To Microsoft Regarding Smart Client

  • Thread starter Thread starter Alex K
  • Start date Start date
A

Alex K

Hi,

Please take my 2 cents regarding the new paradigm named
Smart Client.

Is definitely understandable to implement a serious
security model. But I don't know how you guys are so
expert in turning into nightmares something which could
be nice...

I think the whole idea of Smart Client should be
redesigned from ground up. You have over complicated the
job of making a Windows forms application to run from web
server from security point of view.

I regret to say so, but even proven approaches from good
articles from MSDN are not working... Sounds stupid eh...

I agree that experience make us better but...when I work
in an Enterprise Strength level environment and I have
deadlines such a type of nightmares related to security
are totally undesirable.

Also IIS is so unstable still.Several questions I have:
- Why when Dot Net Framework is installed is not
registered ASP Net with the IIS? (in case is in the
system)
- Why Dot Net Framework gets damaged just because I
installed IIS afterwards?
- Why debugging on VS Net runs in problems because of
some settings in Dot Net config files, related to user
accounts when debgging an ASP Net application?

Here's my idea of Smart Client:
Since Microsoft is targeting the server side of the
development and bets a lot on his Windows Servers the
Smart Client idea should rather help achieve this goal in
the following way:
1. Let the code to be executed on Server
2. Just send to Client the Forms which have a basic
functionality as:
- Validating the input
- Sending the content back to Server thru some proxies
- Security will be less headeach in this way since
most of the code executes on the server side.

Definitely some person in Windows Forms team loves a lot
Dot Net Framework features especially the Reflection part
of it... . But this is not enough sometimes to create a
practical thing.

I think you guys you should look at the Java camp.
Have a look at this site which provides a nice example of
a similar technology:
www.droplets.com

Please don't flame me for my opinions. I am a Microsoft
Developer since very long time, but I have my points of
view which I would like to make them clear.

All the best,
Alex
 
Is definitely understandable to implement a serious
security model. But I don't know how you guys are so
expert in turning into nightmares something which could
be nice...

If there wasn't a security model, nobody would *ever* use it. After
all, zero-touch deployment / smart client / etc. can be embedded in *any
Web page* and runs *without any notification*. I don't want banner ads
reading my e-mail and installing software behind my back, thank you.
There is no way the technology would be realistic without security.

Also IIS is so unstable still.Several questions I have:
- Why when Dot Net Framework is installed is not
registered ASP Net with the IIS? (in case is in the
system)

It is, if you installed IIS before you installed the Framework.

If you installed the Framework first, and then IIS, then you need to run
"aspnet_regiis.exe -i" to register ASP.NET.

Yes, the documentation isn't great on this point.

Here's my idea of Smart Client:
...
1. Let the code to be executed on Server
2. Just send to Client the Forms which have a basic
functionality as:
- Validating the input
- Sending the content back to Server thru some proxies
- Security will be less headeach in this way since
most of the code executes on the server side.

Um, you just described ASP.NET perfectly. How is what you're describing
any different from ASP.NET, and what benefits would it have that would
justify learning yet another new set of tools?
 
Back
Top