It is unfortunate how life sometimes overtakes you and no matter how you prioritize the things in your life, you must sacrifice. Such is the case now, when I realise now that I must leave Co-operative Web and became a full-time dad to look after my family.

When our daughter was born, it was an occasion for great happiness. She is, and I hope will remain, a source of great joy, but she is also not a well bunny. Unfortunately, as a result of her illness, her mum has now also become ill and needs to get back to work to recuperate mentally. Which leaves me needing to look after our baby girl until such time as she is well enough to attend nursery. Which means I am now a full time dad. Hopefully I will not miss work as much as the other half currently does.

Sigh.

For a while then, I’ll be putting content on a new site which I’ll link to when it’s up and ready. Hopefully I’ll have the time to update it regularly.

If you’re based in Birmingham, UK and are looking for a .NET developers job, I heartily recommend working for Co-operative Web. They run a very positive shop with challenging tasks and supportive team members. The arcade machine and table football table help as well. Their jobs page is here.

Andrew Stopford has announced the release of MbUnit \ Gallio v3.2 with lots of new goodness. His own blog entry contains a quick runthrough of what’s what, but the full release notes can be found here, and you can find the download here.

I should also highlight the new documentation wiki over at gallio.org. This contains all the previous documentation efforts started when I was contributing docs for this project plus a lot of new stuff. Excellent work guys! Glad you found a publishing mechanism that suits you the best.

The interesting thing about writing a book such as Programming ASP.NET 3.5 is that as new readers come to it over time, they find that libraries used within the book code break the examples. Peter Ormshaw got in touch today to point out that the Ajax Control Toolkit has changed slightly since build 20229 which the book was built against.

In particular, he’s come across three differences between the book and working with v3.5.40412 which is the latest version at the moment.

Installing The Control Toolkit

Appendix A, which covers installing the control toolkit is now obsolete. Best practice now would be to download the binaries for the toolkit and follow the installation instructions at http://www.asp.net/ajaxlibrary/act.ashx.

You Must Use The Toolkit Script Manager

Any AJAX web form you’ve created in Visual Studio automatically contains the standard ASP.NET ScriptManager control. If you want to use any toolkit controls on that page, you must replace this with the toolkit’s own ScriptManager control. So then, you change this

<asp:ScriptManager ID="ScriptManager1" runat="server" />

to this

<asp:ToolkitScriptManager ID="ToolkitScriptManager1" runat="server">
</asp:ToolkitScriptManager>

Toolkit now uses asp as its TagPrefix: BulletedList Users Beware!

The final thing to note is that v40412 now has the Toolkit controls use “asp” as the default TagPrefix for its controls rather than cc1. This in itself is not a problem and makes sense as Microsoft have now more formally adopted the Toolkit with all its jQuery finery and finessing on the client side.

However, the toolkit also includes a control called BulletedList which, with the tagprefix change now means that Visual Studio will no longer compile pages referencing the toolkit and containing this control until you alter the TagPrefix used by the toolkit on that page. Typically, that means changing the “asp” in TagPrefix=”asp” in this line

<%@ Register Assembly="AjaxControlToolkit" Namespace="AjaxControlToolkit" TagPrefix="asp" %>

to something other than asp. Don Kiely has a full description and reasoning behind this issue at devproconnections.com.

So it came to pass that our plan for world domination and propagation of our surname has come to pass. This is our new daughter, Evie. Say hello Evie...

We all want our websites to be secure. We always think this when we start to write one. And then, after we've implemented some 90% of it, we start to wonder whether or not anything we've written is actually as secure as a very secure vault based on the moon or as secure as the drunk in the pub with informational diarrhoea. And, having decided the latter, we make a hasty attempt to obfuscate our code, prevent injection attacks, maybe encrypt a few things and generally make ourselves feel better about it, not knowing how well we've covered our backs, if at all.

Developing secure applications, be they desktop- or web-based, requires us to do two things:

• Be aware of potential vulnerabilities in our code
• Include and work to prevent these security issues throughout development.

Now Beginning ASP.NET Security can't make you change your development process, but what it does do with aplomb is bring you up to speed with common potential vulnerabilities to your website, best practices to avoid them and, where applicable, how to keep up to date with new developments.

With sixteen chapters covering basic page-coding, common ASP.NET framework tasks, and finally tasks out in IIS and .NET as a whole, the book is concise, clearly written, and, most importantly, emphasizes that coding securely isn't as hard or as time-consuming as you might otherwise have thought. On the other hand, it will also highlight the number of flaws in your previous sites you didn't even realise were there. You might subtitle this book "Or Why I Learned To Stop Worrying And Get On With Plugging My Security Holes."

As a former stalwart speaker around UK user groups on Security and now newly resident in Seattle working for the MS Information Security team, Barry Dorrans has been passing his security knowledge on to we Brits for ages and it shows. Each chapter is written around an individual security problem you'll most likely need to attend to before releasing your website live. The crux of the problem is described and, where possible / legal, examples given of how it can be exploited, before solutions are given, often as easy-to-reuse code or instructions you can implement in your own projects. To his credit, it's only in the chapter on hashing and encryption where readers may well get bogged down in the theory of it all, but then again, it's the chapter on hashing and encryption so a fair amount of that should be expected and there's perhaps more plain English here than other attempts have managed.

All in all, Beginning ASP.NET Security is a great book to have in your reference library. It's confidence boosting because what security measures you may have put in place before will be verified (or corrected) in its pages and those you didn't know already soon will be in place - another good set of pro-points to put forward to potential clients during that all-important pitch. There are niggles sure but they are slowly being addressed as Barry releases errata notes on his blog.

Final score 8/10 - well worth the money.