Asp Dot Net Way
What are the 2 ways provided by ASP.NET to format output in a Web application?
1. Use cascading style sheets (css) to control the appearance of elements on a Web form.These styles can set the color, size, font, and behavior of the HTML elements on a Web page.
2. Use Extensible Stylesheet Language Transformations (XSLT) to convert information from an Extensible Markup Language (XML) file to HTML output and position that information on a Web form. XSLT puts data from the XML file into HTML elements and applies styles to those elements.
What are Cascading style sheets?
Cascading style sheets (CSS) collect and organize all of the formatting information applied to HTML elements on a Web form. Because they keep this information in a single location, style sheets make it easy to adjust the appearance of Web applications.
What are the 3 levels at which formatting can be applied with in a web application?
1. Styles can be defined in a style sheet file. Styles in a style sheet can be applied to all webforms referencing the style sheet.
2. You can also define styles in the page’s head element. These styles can be applied to all elements on the current page.
3. You can also define styles inline, in the HTML tag itself. Inline styles are applicable only to the HTML element in which these styles are defined.
Inline formatting takes precedence over local formatting, which, in turn, takes precedence over global formatting. These precedence rules are the reason style sheets are referred to as cascading.
What are the advantages of storing style definitions in a style sheet file (.css) rather than locally in each Web form or inline with each HTML element?
1. Formatting can be maintained in one location so that you make changes only once for an entire application.
2. Several sets of parallel formatting rules can be maintained in separate style sheets for formatting output on different devices or for different user needs. For example, an application might provide standard, enlarged-type, and printer-friendly style sheets that the user can select at run time.
3. In general, you should use page and inline styles only when you have a really good reason to override the global styles. Relying heavily on page and inline styles can make it difficult to maintain the formatting in a Web application.
What HTML element is used to reference a style sheet on webform?
To reference a style sheet on webform you must add a link element to the page’s head element, as shown below.
What is the use of Style Builder?
Style Builder is used to change the appearance of any of the styles in a style sheet. Changes to the style sheet change the appearance of all Web forms that reference that style sheet.
How do you modify a style sheet using style builder?
To modify a style sheet using style builder, follow these steps:
1. Open the style sheet in Visual Studio. Visual Studio .NET displays the style definitions in the Document window and an outline of the style sheet in the Tool window
2. Select the style to modify from the Tool window. Visual Studio .NET displays the definition for that style in the Document window.
3. Right-click in the style definition or right-click the style in the Tool window, and select Build Style from the shortcut menu. Visual Studio .NET displays the Style Builder Wizard.
4. Use the Style Builder to compose the formatting that you want to add or modify in the selected style, and then click OK.
5. When you have finished, you’ll see that the Style Builder adds the new or modified style attributes to the style definition.
Can you apply styles using class names or element IDs?
Yes, Using class names allows you to apply a single style to a number of different elements or to style the same element differently, depending on how the element is used. Using element IDs allows you to apply a style to a unique element on one or more Web forms.
When you create a style rule for a class, Visual Studio .NET adds a style definition to the style sheet using a .classname identifier.
You apply the style class to HTML elements by using the class attribute. You apply the style to server controls by using the CssClass attribute.
Can you change style sheets at run time?
Yes.
Asp Dot Net Way
01 July, 2009
Interview Questions on ASP.NET Custom Controls
Asp Dot Net Way
What are composite custom controls?
Composite custom controls combine one or more server or HTML controls within a single control class, which can be compiled along with other control classes to create an assembly (.dll) that contains a custom control library. Once created, the custom control library can be loaded into Visual Studio .NET and used in the same way as the standard server and HTML controls.
Composite custom controls are functionally similar to user controls, but they reside in their own assemblies, so you can share the same control among multiple projects without having to copy the control to each project, as you must do with user controls. However, composite controls are somewhat more difficult to create because you can’t draw them visually using the Visual Studio .NET Designer.
What are the steps to follow create and use a custom control in a Web application?
1. Create a solution containing a custom control project.
2. Add a Web application project to the solution, and set it as the startup project. You will use the Web application project to test the custom control during development.
3. Add a project reference from the Web application to the custom control project, and add an HTML @Register directive and control element to use the custom control on a Web form.
4. Create the custom control’s visual interface by adding existing controls to it through the custom control’s CreateChildControls method.
5. Add the properties, methods, and events that the custom control provides.
6. Build and test the custom control.
In general what is the base class for every composite custom control?
System.Web.UI.WebControls.WebControl
Which directive is used to add a custom control to a Web form?
Register directive.
What are the 3 Register directive's attributes?
TagPrefix
This name identifies the group that the user control belongs to. For example, the tag prefix for ASP.NET server controls is “asp”. You use this prefix to create a naming convention to organize your custom controls.
Namespace
This is the project name and namespace within the custom control assembly that contains the controls to register. Microsoft Visual Basic .NET uses the project name as an implicit namespace, so for controls written in Visual Basic .NET, use the project name.
Assembly
This is the name of the assembly (.dll) containing the custom controls. The control assembly must be referenced by the Web application. Referencing the assembly maintains a copy of it in the Web application’s /bin directory.
What are the differences between User Controls and Custom Controls?
1. User Controls are easy to create where as Custom Controls are difficult to create.
2. User Controls cannot be compiled into an assembly, where as Custom Controls can be compiled into an assembly.
3. User Controls cannot be added to tool box, where as Custom controls can be added to the toolbox.
4. You need to have a copy of user control in every project where you want to use it, where as this is not the case with custom controls. You can install a single copy of the Web custom control in the global assembly cache and share it between applications, which makes maintenance easier.
5. User controls are used for reusing existing user interface elements and code, but are not useful for developing reusable components for multiple web applications.
Asp Dot Net Way
What are composite custom controls?
Composite custom controls combine one or more server or HTML controls within a single control class, which can be compiled along with other control classes to create an assembly (.dll) that contains a custom control library. Once created, the custom control library can be loaded into Visual Studio .NET and used in the same way as the standard server and HTML controls.
Composite custom controls are functionally similar to user controls, but they reside in their own assemblies, so you can share the same control among multiple projects without having to copy the control to each project, as you must do with user controls. However, composite controls are somewhat more difficult to create because you can’t draw them visually using the Visual Studio .NET Designer.
What are the steps to follow create and use a custom control in a Web application?
1. Create a solution containing a custom control project.
2. Add a Web application project to the solution, and set it as the startup project. You will use the Web application project to test the custom control during development.
3. Add a project reference from the Web application to the custom control project, and add an HTML @Register directive and control element to use the custom control on a Web form.
4. Create the custom control’s visual interface by adding existing controls to it through the custom control’s CreateChildControls method.
5. Add the properties, methods, and events that the custom control provides.
6. Build and test the custom control.
In general what is the base class for every composite custom control?
System.Web.UI.WebControls.WebControl
Which directive is used to add a custom control to a Web form?
Register directive.
What are the 3 Register directive's attributes?
TagPrefix
This name identifies the group that the user control belongs to. For example, the tag prefix for ASP.NET server controls is “asp”. You use this prefix to create a naming convention to organize your custom controls.
Namespace
This is the project name and namespace within the custom control assembly that contains the controls to register. Microsoft Visual Basic .NET uses the project name as an implicit namespace, so for controls written in Visual Basic .NET, use the project name.
Assembly
This is the name of the assembly (.dll) containing the custom controls. The control assembly must be referenced by the Web application. Referencing the assembly maintains a copy of it in the Web application’s /bin directory.
What are the differences between User Controls and Custom Controls?
1. User Controls are easy to create where as Custom Controls are difficult to create.
2. User Controls cannot be compiled into an assembly, where as Custom Controls can be compiled into an assembly.
3. User Controls cannot be added to tool box, where as Custom controls can be added to the toolbox.
4. You need to have a copy of user control in every project where you want to use it, where as this is not the case with custom controls. You can install a single copy of the Web custom control in the global assembly cache and share it between applications, which makes maintenance easier.
5. User controls are used for reusing existing user interface elements and code, but are not useful for developing reusable components for multiple web applications.
Asp Dot Net Way
ASP.NET Interview Questions on web user controls
What are ASP.NET Custom controls?
Custom controls extend the tools available to Web developer. Using custom controls, you can encapsulate key aspects of the visual interface and program logic that you want to reuse throughout your application, or throughout your organization.
What are the 3 types of custom controls in ASP.NET?
Microsoft Visual Studio .NET provides three types of custom control for use on Web forms.
1. Web user controls
These combine existing server HTML controls by using the Visual Studio .NET Designer to create functional units that encapsulate some aspect of the user interface. User controls reside in content files, which must be included in the project in which the controls are used.
2. Composite custom controls
These create new controls from existing server and HTML controls. Although similar to user controls, composite controls are created in code rather than visually, and therefore they can be compiled into an assembly (.dll), which can be shared between multiple applications and used from the Toolbox in Visual Studio .NET.
3. Rendered custom controls
These create entirely new controls by rendering HTML directly rather than using composition. These controls are compiled and can be used from the Toolbox, just like composite controls, but you must write extra code to handle tasks that are performed automatically in composite controls.
What are the limitations of user controls in ASP.NET?
As the user controls are not compiled into assemblies, they have the following limitations:
1. A copy of the control must exist in each Web application project in which the control is used.
2. User controls can’t be loaded in the Visual Studio .NET Toolbox; instead, you must create them by dragging the control from Solution Explorer to the Web form.
3. User control code is initialized after the Web form loads, which means that user control property values are not updated until after the Web form’s Load event.
What are the steps to follow for creating and using a user control in a Web application?
1. Add a Web user control page (.ascx) to your project.
2. Draw the visual interface of the control in the designer.
3. Write code to create the control’s properties, methods, and events.
4. Use the control on a Web form by dragging it from Solution Explorer to the Web form on which you want to include it.
5. Use the control from a Web form’s code by declaring the control at the module level and then using the control’s methods, properties, and events as needed within the Web form.
How do you identify user controls?
User controls are identified by their .ascx file extensions.
What is the base class from which user controls derive?
User controls derive from System.Web.UI.UserControl base class. This base class provides the base set of properties and methods you use to create the control.
What are the steps to follow to create properties and methods for the user control that you can use from a Web form?
To create properties and methods for the user control that you can use from a Web form, follow these steps:
1. Create the public property or method that you want to make available on the containing Web form.
2. Write code to respond to events that occur for the controls contained within the user control. These event procedures do the bulk of the work for the user control.
3. If the property or method needs to retain a setting between page displays, write code to save and restore settings from the control’s ViewState.
What happens when you drag a user control from solution explorer and drop it on a web form?
When you drag a user control from solution explorer and drop it on a web form, Visual Studio .NET generates a @Register directive and HTML tags to create the control on the Web form.
Custom controls extend the tools available to Web developer. Using custom controls, you can encapsulate key aspects of the visual interface and program logic that you want to reuse throughout your application, or throughout your organization.
What are the 3 types of custom controls in ASP.NET?
Microsoft Visual Studio .NET provides three types of custom control for use on Web forms.
1. Web user controls
These combine existing server HTML controls by using the Visual Studio .NET Designer to create functional units that encapsulate some aspect of the user interface. User controls reside in content files, which must be included in the project in which the controls are used.
2. Composite custom controls
These create new controls from existing server and HTML controls. Although similar to user controls, composite controls are created in code rather than visually, and therefore they can be compiled into an assembly (.dll), which can be shared between multiple applications and used from the Toolbox in Visual Studio .NET.
3. Rendered custom controls
These create entirely new controls by rendering HTML directly rather than using composition. These controls are compiled and can be used from the Toolbox, just like composite controls, but you must write extra code to handle tasks that are performed automatically in composite controls.
What are the limitations of user controls in ASP.NET?
As the user controls are not compiled into assemblies, they have the following limitations:
1. A copy of the control must exist in each Web application project in which the control is used.
2. User controls can’t be loaded in the Visual Studio .NET Toolbox; instead, you must create them by dragging the control from Solution Explorer to the Web form.
