Describe state management in ASP.NET.State management is a technique to manage a state of an object on different request.
The HTTP protocol is the fundamental protocol of the World Wide Web. HTTP is a stateless protocol means every request is from new user with respect to web server. HTTP protocol does not provide you with any method of determining whether any two requests are made by the same person.
Maintaining state is important in any web application. There are two types of state management system in ASP.NET.
- Client-side state management
- Server-side state management
Explain client side state management system.ASP.NET provides several techniques for storing state information on the client. These include the following:
view state: ASP.NET uses view state to track values in controls between page requests. It works within the page only. You cannot use view state value in next page.
control state: You can persist information about a control that is not part of the view state. If view state is disabled for a control or the page, the control state will still work.
hidden fields: It stores data without displaying that control and data to the user’s browser. This data is presented back to the server and is available when the form is processed. Hidden fields data is available within the page only (page-scoped data).
Cookies: Cookies are small piece of information that server creates on the browser. Cookies store a value in the user’s browser that the browser sends with every page request to the web server.
Query strings: In query strings, values are stored at the end of the URL. These values are visible to the user through his or her browser’s address bar. Query strings are not secure. You should not send secret information through the query string.
Explain server side state management system.
The following objects are used to store the information on the server:Application State:
This object stores the data that is accessible to all pages in a given Web application. The Application object contains global variables for your ASP.NET application.Cache Object:
Caching is the process of storing data that is used frequently by the user. Caching increases your application’s performance, scalability, and availability. You can catch the data on the server or client.Session State:
Session object stores user-specific data between individual requests. This object is same as application object but it stores the data about particular user.
Explain cookies with example.
A cookie is a small amount of data that server creates on the client. When a web server creates a cookie, an additional HTTP header is sent to the browser when a page is served to the browser. The HTTP header looks like this:
Set-Cookie: message=Hello. After a cookie has been created on a browser, whenever the browser requests a page from the same application in the future, the browser sends a header that looks like this:
Cookie is little bit of text information. You can store only string values when using a cookie. There are two types of cookies:Session cookies Persistent cookies.
A session cookie exists only in memory. If a user closes the web browser, the session cookie delete permanently.
A persistent cookie, on the other hand, can available for months or even years. When you create a persistent cookie, the cookie is stored permanently by the user’s browser on the user’s computer.Creating cookie:
protected void btnAdd_Click(object sender, EventArgs e)
Response.Cookies[“message”].Value = txtMsgCookie.Text;
// Here txtMsgCookie is the ID of TextBox.
Cookie names are case sensitive. Cookie named message is different from setting a cookie named Message.
The above example creates a session cookie. The cookie disappears when you close your web browser. If you want to create a persistent cookie, then you need to specify an expiration date for the cookie.
Response.Cookies[“message”].Expires = DateTime.Now.AddYears(1);Reading Cookies
if (Request.Cookies[“message”] != null)
lblCookieValue.Text = Request.Cookies[“message”].Value;
// Here lblCookieValue is the ID of Label Control.
Describe the disadvantage of cookies.
- Cookie can store only string value.
- Cookies are browser dependent.
- Cookies are not secure.
- Cookies can store small amount of data.
What is Session object? Describe in detail.
HTTP is a stateless protocol; it can't hold the user information on web page. If the user inserts some information, and move to the next page, that data will be lost and user would not be able to retrieve the information. For accessing that information we have to store information. Session provides that facility to store information on server memory. It can support any type of object to store. For every user, Session data stores separately which means session is user specific.Storing the data in Session object.
Session [“message”] = “Hello World!”;Retrieving the data from Session object.
Label1.Text = Session[“message”].ToString();
What are the Advantages and Disadvantages of Session?Following are the basic advantages and disadvantages of using session.
- It stores user state and data that are accessible all over the application.
- It is an easy mechanism to implement and it can store any kind of object.
-It stores every user data separately.
- Session is secured and transparent from user because session object is stored on the server.
- Performance overhead in case of large number of user, because session data is stored in server memory.
- Overhead involved in serializing and de-serializing session data. Because in case of StateServer and SQLServer session mode we need to serialize the object before store.
Describe the Master Page.
Master pages in ASP.NET works as a template that you can reference this page in all other content pages. Master pages enable you to define the look and feel of all the pages in your site in a single location. If you have done changes in master page, then the changes will reflect in all the web pages that reference master pages. When users request the content pages, they merge with the master page to produce output that combines the layout of the master page with the content from the content page.
ContentPlaceHolder control is available only on master page. You can use more than one ContentPlaceHolder control in master page. To create regions that content pages can fill in, you need to define ContentPlaceHolder controls in master page as follows:
<asp:ContentPlaceHolder ID=”ContentPlaceHolder1” runat=”server”>
The page-specific content is then put inside a Content control that points to the relevant ContentPlaceHolder:
<asp:Content ID=”Content1” ContentPlaceHolderID=”ContentPlaceHolder1” Runat=”Server”>
Note that the ContentPlaceHolderID attribute of the Content control points to the ContentPlaceHolder that is defined in the master page.
