J.D. Meier's Blog

Software Engineering, Project Management, and Effectiveness

March, 2010

  • J.D. Meier's Blog

    How To Use ASP.NET Forms Auth with SQL Server on Windows Azure

    • 2 Comments

    This post is a quick step through of creating a Windows Azure cloud project that authenticates using ASP.NET Forms Authentication with SQL Server as the user store.

    The core steps are very much the same as my previous post How To Use ASP.NET Forms Auth with Azure Tables.   The key difference is step 7 and step 8, which specify the connection to SQL Server.

    Summary of Steps
    Here are the steps at a glance:

    • Step 1. Create a New Cloud Service Project.
    • Step 2. Add a Login Page.
    • Step 3. Create a Way for New Users to Register
    • Step 4. Configure ASP.NET to use Forms Authentication
    • Step 5. Configure ASP.NET to restrict Anonymous Users
    • Step 6. Set up the SQL Membership Database
    • Step 7. Add the SQL Connection String
    • Step 8. Configure ASP.NET to Use the SQL Membership Provider
    • Step 9. Add Test Code to Page_Load to Show the Forms Authentication Details
    • Step 10. test registering a new user and logging in to the application

    Here we go …

    Step 1. Create a New Cloud Service Project.
    In this step, you create a new cloud service project in Visual Studio:

    1. Start Visual Studio, from the menu select  “File” then click “New’ and then click ‘Project”
    2. In the “New Project’ dialog box, expand ‘Visual C#’ (or Visual Basic, if you are using it) in the ‘Project Types’ section, and select “Cloud Service”.
    3. In the ‘Templates’ section choose “Windows Azure Cloud Service” template, set the location, Name it as FormsAuthSample and click the “Ok” button.
    4. In the “New Cloud Service Project” dialog box, select “ASP.NET Web Role”, and click the “>” button to add it to the solution.  Then click the “Ok” button.  This will create a sample cloud Web Application, which is ready to be hosted in the cloud with all required configuration files etc.
    5. Run and verify that it works fine.

    Step 2. Add a Login Page.
    Use Solution Explorer to add a new Web form named Login.aspx to the WebRole1 site.

    Step 3.  Create a Way for New Users to Register
    Add the following two lines into the Login.aspx <form> tag

        <asp:Login runat="server" />
        <asp:CreateUserWizard runat="server"></asp:CreateUserWizard>

    It should resemble the following:

        <form id="form1" runat="server">
        <div>
        <asp:Login runat="server" />
        <asp:CreateUserWizard runat="server"></asp:CreateUserWizard>
        </div>
        </form>

    Step 4. Configure ASP.NET to use Forms Authentication
    In Web.config, add the following line insde the <system.web> tag:
            <authentication mode="Forms" />

    Step 5. Configure ASP.NET to restrict Anonymous Users
    In Web.config, add the following line inside the <system.web> tag:

          <authorization>
            <deny users="?" />
            <allow users="*" />
          </authorization>

    Note – The preceding configuration allows only authenticated users to access the application. The "?" indicates unauthenticated users and the "*" indicates all users. By denying unauthenticated users, any requests made by unauthenticated users are redirected to the login page. The loginUrl attribute of the <forms> element determines the name of the login page. The default setting of this attribute is Login.aspx.

    Step 6. Set up the SQL Membership Database
    In this step, you configure the SQL data store for membership.  This is accomplished through the use of the aspnet_regsql.exe utility.  Details on aspnet_regsql.exe can be found at: http://msdn.microsoft.com/en-us/library/ms229862(VS.80).aspx

    Step 7. Add the SQL Connection String
    In Web.config, add the connection string to the connectionStrings tag using the <add> tag as follows:

      <connectionStrings>
        <add name="MyLocalSQLServer" connectionString="Initial Catalog=aspnetdb;Data Source=MyServerName;Integrated Security=SSPI"/>
      </connectionStrings>

    Step 8. Configure ASP.NET to Use the SQL Membership Provider
    In this step, you configure the Web application to use the SQL Membership Provider.