3. User control code is initialized after the Web form loads, which means that user control property values are not updated until after the Web form’s Load event.
What are the steps to follow for creating and using a user control in a Web application?
1. Add a Web user control page (.ascx) to your project.
2. Draw the visual interface of the control in the designer.
3. Write code to create the control’s properties, methods, and events.
4. Use the control on a Web form by dragging it from Solution Explorer to the Web form on which you want to include it.
5. Use the control from a Web form’s code by declaring the control at the module level and then using the control’s methods, properties, and events as needed within the Web form.
How do you identify user controls?
User controls are identified by their .ascx file extensions.
What is the base class from which user controls derive?
User controls derive from System.Web.UI.UserControl base class. This base class provides the base set of properties and methods you use to create the control.
What are the steps to follow to create properties and methods for the user control that you can use from a Web form?
To create properties and methods for the user control that you can use from a Web form, follow these steps:
1. Create the public property or method that you want to make available on the containing Web form.
2. Write code to respond to events that occur for the controls contained within the user control. These event procedures do the bulk of the work for the user control.
3. If the property or method needs to retain a setting between page displays, write code to save and restore settings from the control’s ViewState.
What happens when you drag a user control from solution explorer and drop it on a web form?
When you drag a user control from solution explorer and drop it on a web form, Visual Studio .NET generates a @Register directive and HTML tags to create the control on the Web form.
ASP.NET Interview Questions on web farm and web garden
What does the term Scalability mean?
Web applications that serve a large number of users or that present large amounts of data need to able to add capacity as users’ demands increase. The ability to add capacity to an application is called scalability. ASP.NET Web applications support this concept through their ability to run in multiple processes and to have those processes distributed across multiple CPUs and/or multiple servers.
What is the difference between a web farm and a web garden?
A Web application running on a single server that has multiple CPUs is called a Web garden in the ASP.NET documentation. A Web application running on multiple servers is called a Web farm.
If your web server has multiple processors, how can you specify that ASP.NET runs on all or some of the CPUs?
If your server has multiple processors, you can specify that ASP.NET runs on all or some of the CPUs by setting the webGarden attribute of the processModel element in the server’s Machine.config file
What are the implications on Application and Session state variables in a web farm or a web garden?
In both a Web garden and a Web farm, client requests are directed to the ASP.NET process that is currently least busy. That means that a single client can interact with different CPUs or servers over the course of his or her session. This has the following implications for Application and Session state variables:
Application state variables are unique to each separate instance of the Web application.
Clients can share information through Application state if the Web application is running on a Web garden or a Web farm.
Session state variables are stored in-process by default.
To enable Session state in a Web garden or Web farm, you need to specify a Session state provider.
How can you share Application State in a web farm or a web garden?
To share data across multiple sessions in a Web garden or Web farm, you must save and restore the information using a resource that is available to all the processes. This can be done through an XML file, a database, or some other resource using the standard file or database access methods.
What are the two built-in ways provided by ASP.NET to share Session state information across a Web garden or Web farm?
ASP.NET provides two built-in ways to share Session state information across a Web garden or Web farm. You can share Session state using:
A state server, as specified by a network location
This technique is simple to implement and doesn’t require you to install Microsoft SQL Server.
A SQL database, as specified by a SQL connection
This technique provides the best performance for storing and retrieving state information.
What are the steps to follow to share Session state information using a state server?
To share Session state information using a state server, follow these steps:
1. In the Web application’s Web.config file, set the sessionState element’s mode and stateConnectionString attributes.
2. Run the aspnet_state.exe utility on the Session state server. The aspnet_state.exe utility is installed in the \WINDOWS\Microsoft.NET \Framework\version folder when you install Visual Studio .NET Professional or Visual Studio .NET Enterprise Architect editions.
What are the steps to follow to share Session state information using a SQL database?
To share Session state information using a SQL database, follow these steps:
1. In the Web application’s Web.config file, set the sessionState element’s mode and sqlConnectionString attributes.
2. Run the InstallSqlState.sql utility on the Session state server. This utility installs the SQL database that shares Session state information across processes. The InstallSqlState.sql utility is installed in the \WINDOWS\Microsoft.NET \Framework\version folder when you install Visual Studio .NET Professional, Visual Studio .NET Enterprise developer, or Visual Studio .NET Enterprise Architect editions.
Web applications that serve a large number of users or that present large amounts of data need to able to add capacity as users’ demands increase. The ability to add capacity to an application is called scalability. ASP.NET Web applications support this concept through their ability to run in multiple processes and to have those processes distributed across multiple CPUs and/or multiple servers.
What is the difference between a web farm and a web garden?
A Web application running on a single server that has multiple CPUs is called a Web garden in the ASP.NET documentation. A Web application running on multiple servers is called a Web farm.
If your web server has multiple processors, how can you specify that ASP.NET runs on all or some of the CPUs?
If your server has multiple processors, you can specify that ASP.NET runs on all or some of the CPUs by setting the webGarden attribute of the processModel element in the server’s Machine.config file
What are the implications on Application and Session state variables in a web farm or a web garden?
In both a Web garden and a Web farm, client requests are directed to the ASP.NET process that is currently least busy. That means that a single client can interact with different CPUs or servers over the course of his or her session. This has the following implications for Application and Session state variables:
Application state variables are unique to each separate instance of the Web application.
Clients can share information through Application state if the Web application is running on a Web garden or a Web farm.
Session state variables are stored in-process by default.
To enable Session state in a Web garden or Web farm, you need to specify a Session state provider.
How can you share Application State in a web farm or a web garden?
To share data across multiple sessions in a Web garden or Web farm, you must save and restore the information using a resource that is available to all the processes. This can be done through an XML file, a database, or some other resource using the standard file or database access methods.
What are the two built-in ways provided by ASP.NET to share Session state information across a Web garden or Web farm?
ASP.NET provides two built-in ways to share Session state information across a Web garden or Web farm. You can share Session state using:
A state server, as specified by a network location
This technique is simple to implement and doesn’t require you to install Microsoft SQL Server.
A SQL database, as specified by a SQL connection
This technique provides the best performance for storing and retrieving state information.
What are the steps to follow to share Session state information using a state server?
To share Session state information using a state server, follow these steps:
1. In the Web application’s Web.config file, set the sessionState element’s mode and stateConnectionString attributes.
2. Run the aspnet_state.exe utility on the Session state server. The aspnet_state.exe utility is installed in the \WINDOWS\Microsoft.NET \Framework\version folder when you install Visual Studio .NET Professional or Visual Studio .NET Enterprise Architect editions.
What are the steps to follow to share Session state information using a SQL database?
To share Session state information using a SQL database, follow these steps:
1. In the Web application’s Web.config file, set the sessionState element’s mode and sqlConnectionString attributes.
2. Run the InstallSqlState.sql utility on the Session state server. This utility installs the SQL database that shares Session state information across processes. The InstallSqlState.sql utility is installed in the \WINDOWS\Microsoft.NET \Framework\version folder when you install Visual Studio .NET Professional, Visual Studio .NET Enterprise developer, or Visual Studio .NET Enterprise Architect editions.
Web application maintainance related ASP.NET Interview Questions
Why is it important to monitor a deployed a Web application?
After you have deployed a Web application, you need to monitor how it performs on the server. Many issues can crop up at this point because of
1. The number of users accessing the application.
2. The unpredictable nature of user interaction.
3. The possibility of malicious attack.
What are the 3 major steps invloved in maintaining a deployed web application?
Maintaining a deployed application is an ongoing task that involves three major steps:
1. Monitoring the application for error, performance, and security issues.
2. Repairing the application as issues are discovered.
3. Tuning the application to respond to user traffic.
What are the MMC snap-ins provided by windows for monitoring security, performance, and error events?
The Event Viewer snap-in : Lists application, system, and security events as they occur on the system. Use this tool to see what is currently happening on the server and to get specific information about a particular event.
The Performance snap-in : Lets you create new events to display in the Event Viewer and allows you to track event counters over time for display graphically or in report form.
How do run the Event Viewer to view application, system, and security events as they happen?
To run the Event Viewer, choose Event Viewer from the Administrative Tools submenu on the Windows Start menu. (You can show the Administrative Tools menu in Windows XP Professional by opening the Start button’s Properties dialog box and clicking the Customize button on the Start Menu tab. The Administrative Tools option is located on the Advanced tab of the Customize Start Menu dialog box.) After clicking the Event Viewer shortcut, Windows displays the Event Viewer snap-in in the MMC.
What are the 3 levels at which the Event Viewer snap-in displays general application, system, and security events?
1. Informational events.
2. Warning events.
3. Error events.
Can you repair a deployed web application in place without restarting the server or IIS?
Yes, to repair a deployed Web application, copy the new assembly (.dll) and/or content files (.aspx, .ascx, and so on) to the application folder on the server. ASP.NET automatically restarts the application when you replace the assembly. You do not need to install or register the assembly on the server.
What is ASP.NET Process recycling?
ASP.NET Web applications have a limited ability to repair themselves through process recycling. Process recycling is the technique of shutting down and restarting an ASP.NET worker process (aspnet_wp.exe) that has become inactive or is consuming excessive resources. You can control how ASP.NET processes are recycled through attributes in the processModel element in the Machine.config file.
Describes the processModel attributes found in machine.config that relate to process recycling?
1. timeout attribute :The amount of time (hh:mm:ss) before the process is shut down and restarted. Use this setting to automatically recycle a process after a certain number of requests as a preventive measure.
2. shutDownTimeOut attribute : How much time each process has to shut itself down. After this amount of time, the process is terminated by the system if it still running.
3. requestLimit attribute : The number of queued requests to serve before the process is shut down and restarted. Use this setting the same way you use the timeout attribute.
4. restartQueueLimit attribute : The number of queued requests to retain while the process is shut down and restarted.
5. memoryLimit attribute : The percentage of physical memory the ASP.NET process is allowed to consume before that process is shut down and a new process is started. This setting helps prevent memory leaks from degrading the server.
6. responseRestart - DeadlockInterval : The amount of time to wait before restarting a process that was shut down because it was deadlocked. This setting is usually several minutes to prevent applications with serious errors from degrading the server.
7. responseDeadlockInterval : The amount of time to wait before restarting a process that is deadlocked. The process is restarted if there are queued requests and the process has not responded within this time limit.
What is the use of processModel element apart from providing process recycling?
The processModel element in the server’s Machine.config file provides attributes that control certain performance aspects, such as
1. The maximum number of requests to be queued.
2. How long to wait before checking whether a client is connected.
3. How many threads to allow per processor.
Describe the processModel attributes that relate to performance tuning?
requestQueueLimit
The number of queued requests allowed before ASP.NET returns response code 503 (Server too busy) to new requests
clientConnectedCheck
The amount of time (hh:mm:ss) to wait before checking whether a client is still connected
maxWorkerThreads
The maximum number of threads per processor
maxIOThreads
The maximum number of I/O threads per processor
In general, lowering these settings allows your server to handle fewer clients more quickly. Increasing these settings permits more clients and more queued requests, but slows response times.
How do you turn off Session state?
To turn off Session state, in the application’s Web.config file, set the sessionState element’s mode attribute to Off.
If you turn of Session State, can you use Session state variables in code anywhere in the application?
No
What is Optimization?
Optimization usually refers to writing code in a way that executes more quickly or consumes fewer resources. In general, optimizations simply reflect the good programming practices.
List some of the common steps to follow to optimize a web application for performance?
Turn off debugging for deployed applications.
Code that has been compiled with release options runs faster than code compiled with debug options.
Avoid round-trips between the client and server.
ASP.NET uses postbacks to process server events on a page. Try to design web forms so that the data on the Web form is complete before the user posts the data to the server. You can use the validation controls to ensure that data is complete on the client side before the page is submitted.
