1. Enterprise Library 3.0: Overview

2. Context  Reusable components are important Address common development challenges consistently across applications  Application Blocks are a form factor for reusable components Reusable, extensible and modifiable source code  Enterprise Library is a set of general purpose application blocks Not specific to any one application type or architectural style  Can be used as-is or as a starting point for your own libraries or frameworks

3. p&p Enterprise Library Enterprise Library Ecosystem Partner blocks Customer blocks Community blocks p&p blocks Partner X library Customer Y library Customer Z library Application Block Software Factory and Specifications

4. Enterprise Library Enterprise Library is…  A library of application blocks which solve common challenges  A set of helper classes which work in any architectural style  Architectural guidance embodied in code which ships with full source allowing you to modify and extend  Available as a free download Enterprise Library is not…  A part of the.NET Framework  An application framework that imposes an architectural style  A Microsoft product with support, compatibility and localization  For sale

5. CachingCaching SecuritySecurity DataAccessDataAccessLoggingLogging ExceptionHandlingExceptionHandling Enterprise Library 3.0 – Application Blocks Plug-in ConfigHelpers & Design ConfigHelpers Instrumen- tation Object Builder CryptographyCryptography Core Policy Injection ValidationValidation

6. Goals of Enterprise Library 3.0  Address top feedback received for existing application blocks  Provide new application blocks to support additional development challenges  Support integration with relevant features of.NET Framework 3.0  Improve the experience around key development activities  Simplify the development of new application blocks and extensions  Retain compatibility with Enterprise Library 2.0

7. Enterprise Library 3.0 – New Features At a Glance  New application blocks Validation Application Block Policy Injection Application Block  Improvements to existing application blocks Data Access Application Block Logging Application Block .NET Framework 3.0 integration Logging, Exception Handling and Validation Application Blocks  Configuration improvements Visual Studio-integrated configuration tool Environmental Overrides Manageable Configuration Source  Automation Application Block Software Factory Strong Naming Guidance Package

8. CachingCaching SecuritySecurity DataAccessDataAccessLoggingLogging ExceptionHandlingExceptionHandling Enterprise Library 3.0 – Application Blocks Plug-in ConfigHelpers & Design ConfigHelpers Instrumen- tation Object Builder CryptographyCryptography Core Policy Injection ValidationValidation

9. The Core  Configuration  Configuration Design & Tooling  Instrumentation  Object Builder

10. Configuration  All Enterprise Library blocks are configurable Controls how the blocks work in your app Specifies which plug-ins you are using  Blocks can be used with or without configuration files Factories build up block objects using data from the configuration files Objects can be “newed up” directly with primitive data types  Configuration stored in standard XML.config files by default Alternative “Configuration Sources” can be used Ships with System, File, Manageable and SQL configuration sources

11. Configuration Design & Tooling  Configuration tools eliminate the need to edit the blocks’ XML configuration files Quickly add default configuration for a block Strongly typed properties and providers Validate configuration before you save Encrypt configuration files Specify settings that are unique to different environments (development, test, production, etc.)  Visual Studio-integrated editor and standalone console are provided  Configuration Design-time subsystem can be used in your own applications and blocks to provide a similar experience for users of your own blocks and extensions

12. Instrumentation  All Enterprise Library blocks include instrumentation to assist in development, testing and operations Event Log events Performance Counters WMI events  All instrumentation is disabled by default, but each type can be individually enabled using the configuration tool  Installing instrumentation requires admin rights, and can be done using installutil.exe  Instrumentation code contained in Common assembly can be reused in your apps

13. Object Builder  Shared component used in several p&p deliverables  Responsible for building objects inside the application blocks Invoking the necessary custom factory using data from configuration Configuring instrumentation for the blocks  Can be leveraged from your own apps, but understanding ObjectBuilder is not required to use Enterprise Library  More information and downloads at http://codeplex.com/objectbuilder

14. CachingCaching SecuritySecurity DataAccessDataAccessLoggingLogging ExceptionHandlingExceptionHandling Enterprise Library 3.0 – Application Blocks Plug-in ConfigHelpers & Design ConfigHelpers Instrumen- tation Object Builder CryptographyCryptography Core Policy Injection ValidationValidation

