class Review the TTSecurity Class Review CustomPrincipal and Global.asax.csReview CustomPrincipal and Global.asax.cs

Review the Chart class Review the Chart class Review TimeEntry.aspx.cs and associated files Review TimeEntry.aspx.cs and associated files

Review Banner.ascx.cs class Review Banner.ascx.cs class


MobileMobileTime Tracker Device SupportTime Tracker Device Support

Users can view, add or update entriesUsers can view, add or update entries

AgendaAgenda IntroductionIntroduction Design GoalsDesign Goals Application ArchitectureApplication Architecture Data LayerData Layer Business Logic LayerBusiness Logic Layer Presentation LayerPresentation Layer Report CreationReport Creation GDI+ Chart CreationGDI+ Chart Creation SecuritySecurity MobileMobile GlobalizationGlobalization DeploymentDeployment

GlobalizationGlobalizationUsing the CultureInfo ClassUsing the CultureInfo Class

Culture settings changed per user’s Culture settings changed per user’s browser settingsbrowser settings

Application_BeginRequest method in Application_BeginRequest method in Global.asax performs checkGlobal.asax performs checkif (Request.UserLanguages != null)if (Request.UserLanguages != null)

Thread.CurrentThread.CurrentCulture = Thread.CurrentThread.CurrentCulture =

CultureInfo.CreateSpecificCulture(CultureInfo.CreateSpecificCulture(

Request.UserLanguages[0]);Request.UserLanguages[0]);

elseelse

Thread.CurrentThread.CurrentCulture = Thread.CurrentThread.CurrentCulture =

new CultureInfo(“en-us”);new CultureInfo(“en-us”);

Thread.CurrentThread.CurrentUICulture = Thread.CurrentThread.CurrentUICulture =

Thread.CurrentThread.CurrentCulture;Thread.CurrentThread.CurrentCulture;


DeploymentDeploymentWeb Farm ConsiderationsWeb Farm Considerations

Encrypted cookie’s key must be sameEncrypted cookie’s key must be same Set machineKey in each Web.config file Set machineKey in each Web.config file

to same valueto same value For pages that require session stateFor pages that require session state

Set load-balancing affinity, orSet load-balancing affinity, or Session state must be stored in a state Session state must be stored in a state

server or Microsoftserver or Microsoft®® SQL Server™ SQL Server™

DemosDemos

Demonstration 3Demonstration 3Configuring the Time Tracker Configuring the Time Tracker

ApplicationApplication

Review the Web.Config File Review the Web.Config File Change the User’s Default RoleChange the User’s Default Role

Change Forms Authentication to Change Forms Authentication to Windows NT SAM Authentication Windows NT SAM Authentication

Session SummarySession Summary IntroductionIntroduction Design goalsDesign goals Application architectureApplication architecture Data layerData layer Business logic layerBusiness logic layer Presentation layerPresentation layer Report creationReport creation GDI+ chart creationGDI+ chart creation SecuritySecurity MobileMobile GlobalizationGlobalization DeploymentDeployment

For More Information…For More Information…

MSDN Web site at MSDN Web site at msdn.microsoft.commsdn.microsoft.com

Official ASP.NET Web site atOfficial ASP.NET Web site at www.asp.netwww.asp.net

Training and Training and EventsEvents

MSDN Webcasts, MSDN Online MSDN Webcasts, MSDN Online Seminars, Tech·Ed, PDC, Developer DaysSeminars, Tech·Ed, PDC, Developer Days

MSDNMSDNEssential Resources for DevelopersEssential Resources for Developers

Subscription Subscription ServicesServices

OnlineOnlineInformationInformation

MembershipMembershipProgramsPrograms

Print Print PublicationsPublications

Library, OS, Professional, Enterprise, Library, OS, Professional, Enterprise, Universal Delivered via CD-ROM, DVD, WebUniversal Delivered via CD-ROM, DVD, Web

MSDN Online, MSDN Flash, How-to MSDN Online, MSDN Flash, How-to Resources, Download CenterResources, Download Center

