Application Security Testing: An Integral Part of DevOps
The My feature in Visual Studio 2005 provides abbreviated access to many commonly used features in .NET. For example, My in Visual Basic .NET makes the common task of accessing settings in an application configuration (App.config) file easier. It does this by using the CodeDOM to generate a wrapper class for these commonly used features.
CodeDOM is both a namespace and a technology in the brilliantly crafted .NET Framework. The CodeDOM namespaces contain classes that take an object graph and generate code. One use of CodeDOM that's been around a while is having the XSD.exe utility (XML Schemas) generate strongly typed DataSets.
This article shows you how Microsoft has taken the moderately difficult task of writing configuration settings as XML and reading those settings using objects and turned it into an easier process: using a visual designer and the My feature to access these settings. It starts by demonstrating how to use the ResourceManager and finishes by showing you the best way to access settings with the My feature in Visual Studio 2005 (and Visual Basic Express 2005).
Defining Read-Only Application Settings
XML is a language in its own right. In prior versions of .NET, you had to know how to write XML just to use an App.config file. If you were a happy VB6 camper, this could be a daunting task.
Don't get me wrong; XML is a great language—especially for things like Web services, but I shouldn't have to know it to use an App.config file. Thankfully, and finally, Microsoft has stuck a designer on top of the App.config file—at least as far as settings go—making this part of the framework accessible to XML neophytes. (Until just a few years ago, we were all XML neophytes.)
You can add application settings to an App.config file by adding an App.config file to your project and creating an <appSettings> section in that XML file. But, let's skip right over that and use the new designer. To modify both application-level and user-level settings, click View|app_name Property Pages and click on the Settings tab (see Figure 1).
Figure 1: The Settings Tab of a Project's Property Pages
The Settings tab is essentially the visual representation of a dictionary of name and value pairs. Figure 1 shows that type and scope attributes are permissible too.
To add an entry to the App.config file, provide a name (any name will do), pick an existing listed data type or browse to an assembly containing a data type, define the scope, and provide a value. The type defines the kind of value-editor that will be availablebfor example, picking the Color type will make the Color dialog available in the Value field (see Figure 2)band the Scope quite simply indicates whether the value can be modified and isolates settings by user or application. Only User-scoped values can be modified.
Figure 2: The Color Type Makes the Color Dialog Available in the Value Field
Defining a Connection String
Creating a connection string will demonstrate the Settings page. If you scroll to the bottom of the Type list and pick (Connection String); then the Scope column will be fixed on Application and the Value column will have a button with an ellipses (b&) for a name. When you click on this button, a Connection Properties dialog displays, facilitating the creation of a connection string (see Figure 3).
Figure 3: Selecting the (Connection String) Option for the Type
A connection string is generally an option that users aren't permitted to change. You can define writeablebor user-changeablebsettings by selecting a type and changing the Scope to User.