-
ASP.NET is tool for creating Web
Application.
-
ASP.NET is Server Side Scripting
technology.
-
ASP.Net is a part
of Microsoft .Net framework.
-
Like ASP, ASP.NET also runs inside IIS.
-
When browser
requests an ASP.NET file,
IIS passes the request to ASP.NET engine which after having
executed the script sends file back to browser as a simple HTML
page.
-
ASP.NET is not backward compatible
with classic ASP.
-
Unlike interpreted
classic ASP, ASP.NET is compiled CLR code.
-
Being part of CLR,
it has advantages of early binding, JIT compilation, caching
services, Garbage collection etc.
-
ASP.NET uses ADO.NET for data access and
well integrated with VB.NET, C#.Net, Jscript etc.
-
ASP.NET provides two sets of controls -
HTML and Server control.
-
ASP.NET employs a text-based
configuration settings, no need to restart server in case of
change in setting.
-
ASP.NET executes new code on
request, no need to restart server in case of change in code.
-
ASP.NET is the platform to create
Web applications and Web services.
-
ASP.NET runs under
IIS.
-
It is tightly
integrated with the Microsoft server, programming, data access,
and security tools.
-
ASP.NET is part of the .NET
Framework and is made up of several components like Visual Studio
.NET Web development tools, System.Web namespaces, Server and HTML
controls.
-
VS.NET Web development tools: Tools
for designing Web pages and application templates, project
management, and deployment tools for Web
applications.
-
System.Web namespaces: Part of the
.NET Framework that include classes.
-
Server and HTML controls:
User-interface components.
-
Advantages of ASP.NET
Executable of Web application is compiled
that runs faster than interpreted scripts,
Automatic state management for controls,
Access to the .NET Framework,
Introduction of VB.Net that is evolution
version of VB, fully support object-oriented Programming,
New Visual C# programming language,
The ability to create new, customized server
controls from existing controls,
Built-in
security through the Windows server or other
authentication/authorization methods,
Integration with ADO.NET,
Full support for XML and CSS,
Built-in features for caching frequently
requested Web pages on the server.
-
Navigation sequence of ASP.NET web
form
IIS starts the ASP.NET
worker process which loads the assembly,
The assembly composes a response to the
user,
IIS returns the response to the user
in the form of HTML.
-
ASP.NET Web Form Components
Server controls: Define the user
interface of a Web form and built-in features for saving data.
HTML
controls: Visual element provided by HTML. They are
useful when the more complete feature of server controls is not
needed.
Data
controls: Data controls connects to SQL and OLE databases
and XML data files.
Examples of such
controls are SqlConnection, SqlCommand, OleDbConnection,
OleDbCommand, DataSet.
System components: Provide access to
various system-level events that occur on the server. Ex.
EventLog, MessageQueue.
-
.NET Framework includes
An execution engine called CLR and
class library.
-
Shared (VB.NET) or static members (C#)
Class methods can be used directly
without first creating an object from the class. Members can be
called from the class name. Example -Math class.
-
Virtual folder: Web applications can
exist only in a location that has been published by IIS as a
virtual folder. It is shared resource identified by an alias that
represents a physical location on a server. The virtual folder
named //localhost is the Web root folder on your computer. IIS
determines the physical location of your Web root folder. By
default, IIS installs the folder on your boot drive at
\Inetpub\wwwroot.
-
View state:
ASP.NET preserves data between requests using view state. View state is
available only within the Web form.
-
State Variable: allows data entered
on a Web form available on other Web forms in an application.
Application state variables: Available to all
users of an application.
Session state
variables: Available only to a single session
(user).
-
Application Event Handlers in ASP.NET
Application_Start:Occurs when first
user visits a page.
Application_End:Occurs when no more
users of the application.
Application_BeginRequest:Occurs at
the beginning of each request to the server.
Application_EndRequest:Occurs at the
end of each request to the server.
Session_Start:Occurs when a new user
visits a page within your application.
Session_End:Occurs when a user stops
requesting pages from the Web application and their session times
out.
-
Session is a unique
instance of the browser. Each user can have multiple instances of
the browser.
-
ASP.NET Web Form Events
Page_Init: Here server controls are
loaded and initialized.
