Prepared By : Uday Shah - HOD(IT)
Call : 7600044051
E-Mail : rupareleducation@gmail.com
-----------------------------------------------------------------------------------------
Describe state management in ASP.NET.
State management is a technique to manage a state of an object on different request.
The HTTP protocol is the fundamental protocol of the World Wide Web. HTTP is a
stateless protocol means every request is from new user with respect to web
server. HTTP protocol does not provide you with any method of determining
whether any two requests are made by the same person.
Maintaining state is important in any web application. There are two types of state management system in ASP.NET.
-Client-side state management
- Server-side state
management
---------------------------------------
Explain client side state management system.
ASP.NET provides
several techniques for storing state information on the client. These include
the following:
view state: ASP.NET uses view state to track values in controls between page requests. It works within the page only. You cannot use view state value in next page.
control state: You can persist information about a control that is not part of the view state. If view state is disabled for a control or the page, the control state will still work.
hidden fields: It stores data without displaying that control and data to the user’s browser. This data is presented back to the server and is available when the form is processed. Hidden fields data is available within the page only (page-scoped data).
Cookies: Cookies are small piece of information that server creates on the browser. Cookies store a value in the user’s browser that the browser sends with every page request to the web server.
Query strings: In query strings, values are stored at the end of the
URL. These values are visible to the user through his or her browser’s address
bar. Query strings are not secure. You should not send secret information
through the query string.
---------------------------------------
Explain server side state management system.
The following
objects are used to store the information on the server:
Application State:
Application State:
This object stores
the data that is accessible to all pages in a given Web application. The
Application object contains global variables for your ASP.NET application.
Cache Object:
Cache Object:
Caching is the
process of storing data that is used frequently by the user. Caching increases
your application’s performance, scalability, and availability. You can catch
the data on the server or client.
Session State:
Session object
stores user-specific data between individual requests. This object is same as
application object but it stores the data about particular user.
---------------------------------------
Explain cookies
A cookie is a small amount of data that
server creates on the client. When a web server creates a cookie, an additional
HTTP header is sent to the browser when a page is served to the browser. The
HTTP header looks like this:
---------------------------------------
Describe the disadvantage of cookies.
- Cookie can store only string value.
- Cookies are browser dependent.
- Cookies are not secure.
- Cookies can store small amount of data.
- Cookies are browser dependent.
- Cookies are not secure.
- Cookies can store small amount of data.
---------------------------------------
What is Session object? Describe in detail.
HTTP is a stateless
protocol; it can't hold the user information on web page. If user inserts some
information, and move to the next page, that data will be lost and user would
not able to retrieve the information. For accessing that information we have to
store information. Session provides that facility to store information on
server memory. It can support any type of object to store. For every user
Session data store separately means session is user specific.
---------------------------------------
What are the Advantages and Disadvantages of
Session?
Following are the basic advantages and
disadvantages of using session.
Advantages:
- It stores user states and data to all over the application.
- Easy mechanism to implement and we can store any kind of object.
- Stores every user data separately.
- Session is secure and transparent from user because session object is stored on the server.
Disadvantages:
- Performance overhead in case of large number of user, because of session data stored in server memory.
- Overhead involved in serializing and De-Serializing session Data. Because In case of StateServer and SQLServer session mode we need to serialize the object before store.
Advantages:
- It stores user states and data to all over the application.
- Easy mechanism to implement and we can store any kind of object.
- Stores every user data separately.
- Session is secure and transparent from user because session object is stored on the server.
Disadvantages:
- Performance overhead in case of large number of user, because of session data stored in server memory.
- Overhead involved in serializing and De-Serializing session Data. Because In case of StateServer and SQLServer session mode we need to serialize the object before store.
---------------------------------------
Differentiate between client-side and
server-side validations in Web pages.
- Client-side validations happend at the
client's side with the help of JavaScript and VBScript. This happens before the
Web page is sent to the server.
- Server-side validations occurs place at the server side.
- Server-side validations occurs place at the server side.
