Archive for December, 2010

Graph Database

Posted: December 22, 2010 in Database, Performance
Tags: , ,

Most applications today handle data that is deeply associative, i.e. structured as graphs (networks). The most obvious example of this is social networking sites, but even tagging systems, content management systems and wikis deal with inherently hierarchical or graph-shaped data.

This turns out to be a problem because it’s difficult to deal with recursive data structures in traditional relational databases. In essence, each traversal along a link in a graph is a join, and joins are known to be very expensive. Furthermore, with user-driven content, it is difficult to pre-conceive the exact schema of the data that will be handled. Unfortunately, the relational model requires upfront schemas and makes it difficult to fit this more dynamic and ad-hoc data.

A graph database uses nodes, relationships between nodes and key-value properties instead of tables to represent information. This model is typically substantially faster for associative data sets and uses a schema-less, bottoms-up model that is ideal for capturing ad-hoc and rapidly changing data.

Neo4J ecosystem is Graph Database. Read more from here …

http://www.oscon.com/oscon2009/public/schedule/detail/8364

MongoDB is another Graph Database which is a scalable, high-performance, open source, document-oriented database. Read more from …

http://www.mongodb.org/

http://en.wikipedia.org/wiki/MongoDB




Simple, thread safe and the best performance solution …

public sealed class Singleton
{
    public static readonly Singleton instance = new Singleton();

    Singleton()
    {
    }     
}

  • A single constructor, which is private and parameterless to prevent other classes from creating instance.
  • The class is sealed. It may help the JIT to optimise things.
  • A static variable which holds a reference to the single created instance, if any.
  • A public static means of getting the reference to the single created instance, creating one if necessary – not used in above example and made static variable instance directly public, but for correct use we can have public static property or method to access the instance which will give more control for future
  • Explicit static constructor to tell C# compiler not to mark type as beforefieldinit – not used in above example

There are many ways of creating Singleton object. Refer below link for more details with explanation on each variation …

http://www.yoda.arachsys.com/csharp/singleton.html

Following link has simple and good information about how Authentication/Authorization can be done on web pages/web services in intranet and internet enviroments using IIS, Web.config …

http://www.15seconds.com/issue/020312.htm

Brief conclusion of above link (follow the link for step by step trails …)

Authentication

  • Windows authentication
    • Integrated Windows authentication – client machine computes a hash value by encrypting the user’s credentials and send it to the server
    • Basic and basic with SSL authentication – client does not generate hash value but values will be first encoded using base64 before transmitting. Its not secure bcos anyone who knows how to decode base64 string can easily decode it. So Basic wih SSL is secure.
    • Digest authentication – New type of authentication available from W2k OS and IE5+. In this user credentials will be sent on wire after encrypting them using MD5 (Message digest 5) hashing mechanism.
    • Client Certificate authentication – There are two types of certificates — server certificates and client certificates. Server certificates ensure that the identity of the server is valid and we can trust it; similarly client certificates ensure that the identity of the client is valid and the client can be trusted.
  • Forms authentication – ASP.NET redirects the unauthenticated users to a login page that can be configured in the Web.config file which intern authenticate the user by checking the provided user ID and password against some user database
  • Passport authentication – Passport authentication, a centralized service provided by Microsoft, offers a single logon point for clients. Unauthenticated users are redirected to the Passport site. Similar to the Forms authentication, this redirection might create problems for clients, unless they are programmed to handle the case of redirection.
  • None or Custom Authentication – Out of the all authentication methods, except for Forms and Passport authentications all other methods require Windows accounts for implementing security. Creating and maintaining Windows accounts for a Web application might create problems when scaling an application for more Web servers because we also have to duplicate all the Windows accounts and permissions on other Web servers.

There are some ways to provide custom authentication for our Web Services, for example –

  1. Accept a username and password as a parameter to our method calls
  2. Provide a logon method for our clients to call before they call any other business method. In that logon method, we can verify their credentials and issue them some kind of key to use in future method calls.
  3. Use SOAP headers for passing authentication information

Authorization

  • Windows NTFS file authorization – use that ACL (Access Control List) for authorization services
  • ASP.NET URL authorization – access is granted or denied for web page or service urls based on different application criterias defined in Web.config file.

More advanced ideas …

For securing SOAP header which may have sensitive  info like user id/pwd, you can use SOAP Extension to intercept the SOAP message and encrypt/decrypt at client/server side using SoapExtension class + ChainStream, GetInitilizer, Initialize, ProcessMessage methods. Refer below link for step by step trails ..

http://www.c-sharpcorner.com/UploadFile/sovonnath/SOAPHeaderandSOAPExtensionsinaWebService11162005021034AM/SOAPHeaderandSOAPExtensionsinaWebService.aspx

