ASP.

NET FAQ's

Next >>

What is view state and use of it? The current property settings of an ASP.NET page and those of any ASP.NET server controls contained within the page. ASP.NET can detect when a form is requested for the first time versus when the form is posted (sent to the server) which allows you to program accordingly. What are user controls and custom controls? Custom controls A control authored !y a user or a third"party software vendor that does not !elong to the .NET #ramewor$ class li!rary. This is a generic term that includes user controls. A custom server control is used in %e! #orms (ASP.NET pages). A custom client control is used in %indows #orms applications. !ser Controls &n ASP.NET' A user"authored server control that ena!les an ASP.NET page to !e re"used as a server control. An ASP.NET user control is authored declaratively and persisted as a te(t file with an .asc( e(tension. The ASP.NET page framewor$ compiles a user control on the fly to a class that derives from the System.%e!.)&.)ser*ontrol class. What are the validation controls? A set of server controls included with ASP.NET that test user input in +T,- and %e! server controls for programmer"defined requirements. .alidation controls perform input chec$ing in server code. &f the user is wor$ing with a !rowser that supports /+T,- the validation controls can also perform validation using client script. What's the difference "etween #es$onse.Write%& and#es$onse.'ut$ut.Write%&? The latter one allows you to write formattedoutput. What methods are fired durin( the $a(e load? )nit%& %hen the page is instantiated -oad() " when the page is loaded into server memory Pre0ender () " the !rief moment !efore the page is displayed to the user as +T,- )nload() " when page finishes loading. Where does the We" $a(e "elon( in the .NET Framewor* class hierarch+? System.%e!.)&.Page Where do +ou store the information a"out the user's locale? System.%e!.)&.Page.*ulture What's the difference "etween Code"ehind,-.+Code.as$/.cs- and Src,-.+Code.as$/.cs-? *ode1ehind is relevant to .isual Studio.NET only. What's a "u""led event? %hen you have a comple( control li$e/ata2rid writing an event processing routine for each o!3ect (cell !utton row etc.) is quite tedious. The controls can !u!!le up their eventhandlers allowing the main /ata2rid event handler to ta$e care of its constituents. Suppose you want a certain ASP.NET function e(ecuted on ,ouse4ver over a certain !utton.

Where do +ou add an event handler? &t5s the Attri!utesproperty the Add function inside that property. e.g. !tnSu!mit.Attri!utes.Add(6on,ouse4ver6 6some*lient*ode()76) What data t+$e does the #an(e0alidator control su$$ort? &nteger String and /ate. What are the different t+$es of cachin(? *aching is a technique widely used in computing to increase performance !y $eeping frequently accessed or e(pensive data in memory. &n conte(t of we! application caching is used to retain the pages or data across +TTP requests and reuse them without the e(pense of recreating them.ASP.NET has 8 $inds of caching strategies4utput *aching#ragment *aching/ata Cachin('ut$ut Cachin( *aches the dynamic output generated !y a request. Some times it is useful to cache the output of a we!site even for a minute which will result in a !etter performance. #or caching the whole page the page should have 4utput*ache directive.9 :; 4utput*ache /uration<6=>6 .ary1yParam<6state6 :? Fra(ment Cachin( *aches the portion of the page generated !y the request. Some times it is not practical to cache the entire page in such cases we can cache a portion of page9:; 4utput*ache /uration<6@A>6 .ary1yParam<6*ategory&/7Selected&/6:? 1ata Cachin( *aches the o!3ects programmatically. #or cache o!3ect for eg' cacheB6States6C < dsStates7 data caching asp.net provides a

What do +ou mean "+ authentication and authori2ation? Authentication is the process of validating a user on the credentials (username and password) and authoriDation performs after authentication. After Authentication a user will !e verified for performing the various tas$s &t access is limited it is $nown as authoriDation. What are different t+$es of directives in .NET? 3Pa(e' /efines page"specific attri!utes used !y the ASP.NET page parser and compiler. *an !e included only in .asp( files 9:; Page Asp*ompat<6T0)E6 language<6*E6 :? 3Control'/efines control"specific attri!utes used !y the ASP.NET page parser and compiler. *an !e included only in .asc( files. 9:; *ontrol -anguage<6.16 Ena!le.iewState<6false6 :? 3)m$ort' E(plicitly imports a namespace into a page or user control. The &mport directive cannot have more than one namespace attri!ute. To import multiple namespaces use multiple ;&mport directives. 9: ; &mport Namespace<6System.we!6 :? 3)m$lements' &ndicates that the current page or user control implements the specified .NET framewor$ interface.9:; &mplements &nterface<6System.%e!.)&.&Post1ac$Event+andler6 :? 3#e(ister' Associates aliases with namespaces and class names for concise notation in custom server control synta(.9:; 0egister Tagprefi(<6Acme6 Tagname<6Ad0otator6 Src<6Ad0otator.asc(6 :? 3Assem"l+' -in$s an assem!ly to the current page during compilation ma$ing all the assem!ly5s classes and interfaces availa!le for use on the page. 9:; Assem!ly Name<6,yAssem!ly6 :?9:; Assem!ly Src<6,ySource.v!6 :? 3'ut$utCache' /eclaratively controls the output caching policies of an ASP.NET page or a user control contained in a page9:; 4utput*ache /uration<6Eofseconds6 -ocation<6Any F *lient F /ownstream F Server F None6 Shared<6True F #alse6 .ary1y*ontrol<6controlname6 .ary1y*ustom<6!rowser F customstring6 .ary1y+eader<6headers6 .ary1yParam<6parametername6 :? 3#eference' /eclaratively indicates that another user control or page source file should !e dynamically compiled and lin$ed against the page in which this directive is declared.

4ow do ) de"u( an ASP.NET a$$lication that wasn't written with 0isual Studio.NET and that doesn't use code5"ehind? Start the /!g*lr de!ugger that comes with the .NET #ramewor$ S/G open the file containing the code you want to de!ug and set your !rea$points. Start the ASP.NET application. 2o !ac$ to /!g*lr choose /e!ug Processes from the Tools menu and select aspnetHwp.e(e from the list of processes. (&f aspnetHwp.e(e doesn5t appear in the list chec$ the 6Show system processes6 !o(.) *lic$ the Attach !utton to attach to aspnetHwp.e(e and !egin de!ugging. 1e sure to ena!le de!ugging in the ASPI file !efore de!ugging it with /!g*lr. Jou can ena!le tell ASP.NET to !uild de!ug e(ecuta!les !y placing a 9:; Page /e!ug<6true6 :? statement at the top of an ASPI file or a 9*4,P&-AT&4N de!ug<6true6 K?statement in a %e!.config file. Can a user "rowsin( m+ We" site read m+ We".confi( or 6lo"al.asa/ files? No. The 9+TTP+AN/-E0S?section of ,achine.config which holds the master configuration settings for ASP.NET contains entries that map ASAI files *4N#&2 files and selected other file types to an +TTP handler named +ttp#or!idden+andler which fails attempts to retrieve the associated file. Jou can modify it !y editing ,achine.config or including an section in a local %e!.config file. What's the difference "etween Pa(e.#e(isterClientScri$t7loc* and Pa(e.#e(isterStartu$Scri$t? 0egister*lientScript1loc$ is for returning !loc$s of client"side script containing functions. 0egisterStartupScript is for returning !loc$s of client"script not pac$aged in functions"in other words code that5s to e(ecute when the page is loaded. The latter positions script !loc$s near the end of the document so elements on the page that the script interacts are loaded !efore the script runs.9:; 0eference *ontrol<6,y*ontrol.asc(6 :? Is it necessary to lock application state before accessing it? Only if you're performing a multistep update and want the update to be treated as an atomic operation. Here's an example: Application.Loc !"# Application$%&tems'old%( ) !int" Application$%&tems'old%( * +# Application$%&temsLeft%( ) !int" Application$%&temsLeft%( , +# Application.-nLoc !"# .y loc ing application state before updating it and unloc ing it afterwards/ you ensure that another re0uest being processed on another thread doesn't read application state at exactly the wrong time and see an inconsistent 1iew of it. &f & update session state/ should & loc it/ too2 Are concurrent accesses by multiple re0uests executing on multiple threads a concern with session state2 3oncurrent accesses aren't an issue with session state/ for two reasons. One/ it's unli ely that two re0uests from the same user will o1erlap. 4wo/ if they do o1erlap/ A'5.N64 loc s down session state during re0uest processing so that two threads can't touch it at once. 'ession state is loc ed down when the HttpApplication instance that's processing the re0uest fires an Ac0uire7e0uest'tate e1ent and unloc ed when it fires a 7elease7e0uest'tate e1ent. 8o A'5.N64 forms authentication coo ies pro1ide any protection against replay attac s2 8o they/ for example/ include the client's &5 address or anything else that would distinguish the real client from an attac er2 No. &f an authentication coo ie is stolen/ it can be used by an attac er. &t's up to you to pre1ent this from happening by using an encrypted communications channel !H445'". Authentication coo ies issued as session coo ies/ do/ howe1er/include a time,out 1alid that limits their lifetime. 'o a stolen session coo ie can only be used in replay attac s as long as the tic et inside the coo ie is 1alid. 4he default time,out inter1al is 9: minutes.;ou can change that by modifying the timeout attribute

