I’m currently reading Fowler’s Patterns of Enterprise Applications, and I’m very slightly bored. Not because of Fowler’s writing, of course. It’s just that he doesn’t seem to talk about new concepts for me. When I read his Refactoring book, I was thrilled; there was a lot of new stuff to learn. But reading PoEA is a different matter. I don’t learn many new stuff, but rather I see more clearly what is going on in the tools that I’m using.
When he talks about Active Record, I get better understanding of the advantages & disadvantages of using Castle.ActiveRecord. When he talks about Unit Of Work and Data Mappers, I suddenly see why NHibernate is doing this or that, and I can see ways I can take advantage of it. I’m currently reading about MVC in web applications and about Page Controller vs. Front Controller and I keep thinking about MonoRail and the way it does things. The problem of Template View vs. Transform View vs. Two Step View came up in the Castle developers lists twice in the last month.
I can’t wait to get to the parts where I don’t know anything (Optimistic Offline Lock, for instance). Great book. It’s clearing a lot of design decisions for me. It’s surprising how much of the things he talks about are implemented in Open Source Software that makes the patterns accessible for anyone.
One thing that surprised me is that doesn’t seem to be any discussion of security in any way inside the book. I’m pretty sure that there are patterns for securing code beyond not using strcpy(), any one can recommend something?
I shuffled through Writing Secure Code, and it’s mainly talks about low level things, highly important, yes, but not very helpful when you’re trying to design your application security. I’ve the first version, so maybe the second version fixes that.
Anyone has a recommendation?