AOP, Pipelines, Interceptors, and HttpModlues

  • Article

My favorite design patterns is Provider design pattern (abstract factory – GoF definition). I like it since it gives a lots of flexibility while preserving common programming techniques and style. ASP.NET is all over providers – membership, rolemanager, healthmonitoring (more on healthmonitoring read ASP.NET Health Monitoring Means Logging And Auditing) to mentions a few. The flexibility achieved by not getting locked to one implementation, rather keeping always an option for another one.

My customers often ask me “So what is the right solution among these <<there is always some list of choices for any problem that goes here>>?”. I always answer that “If I knew what is right I would be a millionaire long time ago, but seriously, the solution is not providing specific solution right now ”, - “huh??...”

I tend to agree on some interface and provide simplest hard coded implementation very quickly and dirty (any way it is always done that way). Sometimes there comes a request for major change – if the implementation is hidden behind the interface like in case of Provider design pattern  then the change may be much less painful than with the case where is not interface in between.

Another design pattern that I love is Pipeline (I think they call it Chain of responsibilities...) – it is something that provides sequential processing for the data – like ASP.NET pipeline, WCF pipeline, or Remoting pipeline. I like it just for the same reason – I am not locked in something unchangeable rather keep the door open for more options for data processing. I think it is the essence of AOP (aspect oriented programming).

My best friend in the AOP/Interception space is HttpModule – session management, authentication, caching and some more are all HttpModlues in ASP.NET implementing simple IHttpModule interface.

Here are some nice samples for using HttpModlue:

Stateful Web Application Firewalls with .NET

https://www.awprofessional.com/articles/article.asp?p=694855&f1=rss&rl=1

Simple HTTP Reverse Proxy with ASP.NET and IIS

https://www.codeproject.com/aspnet/HTTPReverseProxy.asp

One caveat though with Pipelines thing – make sure your pipeline picks “right” Aspects, How To Hack WCF - New Technology, Old Hacking Tricks explains how easy to subvert bad design assumptions – no matter what technology is used.

Another thing to pay attention is when provider design pattern utilizes reflection – make sure you activate “right assemblies”, .Net Assembly Spoof Attack explains why.

This post is inspired by JD’s post - The Better Adapted You Are, the Less Adaptable You Tend To Be.

I may misinterpret it but I think it helped me understand why I do not like to be locked and why I love to stay loosely coupled - in programming, and in real life too, but not that much J...

Enjoy