Rockford Lhotka

 Wednesday, May 12, 2010

Magenic is hosting a Code Mastery event in Chicago on May 26 – which is very soon!

Code Mastery is a free training event for Microsoft .NET developers. This is two tracks of high quality, in-depth technical training on current technologies from Microsoft. We’re covering Silverlight, WPF, SharePoint, TFS, Pex, CSLA .NET version 4 and more!!

The event is being held at the Microsoft offices in Downers Grove, IL. This is an all day event and lunch is provided for attendees.

Register now to reserve your seat – don’t miss this great opportunity for high quality, free training!!

Wednesday, May 12, 2010 10:46:41 AM (Central Standard Time, UTC-06:00)  #    Disclaimer
 Friday, May 7, 2010

There’s a lot of understandable buzz about the iPad, including this well-written post that I think conveys something important.

As a Microsoft-oriented technical evangelist I’m now almost constantly asked what I think of the iPad. I’ve spent perhaps a total of 20 minutes with one, so I’m not an expert, but I can confidently say that I found it very pleasant to use, and I think it is a great v1 product.

(as an aside, many people also call it a “Kindle killer”, which I absolutely think it is NOT. It is too heavy, the screen is shiny and backlit and the battery doesn’t last 1-2 weeks – it was almost inconceivable to me that anything could replace real books (but the Kindle did), and the iPad certainly doesn’t compete with real paper or the Kindle)

I think the iPad reveals something very, very important. As does the iPhone, the Android phones and the upcoming Windows Phone 7: most users don’t need a “computer”.

Not a computer in the traditional sense, the way we as software designer/developers think about it.

Given the following:

  • “Instant” on
  • Primarily touch-based UI for the OS
  • Apps (and OS) that is designed for touch through and through (and no non-touch apps)
  • Light weight
  • Good battery life
  • Good networking (including home LAN, corporate domain, network printing, etc)
  • Portable peripherals, and standard connectors (USB, Firewire, ESATA, etc)
  • Docking station capability

I submit that your typical user doesn’t need a traditional computer. Sure, there are the “knowledge workers” in accounting, who push computers harder than developers do, but they aren’t a typical user either.

From what I can see, a typical user spends a lot of time

  • reading and composing email
  • using specialized line of business apps, mostly doing data entry and data viewing/analysis
  • browsing the web
  • playing lightweight casual games (solitaire, Flash-based games, etc)
  • using consumer apps like birthday card makers
  • organizing and viewing pictures and home videos
  • creating simple art projects with drawing apps, etc

None of these things require anything like the new i7 quad core (w/ hyperthreading – so 8 way) laptop Magenic is rolling out to all its consultants. Most users just don’t need that kind of horsepower, and would gladly trade it to get better battery life and more intuitive apps.

Which (finally) brings me to the real point of this post: today’s apps suck (just ask David Platt).

David talks a lot about why software sucks. But I want to focus on one narrow area: usability, especially in a world where touch is the primary model, and keyboard/mouse is secondary.

I have a Windows 7 tablet, which I like quite a lot. But it is far, far, far less usable than the iPad for most things. Why? It really isn’t because of Windows, which can be configured to be pretty touch-friendly. It is because of the apps.

Outlook, for example, is absolutely horrible. Trying to click on a message in the inbox, or worse, trying to click on something in the ribbon – that’s crazy. I’m a big guy, and I have big fingers. I typically touch the wrong thing more often than the right thing…

Web browsers are also horrible. Their toolbars are too small as well. But web pages are as much to blame – all those text links crammed together in tables and lists – it is nearly impossible to touch the correct link to navigate from page to page. Sure, I can zoom in and out, but that’s just a pain.

The web page thing is one area where the iPad is just as bad as anything else. It isn’t the fault of the devices (Windows or iPad), it is the fault of the web page designers. And it really isn’t their fault either, because their primary audience is keyboard/mouse computer users…

And that’s the challenge we all face. If the traditional computing form factor is at its end, and I suspect it is, then we’re in for an interesting ride over the next 5-7 years. I don’t think there’s been as big a user interaction transition since we moved from green-screen terminals to the Windows GUI keyboard/mouse world.