Page_Load: Server controls are
loaded in the Page object.
Page_PreRender: Application is about
to render the Page object.
Page_Unload: Page is unloaded from
memory.
Page_Disposed: Page object is
released from memory.
Page_Error
-
Unhandled exception occurs
Page_AbortTransaction: Transaction
is aborted.
Page_CommitTransaction: Transaction
is accepted.
Page_DataBinding: Server control on
the page binds to a data source.
-
Server Control Events in ASP.NET
Postback
events: Events cause the Web page to be sent back to the
server for immediate processing. Postback events affect
performance because they trigger a round-trip to the server.
Cached
events: Save controls in the page’s view state to be
processed when a postback event occurs.
Validation
events: Events occurred before the page is post back to
the server.
-
Application domain: The process space
where ASP.NET worker process loads the Web application’s assembly,
also called as application domain.
-
Namespaces
organizes code and provide protection from conflicting names
called namespace collisions.
-
Access Modifier for Classes and
Modules
Public (VB.NET) or public (C#): Can
be accessed by all members in all classes and projects
Friend (VB.NET)
or internal(C#): Can be accessed by all members in the
current project
Protected (VB.NET) or protected(C#):
Can be accessed in the current class and in classes derived from
this member’s class
Protected Friend (VB.NET) or protected
internal(C#): Can be accessed by all members in the
current project and all members in classes derived from this
member’s class
Private (VB.NET) or private(C#): Can
be accessed by members of the current class
only
-
Inheritance: Base class provides
methods, properties, and other members to a derived class.
-
Abstract classes: Abstract classes
defines an interface for derived classes. Abstract classes are
declared with the MustInherit (in VB.NET) or abstract (in C#)
keyword. Methods and properties are declared as MustOverride (in
VB.NET) or as abstract in C#.
-
Delegates are strong types function
pointer used to invoke one or more methods where the actual method
invoked is determined at run time.
-
Interfaces: Similar to abstract
classes except interfaces don’t provide any implementation of
class members.
-
Global.asax:The Global object is
defined in Global.asax that starts automatically when an
application starts. A developer can use events in global object to
initialize application-level state variables.
-
Maintaining State Information:
Context.Handler, Query strings, Cookies, View state,
Session state, Application state.
-
Point to be considered for state variables:
Maintaining Session state affects performance and should
be turned off at the application and page levels when not
required.
-
Application state
variables are available throughout the current process, but not
across processes. If an application is scaled to run on multiple
servers or on multiple processors within a server, each process
has its own Application state. The Web application’s boundaries
determine the scope of the Application state.
-
System.Web and
System.Web.UI namespaces define most of the objects including
Application, Page, Request, and Response
objects.
-
Server Controls vs. HTML Controls
Server controls trigger control
events on the server whereas HTML Controls can’t.
Server controls maintains data across
requests but with HTML controls data is not maintained.
Server controls is provided with set of
properties by .Net framework whereas HTML controls has attributes
only.
-
AutoPostBack: property associated
with each control which causes the control to fire postback event.
By default, this property is set to
False.
-
ASP.NET List and
Table Controls are ListBox, DropDownList, Table, DataGrid,
DataList, Repeater.
-
Validation: The validation controls
check the validity of data just before the page is posted back to
the server, without a round-trip to the server.
-
ASP.NET performs control validation
on the client side just before posting the Web form back to the
server. Once client-side validation succeeds, the Web form is
validated again on the server side before the Page_Load event
occurs.
-
To open new window,
we can use onclick=”window.open()” attribute. Web application
supports client script that runs on the client.
-
ASP.NET Validation Controls:
RequiredFieldValidator, CompareValidator, RangeValidator,
RegularExpressionValidator, CustomValidator,
ValidationSummary.
-
To use the
validation controls, follow these steps:
Draw a validation control,
Set ControlToValidate or ControltoCompare
property,
Set control’s ErrorMessage
property,
Set validation control’s text
property to show longer error message in a
ValidationSummary.
-
Navigating Between Pages in ASP.NET
Hyperlink control,
Response.Redirect,
Server.Transfer: Only for aspx page,
end the currect page and begin executing the new one.
Server.Execute: Begin new one while
still displaying the currect one.
Window.Open: Display new browser
window.