accompanying the <forms> element in =achine.config or a local >eb.config file. 5ersistent authentication coo ies do not time,out and therefore are a more serious security threat if stolen. How do I send e-mail from an ASP.NET application? =ail=essage message ) new =ail=essage !"# message.?rom ) <email># message.4o ) <email># message.'ub@ect ) %'cheduled 5ower Outage%# message..ody ) %Our ser1ers will be down tonight.%# 'mtp=ail.'mtp'er1er ) %localhost%# 'mtp=ail.'end !message"# =ail=essage and 'mtp=ail are classes defined in the .N64 ?ramewor 3lass Library's 'ystem.>eb.=ail namespace. 8ue to a security change made to A'5.N64 @ust before it shipped/ you need to set 'mtp=ail's 'mtp'er1er property to %localhost% e1en though %localhost% is the default. &n addition/ you must use the &&' configuration applet to enable localhost !+AB.:.:.+" to relay messages through the local '=45 ser1ice. !at are "S#IS$% files? C'8&'3O files are 8&'3O files that support dynamic disco1ery of >eb ser1ices. &f you place the following C'8&'3O file in a directory on your >eb ser1er/ for example/ it returns references to all A'=D and 8&'3O files in the host directory and any subdirectories not noted in <exclude> elements: <2xml 1ersion)%+.:% 2> <dynamic8isco1ery xmlns)%urn:schemas,dynamicdisco1ery:disco.A:::,:9,+B%> <exclude path)%E1tiEcnf% F> <exclude path)%E1tiEp1t% F> <exclude path)%E1tiElog% F> <exclude path)%E1tiEscript% F> <exclude path)%E1tiEtxt% F> <Fdynamic8isco1ery> How does dynamic disco&ery work? A'5.N64 maps the file name extension C'8&'3O to an H445 handler that scans the host directory and subdirectories for A'=D and 8&'3O files and returns a dynamically generated 8&'3O document. A client who re0uests a C'8&'3O file gets bac what appears to be a static 8&'3O document. Note that C'8&'3O files are disabled in the release 1ersion of A'5.N64. ;ou can reenable them by uncommenting the line in the <httpHandlers> section of =achine.config that maps G.1sdisco to 'ystem.>eb.'er1ices.8isco1ery.8isco1ery7e0uestHandler and granting the A'5N64 user account permission to read the &&' metabase. Howe1er/ =icrosoft is acti1ely discouraging the use of C'8&'3O files because they could represent a threat to >eb ser1er security. Is it possible to pre&ent a browser from cac!ing an ASP' page? Hust call 'etNo'tore on the Http3ache5olicy ob@ect exposed through the 7esponse ob@ect's 3ache property/ as demonstrated here:

<IJ 5age Language)%3K% I> <html> <body> <I 7esponse.3ache.'etNo'tore !"# 7esponse.>rite !8ate4ime.Now.4oLong4ime'tring !""# I> <Fbody> <Fhtml> 'etNo'tore wor s by returning a 3ache,3ontrol: pri1ate/ no,store header in the H445 response. &n this example/ it pre1ents caching of a >eb page that shows the current time. !at does Asp$ompat()tr*e) mean and w!en s!o*ld I *se it? Asp3ompat is an aid in migrating A'5 pages to A'5D pages. &t defaults to false but should be set to true in any A'5D file that creates apartment,threaded 3O= ob@ects,, that is/ 3O= ob@ects registered 4hreading=odel)Apartment. 4hat includes all 3O= ob@ects written with Cisual .asic L.:. Asp3ompat should also be set to true !regardless of threading model" if the page creates 3O= ob@ects that access intrinsic A'5 ob@ects such as 7e0uest and 7esponse. 4he following directi1e sets Asp3ompat to true: <IJ 5age Asp3ompat)%true% I> 'etting Asp3ompat to true does two things. ?irst/ it ma es intrinsic A'5 ob@ects a1ailable to the 3O= components by placing unmanaged wrappers around the e0ui1alent A'5.N64 ob@ects. 'econd/ it impro1es the performance of calls that the page places to apartment, threaded 3O= ob@ects by ensuring that the page !actually/ the thread that processes the re0uest for the page" and the 3O= ob@ects it creates share an apartment. Asp3ompat)%true% forces A'5.N64 re0uest threads into single, threaded apartments !'4As". &f those threads create 3O= ob@ects mar ed 4hreading=odel)Apartment/ then the ob@ects are created in the same '4As as the threads that created them. >ithout Asp3ompat)%true/% re0uest threads run in a multithreaded apartment !=4A" and each call to an '4A,based 3O= ob@ect incurs a performance hit when it's marshaled across apartment boundaries. 8o not set Asp3ompat to true if your page uses no 3O= ob@ects or if it uses 3O= ob@ects that don't access A'5 intrinsic ob@ects and that are registered 4hreading=odel)?ree or 4hreading=odel).oth. E+plain t!e differences between Ser&er-side and $lient-side code? 'er1er side scripting means that all the script will be executed by the ser1er and interpreted as needed. A'5 doesn't ha1e some of the functionality li e soc ets/ uploading/ etc. ?or these you ha1e to ma e a custom components usually in C. or C3**. 3lient side scripting means that the script will be executed immediately in the browser such as form field 1alidation/ cloc / email 1alidation/ etc. 3lient side scripting is usually done in C.'cript or Ha1a'cript. 8ownload time/ browser compatibility/ and 1isible code , since Ha1a'cript and C.'cript code is included in the H4=L page/ then anyone can see the code by 1iewing the page source. Also a possible security haMards for the client computer. !at type of code ,ser&er or client- is fo*nd in a $ode-.e!ind class? 3K

S!o*ld &alidation ,did t!e *ser enter a real date- occ*r ser&er-side or client-side? !y? 3lient,side 1alidation because there is no need to re0uest a ser1er side date when you could obtain a date from the client machine. !at are ASP.NET eb /orms? How is t!is tec!nology different t!an w!at is a&ailable t!o*g! ASP? >eb ?orms are the heart and soul of A'5.N64. >eb ?orms are the -ser &nterface !-&" elements that gi1e your >eb applications their loo and feel. >eb ?orms are similar to >indows ?orms in that they pro1ide properties/ methods/ and e1ents for the controls that are placed onto them. Howe1er/ these -& elements render themsel1es in the appropriate mar up language re0uired by the re0uest/ e.g. H4=L. &f you use =icrosoft Cisual 'tudio .N64/ you will also get the familiar drag,and,drop interface used to create your -& for your >eb application. !at is t!e difference between Ser&er.Transfer and 0esponse.0edirect? !y wo*ld I c!oose one o&er t!e ot!er? &n earlier 1ersions of &&'/ if we wanted to send a user to a new >eb page/ the only option we had was 7esponse.7edirect. >hile this method does accomplish our goal/ it has se1eral important drawbac s. 4he biggest problem is that this method causes each page to be treated as a separate transaction. .esides ma ing it difficult to maintain your transactional integrity/ 7esponse.7edirect introduces some additional headaches. ?irst/ it pre1ents good encapsulation of code. 'econd/ you lose access to all of the properties in the 7e0uest ob@ect. 'ure/ there are wor arounds/ but they're difficult. ?inally/ 7esponse.7edirect necessitates a round trip to the client/ which/ on high,1olume sites/ causes scalability problems. As you might suspect/ 'er1er.4ransfer fixes all of these problems. &t does this by performing the transfer on the ser1er without re0uiring a roundtrip to the client. How can yo* pro&ide an alternating color sc!eme in a 0epeater control? Alternating&tem4emplate Li e the &tem4emplate element/ but rendered for e1ery other row !alternating items" in the 7epeater control. ;ou can specify a different appearance for the Alternating&tem4emplate element by setting its style properties. !ic! template m*st yo* pro&ide1 in order to display data in a 0epeater control? &tem4emplate !at e&ent !andlers can I incl*de in 2lobal.asa+? ApplicationE'tart/ApplicationE6nd/ ApplicationEAc0uire7e0uest'tate/ ApplicationEAuthenticate7e0uest/ ApplicationEAuthoriMe7e0uest/ ApplicationE.egin7e0uest/ ApplicationE8isposed/ ApplicationE6nd7e0uest/ ApplicationE6rror/ ApplicationE5ost7e0uestHandler6xecute/ ApplicationE5re7e0uestHandler6xecute/ ApplicationE5re'end7e0uest3ontent/ ApplicationE5re'end7e0uestHeaders/ ApplicationE7elease7e0uest'tate/ ApplicationE7esol1e7e0uest3ache/ ApplicationE-pdate7e0uest3ache/ 'essionE'tart/'essionE6nd ;ou can optionally include %On% in any of method names. ?or example/ you can name a .egin7e0uest e1ent handler.ApplicationE.egin7e0uest or ApplicationEOn.egin7e0uest.;ou can also include e1ent handlers in Nlobal.asax for e1ents fired by custom H445 modules.Note that not all of the e1ent handlers ma e sense for >eb 'er1ices !they're designed for A'5.N64 applications in general/ whereas .N64 D=L >eb 'er1ices are specialiMed instances of an A'5.N64 app". ?or