Moving to a world that is primarily touch is going to affect every app we build in pretty fundamental ways. When click targets need to be 2-4 times bigger than they are today, our beautiful high-resolution screens start to seem terribly cramped. And these battery-conserving end user devices don’t have that high of resolution to start with, so that makes space really cramped.

And that means interaction metaphors must change, and UI layouts need to be more dynamic. That’s the only way to really leverage this limited space and retain usability.

For my part, I think Microsoft is in a great place in this regard. Several years ago they introduced WPF and XAML, which are awesome tools for addressing these UI requirements. More recently they streamlined those concepts by creating Silverlight – lighter weight and more easily deployed, but with the same UI power.

I’d be absolutely shocked if we don’t see some sort of Silverlight-based tablet/slate/pad/whatever device in the relatively near future. And I’d be shocked if we don’t see the iPad rapidly evolve based on user feedback.

I really think we’re entering a period of major transition in terms of what it means to be a “computer user”, and this transition will have a deep impact on how we design and develop software for these computing appliances/devices.

And it all starts with recognizing that the type of UI we’ve been building since the early 1990’s is about to become just as obsolete as the green-screen terminal UIs from the 1980’s.

It took about 5 years for most organizations to transition from green-screen to GUI. I don’t think the iPad alone is enough to start the next transition, but I think it is the pebble that will start the avalanche. Once there are other devices (most notably some Silverlight-based device – in my mind at least), then the real change will start, because line of business apps will shift, as will consumer apps.

I’m looking forward to the next few years – I think it is going to be a wild ride!

Friday, May 7, 2010 10:16:26 AM (Central Standard Time, UTC-06:00)  #    Disclaimer
 Thursday, May 6, 2010
Thursday, May 6, 2010 11:30:45 AM (Central Standard Time, UTC-06:00)  #    Disclaimer
 Monday, May 3, 2010
Monday, May 3, 2010 4:38:49 PM (Central Standard Time, UTC-06:00)  #    Disclaimer

CSLA 4 Beta 1 is now available for download. This includes CSLA .NET version 4 for .NET and Silverlight.

Beta 1 is essentially feature complete. It includes some really big (breaking) changes from 3.8.

Here’s a list of highlights, and of course the change log lists essentially all the changes (with the breaking changes highlighted).

The biggest change is the new business, validation and authorization rules system (info here, here and here). While the new rule system requires changes to your existing business, validation and authorization rules code, the new capabilities are pretty amazing and I think you’ll find it is worth the effort to make the changes.

There are many other changes as well, touching almost every aspect of the framework. From new ASP.NET MVC support, to enhanced MVVM support in Silverlight and WPF, to addressing many of the most common requests around the data portal, CSLA 4 should offer benefits to most application scenarios.

This is a beta 1 release, and is the start of the overall beta-to-release process. Based on your feedback using this beta, I expect to do a couple more beta releases over the next few weeks, with a final release in about 6-8 weeks (so around the end of June).

While I’m sure there will be changes based on feedback, the focus during the beta process is on fixing bugs or addressing anything that is clearly broken. I do not anticipate any major feature changes or enhancements during this process – that’s what the past few months of pre-releases were all about.

CSLA 4 does require .NET 4 and (optionally) Silverlight 4. It also requires Visual Studio 2010. If you are using older versions of Visual Studio, .NET or Silverlight then you should continue to use version 3.8.

Please download CSLA 4 Beta 1 and offer bug reports or other feedback using the CSLA forum.

Monday, May 3, 2010 11:17:04 AM (Central Standard Time, UTC-06:00)  #    Disclaimer

At the Chicago codecamp this past weekend I was sitting next to a younger guy (probably mid-20’s) who was angsting about what to learn and not learn.

“I’ll never learn C#, it is Microsoft only”

“Should I learn Python? I don’t have a use for it, but people talk about it a lot”

And much, much more.

Eventually, for better or worse (and I suspect worse), I suggested that you can’t go wrong. That every programming language has something to teach, as does every platform and every architectural model.

For my part, a few years ago I listed many of the languages I’d learned up to that point – and I don’t regret learning any of them. OK, I also learned RPG and COBOL, and they weren’t fun – but even those languages taught me something about how a language shouldn’t work :)  But I must say that PostScript was a fun language – programming printers is kind of an interesting thing to do for a while.