The master page is identified by a special @ Master directive that replaces the @ Page directive that is used for ordinary .aspx pages.
<%@ Master Language="C#" AutoEventWireup="true" CodeFile="CareerRide.master.cs" Inherits="CareerRide" %>
How can you access the Properties and Controls of Master Pages from content pages?
You can access the Properties and Controls of Master Pages from content pages. In many situations you need User’s Name in different content pages. You can set this value inside the master page and then make it available to content pages as a property of the master page.
We will follow the following steps to reference the properties of master page from content pages.Step: 1
Create a property in the master page code-behind file.
public String UserName Step: 2
Session ["Name"] = value;
Add the @ MasterTypedeclaration to the .aspx content page to reference master properties in a content page. This declaration is added just below the @ Page declaration as follows:
<%@ Page Title=" TEST" Language="C#" MasterPageFile="~/CareerRide.master" AutoEventWireup="true" CodeFile="CareerRideWelcome.aspx.cs" Inherits="CareerRideWelcome" %>Step: 3
<%@ MasterTypeVirtualPath="~/CareerRide.master" %>
Once you add the @ MasterType declaration, you can reference properties in the master page using the Master class. For example take a label control that id is ID="Label1"
Label1.Text= Master.UserName ;
For referencing controls in the Master Page we will write the following code.
Content Page Code.
protected void Button1_Click(object sender, EventArgs e)
TextBox txtName= (TextBox)Master.FindControl("TextBox1");
To reference controls in a master page, call Master.FindControl from the content page.
What are the different method of navigation in ASP.NET?
Page navigation means moving from one page to another page in your web site and another. There are many ways to navigate from one page to another in ASP.NET.
- Client-side navigation
- Cross-page posting
- Client-side browser redirect
- Client-Side NavigationClient-side navigation:
Drag a HyperLink control on the form and set the NavigateUrl property to the desired destination page.HyperLinkControl:
<asp:HyperLink ID="HyperLink1" runat="server" NavigateUrl="~/Welcome.aspx"> Take a test from CareerRide </asp:HyperLink>
Suppose, this control is placed on a Web page called CareerRide.aspx, and the HyperLink control is clicked, the browser simply requests the Welcome.aspx page.
Take an HTML button control on web page. Following is the HTML code for the input button.
<input id="Button1" type="button" value="Go to next page" onclick="return Button1_onclick()" />
Suppose that we have two pages, the first page is FirstPage.aspx and Second page is SecondPage.aspx. The First Page has a Button and TextBox control and its ID is Button1 and TextBox1 respectively. A Button control has its PostBackUrl property. Set this property to “~/SecondPage.aspx”. When the user clicks on Button, the data will send to SecondPage for processing. The code for SecondPage is as follows:
protected void Page_Load(object sender, EventArgs e)
if(Page.PreviousPage == null)
Label1.Text = "No previous page in post";
Label1.Text = ((TextBox)PreviousPage._
The second page contains a Label control and its ID is Label1.
The page that receives the PostBack receives the posted data from the firstpage for processing. We can consider this page as the processing page.The processing page often needs to access data that was contained inside the initial page that collected the data and delivered the PostBack. The previous page’s data is available inside the Page.PreviousPage property. This property is only set if a cross-page post occurs.Client-side browser redirect:
The Page.Response object contains the Redirect method that can be used in your server-side code to instruct the browser to initiate a request for another Web page. The redirect is not a PostBack. It is similar to the user clicking a hyperlink on a Web page.Example:
protected void Button1_Click(object sender, EventArgs e)
In client-side browser redirect method an extra round trip to the server is happened.Server-side transfer:
In this technique Server.Transfer method is used. The Transfer method transfers the entire context of a Web page over to another page. The page that receives the transfer generates the response back to the user’s browser. In this mechanism the user’s Internet address in his browser does not show the result of the transfer. The user’s address bar still reflects the name of the originally requested page.
protected void Button1_Click(object sender, EventArgs e)
The Transfer method has an overload that accepts a Boolean parameter called preserve-Form. You set this parameter to indicate if you want to keep the form and query string data.
What does the Orientation property do in a Menu control?- Orientation property of the Menu control sets the display of menu on a Web page to vertical or horizontal.
- Originally the orientation is set to vertical.
- Server-side validations occurs at the server side.
Differentiate between authentication and authorization.- Authentication is the process of verifying the identity of a user using some credentials like username and password while authorization determines the parts of the system to which a particular identity has access.
- Authentication is required before authorization.
Example: If an employee authenticates himself with his credentials on a system, authorization will determine if he has the control over just publishing the content or also editing it.