15. Exception Handling Scenarios  You need consistent exception handling behavior throughout your application  You need to implement best practice guidance for exception handling Don’t inadvertently disclose security sensitive information to remote callers Add context to exceptions by wrapping or replacing exceptions with more relevant exceptions  You need to make it simple to add exception management boilerplate code

16. Exception Handling Application Block  Provides simple mechanism that allows you to consistently deal with exceptions throughout your application  Define “Exception Policies” which link an exception to an action Exceptions of type ApplicationException should be logged Exceptions of type SqlClientException should be caught and wrapped with an exception of type DataLayerException and re-thrown Exceptions of type SecurityException should caught and replaced with an AccessDeniedException which will be thrown  Actions provided include Logging Wrapping one exception with another Replacing one exception with an other Map to WCF Fault Contract

17. Exception Handling - Example Try ' some code that may throw Catch Ex As Exception If ExceptionPolicy.HandleException(ex, “Data Layer Policy”) Then Throw End Try

18. CachingCaching SecuritySecurity DataAccessDataAccessLoggingLogging ExceptionHandlingExceptionHandling Enterprise Library 3.0 – Application Blocks Plug-in ConfigHelpers & Design ConfigHelpers Instrumen- tation Object Builder CryptographyCryptography Core Policy Injection ValidationValidation

19. Logging Scenarios  You need to log business and operations data to various destinations, which are externally configurable  You need to provide tracing to support production debugging  You need to provide auditing for increased security  You need to be able to specify which messages go where, and how they are formatted  You need to be able to log messages to a wide variety of destinations

20. Logging Application Block  Provides a simple model for logging events Strongly typed, extensible log schema  Built on top of System.Diagnostics  Configuration driven – you decide what messages are logged where at runtime.  Use any.NET TraceListener, including supplied formatter- aware listeners: EventLog, Database, Flat File, Rolling Flat File, MSMQ, E-mail, WMI, XML or create your own  Tracer class lets you time key activities and correlate any enclosed events

21. Logging - Examples Dim log As LogEntry = New LogEntry log.Message = “Your message here…” log.Priority = 1 log.EventId = 100 log.Categories.Add("UI") log.Categories.Add("Debug") Logger.Write(log) // Or if you prefer one line... Customer cust = GetCustomer(123); // Log the customer – will call cust.ToString() for the log entry Logger.Write(cust, category, priority);

22. CachingCaching SecuritySecurity DataAccessDataAccessLoggingLogging ExceptionHandlingExceptionHandling Enterprise Library 3.0 – Application Blocks Plug-in ConfigHelpers & Design ConfigHelpers Instrumen- tation Object Builder CryptographyCryptography Core Policy Injection ValidationValidation

23. Data Access Scenarios  You need a simple and efficient way of working with commonly used databases  Transparency when developing for multiple types of databases SQL Server, SQL Server CE, Oracle, OLE-DB, ODBC, …  A way to place an indirection between a logical database instance and a physical database instance  An easy way to adjust and validate the database configuration settings

24. Data Access Application Block  Provides simplified access to the most often used features of ADO.NET with applied best practices  Improve Consistency Write code that works against multiple database brands (caveats apply!) Integrate with System.Transactions functionality  Improve ease of use Easily call a stored procedure with one line of code Let the block manage the lifetime of database connections Work with database connection strings stored in configuration or specified in code

25. Data Access - Examples Public Function GetProductsInCategory(ByVal Category As Integer) As DataSet ' Create the Database object, using the database instance with the ' specified logical name. This is mapped to a connection string in ' the configuration file Dim db As Database = DatabaseFactory.CreateDatabase("Sales") ' Invoke the stored procedure with one line of code! return db.ExecuteDataSet("GetProductsByCategory", Category) ' Note: connection was closed by ExecuteDataSet method call End Function public Dataset GetProductsInCategory(string connectionString, int category) { // Create the Database object, using the specified connection string SqlDatabase db = new SqlDatabase(connectionString); // Invoke the stored procedure with one line of code! return db.ExecuteDataSet("GetProductsByCategory", category); // Note: connection was closed by ExecuteDataSet method call }

26. CachingCaching SecuritySecurity DataAccessDataAccessLoggingLogging ExceptionHandlingExceptionHandling Enterprise Library 3.0 – Application Blocks Plug-in ConfigHelpers & Design ConfigHelpers Instrumen- tation Object Builder CryptographyCryptography Core Policy Injection ValidationValidation

27. Caching Scenarios  You are creating a smart client application that uses locally cached reference data to create requests and support offline operations  You are building an application that requires cache data to be durable across application restarts  Note: ASP.NET cache (System.Web.Caching) can be used across multiple application types and is generally a better choice for applications that don’t require the cache to be persisted

28. Caching Application Block  Provides a flexible and extensible caching mechanism that can be used at all layers of an application  Supports backing stores that persist cache data into a database or isolated storage, so the data can survive app restarts  Thread-safe Ensures that the states of the in-memory cache and the backing store remain synchronized.