    In Web.config, add the following lines inside the <system.web> tag:

        <membership defaultProvider="MySqlMembershipProvider" >
          <providers>
            <clear/>
            <add name="MySqlMembershipProvider"
                 connectionStringName="MyLocalSQLServer"
                 applicationName="MyAppName"
                 type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
          </providers>
        </membership>

    Step 9. Add Test Code to Page_Load to Show the Forms Authentication Details
    Add a using statement to Default.aspx.cs in your WebRole1 project to add a reference to  System.Web.Security.
    Add the following code to Page Load of Default.aspx.cs in WebRole1:
    protected void Page_Load(object sender, EventArgs e)

        Response.Write("Hello, " + Server.HtmlEncode(User.Identity.Name) + "<br />");
    }

    Step 10. test registering a new user and logging in to the application

    1. Run the project by using the F5 key (this runs the project in Debug mode.)
    2. Create a new user.  On your first visit, you need to create a new user (e.g. “bob”.)  Note that the password rules by default are alphanumeric plus one non- alphanumeric (for example, "password!")
    3. Login to the application.  Sign in with your new username and password pair.

    The Web application should return something along the following lines:

    Hello, waldo

    Share your feedback or results in the comments.  We’re path paving along with you.

    My Related Posts

  • J.D. Meier's Blog

    How To Use ASP.NET Forms Auth with Roles in Azure Tables

    • 2 Comments

    In my previous post, How To Use ASP.NET Forms Auth to Azure Tables, we walked through creating a simple Web page that authenticates using ASP.NET Forms Authentication and stores the users in Azure Tables using the sample Azure Table Storage provider for ASP.NET.

    In this post, we extend that sample to include Roles Authentication, where the roles are stored in Azure Tables.  Normally, I'm not a fan of extending samples, but in this case, it's simple enough that I don't want to repeat my previous post here.

    Before you begin, create the sample in How To Use ASP.NET Forms Auth to Azure Tables, if you haven't already.

    Summary of Steps
    Here are the steps at a glance to add Roles authorization:

    • Step 1. Configure roleManager Settings in web.config
    • Step 2. Add Test Code to Page_Load to Show the Roles Authorization
    • Step 3. Test Your Repro

    Step 1. Configure roleManager Settings in web.config
    Add the following to Web.config, to point the roleManager to the Azure Table Storage:

        <roleManager enabled="true">
          <providers>
            <add applicationName="FormsAzTables" name="TableStorageRoleProvider"
                type="Microsoft.Samples.ServiceHosting.AspProviders.TableStorageRoleProvider" />
          </providers>
        </roleManager>

    Step 2. Add Test Code to Page_Load to Show the Roles Authorization
    Add the following test code to Page_Load in default.aspx.cs:

    Response.Write("<br/>Is in Users: " + (Roles.IsUserInRole("Users") ? "true": "false") );
    if (!Roles.RoleExists("Users")) Roles.CreateRole("Users");

    if (!Roles.IsUserInRole("Users")) Roles.AddUserToRole(User.Identity.Name, "Users");

    Step 3. Test Your Repro
    Press F5 to start with debugging.  You should see something like the following output:

    Hello, bob
    TicketName: bob
    Cookie Path: /
    Ticket Expiration: 3/22/2010 11:50:02 AM
    Expired: False
    Persistent: False
    IssueDate: 3/22/2010 11:20:02 AM
    UserData:
    Version: 2
    Is in Users: true

    The first time you run this, Is in Users should return false, but the second time you run this, it should return true.

    My Related Posts

  • J.D. Meier's Blog

    Cheat Sheet – Monday Vision, Daily Outcomes, and Friday Reflection Pattern

    • 2 Comments

    One of the most important patterns in Getting Results is the Monday Vision, Daily Outcomes, and Friday Reflection pattern.   It’s a simple way to get meaningful results each day and each week.  It’s how I avoid getting overwhelmed and how I drive results for myself, the teams I lead, and the people I mentor.

    What makes the results meaningful is that each week, on Mondays, you’re stepping back and looking across what matters in your life.  This means taking a look at your life hot spots (mind, body, emotions, career, financial, relationships, and fun.)  It also means taking a look at the activities and projects you are juggling at work and in your personal life.  It’s a quick way to see the forest from the trees.  This is how you carve out meaningful results for the week.  You can see the end in mind, and when you know the goals, you can pace yourself better, prioritize easier, and focus more effectively.

    Each day, you can create stories for your results.  Using The Rule of 3, you limit yourself to 3 stories (you can always bite off more, but use 3 to focus and concentrate your time and energy.)  To guide yourself, you simply ask, “What are my 3 best results for today?”  The Rule of 3 has been around for a long time.  Marketing uses it.  The military uses it.  You can use it in your everyday life to avoid overwhelm, organize your time and energy, and simplify your life, while improving your results.

