Technical Challenges
| Retired Content |
|---|
This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. |
The reference implementation is an executable sample. It demonstrates how you can address common technical challenges that you face when you build line-of-business Web sites with ASP.NET. The following table describes new technical challenges that this reference implementation addresses.
Technical challenge |
Description |
How is this demonstrated in the reference implementation? |
|---|---|---|
Page composability |
Ability to create pages from multiple user controls that can be used in multiple modules. The user controls can be independently developed, tested, versioned, and deployed. |
The Order Information page in the Orders module uses the SearchCustomer user control from the Customer module. The OrderPreview user control is contained in the OrderReview, SavedDrafts and Approval user controls as well as the Search Orders Web page. |
Responsive user interface |
Create composable Web pages that use the AJAX controls. |
Controls from the AJAX Control Toolkit are used across pages. Some examples of usage are: The ModalPopupExtender control, which is used on the Order Information page when searching for customers; the ConfirmButtonExtender control, which is used to confirm order submission on the Order Review page; the AutoCompleteExtender control, which is used on the Order Information page; and the CollapsiblePanelExtender and AlwaysVisible controls that are used for displaying help information on the Order Details page. |
Respond to browser field events |
Dynamically update a field in the browser based on input from another field. |
The Order Details page uses the Sku field to retrieve product detail information. |
Responsive validation |
Ability to validate user input as it is entered, providing a more responsive experience. Use object level validation across screens and layers. |
The application’s Web pages use ASP.NET validation controls. The Order Information page reuses Orders business entity validation logic through the Enterprise Library Validation Application Block. |
Browser communications with external services |
Ability to access information exposed by a Web service from client-side scripts. |
The Order Details page interacts with an external service that provides product detail information. The Order Information page interacts with an external service that provides ZIP Codes and cities information. |
The following table describes some technical challenges that this reference implementation addresses that are also addressed in the Global Bank reference implementation.
Technical challenge |
Description |
How is this demonstrated in the reference implementation? |
|---|---|---|
Modularity |
Ability to build complex sites based on modules that can be independently developed, tested, versioned, and deployed |
Web site solution structure. Orders and Customers modules that use the Composite Web Application Block. Distributed Web.config files. |
Composable user interface |
Ability to create a user interface that is composed of multiple modules that interact with multiple back-end systems |
Orders module. Customers module. |
Layout management |
Ability to create a common user experience across different independent modules, separating the responsibility of the UI design from the UI development |
Application uses master pages for public site and for module Web pages. Use of ASP.NET themes and skins. Use of a site map provider to display module actions on the Web site. |
Unit testing Web solutions |
Ability to run unit tests against Web page logic |
All views in the reference implementation use the View-Presenter patterns to isolate page logic. All modules include unit test projects. |
User profile–based UIs |
Ability to change the behavior of the UI based on the user identity and profile information |
Site configured with two roles: Approver and User. Actions available in each module operate on different permissions sets for the available roles (for example, the User role can create an order, and the Approver can approve an order). Use the site map provider to display permission-aware actions on the Web site. Rule-based permissions using the Enterprise Library Security Application Block defined in configuration files. |
Authentication |
Ability to identify registered users of a site |
Forms authentication for all protected pages using a custom created membership provider. Views are protected with the rules settings of the AuthorizationRuleProvider in the DevelopmentWebsite Web.config file that requires authenticated users. |
Authorization |
Ability to change permissions for different users |
Each module defines its own permission set with rules in the module’s Web.config file. The reference implementation uses its own custom role provider. The Customers module defines the AllowSearchCustomers rule for the SearchCustomers page. The User role is allowed to access the SearchCustomers page by setting the AllowSearchCustomers rule to the User role in the DevelopmentWebsite Web.config file. |
Securing data |
Secure user and site information |
All exceptions are shielded using Enterprise Library and ASP.NET configuration to prevent information to be leaked to end users in the event of a runtime exception. The customErrors mode is set to RemoteOnly in the DevelopmentWebsite Web.config file. User input is validated for type, length, format, and range. By using the Composite Web Application Block, untrusted content is encoded before displaying it on a browser. Untrusted content is encoded using the Microsoft Anti-Cross Site Scripting Library. |
System availability and scaling |
Maximize uptime and minimize the time to diagnose problems |
Application tested for scaling up and scaling out. Logging exceptions using the Enterprise Library Logging Application Block for simplified management and diagnostics. |
Easy deployment |
Minimizing the complexity to deploy new or updated functionality on a site |
XCopy deployment of modules. Modules are deployed independently of each other. Distributed Web.config files minimize configuration contention. |
Note
Note: To eliminate the need for a database installation, the reference implementation uses custom membership and role providers that utilize an in-memory repository.