Turn off Session state if it isn’t needed.
In some cases, you can design your code to use other techniques, such as cookies, to store client data.
Turn off ViewState for server controls that do not need to retain their values.
Saving ViewState information adds to the amount of data that must be transmitted back to the server with each request.
Use stored procedures with databases.
Stored procedures execute more quickly than ad hoc queries.
Use SqlDataReader rather than data sets for read-forward data retrieval.
Using SqlDataReader is faster and consumes less memory than creating a data set.
After you have deployed a Web application, you need to monitor how it performs on the server. Many issues can crop up at this point because of
1. The number of users accessing the application.
2. The unpredictable nature of user interaction.
3. The possibility of malicious attack.
What are the 3 major steps invloved in maintaining a deployed web application?
Maintaining a deployed application is an ongoing task that involves three major steps:
1. Monitoring the application for error, performance, and security issues.
2. Repairing the application as issues are discovered.
3. Tuning the application to respond to user traffic.
What are the MMC snap-ins provided by windows for monitoring security, performance, and error events?
The Event Viewer snap-in : Lists application, system, and security events as they occur on the system. Use this tool to see what is currently happening on the server and to get specific information about a particular event.
The Performance snap-in : Lets you create new events to display in the Event Viewer and allows you to track event counters over time for display graphically or in report form.
How do run the Event Viewer to view application, system, and security events as they happen?
To run the Event Viewer, choose Event Viewer from the Administrative Tools submenu on the Windows Start menu. (You can show the Administrative Tools menu in Windows XP Professional by opening the Start button’s Properties dialog box and clicking the Customize button on the Start Menu tab. The Administrative Tools option is located on the Advanced tab of the Customize Start Menu dialog box.) After clicking the Event Viewer shortcut, Windows displays the Event Viewer snap-in in the MMC.
What are the 3 levels at which the Event Viewer snap-in displays general application, system, and security events?
1. Informational events.
2. Warning events.
3. Error events.
Can you repair a deployed web application in place without restarting the server or IIS?
Yes, to repair a deployed Web application, copy the new assembly (.dll) and/or content files (.aspx, .ascx, and so on) to the application folder on the server. ASP.NET automatically restarts the application when you replace the assembly. You do not need to install or register the assembly on the server.
What is ASP.NET Process recycling?
ASP.NET Web applications have a limited ability to repair themselves through process recycling. Process recycling is the technique of shutting down and restarting an ASP.NET worker process (aspnet_wp.exe) that has become inactive or is consuming excessive resources. You can control how ASP.NET processes are recycled through attributes in the processModel element in the Machine.config file.
Describes the processModel attributes found in machine.config that relate to process recycling?
1. timeout attribute :The amount of time (hh:mm:ss) before the process is shut down and restarted. Use this setting to automatically recycle a process after a certain number of requests as a preventive measure.
2. shutDownTimeOut attribute : How much time each process has to shut itself down. After this amount of time, the process is terminated by the system if it still running.
3. requestLimit attribute : The number of queued requests to serve before the process is shut down and restarted. Use this setting the same way you use the timeout attribute.
4. restartQueueLimit attribute : The number of queued requests to retain while the process is shut down and restarted.
5. memoryLimit attribute : The percentage of physical memory the ASP.NET process is allowed to consume before that process is shut down and a new process is started. This setting helps prevent memory leaks from degrading the server.
6. responseRestart - DeadlockInterval : The amount of time to wait before restarting a process that was shut down because it was deadlocked. This setting is usually several minutes to prevent applications with serious errors from degrading the server.
7. responseDeadlockInterval : The amount of time to wait before restarting a process that is deadlocked. The process is restarted if there are queued requests and the process has not responded within this time limit.
What is the use of processModel element apart from providing process recycling?
The processModel element in the server’s Machine.config file provides attributes that control certain performance aspects, such as
1. The maximum number of requests to be queued.
2. How long to wait before checking whether a client is connected.
3. How many threads to allow per processor.
Describe the processModel attributes that relate to performance tuning?
requestQueueLimit
The number of queued requests allowed before ASP.NET returns response code 503 (Server too busy) to new requests
clientConnectedCheck
The amount of time (hh:mm:ss) to wait before checking whether a client is still connected
maxWorkerThreads
The maximum number of threads per processor
maxIOThreads
The maximum number of I/O threads per processor
In general, lowering these settings allows your server to handle fewer clients more quickly. Increasing these settings permits more clients and more queued requests, but slows response times.
How do you turn off Session state?
To turn off Session state, in the application’s Web.config file, set the sessionState element’s mode attribute to Off.
If you turn of Session State, can you use Session state variables in code anywhere in the application?
No
What is Optimization?
Optimization usually refers to writing code in a way that executes more quickly or consumes fewer resources. In general, optimizations simply reflect the good programming practices.
List some of the common steps to follow to optimize a web application for performance?
Turn off debugging for deployed applications.
Code that has been compiled with release options runs faster than code compiled with debug options.
Avoid round-trips between the client and server.
ASP.NET uses postbacks to process server events on a page. Try to design web forms so that the data on the Web form is complete before the user posts the data to the server. You can use the validation controls to ensure that data is complete on the client side before the page is submitted.
Turn off Session state if it isn’t needed.
In some cases, you can design your code to use other techniques, such as cookies, to store client data.
Turn off ViewState for server controls that do not need to retain their values.
Saving ViewState information adds to the amount of data that must be transmitted back to the server with each request.
Use stored procedures with databases.
Stored procedures execute more quickly than ad hoc queries.
Use SqlDataReader rather than data sets for read-forward data retrieval.
Using SqlDataReader is faster and consumes less memory than creating a data set.
ASP.NET ViewState related Interview Questions
What is ViewState?
Web forms have very short lifetimes.In ASP.NET, the data that is entered in controls is encoded and stored in a hidden field. This encoded data is then sent with each request and restored to controls in Page_Init. The data in these controls is then available in the Page_Load event.The data that ASP.NET preserves between requests is called the Web form’s view state.
How do you enable or disable a ViewState for a control on the page?
Every ASP.NET control has a property called EnableViewState. If EnableViewState is set to true ViewState is enabled for the control. If EnableViewState is set to false ViewState is disabled for the control.
How do you enable or disable a ViewState at the page level?
At the page level you can enable or disable ViewState using EnableViewState property of the page.
What is the name of the hidden form field in which ViewState of the page is saved?
__ViewState
What are the performance implications of ViewState?
ViewState is usually good to retain the state of the controls on the webform across postbacks. If you have a huge DataGrid with tons of data being loaded on every page load. It is a good idea to disable the ViewState of the DataGrid for the page to load faster. If the ViewState of a large DataGrid is not disabled, ViewState can easily get very large, on the order of tens of kilobytes. Not only does the __ViewState form field cause slower downloads, but, whenever the user posts back the Web page, the contents of this hidden form field must be posted back in the HTTP request, thereby lengthening the request time, as well.
When does ViewState restoration happens?
During the Page_Init event
What are the disadvantages of using ViewState?
1. On all page visits, during the save view state stage the Page class gathers the collective view state for all of the controls in its control hierarchy and serializes the state to a base-64 encoded string. (This is the string that is emitted in the hidden __ViewState form filed.) Similarly, on postbacks, the load view state stage needs to deserialize the persisted view state data, and update the pertinent controls in the control hierarchy.
2. The __ViewState hidden form field adds extra size to the Web page that the client must download. For some view state-heavy pages, this can be tens of kilobytes of data, which can require several extra seconds (or minutes!) for modem users to download. Also, when posting back, the __ViewState form field must be sent back to the Web server in the HTTP POST headers, thereby increasing the postback request time.
Is ViewState encoded?
Yes, ViewState is base-64 encoded.
Can you encrypt ViewState of Page?
Yes, we can use the LosFormatter class to encrypt ViewState of Page
Can the HTML controls retian State accross postbacks?
No, by default HTML controls donot retain state accross postbacks.
Can you make HTML controls retain State accross postbacks?
Yes, HTML controls can retain State accross postbacks, if you convert HTML controls to Server Controls. There are 2 ways to convert HTML control to Server Controls.
1. Right click on the HTML Control and then click "Run As Server Control"
Or
2. Set runat="server" attribute for the Control.
Is ViewState supported in classic ASP?
No,ViewState is introduced in asp.net, it was not in classic asp
When a form is submitted in classic ASP, all form values are cleared. Suppose you have submitted a form with a lot of information and the server comes back with an error. You will have to go back to the form and correct the information. You click the back button, and what happens.......ALL form values are CLEARED, and you will have to start all over again! The site did not maintain your ViewState.
When a form is submitted in ASP .NET, the form reappears in the browser window together with all form values. How come? This is because ASP .NET maintains your ViewState. The ViewState indicates the status of the page when submitted to the server.
Is ViewState of one page available to another page?
No, ViewState of a Page is available only in that page. You cannot access ViewState of one page from another page.
Can you programatically store and retrieve data from ViewState?
Yes. In ASP.NET you can programatically store and retrieve data from ViewState.See the example below
//Save the value in ViewState object
ViewState("SomeVar") = txtFirstName.text;
//Retrieve the value from ViewState object
String strFirstName = ViewState("SomeVar").ToString();
Can someone view the Page HTML source and read ViewState?
No. ViewState is base-64 encoded. Hence you cannot read ViewState. If you right click on the Page and View Source you will find __ViewState is base-64 encoded.
What happens during the Page_Init event?
The server controls are loaded and initialized from the Web form’s view state. This is the first step in a Web form’s life cycle.
Web forms have very short lifetimes.In ASP.NET, the data that is entered in controls is encoded and stored in a hidden field. This encoded data is then sent with each request and restored to controls in Page_Init. The data in these controls is then available in the Page_Load event.The data that ASP.NET preserves between requests is called the Web form’s view state.
How do you enable or disable a ViewState for a control on the page?
Every ASP.NET control has a property called EnableViewState. If EnableViewState is set to true ViewState is enabled for the control. If EnableViewState is set to false ViewState is disabled for the control.
How do you enable or disable a ViewState at the page level?
At the page level you can enable or disable ViewState using EnableViewState property of the page.
What is the name of the hidden form field in which ViewState of the page is saved?
__ViewState
What are the performance implications of ViewState?
ViewState is usually good to retain the state of the controls on the webform across postbacks. If you have a huge DataGrid with tons of data being loaded on every page load. It is a good idea to disable the ViewState of the DataGrid for the page to load faster. If the ViewState of a large DataGrid is not disabled, ViewState can easily get very large, on the order of tens of kilobytes. Not only does the __ViewState form field cause slower downloads, but, whenever the user posts back the Web page, the contents of this hidden form field must be posted back in the HTTP request, thereby lengthening the request time, as well.
When does ViewState restoration happens?
During the Page_Init event
What are the disadvantages of using ViewState?
1. On all page visits, during the save view state stage the Page class gathers the collective view state for all of the controls in its control hierarchy and serializes the state to a base-64 encoded string. (This is the string that is emitted in the hidden __ViewState form filed.) Similarly, on postbacks, the load view state stage needs to deserialize the persisted view state data, and update the pertinent controls in the control hierarchy.
2. The __ViewState hidden form field adds extra size to the Web page that the client must download. For some view state-heavy pages, this can be tens of kilobytes of data, which can require several extra seconds (or minutes!) for modem users to download. Also, when posting back, the __ViewState form field must be sent back to the Web server in the HTTP POST headers, thereby increasing the postback request time.
Is ViewState encoded?
Yes, ViewState is base-64 encoded.
Can you encrypt ViewState of Page?
Yes, we can use the LosFormatter class to encrypt ViewState of Page
Can the HTML controls retian State accross postbacks?
No, by default HTML controls donot retain state accross postbacks.
Can you make HTML controls retain State accross postbacks?
Yes, HTML controls can retain State accross postbacks, if you convert HTML controls to Server Controls. There are 2 ways to convert HTML control to Server Controls.