example/ the ApplicationEAuthenticate7e0uest and ApplicationEAuthoriMe7e0uest e1ents are designed to be used with A'5.N64 ?orms authentication. !at is different b3w webconfig.+ml 4 5ac!ineconfig.+ml >eb.config O machine.config both are configuration files.>eb.config contains settings specific to an application where as machine.config contains settings to a computer. 4he 3onfiguration system first searches settings in machine.config file O then loo s in application configuration files.>eb.config/ can appear in multiple directories on an A'5.N64 >eb application ser1er. 6ach >eb.config file applies configuration settings to its own directory and all child directories below it. 4here is only =achine.config file on a web ser1er. &f &'m de1eloping an application that must accomodate multiple security le1els though secure login and my A'5.N64 web appplication is spanned across three web, ser1ers !using round,robbin load balancing" what would be the best approach to maintain login,in state for the users2 -se the state ser1er or store the state in the database. 4his can be easily done through simple setting change in the web.config. <'6''&ON'4A46 'tate3onnection'tring)%tcpip)+AB.:.:.+:PAPAP% s0l3onnection'tring)%data source)+AB.:.:.+# user id)sa# password)% coo ieless)%false% timeout)%9:% F> ;ou can specify mode as Qstateser1erR or Qs0lser1erR. >here would you use an iH445=odule/ and what are the limitations of any approach you might ta e in implementing one %One of A'5.N64's most useful features is the extensibility of the H445 pipeline/ the path that data ta es between client and ser1er. ;ou can use them to extend your A'5.N64 applications by adding pre, and post,processing to each H445 re0uest coming into your application. ?or example/ if you wanted custom authentication facilities for your application/ the best techni0ue would be to intercept the re0uest when it comes in and process the re0uest in a custom H445 module. How do yo* t*rn off cookies for one page in yo*r site? 'ince no 5age Le1el directi1e is present/ & am afraid that cant be done. How do yo* create a permanent cookie? 5ermanent coo ies are a1ailable until a specified expiration date/ and are stored on the hard dis .'o 'et the '6xpires' property any 1alue greater than 8ata4ime.=inCalue with respect to the current datetime. &f u want the coo ie which ne1er expires set its 6xpires property e0ual to 8ate4ime.maxCalue. !ic! met!od do yo* *se to redirect t!e *ser to anot!er page wit!o*t performing a ro*nd trip to t!e client? 'er1er.4ransfer and 'er1er.6xecute !at property do yo* !a&e to set to tell t!e grid w!ic! page to go to w!en *sing t!e Pager ob6ect? 3urrent5age&ndex

S!o*ld &alidation ,did t!e *ser enter a real date- occ*r ser&er-side or client-side? !y? &t should occur both at client,side and 'er1er side..y using expression 1alidator control with the specified expression ie.. the regular expression pro1ides the facility of only 1alidatating the date specified is in the correct format or not. .ut for chec ing the date where it is the real data or not should be done at the ser1er side/ by getting the system date ranges and chec ing the date whether it is in between that range or not. !at does t!e )Enable"iewState) property do? !y wo*ld I want it on or off? 6nable Ciew'tate turns on the automatic state management feature that enables ser1er controls to re,populate their 1alues on a round trip without re0uiring you to write any code. 4his feature is not free howe1er/ since the state of a control is passed to and from the ser1er in a hidden form field. ;ou should be aware of when Ciew'tate is helping you and when it is not. ?or example/ if you are binding a control to data on e1ery round trip/ then you do not need the control to maintain it's 1iew state/ since you will wipe out any re,populated data in any case. Ciew'tate is enabled for all ser1er controls by default. 4o disable it/ set the 6nableCiew'tate property of the control to false. !at is t!e difference between Ser&er.Transfer and 0esponse.0edirect? !y wo*ld I c!oose one o&er t!e ot!er? 'er1er.4ransfer!" : client is shown as it is on the re0uesting page only/ but the all the content is of the re0uested page. 8ata can be persist accros the pages using 3ontext.&tem collection/ which is one of the best way to transfer data from one page to another eeping the page state ali1e. 7esponse.8edirect!" :client now the physical location !page name and 0uery string as well". 3ontext.&tems loses the persisitance when ne1igate to destination page. &n earlier 1ersions of &&'/ if we wanted to send a user to a new >eb page/ the only option we had was 7esponse.7edirect. >hile this method does accomplish our goal/ it has se1eral important drawbac s. 4he biggest problem is that this method causes each page to be treated as a separate transaction. .esides ma ing it difficult to maintain your transactional integrity/ 7esponse.7edirect introduces some additional headaches. ?irst/ it pre1ents good encapsulation of code. 'econd/ you lose access to all of the properties in the 7e0uest ob@ect. 'ure/ there are wor arounds/ but they're difficult. ?inally/ 7esponse.7edirect necessitates a round trip to the client/ which/ on high,1olume sites/ causes scalability problems. As you might suspect/ 'er1er.4ransfer fixes all of these problems. &t does this by performing the transfer on the ser1er without re0uiring a roundtrip to the client.

$an yo* gi&e an e+ample of w!en it wo*ld be appropriate to *se a web ser&ice as opposed to a non-ser&iced .NET component? 3ommunicating through a ?irewall >hen building a distributed application with +::sF+:::s of users spread o1er multiple locations/ there is always the problem of communicating between client and ser1er because of firewalls and proxy ser1ers. 6xposing your middle tier components as >eb 'er1ices and in1o ing the directly from a >indows -& is a 1ery 1alid option. Application &ntegration >hen integrating applications written in 1arious languages and running on disparate systems. Or e1en applications running on the same platform that ha1e been written by separate 1endors.

.usiness,to,.usiness &ntegration 4his is an enabler for .A. intergtation which allows one to expose 1ital business processes to authoriMed supplier and customers. An example would be exposing electronic ordering and in1oicing/ allowing customers to send you purchase orders and suppliers to send you in1oices electronically. 'oftware 7euse 4his ta es place at multiple le1els. 3ode 7euse at the 'ource code le1el or binary componet,based resuse. 4he limiting factor here is that you can reuse the code but not the data behind it. >ebser1ice o1ercome this limitation. A scenario could be when you are building an app that aggregates the functionality of ser1eral other Applicatons. 6ach of these functions could be performed by indi1idual apps/ but there is 1alue in perhaps combining the the multiple apps to present a unifiend 1iew in a 5ortal or &ntranet. >hen not to use >eb 'er1ices: 'ingle machine Applicatons >hen the apps are running on the same machine and need to communicate with each other use a nati1e A5&. ;ou also ha1e the options of using component technologies such as 3O= or .N64 3omponets as there is 1ery little o1erhead. Homogeneous Applications on a LAN &f you ha1e >in9A or >informs apps that want to communicate to their ser1er counterpart. &t is much more efficient to use 83O= in the case of >in9A apps and .N64 7emoting in the case of .N64 Apps

$an yo* gi&e an e+ample of w!at mig!t be best s*ited to place in t!e Application7Start and Session7Start s*bro*tines? 4he ApplicationE'tart e1ent is guaranteed to occur only once throughout the lifetime of the application. &t's a good place to initialiMe global 1ariables. ?or example/ you might want to retrie1e a list of products from a database table and place the list in application state or the 3ache ob@ect. 'ession'tate=odule exposes both 'essionE'tart and 'essionE6nd e1ents. !at are t!e ad&antages and disad&antages of &iewstate? 4he primary ad1antages of the Ciew'tate feature in A'5.N64 are: +. 'implicity. 4here is no need to write possibly complex code to store form data between page submissions. A. ?lexibility. &t is possible to enable/ configure/ and disable Ciew'tate on a control, by,control basis/ choosing to persist the 1alues of some fields but not others. 4here are/ howe1er a few disad1antages that are worth pointing out: +. 8oes not trac across pages. Ciew'tate information does not automatically transfer from page to page. >ith the session approach/ 1alues can be stored in the session and accessed from other pages. 4his is not possible with Ciew'tate/ so storing data into the session must be done explicitly. A. Ciew'tate is not suitable for transferring data for bac ,end systems. 4hat is/ data still has to be transferred to the bac end using some form of data ob@ect. #escribe session !andling in a webfarm1 !ow does it work and w!at are t!e limits? A'5.N64 'ession supports storing of session data in 9 ways/ i( in &n,5rocess ! in the same memory that A'5.N64 uses" / ii( out,of,process using >indows N4 'er1ice "in

separate memory from A'5.N64 " or iii( in 'SL 'er1er !persistent storage". .oth the >indows 'er1ice and 'SL 'er1er solution support a webfarm scenario where all the web,ser1ers can be configured to share common session state store. +. >indows 'er1ice : >e can start this ser1ice by 'tart T 3ontrol 5anel T Administrati1e 4ools T 'er1ices T . &n that we ser1ice names A'5.N64 'tate 'er1ice. >e can start or stop ser1ice by manually or configure to start automatically. 4hen we ha1e to configure our web.config file