---------------------------------------
Differentiate between authentication and
authorization.
-
Authentication is the process of
verifying the identity of a user using some credentials like username and
password while authorization determines the parts of the system to which a
particular identity has access.
- Authentication is required before authorization.
- Authentication is required before authorization.
---------------------------------------
What are Web server controls in ASP.NET?
- These are the objects on ASP.NET pages
that run when the Web page is requested.
- Some of these Web server controls, like button and text box, are similar to the HTML controls.
- Some controls exhibit complex behavior like the controls used to connect to data sources and display data.
- Some of these Web server controls, like button and text box, are similar to the HTML controls.
- Some controls exhibit complex behavior like the controls used to connect to data sources and display data.
---------------------------------------
Differentiate between a HyperLink control and a
LinkButton control.
- A HyperLink control does not have the
Click and Command events while the LinkButton control has them, which can be
handled in the code-behind file of the Web page.
---------------------------------------
What are the various types of Cookies in ASP.NET?
There exist two types of cookies in ASP.NET
1. Session Cookie
It resides on the machine of the client for a single session and works until the user logs out of the session.
2. Persistent Cookie
It resides on the machine of a user for a specified period. This period can be set up manually by the user.
1. Session Cookie
It resides on the machine of the client for a single session and works until the user logs out of the session.
2. Persistent Cookie
It resides on the machine of a user for a specified period. This period can be set up manually by the user.
---------------------------------------
What is Global.asax file used for?
It executes application-level events and
sets application-level variables.
---------------------------------------
Explain ASP.NET Web Forms.
- Web Forms are an extremely important part
of ASP.NET.
- They are the User Interface (UI) elements which provide the desired look and feel to your web applications.
- Web Forms provide properties, methods, and events for the controls that are placed onto them.
- They are the User Interface (UI) elements which provide the desired look and feel to your web applications.
- Web Forms provide properties, methods, and events for the controls that are placed onto them.
---------------------------------------
What is event bubbling?
- When child control send events to parent
it is termed as event bubbling.
- Server controls like Data grid, Data List, and Repeater can have other child controls inside them.
- Server controls like Data grid, Data List, and Repeater can have other child controls inside them.
---------------------------------------
What are the various types of validation
controls provided by ASP.NET?
ASP.NET provides 6 types of validation
controls as listed below:
1. RequiredFieldValidator - It is used when you do not want the container to be empty. It checks if the control has any value or not.
2. RangeValidator - It checks if the value in validated control is within the specified range or not.
3. CompareValidator - Checks if the value in controls matches some specific values or not.
4. RegularExpressionValidator - Checks if the value matches a specific regular expression or not.
5. CustomValidator - Used to define User Defined validation.
6. Validation Summary - Displays summary of all current validation errors on an ASP.NET page.
1. RequiredFieldValidator - It is used when you do not want the container to be empty. It checks if the control has any value or not.
2. RangeValidator - It checks if the value in validated control is within the specified range or not.
3. CompareValidator - Checks if the value in controls matches some specific values or not.
4. RegularExpressionValidator - Checks if the value matches a specific regular expression or not.
5. CustomValidator - Used to define User Defined validation.
6. Validation Summary - Displays summary of all current validation errors on an ASP.NET page.
---------------------------------------
Differentiate between namespace and assembly.
- Namespace is a naming convenience for
logical design-time while an assembly establishes the name scope for types at
run time.
---------------------------------------
Differentiate between early binding and late
binding.
Early binding means calling a non-virtual
method that is decided at a compile time while Late binding refers to calling a
virtual method that is decided at a runtime.
---------------------------------------
Differentiate between Structure and Class.
- Structures are value type while Classes
are reference type.
- Structures can not have constructor or destructors while Classes can have them.
- Structures do not support Inheritance while Classes do support Inheritance.
- Structures can not have constructor or destructors while Classes can have them.
- Structures do not support Inheritance while Classes do support Inheritance.
---------------------------------------
Explain ViewState.
- It is a .Net mechanism to store the posted
data among post backs.