1. Right click on the HTML Control and then click "Run As Server Control"
Or
2. Set runat="server" attribute for the Control.
Is ViewState supported in classic ASP?
No,ViewState is introduced in asp.net, it was not in classic asp
When a form is submitted in classic ASP, all form values are cleared. Suppose you have submitted a form with a lot of information and the server comes back with an error. You will have to go back to the form and correct the information. You click the back button, and what happens.......ALL form values are CLEARED, and you will have to start all over again! The site did not maintain your ViewState.
When a form is submitted in ASP .NET, the form reappears in the browser window together with all form values. How come? This is because ASP .NET maintains your ViewState. The ViewState indicates the status of the page when submitted to the server.
Is ViewState of one page available to another page?
No, ViewState of a Page is available only in that page. You cannot access ViewState of one page from another page.
Can you programatically store and retrieve data from ViewState?
Yes. In ASP.NET you can programatically store and retrieve data from ViewState.See the example below
//Save the value in ViewState object
ViewState("SomeVar") = txtFirstName.text;
//Retrieve the value from ViewState object
String strFirstName = ViewState("SomeVar").ToString();
Can someone view the Page HTML source and read ViewState?
No. ViewState is base-64 encoded. Hence you cannot read ViewState. If you right click on the Page and View Source you will find __ViewState is base-64 encoded.
What happens during the Page_Init event?
The server controls are loaded and initialized from the Web form’s view state. This is the first step in a Web form’s life cycle.
Interview Questions on ASP.NET Validation controls
What are ASP.NET Validation controls?
ASP.NET provides validation controls to help you check Web form data entries before the data is accepted and saved in the database. Validation controls can be used to address the following questions.
1. Did the user enter anything?
2. Is the entry the appropriate kind of data (For example, Date of Birth should be a valid Date, Name should be a string etc.)?
3. Is the data within a required range?(For example age cannot be greater than 100 years)
The validation controls check the validity of data entered in associated server controls on the client before the page is posted back to the server.Most validity problems can be caught and corrected by the user without a round-trip to the server.
Where do the ASP.NET validation controls validate data, on the Client or on the Web Server?
ASP.NET validation controls validate data first on the client and then on the web server. If a client disables javascript on the browser then, client side validations are bypassed and validations are performed on the web server.
Client-side validation is provided by a JScript library named WebUIValidation.js, which is downloaded separately to the client. Validation controls also automatically provide server-side validation. Server-side validation is always performed, whether or not client-side validation has occurred. This double-checking ensures that custom validations are performed correctly and that client-side validation has not been circumvented.
What are the 6 different validation controls provided by ASP.NET?
RequiredFieldValidator:Checks whether a control contains data
CompareValidator:Checks whether an entered item matches an entry in another control
RangeValidator:Checks whether an entered item is between two values
RegularExpressionValidator:Checks whether an entered item matches a specified format
CustomValidator:Checks the validity of an entered item using a client-side script or a server-side code, or both
ValidationSummary:Displays validation errors in a central location or display a general validation error description
What property of the validation control is used to specify which control to validate?
ControlToValidate property.
Explain in simple steps how to use validation controls?
1.Draw a validation control on a Web form and set its ControlToValidate property to the control you want to validate.
2.If you’re using the CompareValidator control, you also need to specify the ControlToCompare property.
3.Set the validation control’s ErrorMessage property to the error message you want displayed if the control’s data is not valid.
4.Set the validation control’s Text property if you want the validation control to display a message other than the message in the ErrorMessage property when an error occurs. Setting the Text property lets you briefly indicate where the error occurred on the form and display the longer ErrorMessage property in a ValidationSummary control.
5.Draw a ValidationSummary control on the Web form to display the error messages from the validation controls in one place.
6.Provide a control that triggers a postback event. Although validation occurs on the client side, validation doesn’t start until a postback is requested.
Are the validation controls fired on the client side if javascript is disabled on the client browser?
No, validation controls are not fired on the client side if javascript is disabled on the client browser.
What is the use of CausesValidation property of an ASP.NET button control?
CausesValidation property of an ASP.NET button control is used to determine if the validation controls should be fired when the button is clicked. If CausesValidation property is set to true, then validation is performed and if the CausesValidation property is set to false then validation is not done.
Give an example of real time scenario where you might use CausesValidation property of an ASP.NET button control?
Let us assume we have a Page that collects user information like name, age, date of birth, gender with a submit and reset buttons. When I click the submit button the information filled on the form should be validated and saved to the database. If I click the reset button then all the controls on the webform should default to their initial values without validation happening.So you have to set the CausesValidation property of the reset button to false for the validation to be bypassed. Other wise you will not be able to post back the page to the server.
What is ASP.NET Custom Validator used for?
ASP.NET Custom Validator is used to perform complex types of validation not provided by the standard validation control, use a CustomValidator control and write code to perform the validation on the server side and optionally on the client side.
How do you programatically check, if the client side validation is not bypassed by disabling the javascript on the client browser?
We use Page.IsValid property to determine if all the validations have succeeded. For this property to return true, all validation server controls in the current validation group must validate successfully.
How do you programatically invoke all validation controls on a page?
Call Page.Validate() method. When this method is invoked, it iterates through the validation controls contained in the ValidatorCollection object associated with the Page.Validators property and invokes the validation logic for each validation control in the current validation group.
What is a validation group?
Validation groups allow you to group validation controls on a page as a set. Each validation group can perform validation independently from other validation groups on the page.
How do you create a validation group?
You create a validation group by setting the ValidationGroup property to the same name for all the controls you want to group. You can assign any name to a validation group, but you must use the same name for all members of the group.
Explain how a validation group works when the Page is posted by clicking a button?
During postback, the Page class's IsValid property is set based only on the validation controls in the current validation group. The current validation group is determined by the control that caused validation to occur. For example, if a button control with a validation group of LoginGroup is clicked, then the IsValid property will return true if all validation controls whose ValidationGroup property is set to LoginGroup are valid.
Can a DropDownList fire validation controls?
Yes, DropDownList control can also fire validation if the control's CausesValidation property is set to true and the AutoPostBack property is set to true.
How do you programatically force all validation controls in a particular validation group to be fired?
Call the Page.Validate(string GroupName) method and pass the name of the validation group. This will fire only the validation controls in that validation group.
What is SetFocusOnError property of a validation control used for?
Use the SetFocusOnError property to specify whether focus is automatically set to the control specified by the ControlToValidate property when this validation control fails. This allows the user to quickly update the appropriate control.
If multiple validation controls fail and this property is set to true, the control specified in the ControlToValidate property for the first validation control receives focus.
What is InitialValue property of a RequiredFieldValidator?
Use this property to specify the initial value of the input control.Validation fails only if the value of the associated input control matches this InitialValue upon losing focus.
ASP.NET provides validation controls to help you check Web form data entries before the data is accepted and saved in the database. Validation controls can be used to address the following questions.
1. Did the user enter anything?
2. Is the entry the appropriate kind of data (For example, Date of Birth should be a valid Date, Name should be a string etc.)?
3. Is the data within a required range?(For example age cannot be greater than 100 years)
The validation controls check the validity of data entered in associated server controls on the client before the page is posted back to the server.Most validity problems can be caught and corrected by the user without a round-trip to the server.
Where do the ASP.NET validation controls validate data, on the Client or on the Web Server?
ASP.NET validation controls validate data first on the client and then on the web server. If a client disables javascript on the browser then, client side validations are bypassed and validations are performed on the web server.
Client-side validation is provided by a JScript library named WebUIValidation.js, which is downloaded separately to the client. Validation controls also automatically provide server-side validation. Server-side validation is always performed, whether or not client-side validation has occurred. This double-checking ensures that custom validations are performed correctly and that client-side validation has not been circumvented.
What are the 6 different validation controls provided by ASP.NET?
RequiredFieldValidator:Checks whether a control contains data
CompareValidator:Checks whether an entered item matches an entry in another control
RangeValidator:Checks whether an entered item is between two values
RegularExpressionValidator:Checks whether an entered item matches a specified format
CustomValidator:Checks the validity of an entered item using a client-side script or a server-side code, or both
ValidationSummary:Displays validation errors in a central location or display a general validation error description
What property of the validation control is used to specify which control to validate?
ControlToValidate property.
Explain in simple steps how to use validation controls?
1.Draw a validation control on a Web form and set its ControlToValidate property to the control you want to validate.
2.If you’re using the CompareValidator control, you also need to specify the ControlToCompare property.
3.Set the validation control’s ErrorMessage property to the error message you want displayed if the control’s data is not valid.
4.Set the validation control’s Text property if you want the validation control to display a message other than the message in the ErrorMessage property when an error occurs. Setting the Text property lets you briefly indicate where the error occurred on the form and display the longer ErrorMessage property in a ValidationSummary control.
5.Draw a ValidationSummary control on the Web form to display the error messages from the validation controls in one place.
6.Provide a control that triggers a postback event. Although validation occurs on the client side, validation doesn’t start until a postback is requested.
Are the validation controls fired on the client side if javascript is disabled on the client browser?
No, validation controls are not fired on the client side if javascript is disabled on the client browser.
What is the use of CausesValidation property of an ASP.NET button control?
CausesValidation property of an ASP.NET button control is used to determine if the validation controls should be fired when the button is clicked. If CausesValidation property is set to true, then validation is performed and if the CausesValidation property is set to false then validation is not done.
Give an example of real time scenario where you might use CausesValidation property of an ASP.NET button control?
Let us assume we have a Page that collects user information like name, age, date of birth, gender with a submit and reset buttons. When I click the submit button the information filled on the form should be validated and saved to the database. If I click the reset button then all the controls on the webform should default to their initial values without validation happening.So you have to set the CausesValidation property of the reset button to false for the validation to be bypassed. Other wise you will not be able to post back the page to the server.
What is ASP.NET Custom Validator used for?
ASP.NET Custom Validator is used to perform complex types of validation not provided by the standard validation control, use a CustomValidator control and write code to perform the validation on the server side and optionally on the client side.
How do you programatically check, if the client side validation is not bypassed by disabling the javascript on the client browser?
We use Page.IsValid property to determine if all the validations have succeeded. For this property to return true, all validation server controls in the current validation group must validate successfully.
How do you programatically invoke all validation controls on a page?
Call Page.Validate() method. When this method is invoked, it iterates through the validation controls contained in the ValidatorCollection object associated with the Page.Validators property and invokes the validation logic for each validation control in the current validation group.
What is a validation group?
Validation groups allow you to group validation controls on a page as a set. Each validation group can perform validation independently from other validation groups on the page.
How do you create a validation group?
You create a validation group by setting the ValidationGroup property to the same name for all the controls you want to group. You can assign any name to a validation group, but you must use the same name for all members of the group.
Explain how a validation group works when the Page is posted by clicking a button?
During postback, the Page class's IsValid property is set based only on the validation controls in the current validation group. The current validation group is determined by the control that caused validation to occur. For example, if a button control with a validation group of LoginGroup is clicked, then the IsValid property will return true if all validation controls whose ValidationGroup property is set to LoginGroup are valid.
Can a DropDownList fire validation controls?
Yes, DropDownList control can also fire validation if the control's CausesValidation property is set to true and the AutoPostBack property is set to true.
How do you programatically force all validation controls in a particular validation group to be fired?
Call the Page.Validate(string GroupName) method and pass the name of the validation group. This will fire only the validation controls in that validation group.
What is SetFocusOnError property of a validation control used for?
Use the SetFocusOnError property to specify whether focus is automatically set to the control specified by the ControlToValidate property when this validation control fails. This allows the user to quickly update the appropriate control.
If multiple validation controls fail and this property is set to true, the control specified in the ControlToValidate property for the first validation control receives focus.
What is InitialValue property of a RequiredFieldValidator?