<3ON?&N-7A4&ON><configuration> <system.web> <'ession'tate mode ) Q'tate'er1erR state3onnection'tring ) Qtcpip)+AB.:.:.+:PAPAPR stateNetwor 4imeout ) Q+:R s0l3onnection'tring)Rdata source ) +AB.:.:.+# uid)sa#pwd)R coo ieless )R?laseR timeout) QA:R F> <Fsystem.web> <Fconfiguration> <F';'46=.>6.> <F3ON?&N-7A4&ON> Here A'5.Net 'ession is directed to use >indows 'er1ice for state management on local ser1er !address : +AB.:.:.+ is 435F&5 loop,bac address". 4he default port is PAPAP. we can configure to any port but for that we ha1e to manually edit the registry. ?ollow these simple steps , &n a webfarm ma e sure you ha1e the same config file in all your web ser1ers. , Also ma e sure your ob@ects are serialiMable. , ?or session state to be maintained across different web ser1ers in the webfarm/ the application path of the web,site in the &&' =etabase should be identical in all the web, ser1ers in the webfarm. !ic! template m*st yo* pro&ide1 in order to display data in a 0epeater control? ;ou ha1e to use the &tem4emplate to 8isplay data. 'yntax is as follows/ < &tem4emplate > < di1 class )Rr&temR > < img src)RimagesF<IK 3ontainer.8ata&tem!Q&mage-7LR"I>R hspace)R+:R F> < b > <I K 3ontainer.8ata&tem!Q4itleR"I> < Fdi1 > < &tem4emplate > How can yo* pro&ide an alternating color sc!eme in a 0epeater control? -sing the Alternatint&tem4emplate !at property m*st yo* set1 and w!at met!od m*st yo* call in yo*r code1 in order to bind t!e data from some data so*rce to t!e 0epeater control? 'et the 8ata=ember property to the name of the table to bind to. !&f this property is not set/ by default the first table in the dataset is used." 8ata.ind method/ use this method to bind data from a source to a ser1er control. 4his method is commonly used after retrie1ing a data set through a database 0uery.

!at met!od do yo* *se to e+plicitly kill a *ser s session? ;ou can dump !Uill" the session yourself by calling the method 'ession.Abandon. A'5.N64 automatically deletes a user's 'ession ob@ect/ dumping its contents/ after it has been idle for a configurable timeout inter1al. 4his inter1al/ in minutes/ is set in the <'6''&ON'4A46>section of the web.config file. 4he default is A: minutes. How do yo* t*rn off cookies for one page in yo*r site? -se 3oo ie.8iscard property/ Nets or sets the discard flag set by the ser1er. >hen true/ this property instructs the client application not to sa1e the 3oo ie on the user's hard dis when a session ends. !ic! two properties are on e&ery &alidation control? >e ha1e two common properties for e1ery 1alidation controls +. 3ontrol to Calidate/ A. 6rror =essage. !at tags do yo* need to add wit!in t!e asp8datagrid tags to bind col*mns man*ally? < asp:8ataNrid id)%dg3art% AutoNenerate3olumns)%?alse% 3ell5adding)%P% >idth)%PPVpx% runat)%ser1er% > < 3olumns > < asp:.utton3olumn Header4ext)%'6L634% 4ext)%'6L634% 3ommandName)%select% >< Fasp:.utton3olumn > < asp:.ound3olumn 8ata?ield)%5roduct&d% Header4ext)%5roduct &8% >< Fasp:.ound3olumn > < asp:.ound3olumn 8ata?ield)%5roductName% Header4ext)%5roduct Name% >< Fasp:.ound3olumn > < asp:.ound3olumn 8ata?ield)%-nit5rice% Header4ext)%-nit5rice% >< Fasp:.ound3olumn > < F3olumns > < Fasp:8ataNrid > How do yo* create a permanent cookie? 5ermanent coo ies are the ones that are most useful. 5ermanent coo ies are a1ailable until a specified expiration date/ and are stored on the hard dis . 4he location of coo ies differs with each browser/ but this doesnWt matter/ as this is all handled by your browser and the ser1er. &f you want to create a permanent coo ie called Name with a 1alue of Nigel/ which expires in one month/ youWd use the following code 7esponse.3oo ies !%Name%" ) %Nigel% 7esponse.3oo ies !%Name%". 6xpires ) 8ateAdd !%m%/ +/ Now !"" !at tag do yo* *se to add a !yperlink col*mn to t!e #ata2rid? < asp:HyperLin 3olumn > <F asp:HyperLin 3olumn> !ic! met!od do yo* *se to redirect t!e *ser to anot!er page wit!o*t performing a ro*nd trip to t!e client? 'er1er.transfer !at is t!e transport protocol yo* *se to call a H445 5rotocol eb ser&ice S%AP ?

E+plain role based sec*rity ? 7ole .ased 'ecurity lets you identify groups of users to allow or deny based on their role in the organiMation.&n >indows N4 and >indows D5/ roles map to names used to identify user groups. >indows defines se1eral built,in groups/ including Administrators/ -sers/ and Nuests.4o allow or deny access to certain groups of users/ add the <7OL6'>element to the authoriMation list in your >eb application's >eb.config file.e.g. <A-4HO7&XA4&ON>< authoriMation > < allow roles)%8omain NameYAdministrators% F > < Z,, Allow Administrators in domain. ,, > < deny users)%G% F > < Z,, 8eny anyone else. ,, > < FauthoriMation > How do yo* register 9a&aScript for webcontrols ? ;ou can register @a1ascript for controls using <3ON47OL ,name>Attribtues.Add!scriptname/scripttext" method. !en do yo* set ):I#ENTIT; impersonate()tr*e) 3<) ? &dentity is a webconfig declaration under 'ystem.web/ which helps to control the application &dentity of the web applicaton. >hich can be at any le1el!=achine/'ite/application/subdirectory/or page"/ attribute impersonate with %true% as 1alue specifies that client impersonation is used. !at are different templates a&ailable in 0epeater1#ata=ist and #atagrid ? 4emplates enable one to apply complicated formatting to each of the items displayed by a control.7epeater control supports fi1e types of templates.Header4emplate controls how the header of the repeater control is formatted.&tem4emplate controls the formatting of each item displayed.Alternating&tem4emplate controls how alternate items are formatted and the 'eparator4emplate displays a separator between each item displyed.?ooter4emplate is used for controlling how the footer of the repeater control is formatted.4he 8ataList and 8atagrid supports two templates in addition to the abo1e fi1e.'elected&tem 4emplate controls how a selected item is formatted and 6dit&tem4emplate controls how an item selected for editing is formatted. !at is "iewState ? and !ow it is managed ? A'5.N64 Ciew'tate is a new ind of state ser1ice that de1elopers can use to trac -& state on a per,user basis. &nternally it uses an an old >eb programming tric , roundtripping state in a hidden form field and ba es it right into the page,processing framewor .&t needs less code to write and maintain state in your >eb,based forms. !at is web.config file ? >eb.config file is the configuration file for the Asp.net web application. 4here is one web.config file for one asp.net application which configures the particular application. >eb.config file is written in D=L with specific tags ha1ing specific meanings.&t includes databa which includes connections/'ession 'tates/6rror Handling/'ecurity etc. ?or example : < configuration > < app'ettings > < add ey)%3onnection'tring% 1alue)%ser1er)localhost#uid)sa#pwd)#database)=y8.% F >