    On Friday’s, this is your time to reflect and check the score.  Simply ask yourself what are 3 things going well and what are 3 things to improve.  This is a chance to celebrate your victories and to learn your personal success patterns and personal anti-patterns.  It’s also a great way to improve your rhythm of results.  If things aren’t getting done, you need to ask yourself, why?  Are you biting off too much, or are you getting distracted.  If you’re getting things done, but not getting the results you want, you have to ask yourself, are you working on the right things?  Are you spending the right time and the right energy, or does it feel more like you’re just going through the motions.  Use your own reflection and insights as a way to learn and improve.  The beauty is, you get a new chance at results, each day and each week.  You can test what you learn, apply your learning, and improve as you go. 

    This is the path of continuous growth.  It’s this path that will help you improve in any dimension of your work or life.

    To compact this concept and make it easy to visualize and remember, I created a new cheat sheet:

    Enjoy!

  • J.D. Meier's Blog

    How To Use ASP.NET Forms Auth with Azure Tables

    • 2 Comments

    While ramping up for Windows Azure, we're getting our feet wet with some basic application scenarios.   This is a quick step through of wiring up ASP.NET Forms Authentication to use Azure Table Storage for the user store.

    It’s longer than I like but I wanted to err on the side of being explicit.  It’s nice to know that when you’re going down a path that somebody else has been there and done that and you’re not on your own.  While your path may vary, at least you know this is one path that at least a few of our team members went down while creating repros for Azure authentication scenarios with ASP.NET.

    Stepping back, the big thing to know is that we didn’t find a Table Storage Membership provider for ASP.NET out of the box, but we found one in the additional C# samples.  You’ll see this in step 7.  Now, let’s start paving some paths …

    Summary of Steps
    Here are the steps at a glance:

    • Step 1.  Create a New Cloud Service Project.
    • Step 2.  Add References to AspProvider Project for the Azure Table Storage Provider
    • Step 3.  Add a Login Page
    • Step 4.  Create a Way for New Users to Register
    • Step 5.  Configure ASP.NET to use Forms Authentication
    • Step 6.  Configure ASP.NET to Restrict Anonymous Users
    • Step 7.  Configure ASP.NET to Use the Azure Table Storage Provider
    • Step 8.  Configure the ASP.NET Membership Provider
    • Step 9.  Add Test Code to Page_Load to Show the Forms Authentication Details
    • Step 10. Test Registering a New User and Logging in to the Application

    Here we go …

    Step 1. Create a New Cloud Service Project.
    In this step, you create a new cloud service project in Visual Studio:

    1. Start Visual Studio, from the menu select  “File” then click “New’ and then click ‘Project”
    2. In the “New Project’ dialog box, expand ‘Visual C#’ (or Visual Basic, if you are using it) in the ‘Project Types’ section, and select “Cloud Service”.
    3. In the ‘Templates’ section choose “Windows Azure Cloud Service” template, set the location, Name it as FormsAuthSample and click the “Ok” button.
    4. In the “New Cloud Service Project” dialog box, select “ASP.NET Web Role”, and click the “>” button to add it to the solution.  Then click the “Ok” button.  This will create a sample cloud Web Application, which is ready to be hosted in the cloud with all required configuration files etc.
    5. Run and verify that it works fine.

    Step 2. Add a Reference to the AspProvider Project for the Azure Table Storage Provider 
    We didn’t see a Table Storage Membership provider for ASP.NET out of box, but there are samples available for download:

    1. Unzip the WindowsAzure-AdditionalSamples.zip to some know location.  You can find the Windows Azure Additional Samples on this page.  (Note - if you followed my previous post, Getting Started with Windows Azure you should already have these samples.)
    2. Right click on the ‘FormsAuthSample” solution and choose Add -> Existing Project
    3. Browse to the location where you have extracted the samples, and select ASPProviders.proj from \\Samples\AspProviders\Lib folder. This will add the ASPProviders project to your solution.
    4. Add the reference to this project to your solution.  To do this, expand the WebRole1 node in the solution explorer, and right-click on References.
    5. Select Add Reference
    6. Select the Projects tab
    7. Select AspProviders, and click “Ok”

    Step 3. Add a Login Page.
    Use Solution Explorer to add a new Web form named Login.aspx to the WebRole1 site.