- It allows the state of objects to be stored in a hidden field on the page, saved on client side and transported back to server whenever required.
- It allows the state of objects to be stored in a hidden field on the page, saved on client side and transported back to server whenever required.
---------------------------------------
What are the various types of Authentication?
There are 3 types of Authentication namely
Windows, Forms and Passport Authentication.
Windows authentication - It uses the security features integrated in Windows NT and Windows XP OS to authenticate and authorize Web application users.
Forms authentication - It allows you to create your own list of users and validate their identity when they visit the Web site.
Passport authentication - It uses the Microsoft centralized authentication provider to identify users. Passport allows users to use a single identity across multiple Web applications. Passport SDK needs to be installed to use Passport authentication in your Web application.
Windows authentication - It uses the security features integrated in Windows NT and Windows XP OS to authenticate and authorize Web application users.
Forms authentication - It allows you to create your own list of users and validate their identity when they visit the Web site.
Passport authentication - It uses the Microsoft centralized authentication provider to identify users. Passport allows users to use a single identity across multiple Web applications. Passport SDK needs to be installed to use Passport authentication in your Web application.
Explain Server-side scripting and Client-side
scripting.
- Server side scripting - All the script are
executed by the server and interpreted as needed.
- Client side scripting means that the script will be executed immediately in the browser such as form field validation, email validation, etc. It is usually carried out in VBScript or JavaScript.
- Client side scripting means that the script will be executed immediately in the browser such as form field validation, email validation, etc. It is usually carried out in VBScript or JavaScript.
---------------------------------------
What is garbage collection?
It is a system where a run-time component
takes responsibility for managing the lifetime of objects and the heap memory
that they occupy.
---------------------------------------
Describe how Passport authentication works.
ASP.NET application with Passport
authentication implemented checks the user’s machine for a current passport
authentication cookie. If it is not available, ASP.NET directs the user to a
Passport sign-on page. The Passport service authenticates the user, stores an
authentication cookie on the user’s computer and direct the user to the
requested page.
Explain the steps to be followed to use
Passport authentication.
1. Install the Passport SDK.
2. Set the application’s authentication mode to Passport in Web.config.
3. Set authorization to deny unauthenticated users.
4. Use the PassportAuthentication_OnAuthenticate event to access the user’s Passport profile to identify and authorize the user.
5. Implement a sign-out procedure to remove Passport cookies from the user’s machine.
2. Set the application’s authentication mode to Passport in Web.config.
3. Set authorization to deny unauthenticated users.
4. Use the PassportAuthentication_OnAuthenticate event to access the user’s Passport profile to identify and authorize the user.
5. Implement a sign-out procedure to remove Passport cookies from the user’s machine.
Explain the advantages of Passport
authentication.
- User doesn’t have to remember separate
user names and passwords for various Web sites
- User can maintain his or her profile information in a single location.
- Passport authentication also avail access to various Microsoft services, such as Passport Express Purchase.
- User can maintain his or her profile information in a single location.
- Passport authentication also avail access to various Microsoft services, such as Passport Express Purchase.
---------------------------------------
What is caching?
- Caching is the technique of storing
frequently used items in memory so that they can be accessed more quickly.
- By caching the response, the request is served from the response already stored in memory.
- It’s important to choose the items to cache wisely as Caching incurs overhead.
- A Web form that is frequently used and does not contain data that frequently changes is good for caching.
- A cached web form freezes form’s server-side content and changes to that content do not appear until the cache is refreshed.
- By caching the response, the request is served from the response already stored in memory.
- It’s important to choose the items to cache wisely as Caching incurs overhead.
- A Web form that is frequently used and does not contain data that frequently changes is good for caching.
- A cached web form freezes form’s server-side content and changes to that content do not appear until the cache is refreshed.
---------------------------------------
Explain the advantages of ASP.NET.
Following are the advantages of ASP.NET.
- Web application exists in compiled form on the server so the execution speed is faster as compared to the interpreted scripts.
- ASP.NET makes development simpler and easier to maintain with an event-driven, server-side programming model.