< Fapp'ettings > < Fconfiguration >

!at is ad&antage of &iewstate and w!at are benefits? >hen a form is submitted in classic A'5/ all form 1alues are cleared. 'uppose you ha1e submitted a form with a lot of information and the ser1er comes bac with an error. ;ou will ha1e to go bac to the form and correct the information. ;ou clic the bac button/ and what happens.......ALL form 1alues are 3L6A768/ and you will ha1e to start all o1er againZ 4he site did not maintain your Ciew'tate.>ith A'5 .N64/ the form reappears in the browser window together with all form 1alues.4his is because A'5 .N64 maintains your Ciew'tate. 4he Ciew'tate indicates the status of the page when submitted to the ser1er. !at tags do yo* need to add wit!in t!e asp8datagrid tags to bind col*mns man*ally? 'et AutoNenerate3olumns 5roperty to false on the datagrid tag and then use 3olumn tag and an A'5:databound tag < asp:8ataNrid runat)%ser1er% id)%=anual3olumn.inding% AutoNenerate3olumns)%?alse% > < 3olumns > < asp:.ound3olumn Header4ext)%3olumn+% 8ata?ield)%3olumn+%F > < asp:.ound3olumn Header4ext)%3olumnA% 8ata?ield)%3olumnA%F > < F3olumns > < Fasp:8ataNrid > <asp:8ataNrid id)=anual3olumn.inding runat)%ser1er% AutoNenerate3olumns)%?alse%> <3OL-=N'> <asp:.ound3olumn Header4ext)%3olumnA% 8ata?ield)%3olumnA%><Fasp:.ound3olumn> <Fasp:8ataNrid> !ic! property on a $ombo .o+ do yo* set wit! a col*mn name1 prior to setting t!e #ataSo*rce1 to display data in t!e combo bo+? 8ata4ext?ield and 8ataCalue?ield !ic! control wo*ld yo* *se if yo* needed to make s*re t!e &al*es in two different controls matc!ed? 3ompareCalidator is used to ensure that two fields are identical. !at is &alidations*mmary ser&er control?w!ere it is *sed?. 4he Calidation'ummary control allows you to summariMe the error messages from all 1alidation controls on a >eb page in a single location. 4he summary can be displayed as a list/ a bulleted list/ or a single paragraph/ based on the 1alue of the 8isplay=ode property. 4he error message displayed in the Calidation'ummary control for each 1alidation control on the page is specified by the 6rror=essage property of each 1alidation control. &f the 6rror=essage property of the 1alidation control is not set/ no error message is displayed in the Calidation'ummary control for that 1alidation control. ;ou can also specify a custom title in the heading section of the Calidation'ummary control by setting the Header4ext property. ;ou can control whether the Calidation'ummary control is displayed or hidden by setting the 'how'ummary property. 4he summary can also be displayed in a message box by setting the 'how=essage.ox property to true. !at is t!e se>*ence of operation takes place w!en a page is loaded? .egin4ranaction , only if the re0uest is transacted

&nit , e1ery time a page is processed LoadCiew'tate , Only on postbac 5rocess5ost8ata+ , Only on postbac Load , e1ery time 5rocess8ataA , Only on 5ostbac 7aise3hanged61ent , Only on 5ostbac 7aise5ost.ac 61ent , Only on 5ostbac 5re7ender , e1erytime .uild4race4ree , only if tracing is enabled 'a1eCiew'tate , e1ery time 7ender , 61erytime 6nd 4ransaction , only if the re0uest is transacted 4race.6nd7e0uest , only when tracing is enabled -nload7ecursi1e , 61ery re0uest #ifference between asp and asp.net?. %A'5 !Acti1e 'er1er 5ages" and A'5.N64 are both ser1er side technologies for building web sites and web applications/ A'5.N64 is =anaged compiled code , asp is interpreted. and A'5.net is fully Ob@ect oriented. A'5.N64 has been entirely re, architected to pro1ide a highly producti1e programming experience based on the .N64 ?ramewor / and a robust infrastructure for building reliable and scalable web applications.% Name t!e &alidation control a&ailable in asp.net?. 7e0uired?ield/ 7angeCalidator/7egular6xpression/3ustom 1alidator/compare Calidator !at are t!e &ario*s ways of sec*ring a web site t!at co*ld pre&ent from !acking etc .. ? +" AuthenticationFAuthoriMation A" 6ncryptionF8ecryption 9" =aintaining web ser1ers outside the corporate firewall. etc./ !at is t!e difference between in-proc and o*t-of-proc? An inproc is one which runs in the same process area as that of the client gi1ing tha ad1antage of speed but the disad1antage of stability becoM if it crashes it ta es the client application also with it.Outproc is one which wor s outside the clients memory thus gi1ing stability to the client/ but we ha1e to compromise a bit on speed. !en yo*?re r*nning a component wit!in ASP.NET1 w!at process is it r*nning wit!in on indows 'P? indows @AAA? indows @AAB? On >indows A::9 !&&' L.:" running in nati1e mode/ the component is running within the w9wp.exe process associated with the application pool which has been configured for the web application containing the component. On >indows A::9 in &&' [.: emulation mode/ A:::/ or D5/ it's running within the &&' helper process whose name & do not remember/ it being 0uite a while since & last used &&' [.:. !at does aspnet7regiis -i do ? AspnetEregiis.exe is 4he A'5.N64 &&' 7egistration tool allows an administrator or installation program to easily update the script maps for an A'5.N64 application to point to the A'5.N64 &'A5& 1ersion associated with the tool. 4he tool can also be used to display the status of all installed 1ersions of A'5. N64/ register the A'5.N64 1ersion

coupled with the tool/ create client,script directories/ and perform other configuration operations. >hen multiple 1ersions of the .N64 ?ramewor are executing side,by,side on a single computer/ the A'5.N64 &'A5& 1ersion mapped to an A'5.N64 application determines which 1ersion of the common language runtime is used for the application. 4he tool can be launched with a set of optional parameters. Option %i% &nstalls the 1ersion of A'5.N64 associated with AspnetEregiis.exe and updates the script maps at the &&' metabase root and below. Note that only applications that are currently mapped to an earlier 1ersion of A'5.N64 are affected !at is a Post.ack? 4he process in which a >eb page sends data bac to the same page on the ser1er. !at is "iewState? How is it encoded? Is it encrypted? !o *ses "iewState? Ciew'tate is the mechanism A'5.N64 uses to eep trac of ser1er control state 1alues that don't otherwise post bac as part of the H445 form. Ciew'tate =aintains the -& 'tate of a 5age Ciew'tate is baseLP,encoded. &t is not encrypted but it can be encrypted by setting 6nableCiew'tat=A3)%true% O setting the machineUey 1alidation type to 986'. &f you want to NO4 maintain the Ciew'tate/ include the directi1e < IJ 5age 6nableCiew'tate)%false% I > at the top of an .aspx page or add the attribute 6nableCiew'tate)%false% to any control. !at is t!e : mac!inekey < element and w!at two ASP.NET tec!nologies is it *sed for? 3onfigures eys to use for encryption and decryption of forms authentication coo ie data and 1iew state data/ and for 1erification of out,of,process session state identification.4here fore A A'5.Net techni0ue in which it is used are 6ncryptionF8ecryption O Cerification !at t!ree Session State pro&iders are a&ailable in ASP.NET C.C? !at are t!e pros and cons of eac!? A'5.N64 pro1ides three distinct ways to store session data for your application: in, process session state/ out,of,process session state as a >indows ser1ice/ and out,of, process session state in a 'SL 'er1er database. 6ach has it ad1antages. +.&n,process session,state mode Limitations: G >hen using the in,process session,state mode/ session,state data is lost if aspnetEwp.exe or the application domain restarts. G &f you enable >eb garden mode in the < process=odel > element of the application's >eb.config file/ do not use in,process session,state mode. Otherwise/ random data loss can occur. Ad1antage: G in,process session state is by far the fastest solution. &f you are storing only small amounts of 1olatile data in session state/ it is recommended that you use the in, process pro1ider. A. 4he 'tate 'er1er simply stores session state in memory when in out,of,proc mode. &n this mode the wor er process tal s directly to the 'tate 'er1er

9. 'SL mode/ session states are stored in a 'SL 'er1er database and the wor er process tal s directly to 'SL. 4he A'5.N64 wor er processes are then able to ta e ad1antage of this simple storage ser1ice by serialiMing and sa1ing !using .N64 serialiMation ser1ices" all ob@ects within a client's 'ession collection at the end of each >eb re0uest .oth these out,of,process solutions are useful primarily if you scale your application across multiple processors or multiple computers/ or where data cannot be lost if a ser1er or process is restarted. !at is t!e difference between HTTP-Post and HTTP-2et? As their names imply/ both H445 N64 and H445 5O'4 use H445 as their underlying protocol. .oth of these methods encode re0uest parameters as nameF1alue pairs in the H445 re0uest. 4he N64 method creates a 0uery string and appends it to the script's -7L on the ser1er that handles the re0uest. 4he 5O'4 method creates a nameF1alue pairs that are passed in the body of the H445 re0uest message. Name and describe some HTTP Stat*s $odes and w!at t!ey e+press to t!e re>*esting client. >hen users try to access content on a ser1er that is running &nternet &nformation 'er1ices !&&'" through H445 or ?ile 4ransfer 5rotocol !?45"/ &&' returns a numeric code that indicates the status of the re0uest. 4his status code is recorded in the &&' log/ and it may also be displayed in the >eb browser or ?45 client. 4he status code can indicate whether a particular re0uest is successful or unsuccessful and can also re1eal the exact reason why a re0uest is unsuccessful. 4here are [ groups ranging from +xx , [xx of http status codes exists. +:+ , 'witching protocols. A:: , OU. 4he client re0uest has succeeded 9:A , Ob@ect mo1ed. P:: , .ad re0uest. [::.+9 , >eb ser1er is too busy. E+plain : D%*tp*t$ac!eE < and t!e *sage of "ary.yParam1 "ary.yHeader. Output3ache is used to control the caching policies of an A'5.N64 page or user control. 4o cache a page JOutput3ache directi1e should be defined as follows < IJ Output3ache 8uration)%+::% Cary.y5aram)%none% I > Cary.y5aram: A semicolon,separated list of strings used to 1ary the output cache. .y default/ these strings correspond to a 0uery string 1alue sent with N64 method attributes/ or a parameter sent using the 5O'4 method. >hen this attribute is set to multiple parameters/ the output cache contains a different 1ersion of the re0uested document for each specified parameter. 5ossible 1alues include none/ G/ and any 1alid 0uery string or 5O'4 parameter name. Cary.yHeader: A semicolon,separated list of H445 headers used to 1ary the output cache. >hen this attribute is set to multiple headers/ the output cache contains a different 1ersion of the re0uested document for each specified header. !at is t!e difference between repeater o&er datalist and datagrid? 4he 7epeater class is not deri1ed from the >eb3ontrol class/ li e the 8ataNrid and 8ataList. 4herefore/ the 7epeater lac s the stylistic properties common to both the

