Aug 04

User Interface Design – Engineering or Art?

By Varsha Lakhani Software Development 1 Comment »

Can anybody guess why buggy software’s from Microsoft are huge success? Or Why Apple proprietary products are tremendous success? What’s the common factor between both these success stories? Highly effective User Interface!

To design a simple UI is not a rocket science, but it is a spoon full of engineering and whole lot of art. Anyone can create a decent UI, but to define and design effective user interface takes creative thinking, analytical aptitude, research, time and above all an ability to put one’s self into end user’s shoe. Most of the user interfaces fail to attract the end users because of one of the ingredients missing above.

Designing an effective UI is never easy, but it easy to spot a bad one. Just find frustrated user rolling their eyes while using the system. That’s bad UI! UI is one of the most critical factors that makes or breaks the system. It is never a power point presentation, but it is physical translation of user’s expectations from “computer”.

There are different factors that should be considered to make the UI more effective.

Logical and Physical Arrangement: The screen should be structured and the fields and controls have to be arranged logically according to the flow of process. So that the user can navigate through the fields easily and the entry process is optimal and effective.

Right Information: The information provided should be “just” right. There should be not too much information nor too less information. Simple to use and easy to understand.

Aesthetics: The screen design should be visually appealing and easy on user’s eyes.

Consistency: The design should be consistent at all the places, so that user understands the flow and knows what to expect. It should not be work of Picasso at one place and that of Leonardo de Vinci at others!

Navigation: The navigation should be logical and inline with process flow. User should not need to play hop scotch while using the screen.

Thus UI design is THE most important part of designing any system and must not be underestimated.

This just a beginning! Lot more to come…Stay Tuned!

Tagged with:
Jun 30

URL Authorization in ASP.NET – Securing your websites

By Jim Yekrang IT World, Software Development 3 Comments »

Introduction
To secure your website you can set the security permissions on individual web pages, web services and sub directories. ASP.NET supports this requirement with declarative authorization rules. These rules are defined in the web.config file. The rules you define in the web.config file, are acted upon by the URL Authorization Module, a specific HTTP module. This module examines the defined rules and checks each request to make sure user can’t access resources which are restricted from the users.

Following diagram describe the workflow of the FormsAuthenticationModule, and the UrlAuthorizationModule when an unauthorized request arrives. In particular, diagram shows a request by an anonymous visitor for ProtectedPage.aspx, which is a page that denies access to anonymous users. Since the visitor is anonymous, the UrlAuthorizationModule aborts the request and returns an HTTP 401 Unauthorized status. The FormsAuthenticationModule then converts the 401 status into a 302 Redirect to login page. After the user is authenticated via the login page, he is redirected to ProtectedPage.aspx. This time the FormsAuthenticationModule identifies the user based on his authentication ticket. Now that the visitor is authenticated, the UrlAuthorizationModule permits access to the page.

Authorization Rules:
Authorization determines whether an identity should be granted access to a specific resource.Authorization rules are defined in the <authorization>element in the <system.web> section of the web.config file apply to all of the ASP.NET resources in that directory and its sub directories (until otherwise overridden by another Web.config file). There are two types of rules exists: allow and deny. You can allow or deny users, roles (group of users).You can add verbs attribute to create a rule that applies only to specific type of HTTP requests (GET, POST, HEAD and Debug).
The basic structure of the authorization is as follows:

You can add as many allow and deny rules as you want.
To deny access to all anonymous users, you can use a deny rules like this:

To allow access to all users you can use:

The question mark (?) is a wildcard that represents all users with unknown identities.  The asterisk(*) represents all users including authenticated and anonymous users.You can add more than one rule in authorization section.
Consider the following rule:

This rule will allow all users to access the resources. ASP.NET will evaluate first rule which allow access to all usres and it will not evaluate the second rule since we already have provided access to all users in the first line. However reversing the lines of rules the following authorization rule will deny all anonymous users and allow access to all other users.

Controlling access to specific users:
You can grant access on the base of user accounts.
Let us consider the following authorization rule.

This rule will allow access to only listed users i.e amit, amitkumar, sandeep
And restrict all other users, even if they are authenticated.
Here is an another example:

In this rule the listed users i.e amit,amitkumar,sandeep are strictly restricted to allow access.Let us take another example.

In the above example users amit,amitkumar are denied. But it does not affect the user sandeep, because asp.net matches the rule that allows all users and doesn’t read any further

Controlling access to specific sub directories:
You can set authorization rules to specific directories. You just need to add the web.config file in the sub directory with the authorization rules as per your requirement.
Remember that when you add the web.config file in the sub directories, it should not contain any of the application-specific settings. In fact it should contain only the authorization information as shown below:

When using authorization rules to specific directories, ASP.NET still reads the authorization rules from the parent directory, but it applies the subdirectory rules first.
Let us clear this point using an example.
You have define a rule in the root virtual directory as below:

And the sub directory contains the rule as:

In this case user amitkumar will be able to access any resource in the root directory but no resources in the sub directories.

If you reverse these rules then user amitkumar will be able to access the resources of sub directories but will not be able to access resources of the root directory.

ASP.NET allows unlimited hierarchy of sub directories and authorization rules to make the real life problems very easy.

Controlling access to specified files:
Setting file access permissions by directory is the cleanest and easiest approach. However, you can also restrict specific files by adding <location>tags in the web.config file.
Consider the following:


In the above setting all users are restricted to access the restrictedPage.aspx page.

Controlling access for specific roles:
To make the website security easier users are grouped into the categories called roles. Suppose you need to manage an enterprise applications that supports thousands of users, it will be difficult to apply restrictions on thousands of users individually. So users are grouped into roles. So the rules applied to the specific role will be applicable to all the users with in the role. You can create as many roles as you want.
When you use role based authorization,  you must enable roleManager in the web.config file in the <system.web> section.