Platform-wise, I’ve used Apple II, C64, AmigaOS, OpenVMS, PC DOS, Novell, Windows 3.x, Windows NT, and modern Windows, as well as Unix, Linux and a tiny bit of some JCL-oriented mainframe via batch processing.

Every platform has something to teach, just like every programming language.

I also suggested that people who’ve only ever done web development, or only ever done smart-client or terminal-based development – well – they’re crippled. They lack perspective and it almost always limits their career. If you’ve never written a real distributed n-tier app, it is really hard to understand the potential of leveraging the all those resources. If you’ve never written a server-only app (like with a VT100 terminal) it is really hard to understand the simplicity of a completely self-contained app model. If you’ve never written a web app it is really hard to understand the intricacies of managing state in a world where state is so fluid.

Sadly (in my view at least), the angsting 20-something wasn’t interested in hearing that there’s value in learning all these things. Perhaps he was secretly enjoying being paralyzed by the fear that he’d “waste” some time learning something that wasn’t immediately useful. Who knows…

It is true that things aren’t always immediately useful. Most of the classes I took in college weren’t immediately useful. But even something as non-useful as Minnesota history turns out to be useful later in life – it is a lot more fun to travel the state knowing all the interesting things that happened in various places and times. (I pick that topic, because when I took that class I thought it was a total waste of time – I needed credits and it seemed easy enough – but now I’m glad it took it!)

(And some classes were just fun. I took a “Foundations of Math” class – my favorite class ever. We learned how to prove that 1+1=2 – why is that actually how it works? And why x+y=y+x, but x-z<>z-x. Useful? No. Never in my career have I directly used any of that. But fun? Oh yeah! :) )

A colleague of mine, some years ago, was on an ASP classic gig. This was in 2004 or 2005. He was very frustrated to be working on obsolete technology, right as .NET 2.0 was about to come out. His fear was that he’d be left behind as ASP.NET moved forward, and he had 3-4 more months of working on 1997 technologies. My point to him was that even if the technology wasn’t cutting edge, there were things to be learned about the business, the management style and the process being used by the client.

A career isn’t about a given technology, or even a technology wave. It is a long-term 20-30 year endeavor that requires accumulation of knowledge around technology, architecture, software design, best practices, business concepts, management concepts, software process, business process and more.

People who fixate on technology simply can’t go as far in their career as people who also pay attention to the business, management and inter-personal aspects of the world. It is the combination of broad sweeping technical knowledge and business knowledge that really makes a person valuable over the long haul.

“Wasting” 6-8 months on some old technology, or learning a technology that never becomes mainstream (I learned a language called Envelope of all things – and it was in the cool-but-useless category) is not that big a deal. That’s maybe 2% of your career. And if, during that time, you didn’t also learn something interesting about business, management and process – as well as deepening your appreciation for some aspects of technology, then I suggest you just weren’t paying attention…

All that said, spending several years working on obsolete technology really can harm your career – assuming you want to remain a technologist. I’m not saying you should blissfully remain somewhere like that.

But I am suggesting that, as a general rule, spending a few weeks or even months learning and using anything is useful. Nothing is a waste.

Monday, May 3, 2010 8:41:33 AM (Central Standard Time, UTC-06:00)  #    Disclaimer
 Tuesday, April 27, 2010

Here’s a really nice forum post discussing how one CSLA user combined the Reactive (Rx) framework with the CSLA data portal to streamline async calls.

Tuesday, April 27, 2010 3:03:54 PM (Central Standard Time, UTC-06:00)  #    Disclaimer
 Monday, April 26, 2010

I’m looking at how to provide information around .NET 4, Silverlight 4 and CSLA 4.

It is a challenging consideration. Many people like books, and I do to. I could create an Expert 2010 Business Objects book, which would take around 6 months. That means it would be out just about in time for Silverlight 5 to ship. Given the rate of Silverlight releases, conventional books (at least of the ~750 page variety) are too slow.

A lot of people have found my PDF ebooks to be very useful. Each one was around ~140 pages, and there’s no print/shipping/production time. This means they come out much faster – but they are still essentially static content once published, just like a conventional book.