What does the .WebPart file do?
It explains the settings of a Web Parts control that can be included to a specified zone on a Web page.
How would you enable impersonation in the web.config file?
In order to enable the impersonation in the web.config file, take the following steps:
- Include the <identity> element in the web.config file.
- Set the impersonate attribute to true as shown below:
<identity impersonate = "true" />
Differentiate between file-based dependency and key-based dependency.- In file-based dependency, the dependency is on a file saved in a disk while in key-based dependency, you depend on another cached item.
Differentiate between globalization and localization.- Globalization is a technique to identify the part of a Web application that is different for different languages and separate it out from the web application while in localization you try to configure a Web application so that it can be supported for a specific language or locale.
Differentiate between a page theme and a global theme?- Page theme applies to a particular web pages of the project. It is stored inside a subfolder of the App_Themes folder.
- Global theme applies to all the web applications on the web server. It is stored inside the Themes folder on a Web server.
What are Web server controls in ASP.NET?- These are the objects on ASP.NET pages that run when the Web page is requested.
- Some of these Web server controls, like button and text box, are similar to the HTML controls.
- Some controls exhibit complex behavior like the controls used to connect to data sources and display data.
Differentiate between a HyperLink control and a LinkButton control.- A HyperLink control does not have the Click and Command events while the LinkButton control has them, which can be handled in the code-behind file of the Web page.
How do Cookies work? Give an example of their abuse.- The server directs the browser to put some files in a cookie. All the cookies are then sent for the domain in each request.
- An example of cookie abuse could be a case where a large cookie is stored affecting the network traffic.
What are Custom User Controls in ASP.NET?- These are the controls defined by developers and work similar to other web server controls.
- They are a mixture of custom behavior and predefined behavior.
What is Role-based security?- Used in almost all organization, the Role-based security assign certain privileges to each role.
- Each user is assigned a particular role from the list.
- Privileges as per role restrict the user's actions on the system and ensure that a user is able to do only what he is permitted to do on the system.
What are the HTML server controls in ASP.NET?- HTML server controls are similar to the standard HTML elements like those used in HTML pages.
- They expose properties and events for programatical use.
- To make these controls programmatically accessible, we specify that the HTML controls act as a server control by adding the runat="server" attribute.
What are the various types of Cookies in ASP.NET?There exist two types of cookies in ASP.NET
1. Session Cookie
It resides on the machine of the client for a single session and works until the user logs out of the session.
2. Persistent Cookie
It resides on the machine of a user for a specified period. This period can be set up manually by the user.
How would you turn off cookies on one page of your website?- This can be done by using the Cookie.Discard property.
- It Gets or sets the discard flag set by the server.
- When set to true, this property instructs the client application not to save the Cookie on the hard disk of the user at the end of the session.
How would you create a permanent cookie?- Permanent cookies are stored on the hard disk and are available until a specified expiration date is reached.
- To create a cookie that never expires set its Expires property equal to DateTime.maxValue.
Explain Culture and UICulture values.- Culture value determines the functions like Date and Currency used to format data and numbers in a Web page.
- UICulture value determines the resources like strings or images loaded in a Web application for a Web page.
What is Global.asax file used for?It executes application-level events and sets application-level variables.
Explain ASP.NET Web Forms.- Web Forms are an extremely important part of ASP.NET.
- They are the User Interface (UI) elements which provide the desired look and feel to your web applications.
- Web Forms provide properties, methods, and events for the controls that are placed onto them.
What is event bubbling?- When child control send events to parent it is termed as event bubbling.
- Server controls like Data grid, Data List, and Repeater can have other child controls inside them.
What are the various types of validation controls provided by ASP.NET?ASP.NET provides 6 types of validation controls as listed below:
1. RequiredFieldValidator - It is used when you do not want the container to be empty. It checks if the control has any value or not.
2. RangeValidator - It checks if the value in validated control is within the specified range or not.
3. CompareValidator - Checks if the value in controls matches some specific values or not.
4. RegularExpressionValidator - Checks if the value matches a specific regular expression or not.
5. CustomValidator - Used to define User Defined validation.
6. Validation Summary - Displays summary of all current validation errors on an ASP.NET page.
Differentiate between namespace and assembly.- Namespace is a naming convenience for logical design-time while an assembly establishes the name scope for types at run time.
Differentiate between early binding and late binding.Early binding means calling a non-virtual method that is decided at a compile time while Late binding refers to calling a virtual method that is decided at a runtime.
What are the different kinds of assemblies?There can be two types of assemblies.
Static assemblies -
- They are stored on disk in portable executable files.
- It includes .NET Framework types like interfaces and classes, resources for the assembly (bitmaps, JPEG files, resource files etc.).
Dynamic assemblies -
- They are not saved on disk before execution rather they run directly from memory.