For example the following authorization rules allows access to two users amit and amitkumar and two roles admin and management and all other users are denied.


ASP.NET makes it easy to define user-based authorization rules. With just a bit of markup in Web.config, specific web pages or entire directories can be locked down so that they are only accessible to a specified subset of users. Page-level functionality can be turned on or off based on the currently logged in user through programmatic and declarative means.

Tagged with:
Jun 28

Table Partitions in Oracle

By Jim Yekrang Software Development 1 Comment »

Table Partitions
Partitioned tables allow your data to be broken down into smaller, more manageable pieces called Partitions, or even Sub Partitions. Indexes can be partitioned in similar fashion. Each partition is stored in its own segment and can be managed individually.
SQL queries and DML statements do not need to be modified in order to access partitioned tables.
However, after partitions are defined, DDL statements can access and manipulate individual partitions rather than entire tables or indexes. This is how partitioning can simplify the manageability of large database objects and enables faster data access within an Oracle database.

Partitioning allows tables and indexes to be partitioned into smaller, more manageable units, providing database administrators with the ability to pursue a “divide and conquer” approach to data management. With partitioning, maintenance operations can be focused on particular portions of tables. For example, a database administrator could back up a single partition of a table, rather than backing up the entire table.

Advantages of Partitioning:
• It enables data management operations such as data loads, index creation and rebuilding, and backup/recovery at the partition level, rather than on the entire table. This results in significantly reduced times for these operations.
• It improves query performance. In many cases, the results of a query can be achieved by accessing a subset of partitions, rather than the entire table.
• It increases the availability of mission-critical databases if critical tables and indexes are divided into partitions to reduce the maintenance windows, recovery times, and impact of failures.

Figure 1 List, Range, and Hash Partitioning

Types of Table Partitions

There are several partitioning methods offered by Oracle Database. Here, we have to discuss three basic partitions:

Range Partitioning
Range partitioning is used when partitions based on ranges of column values. This type of partitioning is useful when dealing with data that has logical ranges into which it can be distributed; for example, months of the year. Performance is best when the data evenly distributes across the range.

Range Partitioning Example
CREATE TABLE Sales_Range
(salesman_id NUMBER(5),
salesman_name VARCHAR2(30),
sales_amount NUMBER(10), sales_date DATE)
PARTITION BY RANGE(sales_date)

(PARTITION sales_jan2010 VALUES LESS THAN(TO_DATE(’02/01/2010′,’DD/MM/YYYY’)),
PARTITION sales_feb2010 VALUES LESS THAN(TO_DATE(’03/01/2010′,’DD/MM/YYYY’)),
PARTITION sales_mar2010 VALUES LESS THAN(TO_DATE(’04/01/2010′,’DD/MM/YYYY’)),
PARTITION sales_apr2010 VALUES LESS THAN(TO_DATE(’05/01/2010′,’DD/MM/YYYY’))
);

Hash Partitioning
Use hash partitioning if your data does not easily lend itself to range partitioning, but you would like to partition for performance and manageability reasons. Hash partitioning provides a method of evenly distributing data across a specified number of partitions. Rows are mapped into partitions based on a hash value of the partitioning key.

Hash Partitioning Example
CREATE TABLE Sales_Hash
(salesman_id NUMBER(5),
salesman_name VARCHAR2 (30),
sales_amount NUMBER(10),
week_no NUMBER(2))
PARTITION BY HASH(salesman_id)
PARTITIONS 4 STORE IN (data1, data2, data3, data4)

The preceding statement creates a table sales_hash, which is hash partitioned on salesman_id field. The tablespace names are data1, data2, data3, and data4.

List Partitioning
List partitioning is used when you require explicit control over how rows map to partitions. You can specify a list of discrete values for the partitioning column in the description for each partition. This is different from range partitioning, where a range of values is associated with a partition, and from hash partitioning, where the user has no control of the row to partition mapping.

The list partitioning method is specifically designed for modeling data distributions that follow discrete values. This cannot be easily done by range or hash partitioning because:

• Range partitioning assumes a natural range of values for the partitioning column. It is not possible to group together out-of-range values partitions.
• Hash partitioning allows no control over the distribution of data because the data is distributed over the various partitions using the system hash function. Again, this makes it impossible to logically group together discrete values for the partitioning columns into partitions.

Unlike the range and hash partitioning methods, multicolumn partitioning is not supported for list partitioning. If a table is partitioned by list, the partitioning key can consist only of a single column of the table. Otherwise all columns that can be partitioned by the range or hash methods can be partitioned by the list partitioning method.

List Partitioning Example
CREATE TABLE Sales_List
(salesman_id NUMBER(5),
salesman_name VARCHAR2(30),
sales_state VARCHAR2(20),
sales_amount NUMBER(10), sales_date DATE)
PARTITION BY LIST(sales_state)
(PARTITION sales_west VALUES(‘California’, ‘Hawaii’),
PARTITION sales_east VALUES (‘New York’, ‘Virginia’, ‘Florida’),
PARTITION sales_central VALUES(‘Texas’, ‘Illinois’)
PARTITION sales_other VALUES(DEFAULT)
)
A row is mapped to a partition by checking whether the value of the partitioning column for a row falls within the set of values that describes the partition. For example, the rows are inserted as follows:
• (10, ‘Jones’, ‘Hawaii’, 100, ’05-JAN-2010′) maps to partition sales_west
• (21, ‘Smith’, ‘Florida’, 150, ’15-JAN-2010′) maps to partition sales_east
• (32, ‘Lee’, ‘Colorado’, 130, ’21-JAN-2010′) does not map to any partition in the table

Previous Entries
preload preload preload