The Silverlight and Core 3.8 video series have also been very popular. Not everyone likes to read, and there’s some real value in watching how things are done in a more dynamic manner. Also, videos take less time to produce than either an ebook or conventional book, so they are potentially more responsive. On the other hand, some people really dislike video content and prefer books.

I think it is safe to say that I’ll continue to produce video content, as that addresses an important set of users and is relatively fast to produce.

But I also think text content is important. It has a different price point, and offers advantages around consumption that just aren’t there with videos.

So the question is how to make text content timely, and at least a little less static – while still recognizing the realities of the amount of work involved.

Most conventional publishers now offer a “beta program” of some sort for their books. Basically you buy the book before it exists, and you get access to draft copies of chapters as they arrive. Once the chapters go through the edit process, you then get access to the final versions.

I’m thinking about doing something along that line for CSLA 4. Create ebook content, perhaps with each chapter as a separate PDF. Put this content on like I do with the videos, and then refresh the PDF files as they go through the revision process.

To be clear, this would be the “How to Use CSLA 4” book, not the “How to Build a .NET Framework” book. The focus would be on using the various features of CSLA to construct a reusable business layer, and how to use the data portal to achieve flexible n-tier deployment and scalability. Nor would it dive into specific UI technologies – I’d do separate ebooks for those.

Basically it will be like the Core 3.8 video series, but in ebook form, and targeting CSLA 4 of course.


Monday, April 26, 2010 12:36:35 PM (Central Standard Time, UTC-06:00)  #    Disclaimer

I’ll be at the Chicago code camp this coming Saturday, May 1.

I’ll be talking about CSLA 4, walking through the new business, validation and authorization rules features, along with many of the other new features in version 4 (like the new LINQ support, ASP.NET MVC components, XAML components, etc).

If you are in the Chicago area, I encourage you to come to the code camp – there are a lot of good speakers and it will be a great time!

Also, on May 1 is the Iowa code camp, and at least a couple people from Magenic (Jason Bock and Brent Edwards) will be speaking at that event.

Monday, April 26, 2010 8:33:33 AM (Central Standard Time, UTC-06:00)  #    Disclaimer
 Saturday, April 24, 2010

I’m well into the redesign of the authorization system in CSLA .NET. The new system is integrated into the new business rules system, and so is no longer a separate concept. To me this makes sense, since authorization rules are just a specific type of business rule.

Some of the basic concepts from CSLA .NET 2.0 to 3.8 are still there. Per-property authorization:

  • CanReadProperty()
  • CanWriteProperty()
  • CanExecuteMethod()

Per-type authorization (which is a little different now) where you can ask:

  • Can the user create an instance of this type?
  • Can the user get/fetch an instance of this type?
  • Can the user edit/save an instance of this type?
  • Can the user delete an instance of this type?

And the new per-instance authorization where you can ask:

  • Can the user create the instance you already have? (silly, but possible)
  • Can the user get/fetch the instance you already have? (silly, but possible)
  • Can the user edit/save this instance?
  • Can the user delete this instance?

The actual authorization checks occur by executing an IAuthorizationRule rule object. CSLA provides the AuthorizationRule base class to make it easy to implement most rules, and includes IsInRole and IsNotInRole rules. For example, here’s the IsInRole rule:

/// <summary>
/// IsInRole authorization rule.
/// </summary>
public class IsInRole : AuthorizationRule
  private List<string> _roles;

  /// <summary>
  /// Creates an instance of the rule.
  /// </summary>
  /// <param name="action">Action this rule will enforce.</param>
  /// <param name="roles">List of allowed roles.</param>
  public IsInRole(AuthorizationActions action, List<string> roles)
    : base(action)
    _roles = roles;

  /// <summary>
  /// Creates an instance of the rule.
  /// </summary>
  /// <param name="action">Action this rule will enforce.</param>
  /// <param name="element">Member to be authorized.</param>
  /// <param name="roles">List of allowed roles.</param>
  public IsInRole(AuthorizationActions action, Csla.Core.IMemberInfo element, List<string> roles)
    : base(action, element)
    _roles = roles;

  /// <summary>
  /// Rule implementation.
  /// </summary>
  /// <param name="context">Rule context.</param>
  protected override void Execute(AuthorizationContext context)
    if (_roles.Count > 0)
      foreach (var item in _roles)
        if (Csla.ApplicationContext.User.IsInRole(item))
          context.HasPermission = true;
      context.HasPermission = true;

At its most basic a rule is composed of some simple items:

  • An action (read/write property, execute method, create/get/edit/delete type/instance)
  • An optional target element (property/method)
  • An Execute() method that actually implements the rule

If your rule needs more information that’s fine – it is your class, so you can just add more properties. Just remember that a rule object is used across all instances of a business object type, so (just like with other business rules) the Execute() method absolutely must not change instance-level state in the rule object.