Refer below link for customizing ASP.NET security and writing our own HTTP handlers and modules …

http://www.15seconds.com/issue/020417.htm

WCF – Links

Posted: December 14, 2010 in WCF
Tags: , ,

http://www.wcftutorial.net

http://beyondrelational.com/blogs/dhananjaykumar/archive/2011/02/11/walkthrough-on-creating-wcf-4-0-service-and-hosting-in-iis-7-5.aspx

http://www.howtocreate.co.uk/

1. Using bind, trigger functions we can implement simple Publish/Subscribe pattern in JQuery
2. Below example shows how to create Subscribers (generally the script on page sections or modules) by subscribing to a common custom event called buttonClick through JQuery bind method and it also shows how to publish the custom event on some action (manual or automatic – here on click of button which is manual action) which intern fires all subscriber’s Action methods through JQuery trigger method.
3. There is already a plug-in available in JQuery site for achieving this by simply calling $.subscribe, $.publish and with few other functions. Refer http://www.dotnetoutsource.com/Download/jQuery/Publish-subscribe.aspx for sample. Our custom functions can be extended on top of native JQuery code using Plug-ins to access them directly on $ operator, like $.subscirbe.

<input type=”button” value=”Click Button & Publish Button Click Event” id=”myfield2″/>
<script type=”text/javascript” src=”http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.4.js“></script>
<script language=”javascript”>
    // Publisher script can be at page level. Actual publish action will be invoked through either user actions or through callback functions in case of ajax calls
    var Publisher = {
        Publish: function (eventName, args) {
            $(document).trigger(eventName, args);
        }
    };

    // Subscriber1/Subscriber2 can be part of page sections i.e. user controls (in case of asp.net page)
    var Subscriber1 = {
        subscribe: function () {          
            $(document).bind(‘buttonClick’, Subscriber1.Action);           
        },

        Action: function (event, a, b, c) {
            alert(“Subscriber1 Action – arg1: ” + a + “, arg2: ” + b + “, arg3: ” + c);
        }
    }
    Subscriber1.subscribe();

    var Subscriber2 = {
        subscribe: function () {           
            $(document).bind(‘buttonClick’, Subscriber2.Action);           
        },

        Action: function (event, a, b, c) {
            alert(“Subscriber2 Action – arg1: ” + a + “, arg2: ” + b + “, arg3: ” + c);
        }
    }
    Subscriber2.subscribe();

    $(document).ready(function () {
        // Binding publish method for button click event
        $(‘#myfield2’).unbind(‘click’).bind(‘click’, function () { Publisher.Publish(‘buttonClick’, [‘1’, ‘2’, ‘3’]); });       
    });
</script>

Following code is a simple example of publish subscriber modal using Javascript. Subscriber1, Subscriber2 are 2 subscribers for an event “PublishOnClick”. User is the publisher who publishes the event by clicking “Click Button & Publish Button Click Event” button. Publisher javascript code provides framework for adding/executing subscribers by different other modules in the same page. For example Subscriber1 can be in one module and Subscriber2 can be in another module and both can subscribe to single button action on the main page.

<input type=”button” value=”Click Button & Publish Button Click Event” id=”myfield2″/>
<script language=”javascript”>
    var Publisher = {
        subscribers: {},       
        Subscribe: function (event, callback) {
            if (Publisher[event] && typeof callback === “function”) {
                if (Publisher.subscribers[event]) {
                    Publisher.subscribers[event].callbacks.push(callback);
                }
                else {
                    Publisher.subscribers[event] = { callbacks: [callback] };
                }
            }
        },
        Publish: function (event, callback) {
            if (Publisher.subscribers[event].callbacks) {
                for (var callback in Publisher.subscribers[event].callbacks) {
                    Publisher.subscribers[event].callbacks[callback].apply(null, arguments);
                }
            }
        },
        // PublishOnClick – name should be same as subscribing event name. Similar to this method we can have different method for each new publishing event
        PublishOnClick: function (event, arguments) {
            Publisher.Publish(event, arguments);
        }
    };

    var Subscriber1 = {
        initialize: function () {
            if (Publisher.Subscribe) {
                Publisher.Subscribe(“PublishOnClick”, Subscriber1.Action);
            }
        },
        Action: function (a, b, c) {
            alert(“Subscriber1 Action – arg1: ” + a + “, arg2: ” + b + “, arg3: ” + c);
        }
    };
    Subscriber1.initialize();

    var Subscriber2 = {
        initialize: function () {
            if (Publisher.Subscribe) {
                Publisher.Subscribe(“PublishOnClick”, Subscriber2.Action);
            }
        },
        Action: function (a, b, c) {
            alert(“Subscriber2 Action – arg1: ” + a + “, arg2: ” + b + “, arg3: ” + c);
        }
    };
    Subscriber2.initialize();

    var fld2 = document.getElementById(“myfield2”); 
    if (fld2.addEventListener) {
        fld2.addEventListener(“click”, function () { Publisher.PublishOnClick(“PublishOnClick”, [‘1’, ‘2’, ‘3’]); }, false); // publish thru button click event
    }
    else if (fld2.attachEvent) {
        fld2.attachEvent(“onclick”, function () { Publisher.PublishOnClick(“PublishOnClick”, [‘1’, ‘2’, ‘3’]); }); // publish thru button click
    }
</script>