- They can be saved to disk after they have been executed.
Differentiate between Structure and Class.- Structures are value type while Classes are reference type.
- Structures can not have constructor or destructors while Classes can have them.
- Structures do not support Inheritance while Classes do support Inheritance.
Explain ViewState.- It is a .Net mechanism to store the posted data among post backs.
- It allows the state of objects to be stored in a hidden field on the page, saved on client side and transported back to server whenever required.
What are the various types of Authentication?There are 3 types of Authentication namely Windows, Forms and Passport Authentication.
Windows authentication - It uses the security features integrated in Windows NT and Windows XP OS to authenticate and authorize Web application users.
Forms authentication - It allows you to create your own list of users and validate their identity when they visit the Web site.
Passport authentication - It uses the Microsoft centralized authentication provider to identify users. Passport allows users to use a single identity across multiple Web applications. Passport SDK needs to be installed to use Passport authentication in your Web application.
Explain Server-side scripting and Client-side scripting.- Server side scripting - All the script are executed by the server and interpreted as needed.
What is garbage collection?It is a system where a run-time component takes responsibility for managing the lifetime of objects and the heap memory that they occupy.
Explain serialization and deserialization.- Serialization is the process of converting an object into a stream of bytes.
- Deserialization is the process of creating an object from a stream of bytes.
Both these processes are usually used to transport objects.
What are the various session state management options provided by ASP.NET?- ASP.NET provides two session state management options - In-Process and Out-of-Process state management.
- In-Process stores the session in memory on the web server.
- Out-of-Process stores data in an external data source. This data source may be a SQL Server or a State Server service. Out-of-Process state management needs all objects stored in session to be serializable.
Describe how Passport authentication works.ASP.NET application with Passport authentication implemented checks the user’s machine for a current passport authentication cookie. If it is not available, ASP.NET directs the user to a Passport sign-on page. The Passport service authenticates the user, stores an authentication cookie on the user’s computer and direct the user to the requested page.
Explain the steps to be followed to use Passport authentication.1. Install the Passport SDK.
2. Set the application’s authentication mode to Passport in Web.config.
3. Set authorization to deny unauthenticated users.
4. Use the PassportAuthentication_OnAuthenticate event to access the user’s Passport profile to identify and authorize the user.
5. Implement a sign-out procedure to remove Passport cookies from the user’s machine.
Explain the advantages of Passport authentication.- User doesn’t have to remember separate user names and passwords for various Web sites
- User can maintain his or her profile information in a single location.
- Passport authentication also avail access to various Microsoft services, such as Passport Express Purchase.
What is caching?- Caching is the technique of storing frequently used items in memory so that they can be accessed more quickly.
- By caching the response, the request is served from the response already stored in memory.
- It’s important to choose the items to cache wisely as Caching incurs overhead.
- A Web form that is frequently used and does not contain data that frequently changes is good for caching.
- A cached web form freezes form’s server-side content and changes to that content do not appear until the cache is refreshed.
Explain the use of duration attribute of @OutputCache page directive.- The @OutputCache directive’s Duration attribute determines how long the page is cached.
- If the duration attribute is set to 60 seconds, the Web form is cached for 60 seconds; the server loads the response in memory and retains that response for 60 seconds.
- Any requests during that time receive the cached response.
- Once the cache duration has expired, the next request generates a new response and cached for another 60 seconds.
Explain how a web application works.A web application resides in the server and serves the client's requests over internet. The client access the web page using browser from his machine. When a client makes a request, it receives the result in the form of HTML which are interpreted and displayed by the browser.
A web application on the server side runs under the management of Microsoft Internet Information Services (IIS). IIS passes the request received from client to the application. The application returns the requested result in the form of HTML to IIS, which in turn, sends the result to the client.
Explain the advantages of ASP.NET.Following are the advantages of ASP.NET.
- Web application exists in compiled form on the server so the execution speed is faster as compared to the interpreted scripts.
- ASP.NET makes development simpler and easier to maintain with an event-driven, server-side programming model.
- Being part of .Framework, it has access to all the features of .Net Framework.
- Content and program logic are separated which reduces the inconveniences of program maintenance.
- ASP.NET makes for easy deployment. There is no need to register components because the configuration information is built-in.
- To develop program logic, a developer can choose to write their code in more than 25 .Net languages including VB.Net, C#, JScript.Net etc.
- Introduction of view state helps in maintaining state of the controls automatically between the postbacks events.
- ASP.NET offers built-in security features through windows authentication or other authentication methods.
- Integrated with ADO.NET.
- Built-in caching features.
Explain the different parts that constitute ASP.NET application.Content, program logic and configuration file constitute an ASP.NET application.
Content files include static text, images and can include elements from database.
Program logic files exist as DLL file on the server that responds to the user actions.
