concurrency violation In .NET

In any disconnected environment the problem of concurrent updates is obvious. Update via Dataset is no exception. There are various solutions to tackle with this issue and which one to use depends upon your application, requirements and database schema.

The actual problem with the disconnected environment is that the data at the time of update is not the same as it was at the time you fetched it. This situation is referred as concurrency violation and the concurrency is said to be "Optimistic".

There are few points that you should think of:

  • Is it OK with your application to overwrite such data (which is modified by somebody else)?
  • Do you want to cancel your updates if such violation is observed?
  • Do you want to ask the user whether he/she wants to overwrite the data?

Once the user has been notified of the concurrency issue, you could leave it up to her to decide how to handle it. Another alternative is to code a specific way to deal with concurrency, such as always handling the exception to let the user know (but refreshing the data from the database). Let the user decide what to do next. The user can cancel changes or cancel and reload from the database or save the changes or save anyway.

Cancel changes : The option to cancel changes simply calls the RejectChanges method of the DataSet and rebinds the DataSet to the controls in the ASP.NET page. The RejectChanges method reverts the changes that the user made back to its original state by setting all of the current field values to the original field values.

Cancel and reload from the database :The option to cancel changes and reload the data from the database also rejects the changes but additionally goes back to the database via the Employee class in order to get a fresh copy of the data before rebinding to the control on the ASP.NET page.

Save Changes:  The option to save changes attempts to save the changes but will fail if a concurrency violation is encountered.

"Save anyway": "Save anyway" option takes the values the user attempted to save and uses the last-in wins technique, overwriting whatever is in the database. It does this by calling a different command object associated with a stored procedure that only uses the primary key field (EmployeeID) in the WHERE clause of the UPDATE statement. This technique should be used with caution as it will overwrite the record. If you want a more automatic way of dealing with the changes, you could get a fresh copy from the database. Then overwrite just the fields that the current user modified. Use this with caution as well, however, because if the same field was modified by both users, you may want to just back out or ask the user what to do next.

What is obvious here is that there are several ways to deal with concurrency violations, each of which must be carefully weighed before you decide on the one you will use in your application.


Possible Solutions

Any solution to concurrency problem should make sure that the data at the time of update is the same as it was when you fetched it. Here are some common solutions that you can implement:

  • Update using ALL the fields in WHERE clause: In this approach you include all the fields from SELECT statement in the WHERE condition of UPDATE statement. This can be achieved in two ways either configuring the DataAdapter manually or using CommandBuilder.
  • Updating using SOME fields in WHERE clause: In this approach only few fields from SELECT statement are included in WHERE condition of UPDATE statement.
  • Updating based on a TIMESTAMP column:   In this approach you add a timestamp field to your table and compare its values before updating the row.

With Regards,
UVN PardhaSaradhi


Role of Customer and End Users in making IT Project a Success


For an IT project to be a success, it must meet three criteria:


  1. On-Time Delivery : it must be completed on time,
  2. Cost Effective:  it must be completed within budget, and
  3. Functionally Robust: it must provide the full functionality originally promised.


The IT profession has been conducting IT projects for over thirty years. Yet about 75% of all IT projects fail to meet one or more of these criteria. Why?


The reasons IT projects fail are listed below, more or less in the order of frequency of occurrence:


  1. Inadequate or inaccurate specifications
  2. Changing specifications
  3. Insufficient user support
  4. Bad estimates of required resources
  5. Technical failure
  6. Bad management of the project


At first glance it seems that if in IT project fails, it is the fault of the IT department and the IT people. Without question this is true some of the time. Technical failure is clearly an IT failure most of the time. (Sometimes IT is forced to use questionable technology by the rational demands of the competitive environment or by irrational demands by users to have the best and latest.) Bad project management is also an IT failure much of the time. The IT community is aware of these failings and is making substantial progress in correcting them.


But there is more here than meets the eye. IT cannot do it alone. Substantial participation by the customer and end users is essential to the success of every IT project.  Let’s look at the role of customers and end users in a typical IT project in terms of the specific tasks that need to be done in each phase of development.


  • User requirements specification – Customer should do most of the work, with guidance about costs and technical issues from IT.
  • Functional design – Users should lead this effort, with some participation by IT.
  • Technical design – IT should lead this phase, with some input from end users, as technical considerations suggest or require change in functional design.
  • Coding – No user participation required.
  • Testing – Users must design the test cases, provide the test data and analyze the test results. This is a larger effort than most people realize.
  • Training and documentation – While IT must create the technical documentation, user documentation of system functionality is best done by users.
  • Implementation – The users must work in parallel with IT to install the new business processes required by every new system, even as they train the ultimate users of the system.