    Step 4.  Create a Way for New Users to Register
    Add the following two lines into the Login.aspx <form> tag

        <asp:Login runat="server" />
        <asp:CreateUserWizard runat="server"></asp:CreateUserWizard>

    It should resemble the following:

        <form id="form1" runat="server">
        <div>
        <asp:Login runat="server" />
        <asp:CreateUserWizard runat="server"></asp:CreateUserWizard>
        </div>
        </form>

    Step 5. Configure ASP.NET to use Forms Authentication
    In Web.config, add the following line insde the <system.web> tag:
            <authentication mode="Forms" />

    Step 6. Configure ASP.NET to restrict Anonymous Users
    In Web.config, add the following line inside the <system.web> tag:

          <authorization>
            <deny users="?" />
            <allow users="*" />
          </authorization>

    Note – The preceding configuration allows only authenticated users to access the application. The "?" indicates unauthenticated users and the "*" indicates all users. By denying unauthenticated users, any requests made by unauthenticated users are redirected to the login page. The loginUrl attribute of the <forms> element determines the name of the login page. The default setting of this attribute is Login.aspx.

    Step 7. Configure ASP.NET to Use the Azure Table Storage Provider
    In this step, you configure the Web application to use the AspProviders.TableStorageMembershipProvider.

    In Web.config, add the following lines inside the <system.web> tag:

          <membership defaultProvider="TableStorageMembershipProvider" userIsOnlineTimeWindow = "20">
            <providers>
              <clear/>

              <add name="TableStorageMembershipProvider" type="Microsoft.Samples.ServiceHosting.AspProviders.TableStorageMembershipProvider"
              applicationName="AspProvidersDemo"
        />

    </providers>
        </membership>

    Step 8. Configure the ASP.NET Membership Provider
    In Web.config, add the following code to the <appSettings> tag as follows:

      <appSettings>
        <!-- account configuration -->
        <add key = "TableStorageEndpoint" value="http://127.0.0.1:10002/devstoreaccount1"/>
        <add key = "AccountName" value="devstoreaccount1"/>
        <add key = "AccountSharedKey" value="Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw=="/>
      </appSettings>

    Note that we don’t have a lot of details on the AccountSharedKey, but we saw Jim Nakashima uses this value, so it’s good enough for now, until we know more.

    Step 9. Add Test Code to Page_Load to Show the Forms Authentication Details

    1. Add a using statement to Default.aspx.cs in your WebRole1 project to add a reference to  System.Web.Security.
    2. Add the following code to Page Load of Default.aspx.cs in WebRole1:

    protected void Page_Load(object sender, EventArgs e)
    {
      Response.Write("Hello, " + Server.HtmlEncode(User.Identity.Name));

      FormsIdentity id = (FormsIdentity)User.Identity;
      FormsAuthenticationTicket ticket = id.Ticket;

      // optional - but if you use this add a reference to System.Web.Security
      Response.Write("<p/>TicketName: " + ticket.Name );
      Response.Write("<br/>Cookie Path: " + ticket.CookiePath);
      Response.Write("<br/>Ticket Expiration: " + 
                      ticket.Expiration.ToString());
      Response.Write("<br/>Expired: " + ticket.Expired.ToString());
      Response.Write("<br/>Persistent: " + ticket.IsPersistent.ToString());
      Response.Write("<br/>IssueDate: " + ticket.IssueDate.ToString());
      Response.Write("<br/>UserData: " + ticket.UserData);
      Response.Write("<br/>Version: " + ticket.Version.ToString());
    }

    Step 10. test registering a new user and logging in to the application

    1. Run the project by using the F5 key (this runs the project in Debug mode.) 
    2. Create a new user.  On your first visit, you need to create a new user (e.g. “bob”.)  Note that the password rules by default are alphanumeric plus one non-alphanumeric (for example, "password!") 
    3. Login to the application.  Sign in with your new username and password pair.

    The Web application should return something along the following lines:

    Hello, bob
    TicketName: bob
    Cookie Path: /
    Ticket Expiration: 3/17/2010 3:04:40 PM
    Expired: False
    Persistent: False
    IssueDate: 3/17/2010 2:34:40 PM
    UserData:
    Version: 2

    Share your feedback or results in the comments.  We’re path paving along with you.

    My Related Posts

  • J.D. Meier's Blog

    Getting Started with Windows Azure

    • 4 Comments

    While ramping for Windows Azure, we created a quick set of steps to get other team members quickly started with Azure.  The goal is tight – get Azure running on your local box and be able to explore and run the Azure SDK samples.