Configuration file offers various settings that determine how the application runs on the server.
Describe the sequence of action takes place on the server when ASP.NET application starts first timeFollowing are the sequences:
IIS starts ASP.NET worker process - worker process loads assembly in the memory - IIS sends the request to the assembly - the assembly composes a response using program logic - IIS returns the response to the user in the form of HTML.
Explain the components of web form in ASP.NETServer controls
The server controls are Hypertext Markup Language (HTML) elements that include a runat=server attribute. They provide automatic state management and server-side events and respond to the user events by executing event handler on the server.
These controls also respond to the user events but the events processing happen on the client machine.
Data controls allow to connect to the database, execute command and retrieve data from database.
System components provide access to system-level events that occur on the server.
Describe in brief .NET Framework and its components..NET Framework provides platform for developing windows and web software. ASP.NET is a part of .Net framework and can access all features implemented within it that was formerly available only through windows API. .NET Framework sits in between our application programs and operating system.
The .Net Framework has two main components:
.Net Framework Class Library: It provides common types such as data types and object types that can be shared by all .Net compliant language.
The Common language Runtime: It provides services like type safety, security, code execution, thread management, interoperability services.
What is an Assembly? Explain its parts.An assembly exists as a .DLL or .EXE that contains MSIL code that is executed by CLR. An assembly contains interface and classes, it can also contain other resources like bitmaps, files etc. It carries version details which are used by the CLR during execution. Two assemblies of the same name but with different versions can run side-by-side enabling applications that depend on a specific version to use assembly of that version. An assembly is the unit on which permissions are granted. It can be private or global. A private assembly is used only by the application to which it belongs, but the global assembly can be used by any application in the system.
The four parts of an assembly are:
Assembly Manifest - It contains name, version, culture, and information about referenced assemblies.
Type metadata - It contains information about types defined in the assembly.
MSIL - MSIL code.
Resources - Files such as BMP or JPG file or any other files required by application.
Define Common Type System..Net allows developers to write program logic in at least 25 languages. The classes written in one language can be used by other languages in .Net. This service of .Net is possible through CTS which ensure the rules related to data types that all language must follow. It provides set of types that are used by all .NET languages and ensures .NET language type compatibility.
Define Virtual folder.It is the folder that contains web applications. The folder that has been published as virtual folder by IIS can only contain web applications.
Describe the Events in the Life Cycle of a Web Application.A web application starts when a browser requests a page of the application first time. The request is received by the IIS which then starts ASP.NET worker process (aspnet_wp.exe). The worker process then allocates a process space to the assembly and loads it. An application_start event occurs followed by Session_start. The request is then processed by the ASP.NET engine and sends back response in the form of HTML. The user receives the response in the form of page.
The page can be submitted to the server for further processing. The page submitting triggers postback event that causes the browser to send the page data, also called as view state to the server. When server receives view state, it creates new instance of the web form. The data is then restored from the view state to the control of the web form in Page_Init event.
The data in the control is then available in the Page_load event of the web form. The cached event is then handled and finally the event that caused the postback is processed. The web form is then destroyed. When the user stops using the application, Session_end event occurs and session ends. The default session time is 20 minutes. The application ends when no user accessing the application and this triggers Application_End event. Finally all the resources of the application are reclaimed by the Garbage collector.
What are the ways of preserving data on a Web Form in ASP.NET?ASP.NET has introduced view state to preserve data between postback events. View state can't avail data to other web form in an application. To provide data to other forms, you need to save data in a state variable in the application or session objects.
Define application state variable and session state variable.These objects provide two levels of scope:
Data stored in the application object can be shared by all the sessions of the application. Application object stores data in the key value pair.
Session State stores session-specific information and the information is visible within the session only. ASP.NET creates unique sessionId for each session of the application. SessionIDs are maintained either by an HTTP cookie or a modified URL, as set in the application’s configuration settings. By default, SessionID values are stored in a cookie.
Describe the application event handlers in ASP.NETFollowing are the application event handlers:
This event occurs when the first user visits a page of the application.
This event occurs when there are no more users of the application.
This occurs at the beginning of each request to the server.
Occurs at the end of each request to the server.
This event occurs every time when any new user visits.
Occurs when the users stop requesting pages and their session times out.
What are the Web Form Events available in ASP.NET?Page_Init
Describe the Server Control Events of ASP.NET.ASP.NET offers many server controls like button, textbox, DropDownList etc. Each control can respond to the user's actions using events and event handler mechanism.
There are three types of server control events:
This events sends the web page to the server for processing. Web page sends data back to the same page on the server.
These events are processed when a postback event occurs.
These events occur just before a page is posted back to the server.
How do you change the session time-out value?The session time-out value is specified in the web.config file within sessionstate element. You can change the session time-out setting by changing value of timeout attribute of sessionstate element in web.config file.
