Monday, September 15, 2014

Possible Multiple Enumeration Warning

Someone recently asked me what the "Possible Multiple Enumeration" warning means. The IEnumerable interface only exposes a single method, GetEnumerator. This means that every and every time we want to traverse the enumerable we have to start at the beginning and iterate the entire enumeration again.

public interface IEnumerable<out T> : IEnumerable
    IEnumerator<T> GetEnumerator();
public interface IEnumerable
    IEnumerator GetEnumerator();

Whenever you see the Possible Multiple Enumeration warning the compiler is trying to tell you that your code my be sub-optimal at run time because it will have to completely traverse the enumerable multiple times.

More importantly, the compiler can not be sure what that enumeration will entail!

Why could that be bad?

With a collection we know what the contents and implementation of the enumerable are, and we are able to know the run time implications of iteration over that collection. However an IEnumerable is an abstraction and not a guaranteed implementation, meaning that it may represent a very inefficient enumeration.

For example, an object relational mapping (ORM) framework may expose an IEnumerable that loads it's items from a database on each iteration. Other IEnumerables may be computing complex and CPU intensive operations during iteration. The simple fact is that when your code is iterating over an IEnumerable you just can not be sure what is actually happening behind the interface.

This is not necessarily a bad thing, but that uncertainty does merit a warning.

Thursday, September 11, 2014

Decompile Methods with ReSharper

ReSharper is an amazing tool that .NET developers should never be without. One of my favorite features that if offers is build in support for decompiling methods when navigating to source. Enabling this option will literally allow you to view external source code simply by going to definition.

To enable this option, go to...

  1. Open the "ReSharper" Drop Down
  2. Select "Options"
  3. Expand "Tools"
  4. Select "External Sources"
  5. Select "Navigation to Sources"
  6. Check "Decompile methods"
  7. Save, and you're done!

Would you like to do this outside of Visual Studio as well? Check out JetBrains FREE decompiler tool, dotPeek.


Sunday, August 31, 2014

Three steps to wire up your IOC container.

How can you dynamically and flexibly wire up your inversion of control container? Here are three easy steps to consider:

  1. Reflection
  2. Explicit
  3. Configuration

First, use reflection to help wire up your boiler plate or dynamic dependencies. Second, explicitly register and customize any additional dependencies that your application needs Third, use configuration last to dynamically override any of your previous settings, allowing you to make changes to your application in a live environment without having to rebuild or deploy.

Sample Code

Microsoft's Unity offers a last in win container, so if you follow the steps above in order you will have a very flexible configuration for your container!

Sunday, August 24, 2014

xUnit Console Runner - Filter by Test Name

You can now filter by test name with the xUnit Console Runner.

Sample Code

namespace DemoProject
    public class ExampleTests
        public void HelloWorld()
        public void GoodnightMoon()

Sample Command Line

C:\>xunit.console.exe DemoProject.dll -testName "DemoProject.ExampleTests.HelloWorld" console test runner (64-bit .NET 4.0.30319.18449)
Copyright (C) 2014 Outercurve Foundation.

Starting:  DemoProject.dll
Finished: DemoProject.dll

   DemoProject.dll  Total: 1, Failed: 0, Skipped: 0, Time: 0.276s, Errors: 0


Saturday, August 16, 2014

System.Net.CredentialCache supports Digest Auth

In my last post I talked about implementing Digest Authentication in WebAPI. That was a server side implementation, but how do you make requests to that server? Good news: .NET's built in CredentialCache supports Digest Authentication!


Be sure to enable PreAuthenticate, otherwise each request will require a new digest token have to make an additional two requests to get it! Do not worry, the request will not send your credentials without having a token first.

PreAuthenticate = false

PreAuthenticate = true

Sunday, August 3, 2014

Basic and Digest mixed authentication with WebAPI

In my last post I talked about using both Basic and Digest authentication with WebAPI, but not at the same time. So what do you do when you want to used mixed authentication with both?

In principal you can support both Basic and Digest authentication at the same time, but your server has to issue the 401 challenge with Digest. This is because basic requires no token or server information to authenticate, where as digest requires a nonce from the server.

I have updated Rick's Basic authentication and Badri's Digest authentication implementation to work together as a pair of AuthorizationFilterAttributes. Here is the source:

public static class WebApiConfig
    public static void Register(HttpConfiguration config)
        config.Filters.Add(new BasicAuthorizationFilterAttribute(false));
        config.Filters.Add(new DigestAuthorizationFilterAttribute());
            new { controller = "data", id = RouteParameter.Optional }


Thursday, July 31, 2014

WebAPI and Chrome Authentication Types

Google Chrome supports four HTTP authentication types:

  1. Basic
  2. Digest
  3. NTLM
  4. Negotiate

ASP.NET WebAPI has AuthorizationFilterAttributes which can be used to implement both Authentication and Authorization for your APIs. If you want to use Basic or Digest authentication, there are already several open source implementations available to help you out!

Do you need to used mixed authentication and support both Basic and Digest?
If so, be sure to check out my next blog post...


Real Time Web Analytics