    Installing the Azure SDK and the Visual Studio Tools for Azure
    Here’s a quick set of steps to install the VS tools for Azure and Azure SDK:

    1. Get a supported Operation System (OS) - Server 2008, Vista SP1, Win7
    2. Enable IIS.  In the Control Panel, use "Turn Windows Features on/off."
    3. Verify that ASP.NET is installed.  In the Control Panel, use "Turn Windows Features on/off." Check under IIS.
    4. Install “WCF HTTP Activation".”  In the Control Pane, use "Turn Windows Features on/off."  Find it under the .NET Framework 3.5.1 branch in the tree.
    5. Install Visual Studio 2008 or 2010, including SQL Server Express, VB, C#, and C++.
    6. Get the Windows Azure Tools for Microsoft Visual Studio from http://www.microsoft.com/downloads/details.aspx?FamilyID=6967ff37-813e-47c7-b987-889124b43abd&displaylang=en .
    7. Get the Windows Azure SDK from http://www.microsoft.com/downloads/details.aspx?FamilyID=dba6a576-468d-4ef6-877e-b14e3c865d3a&displaylang=en

    Installing the Azure SDK Samples
    You need to unpack the samples:

    1. Extract the samples from the Azure SDK (e.g. c:\program files\Windows Azure SDK\v1.0\samples-cs.zip
    2. Create a "Samples" sub-directory (e.g. C:\Program Files\Windows Azure SDK\v1.1\samples), and extract the zip.
    3. Open a command prompt so that you can run the .cmd files in “Samples” directory.
    4. From your "Samples" directory, run SetVCVars.cmd
    5. From your "Samples" directory, run BuildAll.cmd

    Installing the Additional Azure SDK Samples
    The additional samples include a sample ASP.NET provider for Azure Table Storage.  Our team is using this to test ASP.NET Forms Authentication with Azure Table Storage.

    1. Get the "Additional C# Samples” for the Azure SDK.  Here is a direct link to download the additional Azure samples.
    2. Add the additional samples to your “Samples” directory that you created above.  Note that these additional samples come with their own SetVCVars.cmd and BuildAll.cmd, so you can replace replace the SetVCVars.cmd and BuildAll.cmd that came with the Azure SDK Samples since you already ran them.

    Additional Resources
    Here are some key places to visit:

    My Related Posts

  • J.D. Meier's Blog

    Getting Results Knowledge Base

    • 0 Comments

    I created a simple view of the Getting Results Knowledge Base for my latest book, Getting Results the Agile Way, which is a personal results system for work and life.  The Knowledge Base provides simple job aids including Cheat Sheets, Checklists, How Tos, Guidelines, and Templates.

    If you want a quick visual overview of Getting Results, then explore the Visuals for Getting Results collection, which is a simple set of figures and diagrams.

    I would also recommend you browse the Guidelines for Getting Results.   The guidelines are a very tight set of "what to do," "why," and "how" summaries for getting results.  What's special about this set is that I reviewed them with several folks inside and outside of Microsoft that have focused on personal productivity and team productivity for many years.  You might just find the gem that's a game changer for you.

    If you want a jump start for learning the system, see Getting Started with Agile Results.

    The book is going to edit soon, so your feedback would be appreciated. (Making changes gets tougher when the book is in edit.)

  • J.D. Meier's Blog

    The Power of Blue Books for Platform Impact

    • 12 Comments

    WhyBlueBooksForPlatformImpact

    Why invest in prescriptive guidance or “Blue Books” for Microsoft platform impact?  While the answer is obvious to many, it’s not as obvious to others, so I’ll attempt to paint the picture here.

    Building Secure ASP.NET Applications was the first “blue book” at Microsoft, but it was Improving Web Application Security that really made people take notice (it was downloaded more than 800,000 times in its first six months and it changed how many people in the industry thought about security and it changed their approach.  It’s also the guide that helped many customers switch from Java to .NET.)  An interesting note about Building Secure is that the Forms Authentication approach was baked into the Whidbey platform (ASP.NET 2.0.)

    Blue Books Shape Platform Success
    Blue Books have played a strategic role in both shaping the platform and driving exponential customer success on the platform.   They’ve helped us find and share platform best practices, create mental models and conceptual frameworks, and create systems and approaches that scale success and create powerful ecosystems.  They’ve also helped us spring up offerings for our field, reduce support costs, and win competitive assessments.

    Ultimately, Blue Books give us a strategic look at platform pain points as well as competitive analysis, and a consolidated set of success patterns to run with.