Describe how ASP.NET maintains process isolation for each Web applicationIn ASP.NET, when IIS receives a request, IIS uses aspnet_isapi.dll to call the ASP.NET worker process (aspnet_wp.exe). The ASP.NET worker process loads the Web application's assembly, allocating one process space, called the application domain, for each application. This is the how ASP.NET maintains process isolation for each Web application.
Define namespace.Namespaces are the way to organize programming code. It removes the chances of name conflict. It is quite possible to have one name for an item accidentally in large projects those results into conflict. By organizing your code into namespaces, you reduce the chance of these conflicts. You can create namespaces by enclosing a class in a Namespace...End Namespace block.
You can use namespaces outside your project by referring them using References dialog box. You can use Imports or using statement to the code file to access members of the namespaces in code.
What are the options in ASP.NET to maintain state?Client-side state management
This maintains information on the client’s machine using Cookies, View State, and Query Strings.
A cookie is a small text file on the client machine either in the client’s file system or memory of client browser session. Cookies are not good for sensitive data. Moreover, Cookies can be disabled on the browser. Thus, you can’t rely on cookies for state management.
Each page and each control on the page has View State property. This property allows automatic retention of page and controls state between each trip to server. This means control value is maintained between page postbacks. Viewstate is implemented using _VIEWSTATE, a hidden form field which gets created automatically on each page. You can’t transmit data to other page using view state.
Query strings can maintain limited state information. Data can be passed from one page to another with the URL but you can send limited size of data with the URL. Most browsers allow a limit of 255 characters on URL length.
Server-side state management
This kind of mechanism retains state in the server.
The data stored in the application object can be shared by all the sessions of the application. Application object stores data in the key value pair.
Session State stores session-specific information and the information is visible within the session only. ASP.NET creates unique sessionId for each session of the application. SessionIDs are maintained either by an HTTP cookie or a modified URL, as set in the application’s configuration settings. By default, SessionID values are stored in a cookie.
Database can be used to store large state information. Database support is used in combination with cookies or session state.
Explain the difference between Server control and HTML control.Server events
Server control events are handled in the server whereas HTML control events are handled in the page.
Server controls can maintain data across requests using view state whereas HTML controls have no such mechanism to store data between requests.
Server controls can detect browser automatically and adapt display of control accordingly whereas HTML controls can’t detect browser automatically.
Server controls contain properties whereas HTML controls have attributes only.
What are the validation controls available in ASP.NET?ASP.NET validation controls are:
RequiredFieldValidator: This validates controls if controls contain data.
CompareValidator: This allows checking if data of one control match with other control.
RangeValidator: This verifies if entered data is between two values.
RegularExpressionValidator: This checks if entered data matches a specific format.
CustomValidator: Validate the data entered using a client-side script or a server-side code.
ValidationSummary: This allows developer to display errors in one place.
Define the steps to set up validation control.Following are the steps to set up validation control.
- Drag a validation control on a web form.
- Set the ControlToValidate property to the control to be validated.
- If you are using CompareValidator, you have to specify the ControlToCompare property.
- Specify the error message you want to display using ErrorMessage property.
- You can use ValidationSummary control to show errors at one place.
What are the navigation ways between pages available in ASP.NET?Ways to navigate between pages are:
1. Hyperlink control
2. Response.Redirect method
3. Server.Transfer method
4. Server.Execute method
5. Window.Open script method
How do you open a page in a new window?To open a page in a new window, you have to use client script using onclick="window.open()" attribute of HTML control.
Define authentication and authorization.Authorization: The process of granting access privileges to resources or tasks within an application.
Authentication: The process of validating the identity of a user.
Define caching.Caching is the technique of storing frequently used items in memory so that they can be accessed more quickly. Caching technique allows to store/cache page output or application data on the client on the server. The cached information is used to serve subsequent requests that avoid the overhead of recreating the same information. This enhances performance when same information is requested many times by the user.
Define cookie.A cookie is a small file on the client computer that a web application uses to maintain current session information. Cookies are used to identity a user in a future session.
What is delegate?A delegate acts like a strongly type function pointer. Delegates can invoke the methods that they reference without making explicit calls to those methods. It is type safe since it holds reference of only those methods that match its signature. Unlike other classes, the delegate class has a signature. Delegates are used to implement event programming model in .NET application. Delegates enable the methods that listen for an event, to be abstract.
Explain Exception handling in .Net.
Exceptions or errors are unusual occurrences that happen within the logic of an application. The CLR has provided structured way to deal with exceptions using Try/Catch block. ASP.NET supports some facilities to handling exceptions using events suck as Page_Error and Application_Error.
What is impersonation?
Impersonation means delegating one user identity to another user. In ASP.NET, the anonymous users impersonate the ASPNET user account by default. You can use <identity> element of web.config file to impersonate user.