Use this property to specify the initial value of the input control.Validation fails only if the value of the associated input control matches this InitialValue upon losing focus.
Transactions related ASP.NET Interview Questions
What is a transaction?
A transaction is a group of commands that change the data stored in a database. The transaction, which is treated as a single unit, assures that the commands are handled in an all-or-nothing fashion. if one of the commands fails, all of the commands fail, and any data that was written to the database by the commands is backed out. In this way, transactions maintain the integrity of data in a database. ADO.NET lets you group database operations into transactions.
What is the main purpose of database transactions?
The main purpose of database transactions is to maintain the integrity of data in a database.
How do you determine which SQL commands are part of a transaction?
You can determine what database commands belong in a transaction by using the ACID test. Commands must be atomic, consistent, isolated, and durable.
Commands belong in a transaction if they are:
Atomic:In other words, they make up a single unit of work. For example, if a customer moves, you want your data entry operator to change all of the customer’s address fields as a single unit, rather than changing street, then city, then state, and so on.
Consistent:All the relationships between data in a database are maintained correctly. For example, if customer information uses a tax rate from a state tax table, the state entered for the customer must exist in the state tax table. Isolated:Changes made by other clients can’t affect the current changes. For example, if two data entry operators try to make a change to the same customer at the same time, one of two things occurs: either one operator’s changes are accepted and the other is notified that the changes weren’t made, or both operators are notified that their changes were not made. In either case, the customer data is not left in an indeterminate state.
Durable:Once a change is made, it is permanent. If a system error or power failure occurs before a set of commands is complete, those commands are undone and the data is restored to its original state once the system begins running again.
Why is transaction processing very important for web applications?
Transaction processing is very important for Web applications that use data access, because Web applications are distributed among many different clients. In a Web application, databases are a shared resource, and having many different clients distributed over a wide area can present the below key problems.
Contention for resources:Several clients might try to change the same record at the same time. This problem gets worse the more clients you have.
Unexpected failures:The internet is not the most reliable network around, even if your Web application and Web server are 100 percent reliable. Clients can be unexpectedly disconnected by their service provider, by their modems, or by power failures.
Web application life cycle:Web applications don’t follow the same life cycle as Windows applications—Web forms live for only an instant, and a client can leave your application at any point by simply typing a new address in his or her browser.
List the steps in order to process a transaction?
1.Begin a transaction.
2.Process database commands.
3.Check for errors.
4.If errors occurred, restore the database to its state at the beginning of the transaction. If no errors occurred, commit the transaction to the database.
Explain how a DataSet provides transaction processing?
DataSet provide transaction processing through the RejectChanges and Update methods. DataSet also provide an AcceptChanges method that resets the state of records in a data set to Unchanged. Data sets provide implicit transaction processing, because changes to a data set are not made in the database until you invoke the Update method on the data adapter object. This lets you perform a set of commands on the data and then choose a point at which to make the changes permanent in the database.
If an error occurs during the Update method, none of the changes from the data set is made in the database. At that point, you can either attempt to correct the error and try the Update method again or undo the changes pending in the data set using the data set’s RejectChanges method.
Give an example to show how DataSets provide transaction processing?
Let us assume we have a DataGrid that displays employee information. Every row also has a delete button, which when you click will delete that row. On this page we also have a Restore and Commit buttons. When you click the Restore button you should be able to restore the data to its previous state. When you click the Commit button you should be able to update the database with the deletions made in the DataSet.
The code for Commit and Restore buttons is shown below.
private void butRestore_Click(object sender, System.EventArgs e)
{
// Restore the data set to its original state.
dsContacts.RejectChanges();
// Refresh the data grid.
grdContacts.DataBind();
}
private void butCommit_Click(object sender, System.EventArgs e)
{
int intRows;
// Update the database from the data set.
intRows = adptContacts.Update(dsContacts);
// Save changes to state variable.
Session["dsContacts"] = dsContacts;
// Refresh the data grid.
grdContacts.DataBind();
}
The RejectChanges method in the preceding butRestore_Click event procedure returns the data set to its state before the row was deleted. The data set’s AcceptChanges method is the inverse of RejectChanges—it resets the DataRowState property for all the changed rows in a data set to Unchanged and removes any deleted rows.
The AcceptChanges method prevents the Update method from making those changes in the database, however, because Update uses the rows’ DataRowState property to determine which rows to modify in the database. For this reason, the AcceptChanges method is useful only when you do not intend to update a database from the data set.
What are the 3 types of transaction objects available in ADO.NET?
As we have 3 types of database connections in ADO.NET, there are also 3 types of transaction objects:
SqlTransaction
OracleTransaction
OleDbTransaction
What are the steps involved in using a transaction object in ADO.NET?
1.Open a database connection.
2.Create the transaction object using the database connection object’s BeginTransaction method.
3.Create command objects to track with this transaction, assigning the Transaction property of each command object to the name of the transaction object created in step 2.
4.Execute the commands. Because the purpose of transaction processing is to detect and correct errors before data is written to the database, this is usually done as part of an error-handling structure.
5.Commit the changes to the database or restore the database state, depending on the success of the commands.
Close the database connection.
What property of a transaction object determines how concurrent changes to a database are handled?
IsolationLevel property of the transaction object is used to determine how concurrent changes to a database are handled.
What are different isolation levels of a transaction object in ADO.NET?
ReadUncommitted:Does not lock the records being read. This means that an uncommitted change can be read and then rolled back by another client, resulting in a local copy of a record that is not consistent with what is stored in the database. This is called a dirty read because the data is inconsistent.
Chaos:Behaves the same way as ReadUncommitted, but checks the isolation level of other pending transactions during a write operation so that transactions with more restrictive isolation levels are not overwritten.
ReadCommitted:Locks the records being read and immediately frees the lock as soon as the records have been read. This prevents any changes from being read before they are committed, but it does not prevent records from being added, deleted, or changed by other clients during the transaction. This is the default isolation level.
RepeatableRead:Locks the records being read and keeps the lock until the transaction completes. This ensures that the data being read does not change during the transaction.
Serializable:Locks the entire data set being read and keeps the lock until the transaction completes. This ensures that the data and its order within the database do not change during the transaction.
What is the default isolation level in a transaction?
ReadCommitted
What is a Save Point in a transaction in ADO.NET?
SqlConnection object provide one transaction capability that is unavailable for OLE database connections: the ability to create save points within a transaction. Save points let you restore the database state to a specific position within the current transaction. To set a save point within a SQL transaction, use the Save method as shown below.
TransactionObject.Save("FirstStep");
How do you restore a SQL transaction to a specific save point?
To restore a SQL transaction to a save point, specify the name of the save point in the Rollback method as shown below.
TransactionObject.Rollback("FirstStep");
A transaction is a group of commands that change the data stored in a database. The transaction, which is treated as a single unit, assures that the commands are handled in an all-or-nothing fashion. if one of the commands fails, all of the commands fail, and any data that was written to the database by the commands is backed out. In this way, transactions maintain the integrity of data in a database. ADO.NET lets you group database operations into transactions.
What is the main purpose of database transactions?
The main purpose of database transactions is to maintain the integrity of data in a database.
How do you determine which SQL commands are part of a transaction?
You can determine what database commands belong in a transaction by using the ACID test. Commands must be atomic, consistent, isolated, and durable.
Commands belong in a transaction if they are:
Atomic:In other words, they make up a single unit of work. For example, if a customer moves, you want your data entry operator to change all of the customer’s address fields as a single unit, rather than changing street, then city, then state, and so on.
Consistent:All the relationships between data in a database are maintained correctly. For example, if customer information uses a tax rate from a state tax table, the state entered for the customer must exist in the state tax table. Isolated:Changes made by other clients can’t affect the current changes. For example, if two data entry operators try to make a change to the same customer at the same time, one of two things occurs: either one operator’s changes are accepted and the other is notified that the changes weren’t made, or both operators are notified that their changes were not made. In either case, the customer data is not left in an indeterminate state.
Durable:Once a change is made, it is permanent. If a system error or power failure occurs before a set of commands is complete, those commands are undone and the data is restored to its original state once the system begins running again.
Why is transaction processing very important for web applications?
Transaction processing is very important for Web applications that use data access, because Web applications are distributed among many different clients. In a Web application, databases are a shared resource, and having many different clients distributed over a wide area can present the below key problems.
Contention for resources:Several clients might try to change the same record at the same time. This problem gets worse the more clients you have.
Unexpected failures:The internet is not the most reliable network around, even if your Web application and Web server are 100 percent reliable. Clients can be unexpectedly disconnected by their service provider, by their modems, or by power failures.
Web application life cycle:Web applications don’t follow the same life cycle as Windows applications—Web forms live for only an instant, and a client can leave your application at any point by simply typing a new address in his or her browser.
List the steps in order to process a transaction?
1.Begin a transaction.
2.Process database commands.
3.Check for errors.
4.If errors occurred, restore the database to its state at the beginning of the transaction. If no errors occurred, commit the transaction to the database.
Explain how a DataSet provides transaction processing?
DataSet provide transaction processing through the RejectChanges and Update methods. DataSet also provide an AcceptChanges method that resets the state of records in a data set to Unchanged. Data sets provide implicit transaction processing, because changes to a data set are not made in the database until you invoke the Update method on the data adapter object. This lets you perform a set of commands on the data and then choose a point at which to make the changes permanent in the database.
If an error occurs during the Update method, none of the changes from the data set is made in the database. At that point, you can either attempt to correct the error and try the Update method again or undo the changes pending in the data set using the data set’s RejectChanges method.
Give an example to show how DataSets provide transaction processing?
Let us assume we have a DataGrid that displays employee information. Every row also has a delete button, which when you click will delete that row. On this page we also have a Restore and Commit buttons. When you click the Restore button you should be able to restore the data to its previous state. When you click the Commit button you should be able to update the database with the deletions made in the DataSet.
The code for Commit and Restore buttons is shown below.
private void butRestore_Click(object sender, System.EventArgs e)
{
// Restore the data set to its original state.
dsContacts.RejectChanges();
// Refresh the data grid.
grdContacts.DataBind();
}
private void butCommit_Click(object sender, System.EventArgs e)
{
int intRows;
// Update the database from the data set.
intRows = adptContacts.Update(dsContacts);
// Save changes to state variable.
Session["dsContacts"] = dsContacts;
// Refresh the data grid.
grdContacts.DataBind();
}
The RejectChanges method in the preceding butRestore_Click event procedure returns the data set to its state before the row was deleted. The data set’s AcceptChanges method is the inverse of RejectChanges—it resets the DataRowState property for all the changed rows in a data set to Unchanged and removes any deleted rows.
The AcceptChanges method prevents the Update method from making those changes in the database, however, because Update uses the rows’ DataRowState property to determine which rows to modify in the database. For this reason, the AcceptChanges method is useful only when you do not intend to update a database from the data set.
What are the 3 types of transaction objects available in ADO.NET?
As we have 3 types of database connections in ADO.NET, there are also 3 types of transaction objects:
SqlTransaction
OracleTransaction
OleDbTransaction
What are the steps involved in using a transaction object in ADO.NET?
1.Open a database connection.
2.Create the transaction object using the database connection object’s BeginTransaction method.
3.Create command objects to track with this transaction, assigning the Transaction property of each command object to the name of the transaction object created in step 2.
4.Execute the commands. Because the purpose of transaction processing is to detect and correct errors before data is written to the database, this is usually done as part of an error-handling structure.
5.Commit the changes to the database or restore the database state, depending on the success of the commands.
Close the database connection.
What property of a transaction object determines how concurrent changes to a database are handled?
IsolationLevel property of the transaction object is used to determine how concurrent changes to a database are handled.
What are different isolation levels of a transaction object in ADO.NET?
ReadUncommitted:Does not lock the records being read. This means that an uncommitted change can be read and then rolled back by another client, resulting in a local copy of a record that is not consistent with what is stored in the database. This is called a dirty read because the data is inconsistent.
