Time and again as you work through a technology, delta books become increasingly important i.e. the technological texts which are concrete, concise, and build upon earlier foundations of your learning without starting all-over again from the square one. Professional ASP.NET qualify as one of those books, which not only fit the above definition, but are also engaging and a delight to read in this overcrowded marketplace of encyclopedic-code-riddled-texts. Authors are well known in the Microsoft development community and any avid MVC3 developer is bound to end-up on their blog postings and articles during the troubleshooting-lookups, which made picking up this book an easy choice for me.
Let’s starting with the strengths; this book covers almost all the major aspects of web development with MVC which an enterprise developer encounters during the course of a web oriented SDLC. To give potential reader an idea of book’s organization and depth of coverage, chapters range from advance Hello World startup to must-have M, V and C in the model-view-framework; along with HTML helpers, annotations, security, Ajax, routing and a collection of advance topics. I specifically enjoyed chapter 7 on securing your application which handles the practical aspects of app-sec such as authorize attribute, XSS, CSRF, cookie stealing, open redirection, over posting and secure configuration. It definitely makes a lot of sense to include essential security related guidelines in a professional book for web developers and keep the contents accessible by way of providing simple examples. Blog posts of Phil Haack, one of the four authors, are very relevant to application security related techniques (confused deputy attack is a good example) and I felt authors did an excellent job in covering application security in the book.
Chapter 10, Building and using a NuGet package is not strictly an MVC3 topic and should have been part of an appendix instead of it being in the book. Using NuGet, the package manager, is always a pleasure but building packages and publishing to NuGet.org is not necessarily the best use of 30 pages, which could have been more effectively used for advance topics such as custom view engines. Unit testing centric chapter of the book is highly relevant but falls short on practical guidance on HTTPContext handling, WebViewPage.Context as HttpContextBase in Razor etc. For instance, I would assume any self-respecting pro unit testing text would include strategies for unit testing with wrapper classes, action filters and parameters, directly mocking HttpContextBase and setting ControllerContext. I was disappointed to see authors didn’t cover as much in the mere 21 pages allocated for such an important topic and trivialized it with theoretical associations of quality and unit testing.
Dependency injection i.e. separating component behavior from dependency resolution without object intervention in MVC3 was well explained and I was delighted to see that instead of using an IoC container like castle Windsor or unity, authors focused on fundamentals and provided custom implementation. Last two chapters, extending MVC and advance topics are overall excellent with their discussion of common extensibility points however somehow, I still don’t think explaining attributes “Action Invoker” really qualifies as an advance topic.
Now concluding as an intelligent collaborative filtering engine, if you enjoy reading about MVC3 with the terseness of Jon Galloway’s writings, intelligent quips of Haack, ode with Allen and assumingly full throttled TDD with Wilson, go ahead and try out the book, you may not regret the “route”.