What is managed code in .Net?The code that runs under the guidance of common language runtime (CLR) is called managed code. The versioning and registration problem which are formally handled by the windows programming are solved in .Net with the introduction of managed code. The managed code contains all the versioning and type information that the CLR use to run the application.
What are Merge modules?Merge modules are the deployment projects for the shared components. If the components are already installed, the modules merge the changes rather than unnecessarily overwrite them. When the components are no longer in use, they are removed safely from the server using Merge modules facility.
What is Satellite assembly?Satellite assembly is a kind of assembly that includes localized resources for an application. Each satellite assembly contains the resources for one culture.
Define secured sockets layer.Secured Socket Layer (SSL) ensures a secured web application by encrypting the data sent over internet. When an application is using SSL facility, the server generates an encryption key for the session and page is encrypted before it sent. The client browse uses this encryption key to decrypt the requested Web page.
Define session in ASP.NET.A session starts when the browser first request a resources from within the application. The session gets terminated when either browser closed down or session time out has been attained. The default time out for the session is 20 minutes.
Define Tracing.Tracing is the way to maintain events in an application. It is useful while the application is in debugging or in the testing phase. The trace class in the code is used to diagnose problem. You can use trace messages to your project to monitor events in the released version of the application. The trace class is found in the System.Diagnostics namespace. ASP.NET introduces tracing that enables you to write debug statements in your code, which still remain in the code even after when it is deployed to production servers.
Define View State.ASP.NET preserves data between postback events using view state. You can save a lot of coding using view state in the web form. ViewState serialize the state of objects and store in a hidden field on the page. It retains the state of server-side objects between postbacks. It represents the status of the page when submitted to the server. By default, view state is maintained for each page. If you do not want to maintain the ViewState, include the directive <%@ Page EnableViewState="false" %> at the top of an .aspx page or add the attribute EnableViewState="false" to any control. ViewState exist for the life of the current page.
What is application domain?It is the process space within which ASP.NET application runs. Every application has its own process space which isolates it from other application. If one of the application domains throws error it does not affect the other application domains.
List down the sequence of methods called during the page load.Init() - Initializes the page.
Load() - Loads the page in the server memory.
PreRender() - the brief moment before the page is displayed to the user as HTML
Unload() - runs just after page finishes loading.
What is the importance of Global.asax in ASP.NET?The Global.asax is used to implement application and session level events.
Define MSIL.MSIL is the Microsoft Intermediate Language. All .Net languages' executable exists as MSIL which gets converted into machine specific language using JIT compiler just before execution.
Response.Redirect vs Server.Transfer.Server.Transfer is only applicable for aspx files. It transfers page processing to another page without making round-trip back to the client's browser. Since no round trips, it offers faster response and doesn't update client url history list.
Response.Redirect is used to redirect to another page or site. This performs a trip back to the client where the client’s browser is redirected to the new page.
Explain Session state management options in ASP.NET.ASP.NET provides In-Process and Out-of-Process state management. In-Process stores the session in memory on the web server. Out-of-Process Session state management stores data in an external data source such as SQL Server or a State Server service. Out-of-Process state management requires that all objects stored in session are serializable.
How to turn off cookies for a page?Cookie.Discard Property when true, instructs the client application not to save the Cookie on the user's hard disk when a session ends.
How can you ensure a permanent cookie?Setting Expires property to MinValue and restrict cookie to get expired.
What is AutoPostback?AutoPostBack automatically posts the page back to the server when state of the control is changed.
Explain login control and form authentication.Login controls encapsulate all the features offered by Forms authentication. Login controls internally use FormsAuthentication class to implement security by prompting for user credentials validating them.
What is the use of Web.config file?Following are the setting you can incorporate in web.config file.
- Database connections
- Error Page setting
- Session States
- Error Handling
- Trace setting
- Culture specific setting
Explain in what order a destructors is called.Destructors are called in reverse order of constructors. Destructor of most derived class is called followed by its parent's destructor and so on till the topmost class in the hierarchy.
What is break mode? What are the options to step through code?Break mode lets you to observe code line to line in order to locate error. VS.NET provides following option to step through code.
- Step Into
- Step Over
- Step Out
- Run To Cursor
- Set Next Statement
Explain how to retrieve property settings from XML .config file.Create an instance of AppSettingsReader class, use GetValue method by passing the name of the property and the type expected. Assign the result to the appropriate variable.
Explain Global Assembly Cache.Global Assembly Cache is the place holder for shared assembly. If an assembly is installed to the Global Assembly Cache, the assembly can be accessed by multiple applications. In order to install an assembly to the GAC, the assembly must have to be signed with strong name.
Explain Managed code an Un-managed code.Managed code runs under the safe supervision of common language runtime. Managed code carries metadata that is used by common language runtime to offer service like memory management, code access security, and cross-language accessibility.