-
Layers to data access in ADO.NET
Physical data
store: SQL, an OLE, or an Oracle database or an XML
file.
Data
provider: Connection and command objects that create
in-memory representation of data
Data set: In-memory representation
of the tables and relationships.
Data
view: Presentation of a table in the data set use for
filtering or sorting of data.
-
Types of database
connection in ADO.NET: OleDbConnection, SqlConnection,
OracleConnection.
-
Steps to access a database through
ADO.NET
Create a connection
using a connection object.
Invoke a
command to create a DataSet object using an adapter object.
Use the DataSet object in code to display
data or to change items in the database.
-
The
database command object provides these three command methods:
ExecuteScalar, ExecuteNonQuery, ExecuteReader.
-
To establish
database connection using command object
Create a connection to the database.
Open the connection.
Create a command object containing the SQL
command or stored procedure to execute.
Execute the method on the command object.
Close the database
connection.
-
Transactions: Set of database
commands that are treated as a single unit.
-
Commands can be
treated as transaction if
Atomic: Each command should perform
single unit of work independently.
Consistent: All the relationships
between data are maintained correctly.
Isolated: Changes made by other
clients can’t affect the current changes.
Durable: Once a change is made, it
is permanent.
-
Transaction
processing follows these steps
Begin a
transaction,
Process database commands,
Check for errors. If errors occurred,
restore the database to its state at the beginning of the
transaction,
If no errors occurred,
commit the transaction to the database.
-
IsolationLevel property: The
property of transaction objects that handles concurrent changes to
a database.
-
Isolation Level Settings
ReadUncommitted: Does not lock the
records being read,
Chaos,
ReadCommitted: Locks the records
being read and immediately frees the lock as soon as the records
have been read,
RepeatableRead: Locks the records
being read and keeps the lock until the transaction completes,
Serializable: Locks the entire data
set being read and keeps the lock until the transaction
completes.
-
Exceptions are
unusual occurrences in the code of application. Dealing with
unusual occurrences is called exception handling. Errors that are
not handled are called unhandled exceptions.
-
Ways to handling
exceptions in ASP.NET are
Exception-handling structures,
Error events,
Custom
error pages.
-
Exception-Handling
Keywords: Try/try, Catch/catch, Finally/finally, End Try and
Throw/throw
-
Finally/finally:
Free resources used within the Try/try section and process any
other statements that must run, whether or not an exception has
occurred
-
Exception-Handling
Error Events
Page_Error: Resides in the
web form,
Global_Error: Resides in the
Global.asax file,
Application_Error:
Resides in the Global.asax file.
-
Server Object’s
Exception-Handling Events
GetLastError
ClearError
-
Error pages: Error pages can be .htm
or .aspx where users are redirected when unhandled exception
occurs.
-
We can define error
page at two level: CustomErrors section of the Web.config file.
ErrorPage attribute of the Web form’s @ Page
directive.
-
The customErrors
mode attribute must be On to view the error pages. RemoteOnly (the
default) means error will be displayed at the client machine and
not locally.
-
The page-level
setting supersedes the application-level settings in the
Web.config file.
-
Exception log
provides a list of handled exceptions. Use the Throw/throw keyword
to intentionally cause an exception.
-
Tracing records
events, a way to record errors by writing error message in the
file.
-
Steps to use
tracing in ASP.NET
Turn tracing on.
Write to the trace log.
Read the trace log.
-
Tracing can be
turned on or off for an entire Web application or for an
individual page
-
For an entire
application, set the element’s Enabled
attribute to True in Web.config file.
-
For a single page,
set the @ Page directive’s Trace attribute to True in the Web
form’s HTML.
-
The Trace object
provides the Write and Warn methods.
-
Messages written
with Write are in black, whereas messages written with Warn are in
red.
-
By default, trace
output is displayed at the bottom of each Web page, if the element’s PageOutput attribute is set to
False in the Web.config file, otherwise written to the Trace.axd
file.
-
By default, you can
view Trace.axd only from the local server running the application.
-
To view the trace
log from a remote machine, such as when debugging remotely, set
the element’s LocalOnly attribute to
False in the Web.config file.