- Being part of .Framework, it has access to all the features of .Net Framework.
- Content and program logic are separated which reduces the inconveniences of program maintenance.
- ASP.NET makes for easy deployment. There is no need to register components because the configuration information is built-in.
- To develop program logic, a developer can choose to write their code in more than 25 .Net languages including VB.Net, C#, JScript.Net etc.
- Introduction of view state helps in maintaining state of the controls automatically between the postbacks events.
- ASP.NET offers built-in security features through windows authentication or other authentication methods.
- Integrated with ADO.NET.
- Built-in caching features.
- Web application exists in compiled form on the server so the execution speed is faster as compared to the interpreted scripts.
- ASP.NET makes development simpler and easier to maintain with an event-driven, server-side programming model.
- Being part of .Framework, it has access to all the features of .Net Framework.
- Content and program logic are separated which reduces the inconveniences of program maintenance.
- ASP.NET makes for easy deployment. There is no need to register components because the configuration information is built-in.
- To develop program logic, a developer can choose to write their code in more than 25 .Net languages including VB.Net, C#, JScript.Net etc.
- Introduction of view state helps in maintaining state of the controls automatically between the postbacks events.
- ASP.NET offers built-in security features through windows authentication or other authentication methods.
- Integrated with ADO.NET.
- Built-in caching features.
---------------------------------------
Explain the different parts that constitute
ASP.NET application.
Content, program logic and configuration file
constitute an ASP.NET application.
Content files
Content files include static text, images and can include elements from database.
Program logic
Program logic files exist as DLL file on the server that responds to the user actions.
Configuration file
Configuration file offers various settings that determine how the application runs on the server.
Content files
Content files include static text, images and can include elements from database.
Program logic
Program logic files exist as DLL file on the server that responds to the user actions.
Configuration file
Configuration file offers various settings that determine how the application runs on the server.
---------------------------------------
Explain the components of web form in ASP.NET
Server controls
The server controls are Hypertext Markup Language (HTML) elements that include a runat=server attribute. They provide automatic state management and server-side events and respond to the user events by executing event handler on the server.
HTML controls
These controls also respond to the user events but the events processing happen on the client machine.
Data controls
Data controls allow to connect to the database, execute command and retrieve data from database.
System components
System components provide access to system-level events that occur on the server.
The server controls are Hypertext Markup Language (HTML) elements that include a runat=server attribute. They provide automatic state management and server-side events and respond to the user events by executing event handler on the server.
HTML controls
These controls also respond to the user events but the events processing happen on the client machine.
Data controls
Data controls allow to connect to the database, execute command and retrieve data from database.
System components
System components provide access to system-level events that occur on the server.
---------------------------------------
Define application state variable and session
state variable.
These objects provide two levels of scope:
Application State
Data stored in the application object can be shared by all the sessions of the application. Application object stores data in the key value pair.
Session State
Session State stores session-specific information and the information is visible within the session only. ASP.NET creates unique sessionId for each session of the application. SessionIDs are maintained either by an HTTP cookie or a modified URL, as set in the application’s configuration settings. By default, SessionID values are stored in a cookie.
Application State
Data stored in the application object can be shared by all the sessions of the application. Application object stores data in the key value pair.
Session State
Session State stores session-specific information and the information is visible within the session only. ASP.NET creates unique sessionId for each session of the application. SessionIDs are maintained either by an HTTP cookie or a modified URL, as set in the application’s configuration settings. By default, SessionID values are stored in a cookie.
---------------------------------------
What are the Web Form Events available in ASP.NET?
Page_Init
Page_Load
Page_PreRender
Page_Unload
Page_Disposed
Page_Error
Page_AbortTransaction
Page_CommitTransaction
Page_DataBinding
Page_Load
Page_PreRender
Page_Unload
Page_Disposed
Page_Error
Page_AbortTransaction
Page_CommitTransaction
Page_DataBinding
---------------------------------------
Describe the Server Control Events of ASP.NET.
