It could happen that you may have authentication and also authorization in your web application.
The authorization could be at page level and you need to enforce that in every page of your web application.

In these kind of scenarios httpmodule could turn out to be very handy. Httpmodule could be made
to behave like an gate keeper who on every request would check with the page being requested if the
request is from valid user or not. Below C# example would make it clear what I am talking about,

//Define interface which every page is required to implement
public interface IAuthorization
{
bool IsPageAccessible();
}

public partial class RequestedPage : Page, IAuthorization
{
public bool IsPageAccessible()
{
//Your authorization check logic goes here
}
}

public class AuthorizerHttpModule : IHttpModule
{
void httpModule_AuthorizeRequest(object sender, EventArgs e)

{

IAuthorization pageToAuthorize = HttpContext.Current.Handler as IAuthorization;

//Enforce authorization to be implemented.
if(pageToAuthorize == null) { //throw exception}

if(!pageToAuthorize.IsPageAccessible()){ //Redirect to unauthorized page}

}

}

I: “I have a simple requirement to be accomplished using Javascript. Can you help me on this?”
You: “Not Again !!!!”
I: “Write a function to return sum of two number passed as arguments”
[By the time I finish reading the requirement you will have the below code]
You: “Here you go !” [With a teasing smile and a dirty look at me ]

function add(x,y)
{
return x + y;
}


Now, the usual thing : Requirement Changes
I: “Instead of two parameters I want to pass 10 values as parameters and get the sum of the values. Can you do this?”
You: “You are wasting my time, but still I can do this simple task”
[After thinking for a while you start rewriting the function by adding 10 parameters....I wait and watch and by the time you complete adding 9th parameter...]
I: “Oops ! Requirement changes again, now I need the function to work for 50 parameters..”
You: “Get Lost ! I am not doing this”
I: “Let increase the complexity and add 50 more…and more…and more…”
You:!!!!????

Don’t worry! Dynamic Parameter Handling in Javascript will come for your help

CQRS is an object oriented architectural pattern built on the principle that every method should either be a command that performs an action, or a query that returns data to the client, but not both.

A typical CQRS scenario involves 2 DB’s, a write DB which is used to store transitional data for long running processes.  For a process where a service expects multiple messages, it needs a way to temporary store data before the all the messages arrives. For e.g. to make a customer a preferred customer needs an approval from the management, which takes some time to process the request. The service will need a temporary storage for the preferred customer state change request till the approval comes. The write DB is used to store these kinds of data. The Read DB is not updated till the approval comes.

When the approval finally comes, the service will take the customer information from the write DB, complete the registration process and write it to the read DB. At this time, the temporary customer information in the write DB has done its job and can be removed from the write DB. For simpler process such as change customer first name, the change can be written to the read DB right away. Writing to the write DB is not required because there is no temporary data in this case.

This simple approach brings following benefits (from Rinat Abdullin’s blog)

• Denormalized query persistence is optimized for the reads (which usually make up the most of the persistence IO) resulting in better performance and user experience;
• We can optimize our read side for the needs of the UI (i.e.: fetching dashboard for the user in a single query) which will result in better development experience and less risk of breaking something on the write side.
• Read side can be put on some cloud storage, which is inherently optimized for the reads, could be partitioned, replicated and even distributed via CDN;
• By offloading data reads to synchronous queries we automatically increase the performance of the write side – now it has lower stress and lower probability of hitting a deadlock

This blog is an attempt to implement the principles of CQRS in a very simple way, for demonstrating the concepts of CQRS like:

• Commands
• Command Handlers (validation and execution)
• Queries
• Query parameters and Query results
• Command Dispatchers.

In this post I will present my views on various aspects of software architecture. These views are not limited to any specific technology.

What is Software Architecture?

A software architecture is typically a set of design decisions to address various non-functional requirements and attributes of a software system/application. It primarily focuses on aspects such as performance, reliability, scalability, testbility, maintainability and various other attributes, which can be key both structurally and behaviorally of a software system.

All architecture is design, but not all design is architecture

A new software product development requires a strong focus on some of these non-functional attributes based on the domain and the nature of the application. It establishes the context for design and coding. Example: A banking application may require special attention on security and availability of the application. Architectural decision have to be well thought to setup a strong base and long term view into consideration; its not only very difficult to change these decisions later on, but, will have significant ripple effects on the software.

Some of the things to keep in mind when architecting a software solution are:

1. A, do not reinvent the wheel policy – Best architects copy solutions that are already proven in the software world. Architects are the one who adapts them to the current context, improve upon their weaknesses and design in such a way that it enables incremental improvements.
2. Simplest architectures are the best – One always has to remember that there will be trade-offs. Example: For a highly scalable system you will trade off cost. Attempting to put an architecture in place which addresses all the non-functional attributes, you are asking for the trouble. By this approach you are not only creating complexity into the system but, making it extremely difficult for the design and implementation team.
3. Demo’able architectural blueprint – A software architecture blueprint should ultimately be converted into executable code. It should not be a mere sketch on a paper or a soft-copy of the model, which the software designers find impossible to visualize and construct.
4. Key responsibilities - Define and validate the system’s architecture, maintain the conceptual integrity of the system, assess and attack technical risks to the system, resolve the design and implementation teams conflicts, document the architecture.
5. Keep tool set upto date – Modern day software requires architects to have updated tool sets in their bag to fulfill various challenges. They particularly have to be aware of how to effectively use them. There are several out of the box architectural tactics, patterns to help architect solve recurring problems.

I plan to cover some of these patterns and tactics in my next post.