The Execute() method is passed a context object. The context object contains some simple properties:

  1. Target (optional reference to business object)
  2. HasPermission (true/false result returned by rule)

The Target property may be null. For per-property rules it will not be null, and for per-instance rules it will not be null. But for per-type rules it will be null. The way CSLA itself (especially the data portal) invokes rules is always per-property or per-type. The thing is, when possible even the per-type checks include the Target reference (typically only for CanEditObject checks). So you can use it if it is there, but you need to handle the case where it is null.

But the real point here, is that you can write your own authorization rule that has nothing to do with roles. You could use permissions, claims, random numbers – whatever you want to use to decide whether the user can or can’t perform the requested action.

Authorization rules are added in the AddBusinessRules() override in your business class – just like other business rules:

protected override void AddBusinessRules()
  BusinessRules.AddRule(new IsInRole(
    new List<string> { “Administrator” });

The rule set concept from other business rules applies here too – so you can have different authorization rules for different users/contexts/etc.

Finally, you can invoke rules as follows:

// per-type
bool result = Csla.Rules.BusinessRules.HasPermission(
  AuthorizationActions.CreateObject, typeof(Customer));
// per-instance
bool result = Csla.Rules.BusinessRules.HasPermission(
  AuthorizationActions.EditObject, _myCustomer);

The existing IAuthorizeReadWrite interface continues to operate as in 3.x, so you can use that to invoke CanReadProperty/CanWriteProperty/CanExecuteMethod as before.

Friday, April 23, 2010 11:07:27 PM (Central Standard Time, UTC-06:00)  #    Disclaimer
 Monday, April 19, 2010

Jason Bock just blogged with some interesting work he’s been doing around custom code analysis rules for CSLA 4:

Using Custom CodeAnalysis Rules in Your CSLA Projects

Monday, April 19, 2010 9:34:11 AM (Central Standard Time, UTC-06:00)  #    Disclaimer

I have put the demos from my Visual Studio 2010 launch talks online:

BasicVM and LiveDemo are literally the code I created on stage, so they are nothing to look at and probably have little value if you weren’t at the talks. The other demos are more complete and may be useful – especially UsingBxf, which shows some interesting UI proto-framework concepts in a pretty straightforward manner.


Demo created on stage to illustrate the most basic MVVM concepts.


Demo/prototype of a knowledge base/forum application that makes use of a pre-release version of CSLA 4, MVVM and other Silverlight concepts. It is a 3-tier physical deployment (Silverlight client, web/app server, SQL Server database) architecture using many CSLA .NET concepts.

This code uses the Bxf (“Basic XAML Framework”) to implement its shell and viewmodel code in a way that can be unit tested.

This project has a dependency on a pre-release version of CSLA 4.


Demo created on stage to illustrate the basic use of the Visual Studio 2010 XAML designer.


Demo showing simple use of the “Basic XAML Framework” (Bxf) in WPF. The same Bxf code works in Silverlight as well. The Bxf code and this demo show how to implement a basic UI shell that shows content and a status bar. For more advanced uses of Bxf see the Collective demo.

This project has a dependency on a pre-release version of CSLA 4.


Demo showing some concepts and implementation around MVVM.


Demo showing some concepts and implementation around MVVM.

Monday, April 19, 2010 8:59:44 AM (Central Standard Time, UTC-06:00)  #    Disclaimer

Here’s a link to an article I wrote on using code-gen vs building a more dynamic runtime:

Update: There doesn't appear to be a code download on the Microsoft site. Click here to download the code.

Sunday, April 18, 2010 11:30:24 PM (Central Standard Time, UTC-06:00)  #    Disclaimer