Web Services and other distributed technologies: Performance of ASP.NET Web Services, Enterprise Services, and .NET Remoting

Web Services and other distributed technologies: Performance of ASP.NET Web Services, Enterprise Services, and .NET Remoting: "While absolute performance is of paramount concern for several areas of technology (devices, hardware controllers, life and healthcare services, certain financial systems), these tend to be among the minority. Most business applications' primary goals are 'correctness', 'time to delivery', and the need to be as fast as is necessary, but not more so. The cost and effort of engineering applications that deliver absolutely maximum possible performance can be enormous; the considerable time and skill required for peak performance is often unnecessary for many business systems. However, while absolute maximum performance is often overkill, ensuring good overall system performance is still a goal for most businesses wanting to maximize their return on investment.
In this white paper, we will provide a comparative analysis of the relative performance levels of real-world components/services hosted within each of the three distributed component/service technologies available in .NET:
.NET Enterprise Services (ES) hosted in COM+
ASP.NET Web services (ASMX) hosted in IIS
.NET Remoting hosted in IIS and custom hosts "

Darrell Norton's Blog [MVP] : Submitting default buttons when the user presses the Enter key - finally!

Darrell Norton's Blog [MVP] : Submitting default buttons when the user presses the Enter key - finally!: "One of the hardest things in web development is getting a certain button to submit if you have more than one button on the page"

How to Protect Your Application Against Parameter Injection

How to Protect Your Application Against Parameter Injection: "Securing your web application against the hackers of the world is a difficult task. Authentication mechanisms, sessionIds, and user accounts are a few of the options that are available to you for your efforts. However, the most common technique of remotely manipulating an application is parameter injection. So, for example, let�s say you are viewing a transaction of customer #448, and your URL looks something like www.myapplication.com/customer.aspx?customerID=448. What is to stop customer 448 from typing in 449, let�s say, and viewing another customer�s transaction details? The situation can even escalate into typing in complete SQL statements and executing them inside the original statements you have coded. Well, this article isn�t here to magically solve your problems and completely seal your sensitive data. Checking for let�s say a customer sessionID and matching it against the URL and the page will still have to be done by you. However, this article will demonstrate a simple method of checking for valid parameters in an already written application. It can be easily plugged in to any website and even if the website contains hundreds of pages, it can still be a very effective tool in your efforts against hackers. The idea behind it is very simple and includes three components. "