29. CachingCaching SecuritySecurity DataAccessDataAccessLoggingLogging ExceptionHandlingExceptionHandling Enterprise Library 3.0 – Application Blocks Plug-in ConfigHelpers & Design ConfigHelpers Instrumen- tation Object Builder CryptographyCryptography Core Policy Injection ValidationValidation

30. Cryptography Scenarios  You need to encrypt sensitive data using a symmetric key before storing in the database and decrypt when reading  You need to encrypt information (without using keys) for use on a single machine  You need to create a hash of a password to store in a database and be able to compare that hash with a user supplied hash to see if you have a match without storing the user password

31. Cryptography Application Block  Improves Security Provides a simplified approach to implementing common cryptography scenarios  Improves Ease Of Use Provides operations on both strings and byte streams CreateHash, CompareHash, EncryptSymmetric, DecryptSymmetric  Improves Integration Supports all.NET crypto algorithms out of the box, or implement your own Supports DPAPI for keyless crypto on a single machine Algorithms and keys can be managed through the configuration tool

32. CachingCaching SecuritySecurity DataAccessDataAccessLoggingLogging ExceptionHandlingExceptionHandling Enterprise Library 3.0 – Application Blocks Plug-in ConfigHelpers & Design ConfigHelpers Instrumen- tation Object Builder CryptographyCryptography Core Policy Injection ValidationValidation

33. Security Scenarios  You need to authorize users Using one or more security systems or mechanisms  You need to cache authentication or authorization data for the duration of a logon session  Note: The original release of the Enterprise Library Security Application Block also supported Authentication, Profile and Roles. This is now supported by the.NET Membership and Profile class, so this functionality has been removed from the block.

34. ASP.NET Security Application Block + ASP.NET  Encapsulate common application security tasks  Present a standard, provider model for common security tasks  Minimize the need for custom security-related code  Incorporate best practices for application security Client Code Security Application Block Membership Profile Membership Provider Profile Provider Authorization Factory Security Cache Factory IAuthorization Provider ISecurity Cache Provider Authorization Rule Provider Caching Store Provider AzMan Authorization Provider ActiveDirectory Membership Provider Sql Membership Provider Sql Profile Provider CachingApplicationBlock

35. CachingCaching SecuritySecurity DataAccessDataAccessLoggingLogging ExceptionHandlingExceptionHandling Enterprise Library 3.0 – Application Blocks Plug-in ConfigHelpers & Design ConfigHelpers Instrumen- tation Object Builder CryptographyCryptography Core Policy Injection ValidationValidation

36. Validation Scenarios  You need to check if data is valid before processing it Input from end users or untrusted systems Improve security and system responsiveness  You need your validation logic to be easy to maintain During development and after deployment  You need to validate the same data in different layers of an application Using consistent validation logic  You need to integrate validation seamlessly into different layers of your application User interface and web service interface layers

37. Validation Application Block  Specify your validation rules once In configuration, Using attributes, Programmatically  Easily validate data from anywhere in your application Programmatically Integrated into Windows Forms, ASP.NET or WCF  Composable validation logic Built-in library of common primitive validation rules Combine validation rules on type members and using Boolean logic Apply multiple validation rule sets to the same types