ASP.NET offers many server controls like
button, textbox, DropDownList etc. Each control can respond to the user's
actions using events and event handler mechanism.
There are three types of server control events:
Postback events
This events sends the web page to the server for processing. Web page sends data back to the same page on the server.
Cached events
These events are processed when a postback event occurs.
Validation events
These events occur just before a page is posted back to the server.
There are three types of server control events:
Postback events
This events sends the web page to the server for processing. Web page sends data back to the same page on the server.
Cached events
These events are processed when a postback event occurs.
Validation events
These events occur just before a page is posted back to the server.
---------------------------------------
How do you change the session time-out value?
The session time-out value is specified in
the web.config file within sessionstate element. You can change the session
time-out setting by changing value of timeout attribute of sessionstate element
in web.config file.
---------------------------------------
What are the options in ASP.NET to maintain
state?
Client-side state management
This maintains information on the client’s machine using Cookies, View State, and Query Strings.
Cookies
A cookie is a small text file on the client machine either in the client’s file system or memory of client browser session. Cookies are not good for sensitive data. Moreover, Cookies can be disabled on the browser. Thus, you can’t rely on cookies for state management.
View State
Each page and each control on the page has View State property. This property allows automatic retention of page and controls state between each trip to server. This means control value is maintained between page postbacks. Viewstate is implemented using _VIEWSTATE, a hidden form field which gets created automatically on each page. You can’t transmit data to other page using view state.
Querystring
Query strings can maintain limited state information. Data can be passed from one page to another with the URL but you can send limited size of data with the URL. Most browsers allow a limit of 255 characters on URL length.
Server-side state management
This kind of mechanism retains state in the server.
Application State
The data stored in the application object can be shared by all the sessions of the application. Application object stores data in the key value pair.
Session State
Session State stores session-specific information and the information is visible within the session only. ASP.NET creates unique sessionId for each session of the application. SessionIDs are maintained either by an HTTP cookie or a modified URL, as set in the application’s configuration settings. By default, SessionID values are stored in a cookie.
Database
Database can be used to store large state information. Database support is used in combination with cookies or session state.
This maintains information on the client’s machine using Cookies, View State, and Query Strings.
Cookies
A cookie is a small text file on the client machine either in the client’s file system or memory of client browser session. Cookies are not good for sensitive data. Moreover, Cookies can be disabled on the browser. Thus, you can’t rely on cookies for state management.
View State
Each page and each control on the page has View State property. This property allows automatic retention of page and controls state between each trip to server. This means control value is maintained between page postbacks. Viewstate is implemented using _VIEWSTATE, a hidden form field which gets created automatically on each page. You can’t transmit data to other page using view state.
Querystring
Query strings can maintain limited state information. Data can be passed from one page to another with the URL but you can send limited size of data with the URL. Most browsers allow a limit of 255 characters on URL length.
Server-side state management
This kind of mechanism retains state in the server.
Application State
The data stored in the application object can be shared by all the sessions of the application. Application object stores data in the key value pair.
Session State
Session State stores session-specific information and the information is visible within the session only. ASP.NET creates unique sessionId for each session of the application. SessionIDs are maintained either by an HTTP cookie or a modified URL, as set in the application’s configuration settings. By default, SessionID values are stored in a cookie.
Database
Database can be used to store large state information. Database support is used in combination with cookies or session state.
---------------------------------------
Explain the difference between Server control
and HTML control.
Server events
Server control events are handled in the server whereas HTML control events are handled in the page.
State management
Server controls can maintain data across requests using view state whereas HTML controls have no such mechanism to store data between requests.
Browser detection
Server controls can detect browser automatically and adapt display of control accordingly whereas HTML controls can’t detect browser automatically.
Properties
Server controls contain properties whereas HTML controls have attributes only.
Server control events are handled in the server whereas HTML control events are handled in the page.
State management
Server controls can maintain data across requests using view state whereas HTML controls have no such mechanism to store data between requests.
Browser detection
Server controls can detect browser automatically and adapt display of control accordingly whereas HTML controls can’t detect browser automatically.