    From patents to methodologies to better ways for better days, “Blue Books” have been the definitive way for improving platform success in a sustainable way – a durable backdrop that provides continuity of the platform over time.

    Benefits at a Glance
    Here is a quick rundown of some of the key ways that Blue Books have helped Microsoft and customers win time and again:

    • Platform Playbooks - Serve as platform playbooks for Microsoft, field, support, customers, and partners
    • Shaping the Platform and Tools – Shape the platform and tools by testing out patterns and practices as well as methodologies and methods with the broad community before baking into the platform and tools.
    • Scaling Success Patterns - Broadly scale proven practices and success patterns for predictable results
    • Roadmaps for Platform Adoption - Lay out roadmaps for technology adoption as well as success patterns
    • Competitive Wins - Win competitive assessments (the Blue Books have played a critical role in influencing industry analysts and in winning competitive assessments time and again)
    • Innovation for Exponential Success - Innovate in methodologies and methods for exponentially improving customer success on the platform
    • Frame and Name the Problem Domains – Frame out and name the problem spaces and domains (when you frame out and name a space, whether through patterns or pattern languages, you create a shared vocabulary and model that empowers people to make forward progress at a faster pace and more deliberate way.)

    The list goes on, but the essence is that these playbooks help customers make the most of the platform by sharing the know-how through prescriptive architectural guidance.

     

    Example Blue Books
    I won’t speak for all the Blue Books at Microsoft, but since I created the bulk of the Blue Books, it’s easy for me to speak from the ones I created.   Here is a summary of the impact that can help you better understand the value of Blue Books from a broader perspective.

     

    Blue BookResults
    Application Architecture Guide, Second Edition
    • The platform playbook for Microsoft’s application platform
    • Canonical application types for Web app, RIA, Rich Client, Mobile, and Web Services
    • Baseline best practices for application architecture and design
    • Templates baked into Visual Studio
    • Praise from Ray Ozzie
    • Praise from Grady Booch
    • Conceptual Framework for Application Architecture
    Building Secure ASP.NET Applications
    (aka The first official Microsoft “Blue Book”)
    • End-to-End Application Scenarios for Web Apps
    • Created a highly reusable set of Application Patterns
    • Baseline architectures and success patterns shared broadly inside and outside Microsoft
    Improving .NET Application Performance and Scalability
    (aka “Perf and Scale”)
    • Repeatable performance model
    • Created a highly-effective method for performance modeling
    • Performance Engineering approach baked into Visual Studio
    • 4 patents filed for performance engineering
    • Performance Engineering approach widely adopted inside and outside Microsoft
    • Used for offerings in Microsoft Consulting Services
    • Rules baked into Microsoft Best Practices Analyzer Wizard (MBPA)
    Improving Web Application Security
    (aka “Threats and Countermeasures”)
    • Repeatable security model for Web applications
    • Created a highly-effective method for threat modeling
    • Created a knowledge base of threats, attacks, vulnerabilities, and countermeasures
    • Security model for network, host, and application security
    • Security Engineering approach baked into Visual Studio
    • 4 patents filed for application security
    • Used for offering in Microsoft Consulting Services
    • Rules baked into Microsoft Best Practices Analyzer Wizard (MBPA)
    Improving Web Services Security
    • Security model for Web Services
    • End-to-End Application Scenarios for Web Services
    • Created a highly reusable set of Application Patterns
    • Baseline architectures and common success patterns shared broadly inside and outside Microsoft
    Performance Testing Guidance for Web Applications
    • Created a highly-effective method for performance testing Web applications
    • Performance Testing approach widely adopted inside and outside Microsoft
    • Used for offerings in Microsoft Consulting Services
    Security Engineering Explained
    • Created a model for baking security into the life cycle
    • Helped shift thinking from security "reviews" to "inspections"
    • Overlays security-specific activities on product development life cycles
    Team Development and Visual Studio Team Foundation Server
    • Created a glide-path for TFS adoption (source control, build, task tracking / reporting, process)

     

    End-to-End Application Scenarios and Solutions
    Here’s an example of an application scenario.  We use application scenarios to show how to solve end-to-end problems.  It’s effectively a baseline architecture based on successful solutions.   Here is an example from our WCF Security Guide:

    Scenario

    ExampleScenario

    Solution

    ExampleSolution

     

     

     

    We share them as sketches like on a whiteboard so they are easy to follow.