Chaos:Behaves the same way as ReadUncommitted, but checks the isolation level of other pending transactions during a write operation so that transactions with more restrictive isolation levels are not overwritten.
ReadCommitted:Locks the records being read and immediately frees the lock as soon as the records have been read. This prevents any changes from being read before they are committed, but it does not prevent records from being added, deleted, or changed by other clients during the transaction. This is the default isolation level.
RepeatableRead:Locks the records being read and keeps the lock until the transaction completes. This ensures that the data being read does not change during the transaction.
Serializable:Locks the entire data set being read and keeps the lock until the transaction completes. This ensures that the data and its order within the database do not change during the transaction.
What is the default isolation level in a transaction?
ReadCommitted
What is a Save Point in a transaction in ADO.NET?
SqlConnection object provide one transaction capability that is unavailable for OLE database connections: the ability to create save points within a transaction. Save points let you restore the database state to a specific position within the current transaction. To set a save point within a SQL transaction, use the Save method as shown below.
TransactionObject.Save("FirstStep");
How do you restore a SQL transaction to a specific save point?
To restore a SQL transaction to a save point, specify the name of the save point in the Rollback method as shown below.
TransactionObject.Rollback("FirstStep");
ASP.NET Interview Questions on Tracing
What is an exception log?
An exception log is a list of handled exceptions that occur while your application is running. Reviewing the exception log periodically helps you verify that exceptions are being handled correctly, are not occurring too frequently, and are not preventing users from accomplishing tasks with your application.
What is Tracing and what are the adavantages of using tracing to log exceptions?
Tracing is a technique for recording events, such as exceptions, in an application. There have always been ways to record errors in an application - usually by opening a file and writing error messages to it. But tracing offers the following significant advantages:
Standardization:Building tracing into the .NET Framework ensures that programming techniques are the same across all the applications you develop with the .NET Framework.
Built-in Web support:ASP.NET extends the .NET Framework tools by including information related to the performance and behavior of Web requests.
Configuration:You can turn tracing on and off using settings in your application’s configuration file. You don’t have to recompile your application to enable or disable tracing.
Performance:While disabled, tracing statements do not affect application performance.
How do you turn tracing on and off for an ASP.NET web application?
Tracing can be turned on or off for an entire Web application or for an individual page in the application:
1. To turn tracing on for an entire application, in the application’s Web.config file, set the trace element’s Enabled attribute to True.
Or
2. To turn tracing on for a single page, set the DOCUMENT object’s Trace property to True in the Visual Studio .NET Properties window. This sets the @ Page directive’s Trace attribute to True in the Web form’s HTML.
Where is the trace output displayed by default?
By default, trace output is displayed at the end of each Web page.
While this is fine for debugging purposes, you’ll generally want to write trace output to a log file when you start testing your completed application. To write trace messages to a log file for an entire application, in the application’s Web.config file, set the trace element’s PageOutput attribute to False. ASP.NET then writes trace output to the Trace.axd file in your application’s root folder.
How do you specify, how many page requets should be written to the trace log?
Theelement's RequestLimit attribute can be used to specify how many page requests to write to the trace log. For example, the following line from a Web.config file turns on tracing for the application and writes the first 10 requests to the Trace.axd file:
How do you write trace messages to a log file for only selected pages in an application?
To write trace messages to a log file for only selected pages in an application, follow these steps:
In the application’s Web.config file, set the trace element’s Enabled attribute to True and PageOutput attribute to False.
For each Web page you want to exclude from tracing, set the @ Page directive’s Trace attribute to False.
What is the difference between Trace.Write() and Trace.Warn() methods of a trace object?
The Trace object provides the Write and Warn methods to allow you to write messages to a request’s trace information. The two methods are identical with one difference: messages written with Trace.Write are displayed in black, whereas messages written with Trace.Warn are displayed in red.
How do you programatically check if tracing is enabled?
The Trace object’s IsEnabled property can be used to programatically check if tracing is enabled.
How do you prevent from trace output being written at the bottom of the web page?
You can prevent from trace output being written at the bottom of the web page by setting the trace element’s PageOutput attribute to False in the Web.config file.
What is the name of the file to which trace log is written?
Trace.axd
Can you view Trace.axd from a remote machine?
No, by default, you can view Trace.axd only from the local server running the application. If you want to view the trace log from a remote machine, set the trace element’s LocalOnly attribute to False in the Web.config file
An exception log is a list of handled exceptions that occur while your application is running. Reviewing the exception log periodically helps you verify that exceptions are being handled correctly, are not occurring too frequently, and are not preventing users from accomplishing tasks with your application.
What is Tracing and what are the adavantages of using tracing to log exceptions?
Tracing is a technique for recording events, such as exceptions, in an application. There have always been ways to record errors in an application - usually by opening a file and writing error messages to it. But tracing offers the following significant advantages:
Standardization:Building tracing into the .NET Framework ensures that programming techniques are the same across all the applications you develop with the .NET Framework.
Built-in Web support:ASP.NET extends the .NET Framework tools by including information related to the performance and behavior of Web requests.
Configuration:You can turn tracing on and off using settings in your application’s configuration file. You don’t have to recompile your application to enable or disable tracing.
Performance:While disabled, tracing statements do not affect application performance.
How do you turn tracing on and off for an ASP.NET web application?
Tracing can be turned on or off for an entire Web application or for an individual page in the application:
1. To turn tracing on for an entire application, in the application’s Web.config file, set the trace element’s Enabled attribute to True.
Or
2. To turn tracing on for a single page, set the DOCUMENT object’s Trace property to True in the Visual Studio .NET Properties window. This sets the @ Page directive’s Trace attribute to True in the Web form’s HTML.
Where is the trace output displayed by default?
By default, trace output is displayed at the end of each Web page.
While this is fine for debugging purposes, you’ll generally want to write trace output to a log file when you start testing your completed application. To write trace messages to a log file for an entire application, in the application’s Web.config file, set the trace element’s PageOutput attribute to False. ASP.NET then writes trace output to the Trace.axd file in your application’s root folder.
How do you specify, how many page requets should be written to the trace log?
The
To write trace messages to a log file for only selected pages in an application, follow these steps:
In the application’s Web.config file, set the trace element’s Enabled attribute to True and PageOutput attribute to False.
For each Web page you want to exclude from tracing, set the @ Page directive’s Trace attribute to False.
What is the difference between Trace.Write() and Trace.Warn() methods of a trace object?
The Trace object provides the Write and Warn methods to allow you to write messages to a request’s trace information. The two methods are identical with one difference: messages written with Trace.Write are displayed in black, whereas messages written with Trace.Warn are displayed in red.
How do you programatically check if tracing is enabled?
The Trace object’s IsEnabled property can be used to programatically check if tracing is enabled.
How do you prevent from trace output being written at the bottom of the web page?
You can prevent from trace output being written at the bottom of the web page by setting the trace element’s PageOutput attribute to False in the Web.config file.
What is the name of the file to which trace log is written?
Trace.axd
Can you view Trace.axd from a remote machine?
No, by default, you can view Trace.axd only from the local server running the application. If you want to view the trace log from a remote machine, set the trace element’s LocalOnly attribute to False in the Web.config file
Techniques to send data from one web form to another web form
What are the different techniques to send data from one web form to another web form?
1. Query strings :
Use these strings to pass information between requests and responses as part of the Web address. Query strings are visible to the user, so they should not contain secure information such as passwords.
2. Cookies :
Use cookies to store small amounts of information on a client. Clients might refuse cookies, so your code has to anticipate that possibility.
3. Session state :
Use Session state variables to store items that you want keep local to the current session (single user).
4. Application state :
Use Application state variables to store items that you want be available to all users of the application.
1. Query strings :
Use these strings to pass information between requests and responses as part of the Web address. Query strings are visible to the user, so they should not contain secure information such as passwords.
2. Cookies :
Use cookies to store small amounts of information on a client. Clients might refuse cookies, so your code has to anticipate that possibility.
3. Session state :
Use Session state variables to store items that you want keep local to the current session (single user).
4. Application state :
Use Application state variables to store items that you want be available to all users of the application.
ASP.NET Session State and Application State Interview Questions
What is a Session?
A Session is a unique instance of the browser. A single user can have multiple instances of the browser running on his or her machine. If each instance visits your Web application, each instance has a unique session.A session starts when a user accesses a page on a Web site for the first time, at which time they are assigned a unique session ID. The server the user's session ID in the Session.SessionID property.
What is the default session timeout period?
20 minutes.
Where do you generally specify the Session Timeout?
You specify the Session Timeout setting in the web.config file.
Can you specify Session Timeout in a code behind file?
Yes, can specify the Session.Timeout property as shown below in a code behind file.
Session.Timeout = 10;
How do you end a user session?
You can call the Session.Abandon() method to end a user session. If a user then tries to access a page the server will assign them a new session ID and it will clear all the previous session variables. You'll typically use Session.Abandon() on log-out pages.
What type of data can you store in Application State and Session State variables?
Application State and Session State variables are used to store data that you want to keep for the lifetime of an application or for the lifetime of a session. You can store any type of data in the Application or Session state, including objects.
Are Application State or Session State variables type safe?
No, Application and Session state variables are created on the fly, without variable name or type checking.
Do maintaining Session state affects performance?
Yes
Can you turn of Session state?
Yes, Session state can be turned off at the application and page levels.
Are Application state variables available throughout the current process?
Yes, Application state variables are available throughout the current process, but not across processes. If an application is scaled to run on multiple servers or on multiple processors within a server, each process has its own Application state.
How do you disable Session state for a Web form?
To turn Session state off for a Web form set EnableSessionState property of the Page to False.
How do you turn Session state off for an entire web application?
In the Web.config file, set the sessionstate tag to False.
What are Application State variables?
Application State variables are global variables that are available from anywhere in the application. All Sessions can access Application State variables.
How to add and remove data to Application State Variables?
//Code to add data to Application State
Application.Add("AppName", "Sample");
//Code to remove data from Application State
Application.Remove("AppName");
How do you remove all Application State Variables data?
//Code to remove all Application State Variables data
Application.RemoveAll();
A Session is a unique instance of the browser. A single user can have multiple instances of the browser running on his or her machine. If each instance visits your Web application, each instance has a unique session.A session starts when a user accesses a page on a Web site for the first time, at which time they are assigned a unique session ID. The server the user's session ID in the Session.SessionID property.
What is the default session timeout period?
20 minutes.
Where do you generally specify the Session Timeout?
You specify the Session Timeout setting in the web.config file.
Can you specify Session Timeout in a code behind file?
Yes, can specify the Session.Timeout property as shown below in a code behind file.
Session.Timeout = 10;
How do you end a user session?
You can call the Session.Abandon() method to end a user session. If a user then tries to access a page the server will assign them a new session ID and it will clear all the previous session variables. You'll typically use Session.Abandon() on log-out pages.
What type of data can you store in Application State and Session State variables?
Application State and Session State variables are used to store data that you want to keep for the lifetime of an application or for the lifetime of a session. You can store any type of data in the Application or Session state, including objects.
Are Application State or Session State variables type safe?
No, Application and Session state variables are created on the fly, without variable name or type checking.
Do maintaining Session state affects performance?
Yes
Can you turn of Session state?
Yes, Session state can be turned off at the application and page levels.
Are Application state variables available throughout the current process?
Yes, Application state variables are available throughout the current process, but not across processes. If an application is scaled to run on multiple servers or on multiple processors within a server, each process has its own Application state.
How do you disable Session state for a Web form?
To turn Session state off for a Web form set EnableSessionState property of the Page to False.
How do you turn Session state off for an entire web application?
In the Web.config file, set the sessionstate tag to False.
What are Application State variables?
Application State variables are global variables that are available from anywhere in the application. All Sessions can access Application State variables.
How to add and remove data to Application State Variables?