Properties
Server controls contain properties whereas HTML controls have attributes only.
---------------------------------------
What are the validation controls available in
ASP.NET?
ASP.NET validation controls are:
RequiredFieldValidator: This validates controls if controls contain data.
CompareValidator: This allows checking if data of one control match with other control.
RangeValidator: This verifies if entered data is between two values.
RegularExpressionValidator: This checks if entered data matches a specific format.
CustomValidator: Validate the data entered using a client-side script or a server-side code.
ValidationSummary: This allows developer to display errors in one place.
RequiredFieldValidator: This validates controls if controls contain data.
CompareValidator: This allows checking if data of one control match with other control.
RangeValidator: This verifies if entered data is between two values.
RegularExpressionValidator: This checks if entered data matches a specific format.
CustomValidator: Validate the data entered using a client-side script or a server-side code.
ValidationSummary: This allows developer to display errors in one place.
---------------------------------------
Define authentication and authorization.
Authorization: The process of granting access privileges to resources
or tasks within an application.
Authentication: The process of validating the identity of a user.
Authentication: The process of validating the identity of a user.
---------------------------------------
What is AutoPostback?
AutoPostBack automatically posts the page
back to the server when state of the control is changed.
---------------------------------------
Explain login control and form authentication.
Login controls encapsulate all the features
offered by Forms authentication. Login controls internally use
FormsAuthentication class to implement security by prompting for user credentials
validating them.
---------------------------------------
What is the use of Web.config file?
Following are the setting you can
incorporate in web.config file.
- Database connections
- Error Page setting
- Session States
- Error Handling
- Security
- Trace setting
- Culture specific setting
- Database connections
- Error Page setting
- Session States
- Error Handling
- Security
- Trace setting
- Culture specific setting
---------------------------------------
Explain Managed code an Un-managed code.
Managed code runs under the safe supervision
of common language runtime. Managed code carries metadata that is used by
common language runtime to offer service like memory management, code access
security, and cross-language accessibility.
Unmanaged code doesn't follow CLR conventions and thus, can't take the advantages of .Framework.
Unmanaged code doesn't follow CLR conventions and thus, can't take the advantages of .Framework.
---------------------------------------
Explain the use of DataAdapter.
- DataAdapter provides the bridge to connect
command objects to a dataset object.
- It populates the table in the dataset from the data store and also pushes the changes in the dataset back into the data store.
Methods of DataAdapter:
Fill - Populates the dataset object with data from the data source
FillSchema - Extracts the schema for a table from the data source
Update - It is use to update the data source with the changes made to the content of the dataset
- It populates the table in the dataset from the data store and also pushes the changes in the dataset back into the data store.
Methods of DataAdapter:
Fill - Populates the dataset object with data from the data source
FillSchema - Extracts the schema for a table from the data source
Update - It is use to update the data source with the changes made to the content of the dataset
---------------------------------------
Explain the difference between dataset and
datareader.
- Dataset is a disconnected architecture
whereas datareader is connected architecture
- Dataset is the best choice when we need to access data from more than one table.
- Dataset is handy when we need to move back while reading records.
- Compare to datareader, using dataset has an adverse affect on speed
- Dataset is the best choice when we need to access data from more than one table.
- Dataset is handy when we need to move back while reading records.
- Compare to datareader, using dataset has an adverse affect on speed
---------------------------------------
Explain the various authentication mechanisms
in ASP.NET.
ASP.NET supports 3 authentication
mechanisms:
1. Windows Authentication: This is used for an intranet based application. Used to authenticate domain users within a network. By default windows authentication is used.
2. Form Authentication: It’s a custom security based on roles and user accounts created specifically for an application.
3. Passport Authentication: This is based on hotmail passport account.
1. Windows Authentication: This is used for an intranet based application. Used to authenticate domain users within a network. By default windows authentication is used.
2. Form Authentication: It’s a custom security based on roles and user accounts created specifically for an application.
3. Passport Authentication: This is based on hotmail passport account.