-
Users can be
identified using Cookies. Cookies are small files that a web
application can write to the client. Cookies allow interaction
with user invisibly. Users can set their browsers not to accept
cookies. Approaches when storing and retrieving user information
through cookies: Store all the user information as a cookie on the
client’s machine. Store an identification key and retrieve user
information from a data source using key.
-
Steps to store cookies in ASP.NET
Check if the client supports cookies
by using the Browser object’s Cookies property.
Check if the cookie already exists by using
the Request object’s Cookies collection.
Create a new cookie object using the
HttpCookie class, if not exist.
Set the
cookie object’s Value and Expiration properties.
Add the cookie object to the Response
object’s Cookies collection.
-
Cookie object’s
Expires property to Now – to delete Cookies
-
DllImport attribute
to declare unmanaged procedures for use within .NET
assemblies.
-
To hide public .NET
members from COM, use the ComVisible attribute.
-
Mailto protocol to
create a message that will be sent from the user’s mail
system.
-
The Mailto protocol
is used as part of a hyperlink.
-
MailMessage and
SmtpMail classes to compose and send messages from the server’s
mail system.
-
Authentication is the process of
identifying users.
Authorization is the process of
granting access to those users based on identity.
Access by Anonymous Users is the way most
public Web sites work allows anyone to view info.
ASP.NET
Web applications provide anonymous access by
impersonation.
Impersonation is the
process of assigning a user account to an unknown user.
By default, the anonymous access account is
named IUSER_machinename.
-
Ways to authenticate and authorize
users in ASP.NET
Windows
authentication: Uses windows user list and privileges to
identify and authorize users.
Forms authentication: Directs users
to a logon Web form that collects user name and password
information, and then authenticates the user against a user list
or database that the application maintains.
Passport
authentication: Directs new users to a site hosted by
Microsoft.
-
FormsAuthentication class: The
FormsAuthentication class is part of the System.Web.Security
namespace. Authenticate method of this class checks the user name
and password against the user list found in the element of Web.config. RedirectFromLoginPage
method of this class displays the application’s start page. Use
the FormsAuthentication class to sign out when the user has
finished with the application.
-
Passport
authentication identifies users via Microsoft Passport’s single
sign-on service. The advantages of Passport authentication
are that the user doesn’t have to remember separate user names and
passwords for various Web sites
-
IIS supports ways
of encrypting and decrypting Web requests and responses.This
cryptography requires that you request an encryption key called a
server certificate from an independent third party called a
certificate authority. The Secure Sockets Layer (SSL) is the
standard means of ensuring that data sent over the Internet can’t
be read by others. When a user requests a secure Web page, the
server generates an encryption key for the user’s session and then
encrypts the page’s data before sending a response. On the client
side, the browser uses that same encryption key to decrypt the
requested Web page and to encrypt new requests sent from that
page.
-
Steps to be taken before deployment of
application
Set the build options:
Make the project compatible with an earlier Microsoft
.NET. Select the Enable Optimizations check box to make the
compiled code smaller, faster, and more efficient. Disable integer
overflow checks:Allow
classes to be used from the Component Object Model (COM).
Identify the application: To
identify your application, open the AssemblyInfo file and enter
the application’s Information.
Configure the
application: Configuration files are Web.config and
Machine.config.
-
The Machine.config
file located in the Windows\Microsoft.NET\Framework\version\config
directory. Machine.config sets the base configuration for all .NET
assemblies running on the server.
-
Web.config
Attributes: Compilation, CustomErrors, Authentication,
Authorization, Trace, SessionState,
Globalization.
-
The global assembly
cache (GAC) is a special subfolder within the Windows folder that
stores the shared .NET components. When you open the folder,
Windows Explorer starts a Windows shell extension called the
Assembly Cache Viewer (ShFusion.dll)
-
You can install
strong-named .NET components by dragging them into the Assembly
Cache Viewer, or by using the Global Assembly Cache tool
(GacUtil.exe).
-
Monitoring the Server: Windows
provides MMC snap-ins for monitoring security, performance, and
error events.
Event Viewer snap-in: Lists
application, system, and security events on the system.
Performance snap-in: Lets you create new
events to display in the Event Viewer.