38. Validation Example [StringLengthValidator(1, 50, Ruleset="RuleSetA", MessageTemplate="Last Name must be 1-50 characters")] public string LastName { get { return lastName; } set { lastName = value; } } [RegexValidator(@"\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*", MessageTemplate="Invalid e-mail address", Ruleset="RuleSetA")] public string Email { get { return email; } set { email = value; } } [StringLengthValidator(1, 50, Ruleset="RuleSetA", MessageTemplate="Last Name must be 1-50 characters")] public string LastName { get { return lastName; } set { lastName = value; } } [RegexValidator(@"\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*", MessageTemplate="Invalid e-mail address", Ruleset="RuleSetA")] public string Email { get { return email; } set { email = value; } } Validator validator = ValidationFactory.CreateValidator ("Ruleset"); ValidationResults results = validator.Validate(customer); if (!results.IsValid) { foreach (ValidationResult result in results) { Console.WriteLine("Message={0}, Key={1}, "Tag={2}", result.Message, result.Key.ToString(), result.Tag == null ? "null" : "\"" + result.Tag.ToString() + "\""); } Validator validator = ValidationFactory.CreateValidator ("Ruleset"); ValidationResults results = validator.Validate(customer); if (!results.IsValid) { foreach (ValidationResult result in results) { Console.WriteLine("Message={0}, Key={1}, "Tag={2}", result.Message, result.Key.ToString(), result.Tag == null ? "null" : "\"" + result.Tag.ToString() + "\""); } Specify validation rules in attributes… …or in configuration Validate objects and process results

39. CachingCaching SecuritySecurity DataAccessDataAccessLoggingLogging ExceptionHandlingExceptionHandling Enterprise Library 3.0 – Application Blocks Plug-in ConfigHelpers & Design ConfigHelpers Instrumen- tation Object Builder CryptographyCryptography Core Policy Injection ValidationValidation

40. Policy Injection Scenarios  Separate cross-cutting concerns from business logic Use interception and injection to apply policies at runtime Provide a declarative way of specifying which policies are applied where Allow policies to be defined using configuration or attributes  Integrate Enterprise Library Application Blocks into applications without the need to write code Validation, Logging, Authorization, Exception Handling, Caching, Performance Counters

41. Policy Injection Application Block  Policy Injection Application Block provides a factory for creating or wrapping policy-enabled objects  If policies are defined in attributes or configuration, a proxy is returned in lieu of the real object  When calling policy-enabled members, a handler pipeline is executed before and after the real member is called  Each handler can read and manipulate the data going in and out of the call

42. Policy Injection Example public class BankAccount : MarshalByRefObject { // Constructors and fields omitted [ValidationCallHandler] public void Deposit([RangeValidator(typeof(Decimal), "0.0", RangeBoundaryType.Exclusive, "0.0", RangeBoundaryType.Ignore)] decimal depositAmount) { balance += depositAmount; } public class BankAccount : MarshalByRefObject { // Constructors and fields omitted [ValidationCallHandler] public void Deposit([RangeValidator(typeof(Decimal), "0.0", RangeBoundaryType.Exclusive, "0.0", RangeBoundaryType.Ignore)] decimal depositAmount) { balance += depositAmount; } BankAccount account = PolicyInjection.Create (customerId); account.Deposit(1234.56M); BankAccount account = PolicyInjection.Create (customerId); account.Deposit(1234.56M); Write classes that extend MBRO or implement an interface Apply Handlers using attributes if desired Apply Policies using configuration if desired Create objects using PolicyInjection class Call your methods the usual way

43. Automation

44. Application Block Software Factory  Enterprise Library 3.0 includes a new software factory for building your own application blocks and extensions to existing application blocks  Features include: Code generation in either C# or Visual Basic.NET Solution templates for Application Blocks and Provider Libraries Recipes to create custom providers for Enterprise Library application blocks Including Validators, Trace Listeners, Exception Handlers and Authorization Providers Strongly-typed or property bag-based configuration Recipes to create new factories, provider bases and providers for your own blocks Recipes to create design-time configuration code from runtime configuration classes

45. Application Block Software Factory

46. Strong Naming Guidance Package  Strong-naming Enterprise Library is recommended, but complex 90+ projects, including design-time and tests Use of [InternalsVisibleTo] attribute for testing  Strong Naming Guidance Package automates: Generating strong-name key pairs Specifying that projects should be strong-named Updating [InternalsVisibleTo] to include public key  Can be run on Enterprise Library or any other solution  Enterprise Library 3.0 also ships with pre-built, strong- named assemblies which you can use if you don’t want to modify the code.

47. Resources  Download Enterprise Library and related resources from: http://msdn.microsoft.com/practices  Join the Enterprise Library Community at: http://codeplex.com/entlib  Read blogs from the Enterprise Library team at: http://msdn.microsoft.com/practices/Comm/EntLibBlogs/