Unmanaged code doesn't follow CLR conventions and thus, can't take the advantages of .Framework.
What is side-by-side execution?This means multiple version of same assembly to run on the same computer. This feature enables to deploy multiple versions of the component.
Define Resource Files.Resource files contains non-executable data like strings, images etc that are used by an application and deployed along with it. You can changes these data without recompiling the whole application.
Define Globalization and Localization.Globalization is the process of creating multilingual application by defining culture specific features like currency, date and time format, calendar and other issues. Localization is the process of accommodating cultural differences in an application.
What is reflection?Reflection is a mechanism through which types defined in the metadata of each module can be accessed. The System.Reflection namespaces contains classes that can be used to define the types for an assembly.
Define Satellite Assemblies.Satellite Assemblies are the special kinds of assemblies that exist as DLL and contain culture specific resources in a binary format. They store compiled localized application resources. They can be created using the AL utility and can be deployed even after deployment of the application. Satellite Assemblies encapsulate resources into binary format and thus makes resources lighter and consume lesser space on the disk.
What is CAS?CAS is very important part of .Net security system which verifies if particular piece of code is allowed to run. It also determines if piece of code have access rights to run particular resource. .NET security system applies these features using code groups and permissions. Each assembly of an application is the part of code group with associated permissions.
Explain Automatic Memory Management in .NET.Automatic memory management in .Net is through garbage collector which is incredibly efficient in releasing resources when no longer in use.
Explain the use of DataAdapter.- DataAdapter provides the bridge to connect command objects to a dataset object.
- It populates the table in the dataset from the data store and also pushes the changes in the dataset back into the data store.
Methods of DataAdapter:
Fill - Populates the dataset object with data from the data source
FillSchema - Extracts the schema for a table from the data source
Update - It is use to update the data source with the changes made to the content of the dataset
What is impersonation in ASP.NET?
Impersonation is a technique to access application resources using the identity of some other user.
By default, Impersonation is off
<identity impersonate="true" userName="domain name\username" password="password"/>
Explain the difference between dataset and datareader.- Dataset is a disconnected architecture whereas datareader is connected architecture
- Dataset is the best choice when we need to access data from more than one table.
- Dataset is handy when we need to move back while reading records.
- Compare to datareader, using dataset has an adverse affect on speed
Explain the various authentication mechanisms in ASP.NET.ASP.NET supports 3 authentication mechanisms:
1. Windows Authentication: This is used for an intranet based application. Used to authenticate domain users within a network. By default windows authentication is used.
2. Form Authentication: It’s a custom security based on roles and user accounts created specifically for an application.
3. Passport Authentication: This is based on hotmail passport account.
Can you explain the basic use of DataView?DataView is used for sorting and searching data within datatable.
It has got following methods:
Find - Returns the index of the row
FindRow - Returns a collection of DataRow
AddNew - Add a new row to the DataView object
Delete - Deletes the specific row from DataView object
What is Authorization in ASP.NET?Usually after a user is authenticated by means of a login, the process of authorization is followed where the decision is made whether a user should be granted access to a specific resource.
There are 2 ways to authorize access to a given resource:
URL authorization is performed by the UrlAuthorizationModule
It maps users and roles to URLs in ASP.NET applications.
File authorization is performed by the FileAuthorizationModule.
It checks the access control list of the .aspx or .asmx handler file to determine whether a user should have access to the file.
What is connection pooling and how to enable and disable connection pooling?Connection pool is created when we open connection first time. When a new connection is created with same connection string as the first one, it reuses the same and existing connection object from the pool without creating a new one.
If the connection string is different then a new connection pooling will be created, thus won't use the existing connection object.
By default, we have connection pooling enabled in .Net. To disable connection pooling, set Pooling = false in the connection string.
Why is an object pool required?To enhance performance and reduce the load of creating new objects, instead re using existing objects stored in memory pool. Object Pool is a container of objects that are for use and have already been created. Whenever an object creation request occurs, the pool manager serves the request by allocating an object from the pool. This minimizes the memory consumption and system's resources by recycling and re-using objects. When the task of an object is done, it is sent to the pool rather than being destroyed. This reduces the work for garbage collector and fewer memory allocations occur.
Can you explain the importance of Finalize method in .NET?Clean up activities are entrusted to .NET Garbage collector in .NET. But unmanaged resources such as File, COM object etc. are beyond the scope of Garbage collector. For these type of objects, we have Finalize method where clean up code for unmanaged resources can be put.
Advantages and disadvantages of using cookiesAdvantages:
Cookies are stored in client thus no burden as far as space is concern.
Cookies are light weight and involves no complexities while using.
Most browsers have put a check on the size of a cookie.
Cookies are tampered prone and thus associate security concern.
Cookies can expire thus leading to inconsistency.