8ataNrid and 8ataList. >hat this boils down to is that if you want to format the data displayed in the 7epeater/ you must do so in the H4=L mar up. 4he 7epeater control pro1ides the maximum amount of flexibility o1er the H4=L produced. >hereas the 8ataNrid wraps the 8ata'ource contents in an H4=L < table >/ and the 8ataList wraps the contents in either an H4=L < table > or < span > tags !depending on the 8ataList's 7epeatLayout property"/ the 7epeater adds absolutely no H4=L content other than what you explicitly specify in the templates. >hile using 7epeater control/ &f we wanted to display the employee names in a bold font we'd ha1e to alter the %&tem4emplate% to include an H4=L bold tag/ >hereas with the 8ataNrid or 8ataList/ we could ha1e made the text appear in a bold font by setting the control's &tem'tyle,?ont,.old property to 4rue. 4he 7epeater's lac of stylistic properties can drastically add to the de1elopment time metric. ?or example/ imagine that you decide to use the 7epeater to display data that needs to be bold/ centered/ and displayed in a particular font,face with a particular bac ground color. >hile all this can be specified using a few H4=L tags/ these tags will 0uic ly clutter the 7epeater's templates. 'uch clutter ma es it much harder to change the loo at a later date. Along with its increased de1elopment time/ the 7epeater also lac s any built,in functionality to assist in supporting paging/ editing/ or editing of data. 8ue to this lac of feature,support/ the 7epeater scores poorly on the usability scale. Howe1er/ 4he 7epeater's performance is slightly better than that of the 8ataList's/ and is more noticeably better than that of the 8ataNrid's. ?ollowing figure shows the number of re0uests per second the 7epeater could handle 1ersus the 8ataNrid and 8ataList $an we !andle t!e error and redirect to some pages *sing web.config? ;es/ we can do this/ but to handle errors/ we must now the error codes# only then we can ta e the user to a proper error message page/ else it may confuse the user. 3ustom6rrors 3onfiguration section in web.config file: 4he default configuration is: < custom6rrors mode)%7emoteOnly% default7edirect)%3ustomerror.aspx% > < error status3ode)%P:P% redirect)%Notfound.aspx% F > < Fcustom6rrors > &f mode is set to Off/ custom error messages will be disabled. -sers will recei1e detailed exception error messages. &f mode is set to On/ custom error messages will be enabled. &f mode is set to 7emoteOnly/ then users will recei1e custom errors/ but users accessing the site locally will recei1e detailed error messages. Add an < error > tag for each error you want to handle. 4he error tag will redirect the user to the Notfound.aspx page when the site returns the P:P !5age not found" error.

$6xample( 4here is a page =ain?orm.aspx 5ri1ate 'ub 5ageELoad!.yCal sender As 'ystem.Ob@ect/ .yCal e As 'ystem.61entArgs" Handles =y.ase.Load '5ut user code to initialiMe the page here 8im str As 'ystem.4ext.'tring.uilder str.Append!%hi%" ' 6rror Line as str is not instantiated

7esponse.>rite!str.4o'tring" 6nd 'ub $>eb.3onfig( < custom6rrors mode)%On% default7edirect)%6rror.aspx%F > ' a simple redirect will ta e the user to 6rror.aspx $user defined( error file. < custom6rrors mode)%7emoteOnly% default7edirect)%3ustomerror.aspx% > < error status3ode)%P:P% redirect)%Notfound.aspx% F > < Fcustom6rrors > '4his will ta e the user to Not?ound.aspx defined in &&'. How do yo* implement Paging in .Net? 4he 8ataNrid pro1ides the means to display a group of records from the data source !for example/ the first +:"/ and then na1igate to the %page% containing the next +: records/ and so on through the data. -sing Ado.Net we can explicit control o1er the number of records returned from the data source/ as well as how much data is to be cached locally in the 8ata'et. +.-sing 8ataAdapter.fill method gi1e the 1alue of '=axrecords' parameter !Note: , 8on't use it because 0uery will return all records but fill the dataset based on 1alue of 'maxrecords' parameter". A.?or 'SL ser1er database/ combines a >H676 clause and a O7867 .; clause with 4O5 predicate. 9.&f 8ata does not change often @ust cache records locally in 8ata'et and @ust ta e some records from the 8ata'et to display. !at is t!e difference between Ser&er.Transfer and 0esponse.0edirect? 'er1er.4ransfer!" : client is shown as it is on the re0uesting page only/ but the all the content is of the re0uested page. 8ata can be persist across the pages using 3ontext.&tem collection/ which is one of the best way to transfer data from one page to another eeping the page state ali1e. 7esponse.8edirect!" :client nows the physical location !page name and 0uery string as well". 3ontext.&tems loses the persistence when na1igate to destination page. &n earlier 1ersions of &&'/ if we wanted to send a user to a new >eb page/ the only option we had was 7esponse.7edirect. >hile this method does accomplish our goal/ it has se1eral important drawbac s. 4he biggest problem is that this method causes each page to be treated as a separate transaction. .esides ma ing it difficult to maintain your transactional integrity/ 7esponse.7edirect introduces some additional headaches. ?irst/ it pre1ents good encapsulation of code. 'econd/ you lose access to all of the properties in the 7e0uest ob@ect. 'ure/ there are wor arounds/ but they're difficult. ?inally/ 7esponse.7edirect necessitates a round trip to the client/ which/ on high,1olume sites/ causes scalability problems. As you might suspect/ 'er1er.4ransfer fixes all of these problems. &t does this by performing the transfer on the ser1er without re0uiring a roundtrip to the client. 7esponse.7edirect sends a response to the client browser instructing it to re0uest the second page. 4his re0uires a round,trip to the client/ and the client initiates the 7e0uest for the second page. 'er1er.4ransfer transfers the process to the second page without ma ing a round,trip to the client. &t also transfers the Http3ontext to

the second page/ enabling the second page access to all the 1alues in the Http3ontext of the first page. $an yo* create an app domain? ;es/ >e can create user app domain by calling on of the following o1erload static methods of the 'ystem.App8omain class +. 5ublic static App8omain 3reate8omain!'tring friendlyName" A. 5ublic static App8omain 3reate8omain!'tring friendlyName/ 61idence security&nfo" 9. 5ublic static App8omain 3reate8omain!'tring friendlyName/ 61idence security&nfo/ App8omain'etup info" P. 5ublic static App8omain 3reate8omain!'tring friendlyName/ 61idence security&nfo/ 'tring app.ase5ath/ 'tring app7elati1e'earch5ath/ bool shadow3opy?iles"

!at are t!e &ario*s sec*rity met!ods w!ic! IIS Pro&ides apart from .NET ? 4he 1arious security methods which &&' pro1ides are a" Authentication =odes b" &5 Address and 8omain Name 7estriction c" 8N' Loo ups 8N' Loo ups d" 4he Networ &8 and 'ubnet =as e" ''L

!at is

eb 2ardening? How wo*ld *sing it affect a design?

