I have some short notes to make and it might not be blogworthy so having them on this page instead :) Will add to this from time to time. [more]

ASP.NET Security

* You have a web site/application deployed to IIS. You use . You set the IIS site/virtual directory security to allow anonymous. Notice that if you try to get Page.User.Identity.Name you will always get an empty string. So even if you set to windows authentication, the anonymous access will take precedence. To have the windows user name available when accessing Page.User.Identity.Name (Or HttpContext.User.Identity.Name) you have to disable (uncheck) Allow Anonymous access in the site/virtual directory’s Directory Security tab.

Performance (General)

* When tuning/optimizing performance the gurus always say “Measure, mesasure, measure” (i think I heard this first from Rico Mariani) and I couldn’t agree any better. Premature optimization or optimization without measuring is definitely is most of the time useless. You are likely killing your time fixing something which is actually not a bottleneck.

* Take note of “measure, measue, measure” above but if your application involves data access and of course a data source, chances are high that you would gain a lot of improvement optimizing it. (also see SQL Performance below). I’m definitely not my to being a super optimizer but lately I optimized an application and work made to tune the database ALONE improved the performance by like 10 folds. When you are talking about million of iterations that’s a lot of improvement.

SQL Performance

* To optimize query execution plan caching and thus reuse, use fully qualified names in queries. (eg. dbo.OrderDetail vs OrderDetail). For more query optimization tips read more from the following link : Recompilication of Queries from Technet