-
Tuning Deployed Applications:
ProcessModel element’s attributes in the server’s
Machine.config file: control the number of threads and the
time-out behavior etc. Use the sessionState element’s attributes
in the application’s Web.config file: control how Session state
information is saved.
-
ProcessModel Attributes
Maximum number of requests to be
queued, How long to wait before checking whether a client is
connected, How many threads to allow per processor
etc.
-
Optimization Tips
Turn off debugging for deployed
applications.
Avoid round-trips between
the client and server.
Turn off Session
state if it isn’t needed.
Turn off
ViewState for server controls that do not need to retain their
values. Use stored procedures with databases.
Use SqlDataReader rather than data sets for
read-forward data retrieval.
-
The ability to add
capacity to an application is called scalability. ASP.NET Web
applications support this concept through their ability to run in
multiple processes and to have those processes distributed across
multiple CPUs and/or multiple servers.
-
A Web application
running on a single server that has multiple CPUs is called a Web
garden and application running on multiple servers is called a Web
farm.
-
Web Garden
Attributes in processModel are
webGarden:
Set to “true” to run applications on more than one processor on
this server.
cpuMask: Specifies which
CPUs should run ASP.NET Web applications.
-
Multiple Servers
For multiple servers to handle
requests for a single HTTP address, you need to install load
balancing to your network. Load-balancing services can be provided
by hardware or software solutions.
-
Running a Web
application on multiple servers requires that you take special
steps to handle Application and Session state information. To
share data across multiple sessions in a Web garden or Web farm,
you must save and restore the information using a resource that is
available to all the processes. This can be done through an XML
file, a database, or some other resource using the standard file
or database access methods. You can share Session state using: A
state server, as specified by a network location. A SQL database,
as specified by a SQL connection.
-
ASP.NET Web applications also have a
limited ability to repair themselves through process recycling.
Process recycling is the technique of shutting down and restarting
an ASP.NET worker process (aspnet_wp.exe) that has become inactive
or is consuming excessive resources. You can control how ASP.NET
processes are recycled through attributes in the processModel
element in the Machine.config file.
-
Types of Tests
Unit test, Integration test, Regression test,
Load test (also called stress test), Platform
test.
-
Web user controls
combine one or more server or HTML controls on a Web user control
page. User controls create a single visual component that uses
several controls. User controls can be used on Web forms
throughout a project. User controls are not compiled into
assemblies.
-
Steps to create
user control
Add a Web user control page
(.ascx) to your project.
Draw the visual
interface of the control in the designer.
Write code to create the control’s
properties, methods, and events.
Use the
control by dragging it from Solution Explorer to the Web form.
Use the control from a Web form’s code by
declaring the control at the module
level.
-
Composite custom
controls combine one or more server or HTML controls Composite
custom compiles to create an assembly
(.dll)
-
Rendered custom
controls are created almost entirely from
scratch.
-
Caching: @OutputCache page directive
caches a Web form in the server’s memory. OutputCache directive
has two required attributes: Duration and VaryByParam. The
VaryByParam attribute caches multiple responses from a single Web
form. VaryByParam to None caches only one response for the Web
form.
-
XSL Transformations
XSL transformations generate
formatted output from an XML input file. XSL positions elements
anywhere on the Web form. XSL performs logical operations like
repeating and conditional operations. XSL places structured data
on a Web form.
-
Steps to perform an XSL transformation in
ASP.NET
Add an XML server
control to a Web form.
Set the control’s
DocumentSource property to the XML file to format.
Set the TransformSource property to the XSL
file to use to format the output.
-
Creating an XML File
XML files describe structured data
in text format. XML identifies data items using … tags. Each item must have a begin
tag and an end tag. Item tag names are case sensitive. Attribute
values must always be enclosed in double quotation marks. The
nested items must be terminated before the containing item is
terminated. The XML structure is strictly hierarchical. XML refers
to the items in this hierarchy as XML nodes. Nodes have
parent-child relationships that are identified using the
XPath.
-
Globalization Approaches in ASP.NET
Create separate web application
corresponding to each culture, detect the culture and redirect to
appropriate application. Create single web application and adjust
output at run time as per culture detected. Create a single Web
application that stores culture-dependent strings in resource
files that are compiled into satellite assemblies. At run time,
detect the user’s culture and load strings from the appropriate
assembly.