    Methodologies and Methods
    Methodologies, frameworks and approaches are nice ways to wrap up and package a set of related activities that you can use a baseline for your process or to overlay on what you already do.  Methods are step-by-step techniques for producing effective results and they are a powerful way to share expertise.   Methodologies and methods are how we create exponential results and amplify our impact.

    Example Methodology – Agile Security Engineering

    ExampleMethodologyAgileSecurityEngineering

    Example Method – Threat Modeling Technique

    ExampleMethodThreatModeling

     

    Conceptual Frameworks and Mental Models
    We use mental models, conceptual frameworks, and information models to learn and share the problem space.

    Example Conceptual Framework for Web Security

    ExampleConceptualFramework

    Example Mental Model for Application Architecture

    ExampleMentalModelAppArch

     

    Hot Spots
    Hot Spots are basically heat maps of pain points and opportunities.  We use them as a lens to help us see customer pain points and opportunities, and to prioritize our investments.  They also help us identify, organize, and share scenarios.  Hot Spots also help us organize and share principles, patterns, practices, and anti-patterns for key engineering decisions.   Hot Spots are a powerful tool for product planning and for building prescriptive guidance, platform, and tools.

    Example of Security Hot Spots

    ExampleSecurityHotSpots

    Example of Architecture Hot Spots

    ExampleArchitectureFrame

    Scenarios Organized by Architecture Hot Spots

    ExampleArchitectureFrameTable

    Competitive Wins
    Our Blue Books have consistently been used for winning competitive assessments or at least making significant impact in key areas.  Whether there’s a gap in the tools or a gap in the platform, prescriptive guidance can smooth it out by creating a success path for customers.

    Example of beating IBM in Every Category Around Guidance

    ExampleCompetitiveResults  

    You can find a deeper rundown on the competitive assessments in my previous posts. 

    The Bottom Line on Blue Books
    The bottom line for me is that Blue Books have helped shape platforms and tools and to create glide-paths for customers through mental models, methodologies, and methods.  They’ve been a powerful way to share success patterns, help paint the bigger picture, and connect the dots across platform, tools, and guidance. 

    The adoption and usage has accelerated over the years to the point where just about any customer in the application development space that works with the Microsoft platform is familiar with either patterns & practices for the Microsoft Blue Books.

    Blue Books have been the freemium offering from Microsoft that have paved the way for premium experiences.

  • J.D. Meier's Blog

    Getting Results Fan Page Now Available

    • 2 Comments

    The Getting Results Facebook Fan Page is now available.  It’s for my latest book, Getting Results the Agile Way.

    Getting Results is my first non-technical book and it’s all about making you great.  You’ll learn the super skills for working on the right things, the right way, at the right time, with the right energy … unleashing your best.  Oh, and did I mention, you can read it all for free?  It’s all free in HTML.  You can learn the secrets of how I drive myself, coach other teams at Microsoft, and lead distributed teams around the World for more than 10 years for world-class results.  It’s spreading fast … people are adopting it … and people are writing stories to me about how it’s changing their lives.  Who knew success would be so contagious … and everybody wants some of that :)

    It’s all about getting results in work and life.  It’s the best of the best success patterns for making the most of what you’ve got, playing to your strengths, mastering your time, and living your values.

    I’m a fan of sharing know-how rapidly, effectively, and unselfishly … so all the secrets are in the guide, no holds barred.  You get the distillation of trial and tribulation, deliberate practice, and synthesis of the best of the best methods for getting results.  Get the system on your side and like Bruce Lee said, “absorb what is useful.”

    Maybe you’ll be the next rags to riches story.  Maybe you’ll become the new hero at work who moves mountains and makes things happen.  Maybe you’ll just find more joy in your day to day.  Either way … best wishes on uncorking yourself and may the full force of Agile Results be with you. 

    If it’s not for you, maybe you know somebody who needs a lift up in life.  Share it with them.  I’m teaching my friends and family and all who care the skills to go the distance in an ever-changing world.

  • J.D. Meier's Blog

    Getting Results the Agile Way - The Book on Getting Results

    • 11 Comments

    GettingResults2

    “Are you getting results? …”

    Over Christmas break, I committed to finishing the writing for a book that I expect to change a lot of people's lives.  It's my first non-technical book.  The working title is, Getting Results the Agile Way.  It's all about getting results in work and life.  It's the playbook I wish somebody had given me long ago for finding work/life balance, managing time, playing to my strengths, and making the most of what I've got.

