One of our clients integrates with a financial services company which provides an API to access data. Obviously this needs to be secure. Their QA environment is secured via SSL but is exposed only by IP address. A .NET client will by default throw a security exception when you try to create a SSL connection by IP because the certificate has been issued to a name. This code will get you past that…

ServicePointManager.ServerCertificateValidationCallback += ((sender, certificate, chain, sslPolicyErrors) => true);

Often in database design a table has a secondary unique key which defines a random alpha-numeric value; lets call this Code. While the table’s primary key is used for foreign key references in the database, the Code column has several advantages and uses. Since it is not a sequential value it can be shown to the user without giving away possible valuable information; for example giving away your sales volume. It can also be used as a URL query parameter to discourage one-up-attacks (note this should not be a replacement for proper data security).

So now that we are sold on having a Code column, what is the best way to implement it? Here is a method you can use to implement a proper Code column and have the database generate the value for you. This is a similar design pattern to using an IDENTITY column to generate the next value for a primary key. We would like for the column to have a default value of a new Code value, such that the application tier doesn’t have to worry about setting the value. An issue with this in SQL Server is that column default values do not allow for ‘dynamic’ values; we can use a view to get around this. As for the Code generation algorithm I piggybacked on the NEWID() function which generates a new uniqueidentifier. There are countless other algorithms you could use for this.

Create a view to generate the new codes…

CREATE VIEW [dbo].[Codes]
AS
SELECT LOWER(SUBSTRING(REPLACE(NEWID(), ‘-’, ”), 0, 16)) AS Code;

Create a function which returns a new code…

CREATE FUNCTION [dbo].[NewCode]
( )
RETURNS NVARCHAR (50)
AS
BEGIN
RETURN (SELECT Code FROM Codes)
END

Now we can use the dbo.NewCode() function as the default value for our table’s Code column..

ALTER TABLE [dbo].[XXX] ADD  CONSTRAINT [DF_XXX_Code]  DEFAULT ([dbo].[NewCode]()) FOR [Code]

That’s it! Now if you insert a row into the table the Code column will have a new value in it by default. Simple.

UPDATE

Here is a much better algorithm to generate codes. The previous algorithm has a ‘hidden’ issue; the NEWID() function only generates the letters A-H, so you don’t get the security of the full 26 character alphabet. The algorithm below also lets you choose which characters you want. This allows you to prevent issues like 1 and I, and 0 and O confusion.

CREATE VIEW [dbo].[Codes]
AS
select
[Code] =
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1)
from
(select ch = ‘ABCDEFGHJKLMNPQURSUVWXYZ23456789′) a

Nobody really likes project management and task estimation, but it’s a necessary evil of product development. I’ve seen quite a few ways to handle estimating tasks; some of which work better than others but none of them I would classify as “fun”. Until now… On a current project with a vendor I was exposed to a process and tool called poker planning. It’s a very simple card based game which is used for a group of people to come to a consensus on the estimate for a task list. There is a free tool that will host a game for you called Planning Poker. The process is pretty simple…

1. Come up with the global user story list for the project
2. Import these user stories into the Planning Poker tool
3. The players of the game are the developers who will be implementing the user story, the product owner does not play but needs to be available
4. For each user story do the following in less than 2 minutes each…
5. The product owner gives a quick description of the user story
6. All of the players choose a card which represents the relative amount of work that user story will take to implement; note these are only relative numbers, not absolute man-days
7. All of the cards are turned over for everyone to see.
8. The players with the highest and lowest cards must both explain their rationale behind their high and low choices
9. The turn is played again until their is a consensus about the amount of effort

At the end of the process you have a relative effort value of each user story. The next step is to map and agree on how to translate those values into absolute working days. Once you get into the process it’s quite fun and effective. I suggest you try it out on your next small project or iteration.

This is a great resources for questions about automated testing within TFS 2010.

http://blogs.msdn.com/vstsqualitytools/

In cases you didn’t see this already…

http://port25.technet.com/archive/2009/11/16/microsoft-to-open-source-the-net-micro-framework.aspx

Microsoft is getting better with the whole “open source” thing. It’s a big change for them and they are going pretty slow, but at least it’s happening. There are having a lot of success with ASP.NET MVC and now the .NET Micro Framework… so hopefully it continues! In my opinion the Microsoft product development culture itself is too focused on building the next set of features rather than filling out the existing feature set to make it actually useful. This is really where I see the community playing a role in filling out the feature set and fixing those annoying little bugs. Perfect example… Entity Framework doesn’t support SQL UDTs, so the geospatial data types can not be used with Entity Framework. If EF was open source, some smart developer somewhere would just go make it work. At least they are on the correct path…