In most webpages we judiciously use jQuery and a few other JS plugins. Plus some of our own JS files. We also have a bunch of CSS files and images. Which means when our webpage is loaded in the browser, it has to make several requests to the server to get all the additional files. Sure, the browser tries to fetch several files in parallel. But most browsers put an upper limit to how many parallel requests to make. In most cases this limit is 6. That means if your web page refers to more than 6 files, then some files will have to wait till others have been downloaded. Its easy to see examine this behavior using your browser’s developer tools (Chrome developer tools, Firebug or IE’s F12 window). On most browsers you can hit F12 key to access developer tools. You can find out which files are being requested by your browser and in what order from the Network tab. Here’s an example of how it looks in Chrome:

As you can see from the picture some files are loaded after other have finished. Hence you can significantly reduce the load time of your page by referring as few files as possible. There are also tools/libraries that can help you combine several JS files into one (CSS files too). If you are using images to achieve a gradient look, try using CSS gradient instead. May be some files are not needed in a some pages. Anyways, you can figure out a suitable solution once you know what’s going on and the Network monitoring feature of your browser can help you figure out just that.

Firefox users can use Firebug: http://getfirebug.com/network

IE users can use Internet Explorer Developer Tools: http://msdn.microsoft.com/en-us/library/gg130952(v=vs.85).aspx

Happy optimizing!

- Anand Gothe

Any development project leads to maintenance at some point. It is very natural and expected as customers start using the software over a period of time. A scrum team having done several successful development sprints finds it really challenging to adapt such a change. Some of the challenges are:

• Rapidly changing release dates and priority.
• More flexibility and responsiveness is expected from the team.
• Team requires a different kind of thought process as it involves a lot of analysis, for instance to reproduce customer reported issue, dig deep into the existing code base to identify flaw in the code and then eventually put a fix in place.
• Team communication with customers or Product Owner also is a challenge, as you may require his/her help to reproduce a scenario and also assistance during the analysis.
• Sprint goals can vary. As maintenance sprint would also require to address ad-hoc emergency bug fixes and testing.
• Code quality and some other practices like code review generally takes a back seat

and the list goes on….The question arises, Is scrum or agile a best fit for maintenance or legacy projects?

The answer is YES!!!. Why? Because, the primary purpose of agility is to help the team handle lots of uncertainty, adapt to change, shorter release cycles, production ready software. These attributes are more essential and makes more sense (or equal) when a team is doing a maintenance sprint than a development sprint.

Some techniques that I found to be very effective for maintenance sprints are:

• Maintenance bucket: Allocate a percentage of sprint capacity of the team for addressing maintenance issues. This will ensure that the other sprint goals not related to maintenance are intact. A Product Owner can choose the percentage depending on the number of issues that the customer reports and application stability. This makes more sense when team is focusing both on development and maintenance stories in same sprint.
• Just enough Refactoring – Ensure that every possible opportunity is utilized to refactor the code as you touch the legacy code. This is possibly the best phase to reduce the technical debt.
• Automate bugs - Often you’ll see that the customer reported issues shows up more than once. Developer usually blames the lack of quality code, unit tests and so on. Automating fixed scenarios will ensure that you don’t see them again. Its not the only and the best solution, but, fits best when you don’t have time to refactor/redesign code to make it more unit testable.
• Development sprints should have a focus on reducing technical debt – Its very difficult to always focus on step 2. because teams usually do not have enough time to refactor code when customers are waiting for a fix. Team also don’t refactor because they are afraid of making mistakes. A wise approach in such situations would be to allocate time in every development sprint to add more stability factor into the code. Refactor Incrementally!!
• Collaboration and communication with Product Owner and customers – Its strange, but true. Working closely with PO and customer is more essential during maintenance sprints than probably required during development sprints. This is because team has to be on top of things to do adequate analysis, team has to understand the customer usage scenarios, reproducing the problem, understand the context in which the old code was written and providing solutions.

To summarize, A maintenance sprint can be hard to stick to practices and process that the team has been following in development sprints. However, Agile methods if applied as discussed, team will be able to leverage its benefits and perform well.

Dependency Inversion Principle (DIP)

Basic idea is instead of low level modules are defining the way that high level modules interact with them, we can invert the dependency. So no longer are the high level modules going to be defined on low level ones, but the high level modules will define some kind of interface that low level modules must obey and then the low level modules depends on the interface or abstraction in order to function.

Ex: Portable chargeable devices like mobiles, cameras, laptops

They all have their own ports to get them charged. Like Mobile phones may have micro or mini usb; Cameras will have under connection in; laptops will have their own port.

So you cannot use the same plug to connect these. What’s wrong here is that the surge protector should be defining what these devices should confirm to recharge. As a result the power step should have all the different plugs that the portable devices use to recharge them.

This is an example of not using Dependency Inversion principle.

If we use the Dependency inversion to solve this problem, we will have the common port that will be used for charging and that will be defined by some high-level module (the power step). So the same plug can be used to connect to different type of devices.

The programming example here is:

 We have a high level class depending on interface that is specified by low level class. Now in this case the low level class is not creating an interface. It is just a way the publicly exposed members that low level class defines an interface that high level class uses.

The problem is

If we have more low level classes, we should have a switch or if statement to be able to handle different low level classes. So the higher level classes should know about all these things and the High Level class is not reusable.

If we invert the dependencies

 We have taken that interface above that line. That line represents Layering. If you think about your architecture, the high level class belongs to different layer from the low level. So we have the high level class defining the interface. This might exists as a abstract base class or Interface or some other contract. But the concept is the high level class has said, you must confirm this interface if I am going to use you to do this job. Now the low level class has to confirm the interface specified by the high level class and in fact the high level class also depends on that interface.

If we add multiple low level classes we can provide different implementations.

They all depend on the interface. But nothing happened to high level class. It becomes reusable.