MSDN User GroupsMSDN User Groups

MSDN MagazineMSDN MagazineMSDN NewsMSDN News

How-to ResourcesHow-to ResourcesSimple, Step-by-Step ProceduresSimple, Step-by-Step Procedures Embedded development How-to resourcesEmbedded development How-to resources General How-to resources General How-to resources Integration How-to resources Integration How-to resources JScriptJScript®® .NET How-to resources .NET How-to resources Microsoft .NET development How-to resources Microsoft .NET development How-to resources Office development resources Office development resources Security How-to resources Security How-to resources Microsoft Visual Basic .NET How-to resources Microsoft Visual Basic .NET How-to resources Microsoft Visual C#Microsoft Visual C#®® .NET How-to resources .NET How-to resources Microsoft Visual Studio .NET How-to resources Microsoft Visual Studio .NET How-to resources Web development How-to resources (ASP, IIS, XML) Web development How-to resources (ASP, IIS, XML) Web services How-to resources Web services How-to resources Windows development How-to resources Windows development How-to resources

http://msdn.microsoft.com/howtohttp://msdn.microsoft.com/howto

MSDN WebcastsMSDN WebcastsInteractive, Live Online EventsInteractive, Live Online Events

Interactive, synchronous, live online Interactive, synchronous, live online eventsevents

Discuss the hottest topics from MicrosoftDiscuss the hottest topics from Microsoft Open and free for the general publicOpen and free for the general public Take place every TuesdayTake place every Tuesday

http://www.microsoft.com/usa/webcastshttp://www.microsoft.com/usa/webcasts

MSDN Subscriptions MSDN Subscriptions TheThe Way to Get Visual Studio .NET Way to Get Visual Studio .NETVisual Studio .NETVisual Studio .NET MSDN SubscriptionsMSDN Subscriptions

NE

W

ProfessionalProfessional• Tools to build applications Tools to build applications

and XML Web services for and XML Web services for Windows and the WebWindows and the Web

MSDN ProfessionalMSDN Professional$1199 new$1199 new

$899 renewal/upgrade$899 renewal/upgrade

MSDN EnterpriseMSDN Enterprise$2199 new$2199 new


MSDN UniversalMSDN Universal$2799 new$2799 new


Enterprise DeveloperEnterprise Developer• Enterprise lifecycle toolsEnterprise lifecycle tools• Team development supportTeam development support•Windows Server 2003 and Windows Server 2003 and

SQL Server™SQL Server™

Enterprise ArchitectEnterprise Architect• Software and data modelingSoftware and data modeling• Enterprise templatesEnterprise templates• Architectural guidanceArchitectural guidance

Microsoft PressMicrosoft Press®®

Essential Resources for DevelopersEssential Resources for Developers

Microsoft Visual Studio .NET is here!Microsoft Visual Studio .NET is here!This is your chance to start building the next big This is your chance to start building the next big

thing. Develop your .NET skills, increase your thing. Develop your .NET skills, increase your productivity with .NET books from Microsoft Pressproductivity with .NET books from Microsoft Press

www.microsoft.com/mspresswww.microsoft.com/mspress

Become a Microsoft Certified Become a Microsoft Certified Solution DeveloperSolution Developer

What is MCSD?What is MCSD? Premium certification for professionals who design Premium certification for professionals who design

and develop custom business solutionsand develop custom business solutions How do I attain MCSD certification?How do I attain MCSD certification?

Certification requires passing four exams to prove Certification requires passing four exams to prove competency with Microsoft solution architecture, competency with Microsoft solution architecture, desktop applications, distributed application desktop applications, distributed application development, and development toolsdevelopment, and development tools

Where do I get more information?Where do I get more information? For more information about certification For more information about certification

requirements, exams, and training options, requirements, exams, and training options, visit visit www.microsoft.com/mcpwww.microsoft.com/mcp

THANK YOUTHANK YOU

Documents

ASP.NET: Designing and Developing a Line-of-Business Web Application Ammar Abuthuraya Developer & Platform Lead Microsoft ® Corporation