    Why Getting Results
    The world is a tough place.  Between layoffs, the economy, and simply the unknown, a lot of people are having a really tough time in their lives.  There are constantly new challenges at a pace that's tough to keep up.  Worse, I don't think you learn a lot of these skills in school or on the job, except through the school of hard knocks.

    This is my playbook for you.  For more than 10 years at Microsoft I've tested and evaluated ways to get results.  I've had to find things that not only work for me, but that could work for the people I mentor inside and outside the company, as well as for large teams around the world.  I'm a big believer that everybody can get great results if they have the right know-how.

    What Sorts of Problems Does It Tackle
    The book is a system and a playbook for some of these common challenges:

    • How to find work / life balance
    • How to shift from tasks and activities to meaningful results and outcomes
    • How to use stories and scenario-driven results to carve out value in your life
    • How to overwhelm your challenges with fierce results
    • How to defeat perfectionism
    • How to avoid analysis paralysis and take action a simple story at a time
    • How to find your flow state for more engaging work
    • How to find your passion and purpose
    • How to play to your strengths for more energy and better results
    • How to conquer fear and avoid learned helplessness
    • How to motivate yourself in ways that make you feel you can move mountains
    • How to focus on what really counts
    • How to prioritize more effectively
    • How to create more value for yourself and others
    • How to spend more time on what you want, and less time on what you don’t

    It helps with a lot of things because mostly it gets you spending the right time, on the right things, with the right energy, the right way.  This is the key to your best results.

    My Story
    When I first joined Microsoft, it was sink or swim.  I saw a lot of people fail.  Among the chaos, I also saw many people thrive.  I wanted to know their secrets.  I started with people on my team, but the next thing you know I was studying success patterns around the company.  If somebody was known for getting results, I hunted them down and studied their ways.

    I learned so many simple things that actually worked.  For example, instead of managing time, the real key is managing your energy.  I'd rather have four power hours, than a week of just going through the motions.  The secret of work life balance is setting up your own artificial boundaries, whether it's "dinner on the table at 5:30" or "no work on the weekends."  Finding your passion can be as simple as connecting to your values.  For example, I use metaphors to make my project an epic adventure and I have the team create the movie poster of what great results will look like.  How's that for wanting to show up and give your best every day knowing you're working on blockbuster results?

    What is Agile Results?
    You'll hear me talk about Agile Results quite a bit.  It's the name I gave the system  that serves as the foundation for the Getting Results guide.  Agile is all about responding to change.  It's agility in action.  It's all about making progress while the world changes under your feet.

    My Agile Results system borrows the best principles, patterns, and practices across a variety of disciplines from sports, positive psychology, personal productivity, Agile development, Scrum, project management, time management, leadership skills, and strengths-based development.  It's more than a mash up -- I've tested and honed the system to work for individuals and teams while refining it over years of deliberate practice.  To me, great results for the team, always starts with unleashing an individual’s best.  Having fun is contagious and getting results spreads like a wild fire.

    Agile Results in a Nutshell
    Here is the Agile Results system at a glance:

    • The Rule of 3 – You can apply the Rule of 3 to work and life to avoid overwhelming yourself while carving out  value, a day at a time, a story at a time.  See The Rule of 3.
    • Monday Vision, Daily Outcomes, and Friday Reflection – This is a simple weekly pattern for results.  On Mondays figure out your 3 compelling results for the week.  Each day, figure out your 3 best results for the day.  On Fridays, identify 3 things going well, and 3 things to improve.  See Monday Vision, Daily Outcomes, and Friday Reflection.
    • Hot Spots -  This is your heat map.  Hot Spots are a simple lens to look at your life as a portfolio you invest in: mind, body, emotions, career, financial, relationships, and fun.  It’s under-investing or over-investing in these areas that can get in the way of great results.  See Hot Spots.

    How to Get Started
    Getting started is really easy.  If you write down 3 results you want for today, you're doing Agile Results.  Is there more to it? … Sure, but take it at your own pace.  Here’s a one-page guide for getting started with Agile Results.

    How To Follow Along for the Ride
    You can read Getting Results for free online in HTML.  I’ll continue to shape the guide over the next several weeks based on feedback.  I’ll also be making March a focus on getting results so if you’ve been looking for a jumpstart for your life, this is a great month to make it happen.   I’ll be sharing nuggets for getting results at my effectiveness blog, Sources of Insight.

    If you're not getting the results you want in your life, you just need the skills.  Use my guide to stuff your bag of tricks with some new tools that will change your game and help you unleash your best.

Page 1 of 1 (9 items)