//Code to add data to Application State
Application.Add("AppName", "Sample");
//Code to remove data from Application State
Application.Remove("AppName");
How do you remove all Application State Variables data?
//Code to remove all Application State Variables data
Application.RemoveAll();
ASP.NET Interview Questions on web application Security
What is the difference between Authentication and Authorization?
Authentication is the process of identifying users. Authorization is the process of granting access to those users based on identity. Together, authentication and authorization provide the means to keeping your Web application secure from intruders.
What is Anonymous access?
Anonymous access is the way most public Web sites work. Sites containing public information allow anyone to see that information, so they don’t authenticate users. ASP.NET Web applications provide anonymous access to resources on the server by impersonation. Impersonation is the process of assigning a user account to an unknown user.
What is the account that is associated with Anonymous access?
By default, the anonymous access account is named IUSER_machinename. You use that account to control anonymous users’ access to resources on the server.
What is the default user account under which an ASP.NET web application run on a web server?
Under the default settings, ASP.NET uses the ASPNET account to run the Web application. This means that if the application attempts to perform any tasks that are not included in the ASPNET account’s privileges, a security exception will occur and access will be denied.
How do you restrict the access of anonymous users?
You restrict the access of anonymous users by setting Windows file permissions. To be secure, your server must use the Microsoft Windows NT file system (NTFS). The earlier FAT or FAT32 file systems do not provide file-level security.
What are the 3 major ways to authenticate and authorize users within an ASP.NET Web application?
Windows authentication : Identifies and authorizes users based on the server’s user list. Access to resources on the server is then granted or denied based on the user account’s privileges. This works the same way as regular Windows network security.
Forms authentication : Directs users to a logon Web form that collects user name and password information, and then authenticates the user against a user list or database that the application maintains.
Passport authentication : Directs new users to a site hosted by Microsoft so that they can register a single user name and password that will authorize their access to multiple Web sites. Existing users are prompted for their microsoft Passport user name and password, which the application then authenticates from the Passport user list.
What is the namespace where all security related classes are present?
System.Web.Security
What type of authentication can be used for Public Internet Web application?
Anonymous access. This is the common access method for most Web sites. No logon is required, and you secure restricted resources using NTFS file permissions.
What type of authentication can be used for Intranet Web application?
Windows authentication. Windows authentication authenticates network users through the domain controller. Network users have access to Web application resources as determined by their user privileges on the server.
What type of authentication can be used for Private corporate Web application?
Windows authentication. Corporate users can access the Web application using their corporate network user names and passwords. User accounts are administered using the Windows network security tools.
What type of authentication can be used for Commercial Web application?
Forms authentication. Applications that need to collect shipping and billing information should implement Forms authentication to gather and store customer information.
What type of authentication can be used for Multiple commercial Web applications?
Passport authentication. Passport authentication allows users to sign in once through a central authority. The user’s identity is then available to any application using the Passport SDK. Customer information is maintained in a Passport profile, rather than in a local database.
Can you use ASP.NET Authentication with HTM and HTML Files?
The three ASP.NET authentication modes apply to files that are part of the Web application. That includes Web forms (.aspx), modules (.asax), and other resources that are processed through the Web application’s executable. It does not automatically include HTML pages (.htm or .html). Those pages are handled by Internet Information Services (IIS), rather than ASP.NET. If you want to authenticate users who access HTML pages from within your Web application using Windows, Forms, or Passport authentication modes, you must map those files to the ASP.NET executable.
How do map .htm and .html files to the ASP.NET executable using the IIS snap-in?
To map .htm and .html files to the ASP.NET executable using the IIS snap-in, follow these steps:
1. In the IIS snap-in, select the folder containing your Web application, and then choose Properties from the Action menu. IIS displays the Properties dialog box.
2. Click the Home Directory or Virtual Directory tab, and then click Configuration. IIS displays the Application Configuration dialog box, as shown in the diagram below.
3. Click Add. IIS displays the Add/Edit Application Extension Mapping dialog box, as shown in the diagram below.
4. Click Browse, and select the aspnet_isapi.dll file. That file is stored in the Windows Microsoft .NET Framework directory; the path will be something like C:\Windows\Microsoft.NET\Framework\versionnumber\aspnet_isapi.dll.
5. Type .htm in the File Extension box, and click OK.
6. Repeat steps 3 through 5 for the .html file extension. Click OK to close the IIS dialog boxes when you’ve finished.
Authentication is the process of identifying users. Authorization is the process of granting access to those users based on identity. Together, authentication and authorization provide the means to keeping your Web application secure from intruders.
What is Anonymous access?
Anonymous access is the way most public Web sites work. Sites containing public information allow anyone to see that information, so they don’t authenticate users. ASP.NET Web applications provide anonymous access to resources on the server by impersonation. Impersonation is the process of assigning a user account to an unknown user.
What is the account that is associated with Anonymous access?
By default, the anonymous access account is named IUSER_machinename. You use that account to control anonymous users’ access to resources on the server.
What is the default user account under which an ASP.NET web application run on a web server?
Under the default settings, ASP.NET uses the ASPNET account to run the Web application. This means that if the application attempts to perform any tasks that are not included in the ASPNET account’s privileges, a security exception will occur and access will be denied.
How do you restrict the access of anonymous users?
You restrict the access of anonymous users by setting Windows file permissions. To be secure, your server must use the Microsoft Windows NT file system (NTFS). The earlier FAT or FAT32 file systems do not provide file-level security.
What are the 3 major ways to authenticate and authorize users within an ASP.NET Web application?
Windows authentication : Identifies and authorizes users based on the server’s user list. Access to resources on the server is then granted or denied based on the user account’s privileges. This works the same way as regular Windows network security.
Forms authentication : Directs users to a logon Web form that collects user name and password information, and then authenticates the user against a user list or database that the application maintains.
Passport authentication : Directs new users to a site hosted by Microsoft so that they can register a single user name and password that will authorize their access to multiple Web sites. Existing users are prompted for their microsoft Passport user name and password, which the application then authenticates from the Passport user list.
What is the namespace where all security related classes are present?
System.Web.Security
What type of authentication can be used for Public Internet Web application?
Anonymous access. This is the common access method for most Web sites. No logon is required, and you secure restricted resources using NTFS file permissions.
What type of authentication can be used for Intranet Web application?
Windows authentication. Windows authentication authenticates network users through the domain controller. Network users have access to Web application resources as determined by their user privileges on the server.
What type of authentication can be used for Private corporate Web application?
Windows authentication. Corporate users can access the Web application using their corporate network user names and passwords. User accounts are administered using the Windows network security tools.
What type of authentication can be used for Commercial Web application?
Forms authentication. Applications that need to collect shipping and billing information should implement Forms authentication to gather and store customer information.
What type of authentication can be used for Multiple commercial Web applications?
Passport authentication. Passport authentication allows users to sign in once through a central authority. The user’s identity is then available to any application using the Passport SDK. Customer information is maintained in a Passport profile, rather than in a local database.
Can you use ASP.NET Authentication with HTM and HTML Files?
The three ASP.NET authentication modes apply to files that are part of the Web application. That includes Web forms (.aspx), modules (.asax), and other resources that are processed through the Web application’s executable. It does not automatically include HTML pages (.htm or .html). Those pages are handled by Internet Information Services (IIS), rather than ASP.NET. If you want to authenticate users who access HTML pages from within your Web application using Windows, Forms, or Passport authentication modes, you must map those files to the ASP.NET executable.
How do map .htm and .html files to the ASP.NET executable using the IIS snap-in?
To map .htm and .html files to the ASP.NET executable using the IIS snap-in, follow these steps:
1. In the IIS snap-in, select the folder containing your Web application, and then choose Properties from the Action menu. IIS displays the Properties dialog box.
2. Click the Home Directory or Virtual Directory tab, and then click Configuration. IIS displays the Application Configuration dialog box, as shown in the diagram below.
3. Click Add. IIS displays the Add/Edit Application Extension Mapping dialog box, as shown in the diagram below.
4. Click Browse, and select the aspnet_isapi.dll file. That file is stored in the Windows Microsoft .NET Framework directory; the path will be something like C:\Windows\Microsoft.NET\Framework\versionnumber\aspnet_isapi.dll.
5. Type .htm in the File Extension box, and click OK.
6. Repeat steps 3 through 5 for the .html file extension. Click OK to close the IIS dialog boxes when you’ve finished.
Interview Questions on Query Strings in ASP.NET
Give an example of using querystrings to send data from one page to another?
Query strings are a very simple and popular technique to pass data from one Web page to the next. You send data as part of the URL. In the below example FName and LName are sent as part of the URL. In the page load of QueryStrings2.aspx we use Request.QueryString to read the values. As we are sending more than one query string we use the & symbol to seperate query strings.
//Code to send query strings FName and LName as part of the URL
QueryStrings2.aspx?FName=David&LName=Boon
protected void Page_Load(object sender, EventArgs e)
{
//Code to read Query String values
string FirstName = Request.QueryString["FName"];
string LastName = Request.QueryString["LName"];
Response.Write("Data from QueryStrings1.aspx : " + FirstName + ", " + LastName);
}
Give an example to send Query Strings from code?
You can send query strings from server side code using the Response.Redirect() method as shown below.
Response.Redirect("QueryStrings2.aspx?FName=David&LName=Boon");
What are the advantages of using Query Strings?
1. Query strings are easy to implement.
2. Browser support for passing values in a query string is nearly universal.
3. Query strings are contained in the HTTP request for a specific URL and do not require server resources.
What are the disadvantages of using querystrings to send data from one page to another?
1. Query strings are insecure because the information in the query string is directly visible to the user on the address line in the browser.
2. Many browsers impose a 255 URL character limit which can limit their flexibility.
Query strings are a very simple and popular technique to pass data from one Web page to the next. You send data as part of the URL. In the below example FName and LName are sent as part of the URL. In the page load of QueryStrings2.aspx we use Request.QueryString to read the values. As we are sending more than one query string we use the & symbol to seperate query strings.
//Code to send query strings FName and LName as part of the URL
QueryStrings2.aspx?FName=David&LName=Boon
protected void Page_Load(object sender, EventArgs e)
{
//Code to read Query String values
string FirstName = Request.QueryString["FName"];
string LastName = Request.QueryString["LName"];
Response.Write("Data from QueryStrings1.aspx : " + FirstName + ", " + LastName);
}
Give an example to send Query Strings from code?
You can send query strings from server side code using the Response.Redirect() method as shown below.
Response.Redirect("QueryStrings2.aspx?FName=David&LName=Boon");
What are the advantages of using Query Strings?
1. Query strings are easy to implement.
2. Browser support for passing values in a query string is nearly universal.
3. Query strings are contained in the HTTP request for a specific URL and do not require server resources.
What are the disadvantages of using querystrings to send data from one page to another?
1. Query strings are insecure because the information in the query string is directly visible to the user on the address line in the browser.
2. Many browsers impose a 255 URL character limit which can limit their flexibility.
Interview Questions on ASP.NET Page navigation techniques
What are different page navigation techniques in ASP.NET?
Hyperlink control : Navigate to another page.
Response.Redirect : Navigate to another page from code. This is equivalent to clicking a hyperlink.
Server.Transfer : End the current Web form and begin executing a new Web form. This method works only when navigating to a Web Forms page (.aspx).
Server.Execute : Begin executing a new Web form while still displaying the current Web form. The contents of both forms are combined. This method works only when navigating to a Web Forms page (.aspx).
Window.Open script method : Display a page in a new browser window on the client.
What is the difference between Response.Redirect and Server.Transfer?
1. When we use Server.Transfer the redirection happens on the server where as when we use Response.Redirect the redirection happens from the browser.
2. Server.Transfer is faster as there is no round trip involved while navigating from one webform to another webform. Response.Redirect is slower than Server.Transfer as there is round trip from the server to the client browser.
