Figure 9-24. The ReadValuesOnChange property on the projectBindingSource control in C#

Incoporate PDF 417 in C# Figure 9-24. The ReadValuesOnChange property on the projectBindingSource control

The sets of choices we present in this chapter revolve around two fundamental decisions you must make about the different tiers of your application.

private static string BufferToString(byte[] buffer) { if (buffer == null) throw new ArgumentNullException("buffer"); string s = string.Empty; for(int i = 0; i < buffer.Length; i++) { s += ByteToHex(buffer[i]) + " "; if (i > 0 && i % 16 == 0) s += "\n"; } return s; } #endregion } } The application in Listing 9-9 produces the following output in the debug window: original: a=1, b=ABCD, c=3, d=1, e=0.1 restored: a=1, b=ABCD, c=3, d=1, e=0.1 Number of bytes: 24 00 00 00 01 04 41 42 43 44 03 00 01 3D CC CC CD 08 C9 0B CF 64 D3 C0 00 If you do not want a field to be serialized, it can be excluded from serialization with the System.NonSerializedAttribute attribute. If a field is not of a primitive type, the data type must have the System.SerializableAttribute attribute, so that the field can be serialized. Primitive types are all integer types and floating point types, as well as bool and enum. The attribute is not inheritable; that is, even if any class from which a class inherits is serializable, the derived class always needs to have the attribute also. That means if you want a subclass of a serializable class to be serializable as well, you need to mark the subclass with the Serializable attribute again.

First let s take a look at the pieces we need. Table 2-1 covers the software requirements for our little excursion into Workflow.

This chapter introduced the main concepts behind SOA, which refers to distributed applications based on Web services technology. We defined what Web services actually are, within the context of SOA, and reviewed the main aspects of SOA. We briefly introduced the WS-I Basic Profile, the WS- specifications, and WSE, all of which are covered in detail in the second half of this book starting with 5.

When the .NET Framework was first released, it contained an extensive set of security and cryptographic features. Of particular note was the ability to apply strict controls over the use of your .NET assemblies through a sophisticated policy system. The security features were very comprehensive and so complicated that pretty much no one ever used them. With .NET 4, almost all the security features have been deprecated and are no longer supported, which leaves only the cryptographic features. Fortunately, the same attention to detail that went into the abandoned policy system was also applied to the cryptographic support, which means there is a comprehensive range of algorithms and support classes available for the C# programmer. In this chapter, we will take a look at how the cryptography features can be used to address common security concerns, including encryption (used to protect data from unwanted eyes), hash codes (used to ensure that data has not been modified), and techniques for generating random data securely and keeping the content of strings hidden. I have a warning, though, before we start. The security and cryptography features of any programming language have two fatal flaws: the programmer and the user. It is incredibly easy to create a program that appears to have solved a security problem but doesn t either because it has been badly implemented or because it is badly used. As a general rule, cryptographic features are used to transform a problem so that it might be easier to solve. For example, imagine you and I need to send data to one another that no one else should be able to read. An obvious approach would be for you to encrypt the data and for me to decrypt it. This is like putting a password on the data, where the password is known as the encryption key. For the most commonly used kinds of encryption, I need to use the same password to decrypt the data as you used to encrypt it. And so the problem has changed from how to exchange data in private to how to exchange the key securely. If you e-mail it to me, would the same people who want to read our data be able to read the key and decrypt the data anyway Can you trust me not to write the key on my whiteboard in a public office If we meet in person, are bad people likely to be listening to us A-ha, you say what about public key cryptography Doesn t that solve the problem And, of course, the answer is that it doesn t; it just changes it in a different way. Public key cryptography means you encrypt the data using a key that can be safely shared with everyone, while I decrypt it using a key that is known only to me. It relies on some very clever math. The problem becomes making sure that you are using my public key and verifying that it is me you are exchanging the data with, ensuring that my key hasn t been stolen, and so on. I could continue, but you get the idea. Cryptographic features must be used with caution. Simply exploring the cryptographic features of .NET is very different from using them to solve a real-world problem. This chapter will help you do the former, but a lot of careful thought and learning is required to do the latter. There are no recent books that I would recommend for .NET security, but for older titles I suggest either my own book, written with Allen Jones, called Programing .NET Security and published by O Reilly, or Jason Bock s book .NET Security, published by Apress. Table 37-1 provides the summary for this chapter.

Listing 20-13 registers for three of the four events in the FileSystemWatcher class, using the same method as a handler. In keeping with the standard pattern for C# events (see 10 for details), the handler method is passed an object representing the source of the event (in this case the FileSystemWatcher object) and a derived EventArgs class containing the event details. The FileSystemWatcher events use the FileSystemEventArgs class, whose properties are described in Table 20-16. Table 20-16. Properties of the System.IO.FileSystemEventArgs Class

A slightly more complex variation is where the rule method needs extra information beyond that provided by the basic RuleArgs parameter. In these cases, the RuleArgs class must be subclassed to create a new object that adds the extra information. A rule method to enforce a maximum length on a string, for instance, requires the maximum length value.