4he >eb Narden =odel 4he >eb garden model is configurable through the section of the machine.config file. Notice that the section is the only configuration section that cannot be placed in an application,specific web.config file. 4his means that the >eb garden mode applies to all applications running on the machine. Howe1er/ by using the node in the machine.config source/ you can adapt machine,wide settings on a per,application basis. 4wo attributes in the section affect the >eb garden model. 4hey are webNarden and cpu=as . 4he webNarden attribute ta es a .oolean 1alue that indicates whether or not multiple wor er processes !one per each affinitiMed 35-" ha1e to be used. 4he attribute is set to false by default. 4he cpu=as attribute stores a 8>O78 1alue whose binary representation pro1ides a bit mas for the 35-s that are eligible to run the A'5.N64 wor er process. 4he default 1alue is ,+ !:x??????"/ which means that all a1ailable 35-s can be used. 4he contents of the cpu=as attribute is ignored when the webNarden attribute is false. 4he cpu=as attribute also sets an upper bound to the number of copies of aspnetEwp.exe that are running. >eb gardening enables multiple wor er processes to run at the same time. Howe1er/ you should note that all processes will ha1e their own copy of application state/ in, process session state/ A'5.N64 cache/ static data/ and all that is needed to run applications. >hen the >eb garden mode is enabled/ the A'5.N64 &'A5& launches as many wor er processes as there are 35-s/ each a full clone of the next !and each affinitiMed with the corresponding 35-". 4o balance the wor load/ incoming re0uests

are partitioned among running processes in a round,robin manner. >or er processes get recycled as in the single processor case. Note that A'5.N64 inherits any 35usage restriction from the operating system and doesn't include any custom semantics for doing this. All in all/ the >eb garden model is not necessarily a big win for all applications. 4he more stateful applications are/ the more they ris to pay in terms of real performance. >or ing data is stored in bloc s of shared memory so that any changes entered by a process are immediately 1isible to others. Howe1er/ for the time it ta es to ser1ice a re0uest/ wor ing data is copied in the context of the process. 6ach wor er process/ therefore/ will handle its own copy of wor ing data/ and the more stateful the application/ the higher the cost in performance. &n this context/ careful and sa11y application benchmar ing is an absolute must. 3hanges made to the section of the configuration file are effecti1e only after &&' is restarted. &n &&' L/ >eb gardening parameters are stored in the &&' metabase# the webNarden and cpu=as attributes are ignored. What is view state?.where it stored?.can we disa"le it? The we! is state"less protocol so the page gets instantiated e(ecuted rendered and then disposed on every round trip to the server. The developers code to add 6statefulness6 to the page !y using Server"side storage for the state or posting the page to itself. %hen require to persist and read the data in control on we!form developer had to read the values and store them in hidden varia!le (in the form) which were then used to restore the values. %ith advent of .NET framewor$ ASP.NET came up with .iewState mechanism which trac$s the data values of server controls on ASP.NET we!form. &n effect .iewState can !e viewed as 6hidden varia!le managed !y ASP.NET framewor$L6. %hen ASP.NET page is e(ecuted data values from all server controls on page are collected and encoded as single string which then assigned to page5s hidden atrri!ute 69 input type<hidden ?6 that is part of page sent to the client. .iewState value is temporarily saved in the client5s !rowser..iewState can !e disa!led for a single control for an entire page orfor an entire we! application. The synta( is' /isa!le .iewState for control (/atagrid in this e(ample) 9 asp'datagrid Ena!le.iewState<6false6 ... K ? /isa!le .iewState for a page using Page directive 9 :; Page Ena!le.iewState<6#alse6 ... : ? /isa!le .iewState for application through entry in we!.config 9 Pages Ena!le.iewState<6false6 ... K ?

State Management
What is "ein( $assed "ac* and forth in the 80iewState form control? The HH.&E%STATE hidden field is used to transfer the differences in controls from what is declared in the page "" and the values they contain at the end of a request immediately prior to rendering. %e can then use this information to re"construct the server controls to match that last rendered state during 6post!ac$s6 to a page. The information within the HH.&E%STATE field is not really encrypted "" although the values are definitely 6cyptic6 to read (mainly !ecause server controls try to store information in as compact a format as possi!le "" and !ecause our serialiDer performs some limited compression).

Jou can see how much viewstate each control is saving !y ena!ling tracing for the page. #or e(ample !y adding a trace attri!ute to the page directive' 9:; Page -anguage<6.16 Trace<6True6 :? This will cause a ta!le to !e output at the !ottom of the page. This won5t show the e(act values stored in viewstate "" !ut will give you a rough estimate of the siDe of each server control value. Note that you can disa!le the viewstate feature "" either for the entire page or on specific server controls. This is done at the page level !y setting the following page directive' 9:; Page -anguage<6.16 ,aintainState<6#alse6 :? or on an individual server control !y setting a 6maintainstate6 attri!ute' 9asp'datagrid id<6,y2rid@6 maintainstate<6false6 runat<serverK?

Can session varia"les "e accessed from code5"ehind? Jes. Jou can access the 6Session6 dictionary within a code"!ehind file 3ust li$e you would if you were accessing it from within an line .asp( file. #or e(ample' Session(6Name6) < 6Scott6 )s it o* to save a dataset in Pa(e 0iewState? Scott 2uthrie from ,icrosoft recommends that you avoid putting a /ataSet into Page .iewState. The downside with this is that doing so can drastically increase the siDe of .iewState that is posted !ac$ and forth !etween round"trips. This can end up ma$ing a !ig performance difference when connecting to the application over slow networ$ connections since you end up having to transmit a lot more data each way. &nstead if you need to save the /ataSet across requests storing it in Session state is !etter. ASP.NET now supports we! farm session state "" meaning you will no longer need to worry a!out !eing tied down to a single machine in this scenario. )s it $ossi"le to share a cache o"9ect across servers in a cluster? The *ache o!3ect is restricted to !eing used only within an application running on a single machine. ,icrosoft concluded that the performance hit to share the o!3ects cross"process would !e too great to share it across multiple machines in a cluster (!ecause "" unli$e session state "" there are no logical synchroniDation !oundaries to loc$ across). )s there a wa+ to directl+ :uer+ session data if a SQ; Server StateStore is "ein( used? The session data is encrypted !ut the creation date e(piration date session id and timeout are all directly availa!le.

4ow well does the ASPState $erform when stored in SQ; Server? The target performance for the full release of ASP.Net will !e MN"O>: of the performance seen !y using in"process state management. What new wa+s are there to handle session state in a we" cluster? There are two new methods of handling session state in a we! cluster. The first method is to designate one server as a 6state server6 !y ena!ling the state service on it. This server can then !e the central store of state information for the entire cluster. Another option is to persist the state information directly to a SP- Server data!ase. This not only gives you a shared central store for state information !ut also allows you to retain state information in case of a failure or server re!oot. 4ow do ) setu$ we" farm session state to use SQ; Server? 0un the ASP.NET Session State SP- Script to create the appropriate ta!les within a SP- Server data!ase. Then modify your application5s we!.config file to point to this data!ase. ASP.NET will then under the covers handle serialiDing your state from the Session intrinsic toKfrom the data!ase. ))S )f ) want to create a su"domain for m+ site how can ) do that with ASP.NET? Su!domain prefi(es need to !e configured on the /NS servers hosting your domain name. So you5ll need to use a /NS server to create a real su!domain. &f you are running ,S5s /NS server it5s a straightforward thing to do. Qust loo$ up the documentation in %indows +elp. &f you are not running ,S5s /NS server your &SP can set up a su!domain for you. Either way you5ll need to create a +ost +eader entry for your su!domain RafterR you have a /NS entry for it in your /NS server. See ' http'KKwwwA.ca!lewe!server.com'O>>>KmainKfrHinde(.htmlSKmainKs!s"wA$"su!domain.html for details on how to do that. Jou can also create fa$e su!domain addresses with )0-rewriting. They will not correspond to real su!domains !ut may serve a useful purpose. http'KKmsdn.microsoft.comKli!raryKdefault.aspSurl<Kli!raryKen"usKdnasppKhtmlKurlrewriting.asp http'KKewal.netKPerma-in$ guid f8@TaO!c"TaUM"TaMM"!Ade"cAMM@!MMfAAA.asp(

http'KKwww.last$night.comK/otNet")rl"0ewriting"and"*aching"Engine.asp(

can a ta"le "e stored in session varia"le ?

<. No
which method is used to data from dataset to an =.; File.

>. write/ml%&
Which one of the followin( is used to do Conditional e/ecution with trace ?

<. Trace.)sEna"led
)f a method is mar*ed as $rotected internal who can access it?

?. Classes within the same assem"l+@ and classes derived from the declarin( class
Which of the followin( o$erations can +ou N'T $erform on an A1'.NET 1ataSet?

<. A 1ataSet can "e s+nchronised with a #ecordSet

What com$iler switch creates an /ml file from the /ml comments in the files in an assem"l+? <. Adoc

4ow to do loc*in( of a record in 1ataSet?

.ulti$le user is tr+in( to u$date a 1ata#ow at the same time. 4ow can +ou im$lement loc*in( of the datarow?

1. other user should wait while the 1ata#ow's #owState is Added or .odified

What do I need to create and run an ASP.NET application?

Windows 2000, Windows Server 2003 or Windows XP.

ASP.NET, which can be either the redistributable (included in the .NET S !" or #isual Studio .NET.

$.

Where can I download the .NET SDK? .NET S ! can be obtained here. (%ou have to install the &icroso't .NET (ra)ewor* #ersion $.$ +edistributable Pac*a,e be'ore installin, the .NET S !."

2.

Are there any free IDEs for the .NET SDK?

&icroso't -rovides #isual Studio 200. E/-ress Edition 0eta 'or 'ree. 1' -articular interest to the ASP.NET develo-ers would be the #isual Web E/-ress Edition 0eta 2 available as a 'ree download. evelo-er 200.

The ASP.NET Web &atri/ Pro2ect (su--orted b3 &icroso't" is a 'ree 4 E 'or develo-in, ASP.NET a--lications and is available here.