There is almost no reliable data on how much user time is or should be involved in these activities, but we in the IT community know that the requirements are large. Expert’s analysis tells that user work time in an application development project should be from 25% to 90% of IT time, depending on the nature of the project.


Any project received as much user time as it required, the gap is usually closed by IT people doing the users’ work. This guarantees project failure:


The failure is

  • To the extent that IT people specify user requirements and functional design, the new system and its associated business processes reflect IT’s view about how the business should be run. This is a bad idea. End user should involve themselves in specifying the user requirements and functional design because they know what they want. 
  • Users often change requirements during the project, as they begin to understand the ramifications of the new system, or as business needs change.
  • If the users do not take the lead in the testing, the wrong things will be tested using the wrong data – a guarantee of a difficult implementation and needless maintenance costs.
  • When IT people write user documentation it is often unintelligible to the users; when the users can understand it, it often does not tell them what they need to know.


The overall effect of this transfer of work from end users to IT is to degrade performance with respect to all of the key criteria of success: Projects are late because

  • IT has not allocated people to do the work that end users should be doing, delaying the IT work they should be doing.
  • Changing requirements magnify the problem.
  • Projects are over budget for the same reasons.
  • System functionally is compromised because the IT people do not know as much about business needs and business processes as the end users know.

 Solution to the Problem:


  • If you the CEO or COO, do not authorize any project unless the user commits in advance to providing 50% of the work days budgeted for IT participation.
  • If you are the CIO, CTO or Project Manager, refuse to start a project without the user’s commitment to adequate user participation.
  • If you are a developer, don’t start the project until you understand all the functionality of the modules you are assigned to develop.
  • If you are a tester, don’t start writing the test cases until you understand all the functionality of the modules you are assigned to test and the customer agreed to provide the real test data.


The biggest IT failure is failure to get the users do their jobs. Let the end users participate in most parts of the development life cycle and as they know what they want and the project will be more successful.


 With Regards,

UVN PardhaSaradhi

MSN Korea Hacked, Says Microsoft


The Korean portal reportedly fell victim to hackers for one reason: its servers had not been patched.

Microsoft said on Thursday that someone had placed malicious code on the MSN Korea site in an attempt to steal passwords. A Microsoft spokesman said the English-language sites were not open to the type of attack that affected, according to AP.

A third party runs the Korean site, a different practice than what is done with Microsoft’s US sites. That operator apparently failed to apply available patches to its servers. And an unpatched operating system running a popular service like MSN becomes a big target for malicious activity.

Korean authorities and Microsoft personnel were examining the corrupt servers for more information. The company became aware of the problem on Tuesday, when external security researchers reported it. Microsoft removed the servers after tracing the problem.

The malicious code on the site would scan a visitor’s computer, and then try to download keylogging software from a number of hacked Chinese web sites. With so many Korean users on broadband connections, these attacks could happen very quickly.

But there have not been any reports of users harmed by the security breach. Microsoft does not yet know how long the malicious code has been on the web site. That code took advantage of a problem in Internet Explorer called an iFrame vulnerability. A patch for that problem was distributed last December.

Later, MSN Korea reported the only site affected was the news portal at, and that malware placed on the site would cause advertising pop-ups to appear on a user’s computer.

Source :

Microsoft uses XML technology

02/06/2005 14:25  – (SA)  

Anjali Cordeiro

Redmond – Microsoft Corp said it is adopting XML technology for the default file formats in the next version of Microsoft Office editions to give users improved data interoperability and dramatically smaller file sizes.

In a press release on Thursday, the software giant said it is adopting the industry-standard Extensible Markup Language technology, or XML technology, for the default file formats in Office 12.

The new file formats, called Microsoft Office Open XML Formats, will become the defaults for the Office 12 versions of Microsoft Office Word, Excel and PowerPoint, which are expected to be released in the second half of 2006.

The company said that the Microsoft Office Open XML Formats announced on Thursday will provide smaller file sizes and improved recovery of damaged or corrupted files. They also help improve security through greater control of file content, the company said.

The interoperability capabilities of the Microsoft Office Open XML Formats enable Microsoft Office applications to directly access data stored in systems outside those applications.

Edited by Ilse Arendse