There is also a 'ree o-en5source 6N4X version o' the &icroso't .NET develo-)ent -lat'or) called &ono available 'or download here.

Another increasin,l3 -o-ular 1-en Source

evelo-)ent Environ)ent 'or .NET is

the 7develo- (short 'or Shar- evelo-" available 'or download here. 3. When was ASP.NET released? ASP.NET is a -art o' the .NET 'ra)ewor* which was released as a so'tware -lat'or) in 2002.

8.

Is a new version co

in! up?

ASP.NET 2.0, #isual Studio 200. (Whidbe3", #isual Web evelo-er 200. E/-ress Edition are the ne/t releases o' &icroso't9s Web -lat'or) and tools. The3 have alread3 been released as 0eta versions. The3 are scheduled to be released in the wee* o' Nove)ber :, 200..

..

E"plain Na

espace.

Na)es-aces are lo,ical ,rou-in,s o' na)es used within a -ro,ra). There )a3 be )ulti-le na)es-aces in a sin,le a--lication code, ,rou-ed based on the identi'iers; use. The na)e o' an3 ,iven identi'ier )ust a--ear onl3 once in its na)es-ace.

<.

#ist the types of Authentication supported $y ASP.NET.

o o o o
:.

Windows (de'ault" (or)s Pass-ort None (Securit3 disabled"

What is %#&? =o))on >an,ua,e +unti)e (=>+" is a run5ti)e environ)ent that )ana,es the e/ecution o' .NET code and -rovides services li*e )e)or3 )ana,e)ent, debu,,in,, securit3, etc. The =>+ is also *nown as #irtual E/ecution S3ste) (#ES".

?.

What is %#I? The =>4 is a set o' s-eci'ications 'or a runti)e environ)ent, includin, a co))on t3-e s3ste), base class librar3, and a )achine5inde-endent inter)ediate code *nown as the =o))on 4nter)ediate >an,ua,e (=4>". (Source@ Wi*i-edia."

A.

#ist the various sta!es of Pa!e'#oad lifecycle.

o o o o

Init() Load() PreRender() Unload()

$ly and (anifest.

$0. E"plain Asse

An asse)bl3 is a collection o' one or )ore 'iles and one o' the) ( >> or EXE" contains a s-ecial )etadata called Asse)bl3 &ani'est. The )ani'est is stored as binar3 data and contains details li*e versionin, reBuire)ents 'or the asse)bl3, the author, securit3 -er)issions, and list o' 'iles 'or)in, the asse)bl3. An asse)bl3 is created whenever a >> is built. The )ani'est can be viewed -ro,ra))aticall3 b3 )a*in, use o' classes 'ro) the System.Reflection na)es-ace. The tool 4nter)ediate >an,ua,e isasse)bler (4> AS&" can be used 'or this -ur-ose. 4t can be launched 'ro) the co))and -ro)-t or via StartC +un.

$$. What is Shadow %opy? 4n order to re-lace a =1& co)-onent on a live web server, it was necessar3 to sto- the entire website, co-3 the new 'iles and then restart the website. This is not 'easible 'or the web servers that need to be alwa3s runnin,. .NET co)-onents are di''erent. The3 can be overwritten at an3 ti)e usin, a )echanis) called Shadow =o-3. 4t -revents the Portable E/ecutable (PE" 'iles li*e >>s and EXEs 'ro) bein, loc*ed. Whenever new versions o' the

PEs are released, the3 are auto)aticall3 detected b3 the =>+ and the chan,ed co)-onents will be auto)aticall3 loaded. The3 will be used to -rocess all new reBuests not currentl3 e/ecutin,, while the older version still runs the currentl3 e/ecutin, reBuests. 03 bleedin, out the older version, the u-date is co)-leted.

$2. What is D## )ell? >> hell is the -roble) that occurs when an installation o' a newer a--lication )i,ht brea* or hinder other a--lications as newer >>s are co-ied into the s3ste) and the older a--lications do not su--ort or are not co)-atible with the). .NET overco)es this -roble) b3 su--ortin, )ulti-le versions o' an asse)bl3 at an3 ,iven ti)e. This is also called side5 b35side co)-onent versionin,.

$3. E"plain We$ Services. Web services are -ro,ra))able business lo,ic co)-onents that -rovide access to 'unctionalit3 throu,h the 4nternet. Standard -rotocols li*e DTTP can be used to access the). Web services are based on the Si)-le 1b2ect Access Protocol (S1AP", which is an a--lication o' X&>. Web services are ,iven the .asmx e/tension.

$8. E"plain Windows *or

s.

Windows (or)s is e)-lo3ed 'or develo-in, Windows E64 a--lications. 4t is a class librar3 that ,ives develo-ers access to Windows =o))on =ontrols with rich 'unctionalit3. 4t is a co))on E64 librar3 'or all the lan,ua,es su--orted b3 the .NET (ra)ewor*.

$.. What is Post$ac+? When an action occurs (li*e button clic*", the -a,e containin, all the controls within the <FORM... > ta, -er'or)s an DTTP P1ST, while havin, itsel' as the tar,et 6+>. This is called Postbac*.

$<. E"plain the differences $etween server'side and client'side code? Server side scri-tin, )eans that all the scri-t will be e/ecuted b3 the server and inter-reted as needed. =lient side scri-tin, )eans that the scri-t will be e/ecuted i))ediatel3 in the browser such as 'or) 'ield validation, cloc*, e)ail validation, etc. =lient side scri-tin, is usuall3 done in #0Scri-t or FavaScri-t. Since the code is included in the DT&> -a,e, an3one can see the code b3 viewin, the -a,e source. 4t also -oses as a -ossible securit3 haGard 'or the client co)-uter.

$:. Enu

erate the types of Directives.

o o o o

@ Page directive @ Im ort directive @ Im lements directive @ Register directive

o o o

@ !ssem"ly directive @ O#t #t$ac%e directive @ Reference directive

$?. What is %ode',ehind? =ode50ehind is a conce-t where the contents o' a -a,e are in one 'ile and the server5side code is in another. This allows di''erent -eo-le to wor* on the sa)e -a,e at the sa)e ti)e and also allows either -art o' the -a,e to be easil3 redesi,ned, with no chan,es reBuired in the other. An In%erits attribute is added to the @ Page directive to s-eci'3 the location o' the =ode50ehind 'ile to the ASP.NET -a,e.

$A. Descri$e the difference $etween inline and code $ehind. 4nline code is written alon, side the DT&> in a -a,e. There is no se-arate distinction between desi,n code and lo,ic code. =ode5behind is code written in a se-arate 'ile and re'erenced b3 the .aspx -a,e.

20. #ist the ASP.NET validation controls?

o o o o o o

Re&#iredField'alidator Range'alidator $om are'alidator Reg#lar() ression'alidator $#stom'alidator 'alidationS#mmary

2$. What is Data ,indin!? ata bindin, is a wa3 used to connect values 'ro) a collection o' data (e.,. *ataSet" to the controls on a web 'or). The values 'ro) the dataset are auto)aticall3 dis-la3ed in the controls without havin, to write se-arate code to dis-la3 the).

22. Descri$e Pa!in! in ASP.NET. The *ata+rid control in ASP.NET enables eas3 -a,in, o' the data. The !llo,Paging -ro-ert3 o' the *ata+rid can be set to -r#e to -er'or) -a,in,. ASP.NET auto)aticall3 -er'or)s -a,in, and -rovides the h3-erlin*s to the other -a,es in di''erent st3les, based on the -ro-ert3 that has been set 'or PagerStyle.Mode.

23. Should user input data validation occur server'side or client'side? Why? All user in-ut data validation should occur on the server and )ini)all3 on the client5side, thou,h it is a ,ood wa3 to reduce server load and networ* tra''ic because we can ensure that onl3 data o' the a--ro-riate t3-e is sub)itted 'ro) the 'or). 4t is totall3 insecure. The user can view the code used 'or validation and create a wor*around 'or it. Secondl3, the 6+> o' the -a,e that handles the data is 'reel3 visible in the ori,inal 'or) -a,e. This will allow unscru-ulous users to send data 'ro) their own 'or)s to 3our a--lication. =lient5side validation can so)eti)es be -er'or)ed where dee)ed a--ro-riate and 'easible to -rovide a richer, )ore res-onsive e/-erience 'or the user.

28. What is the difference $etween Server.Transfer and &esponse.&edirect?

Response.Redirect@ This tells the browser that the reBuested -a,e can be
'ound at a new location. The browser then initiates another reBuest to the new -a,e loadin, its contents in the browser. This results in two reBuests b3 the browser.

Server.Transfer@ 4t trans'ers e/ecution 'ro) the 'irst -a,e to the second -a,e
on the server. As 'ar as the browser client is concerned, it )ade one reBuest and the initial -a,e is the one res-ondin, with content. The bene'it o' this a--roach is one less round tri- to the server 'ro) the client browser. Also, an3 -osted 'or) variables and Buer3 strin, -ara)eters are available to the second -a,e as well.