3. Server.Transfer works only with .aspx files where as Response.Redirect works with .aspx and .Htm pages.
4. Server.Transfer will work with files on the same web server. You can't use Server.Transfer to send the user to an external site where as Response.Redirect can do that.
5. Server.Transfer does not update the URL in the browser. For example when you navigate from WebForm1.aspx to WebForm2.aspx using Server.Transfer the URL in the browser still shows WebForm1.aspx while you are actually looking at WebForm2.aspx. Response.Redirect updates the URL in the browser.
What is the use of Server.Execute method?
Server.Execute method is used to process a second Web form without leaving the first Web form. This technique lets you direct the results from a Web form to a region on the current page.
Is it possible to send a webform's QueryString, ViewState, and event procedure information to another webform?
Yes, we can use Server.Transfer or Server.Execute to send a webform's QueryString, ViewState, and event procedure information to another webform.
For this to work you have to set the preserveForm argument to True.To be able to read one Web form’s ViewState from another, you must first set the EnableViewStateMac attribute in the Web form’s Page directive to False. By default, ASP.NET hashes ViewState information, and setting this attribute to False disables that hashing so that the information can be read on the subsequent Web form.
Hyperlink control : Navigate to another page.
Response.Redirect : Navigate to another page from code. This is equivalent to clicking a hyperlink.
Server.Transfer : End the current Web form and begin executing a new Web form. This method works only when navigating to a Web Forms page (.aspx).
Server.Execute : Begin executing a new Web form while still displaying the current Web form. The contents of both forms are combined. This method works only when navigating to a Web Forms page (.aspx).
Window.Open script method : Display a page in a new browser window on the client.
What is the difference between Response.Redirect and Server.Transfer?
1. When we use Server.Transfer the redirection happens on the server where as when we use Response.Redirect the redirection happens from the browser.
2. Server.Transfer is faster as there is no round trip involved while navigating from one webform to another webform. Response.Redirect is slower than Server.Transfer as there is round trip from the server to the client browser.
3. Server.Transfer works only with .aspx files where as Response.Redirect works with .aspx and .Htm pages.
4. Server.Transfer will work with files on the same web server. You can't use Server.Transfer to send the user to an external site where as Response.Redirect can do that.
5. Server.Transfer does not update the URL in the browser. For example when you navigate from WebForm1.aspx to WebForm2.aspx using Server.Transfer the URL in the browser still shows WebForm1.aspx while you are actually looking at WebForm2.aspx. Response.Redirect updates the URL in the browser.
What is the use of Server.Execute method?
Server.Execute method is used to process a second Web form without leaving the first Web form. This technique lets you direct the results from a Web form to a region on the current page.
Is it possible to send a webform's QueryString, ViewState, and event procedure information to another webform?
Yes, we can use Server.Transfer or Server.Execute to send a webform's QueryString, ViewState, and event procedure information to another webform.
For this to work you have to set the preserveForm argument to True.To be able to read one Web form’s ViewState from another, you must first set the EnableViewStateMac attribute in the Web form’s Page directive to False. By default, ASP.NET hashes ViewState information, and setting this attribute to False disables that hashing so that the information can be read on the subsequent Web form.
Managed Code and Unmanaged Code related ASP.NET Interview Questions
What is Managed Code and Unmanaged Code?
Microsoft ASP.NET Web applications run under the control of the common language runtime (CLR). The CLR controls how the application’s assembly executes, allocates, and recovers memory; therefore, ASP.NET applications are said to use managed code. In contrast, most other Windows executables use unmanaged code because the executable itself determines how memory is used.
Examples of unmanaged code include the Microsoft Win32 API, legacy DLLs and EXEs created for Windows applications prior to the Microsoft .NET Framework, and COM objects.
What is Platform Invoke or pinvoke?
The process of executing native code from within a .NET assembly is called platform invoke, or pinvoke for short. You use platform invoke to call the Win32 API directly, to access existing (legacy) DLLs your company uses, or to access procedures compiled to native code for performance reasons.
What are the steps to follow to use Platform Invoke?
To use platform invoke, follow the following steps:
1. Import the System.Runtime.InteropServices namespace.
2. Declare the unmanaged procedure using the DllImport attribute or the Declare statement.
3. Map the data types of the procedures parameters to the equivalent .NET types.
4. Call the unmanaged procedure and test its return value for success.
5. If the procedure did not succeed, retrieve and handle the exception code using the Marshal object’s GetLastWin32Error method.
What are the limitations of using Unmanaged Code from within a .NET assembly?
Performance : Although native-code DLLs can perform some operations more quickly than equivalent code managed by the CLR, these benefits might be offset by the time it takes to marshal the data to pass between the unmanaged procedure and the .NET assembly.
Type safety : Unlike .NET assemblies, unmanaged procedures might not be type-safe. This can affect the reliability of your .NET application. In general, reliability is a paramount concern with ASP.NET Web applications.
Code security : Unmanaged procedures do not use the .NET Framework’s model for code security.
Versioning:Unmanaged code does not support .NET versioning; therefore, assemblies that call unmanaged procedures might lose the benefit of being able to coexist with other versions of the same assembly.
What are COM objects?
COM objects are another type of unmanaged code that you can use from .NET assemblies. Because COM is widely used, Visual Studio includes built-in tools for importing and using COM objects within .NET assemblies. Visual Studio also includes the option of automatically registering .NET class library assemblies for use from COM.
List the steps in order, to use a COM object from a .NET assembly in Visual Studio?
1. Install and register the COM object on your system.
2. Open the .NET project in Visual Studio, and add a reference to the COM object, as shown in diagram below. If the COM object does not appear on the COM tab of the Add Reference dialog box, you can add a reference directly to the executable by clicking Browse.
3. Create an instance of the COM object in code, and use it as you would any other object.
What happens when you add a reference to a COM object from with in a dot net application?
When you add a reference to a COM object, Visual Studio automatically generates an interop assembly for the object and places it in the project’s /bin folder. The interop assembly is created from the COM object’s type information and contains the metadata that the CLR uses to call the unmanaged code in the COM object. You can then use COM objects from within .NET code the same way that you use .NET classes.
You can view this interop assembly using the Microsoft Intermediate Language Disassembler (Ildasm.exe) included in the .NET Framework.
Can we create a .NET object for use from COM?
Yes, Visual Studio can automatically generate type library information and register a .NET class library assembly for use from COM. These automatic tools do not work for ASP.NET Web applications, so you must isolate the code you want to use from COM in its own Class Library project.
How do you hide Public .NET Classes and other public members from COM?
In some cases, you might want to hide selected .NET classes from COM but keep them public for use from other .NET assemblies. The ComVisible attribute allows you to select which public .NET classes and members are included in the generated type library. This attribute applies hierarchically for the assembly, class, and member levels.
How do you handle exceptions between .NET and COM?
.NET handles errors through exception classes. COM handles errors through 32-bit data types called HRESULTs. All of the .NET exception classes include HResult properties that map to COM HRESULT codes.
If an exception occurs in a .NET object, the exception is automatically mapped to the appropriate HRESULT and returned to COM. Similarly, if an exception occurs in a COM object, the COM HRESULT is mapped to the appropriate exception class, which is returned to .NET, where it can be handled just like any other exception.
If you are creating your own .NET exception classes for use with COM, be sure to set the class’s HResult property so that the exception can be handled within COM.
What are the technical limitations of COM Interop?
The .NET Framework was developed to address the limitations of COM. Because of this evolution, there are limits to the .NET features that you can use from COM. The following list describes these limits:
Static members : COM requires objects to be created before use, so it does not support .NET Static members.
New members : COM flattens the inheritance tree of .NET objects, so members in a derived class that hides members inherited from a base class are not callable.
Constructors with parameters : COM can’t pass parameters to an object’s constructor.
What are the practical limitations of using COM objects?
The following are the practical limitations of using COM objects from .NET:
Shared solutions might not allow COM objects : ASP.NET host that use nondedicated servers can limit or prohibit the installation of COM objects on their servers.
COM objects are prone to memory leaks : COM uses reference counting to determine when to destroy objects and free memory. It is possible for this reference count to become incorrect, leaving objects in memory indefinitely.
Type libraries might be inaccurate : Because COM separates the object’s description from its implementation, it’s possible for this description to not accurately reflect the object. In this case, the generated interop assembly will also include those inaccuracies.
COM is unmanaged code : All the limitations of unmanaged code apply to COM objects as well.
Microsoft ASP.NET Web applications run under the control of the common language runtime (CLR). The CLR controls how the application’s assembly executes, allocates, and recovers memory; therefore, ASP.NET applications are said to use managed code. In contrast, most other Windows executables use unmanaged code because the executable itself determines how memory is used.
Examples of unmanaged code include the Microsoft Win32 API, legacy DLLs and EXEs created for Windows applications prior to the Microsoft .NET Framework, and COM objects.
What is Platform Invoke or pinvoke?
The process of executing native code from within a .NET assembly is called platform invoke, or pinvoke for short. You use platform invoke to call the Win32 API directly, to access existing (legacy) DLLs your company uses, or to access procedures compiled to native code for performance reasons.
What are the steps to follow to use Platform Invoke?
To use platform invoke, follow the following steps:
1. Import the System.Runtime.InteropServices namespace.
2. Declare the unmanaged procedure using the DllImport attribute or the Declare statement.
3. Map the data types of the procedures parameters to the equivalent .NET types.
4. Call the unmanaged procedure and test its return value for success.
5. If the procedure did not succeed, retrieve and handle the exception code using the Marshal object’s GetLastWin32Error method.
What are the limitations of using Unmanaged Code from within a .NET assembly?
Performance : Although native-code DLLs can perform some operations more quickly than equivalent code managed by the CLR, these benefits might be offset by the time it takes to marshal the data to pass between the unmanaged procedure and the .NET assembly.
Type safety : Unlike .NET assemblies, unmanaged procedures might not be type-safe. This can affect the reliability of your .NET application. In general, reliability is a paramount concern with ASP.NET Web applications.
Code security : Unmanaged procedures do not use the .NET Framework’s model for code security.
Versioning:Unmanaged code does not support .NET versioning; therefore, assemblies that call unmanaged procedures might lose the benefit of being able to coexist with other versions of the same assembly.
What are COM objects?
COM objects are another type of unmanaged code that you can use from .NET assemblies. Because COM is widely used, Visual Studio includes built-in tools for importing and using COM objects within .NET assemblies. Visual Studio also includes the option of automatically registering .NET class library assemblies for use from COM.
List the steps in order, to use a COM object from a .NET assembly in Visual Studio?
1. Install and register the COM object on your system.
2. Open the .NET project in Visual Studio, and add a reference to the COM object, as shown in diagram below. If the COM object does not appear on the COM tab of the Add Reference dialog box, you can add a reference directly to the executable by clicking Browse.
3. Create an instance of the COM object in code, and use it as you would any other object.
What happens when you add a reference to a COM object from with in a dot net application?
When you add a reference to a COM object, Visual Studio automatically generates an interop assembly for the object and places it in the project’s /bin folder. The interop assembly is created from the COM object’s type information and contains the metadata that the CLR uses to call the unmanaged code in the COM object. You can then use COM objects from within .NET code the same way that you use .NET classes.
You can view this interop assembly using the Microsoft Intermediate Language Disassembler (Ildasm.exe) included in the .NET Framework.
Can we create a .NET object for use from COM?
Yes, Visual Studio can automatically generate type library information and register a .NET class library assembly for use from COM. These automatic tools do not work for ASP.NET Web applications, so you must isolate the code you want to use from COM in its own Class Library project.
How do you hide Public .NET Classes and other public members from COM?
In some cases, you might want to hide selected .NET classes from COM but keep them public for use from other .NET assemblies. The ComVisible attribute allows you to select which public .NET classes and members are included in the generated type library. This attribute applies hierarchically for the assembly, class, and member levels.
How do you handle exceptions between .NET and COM?
.NET handles errors through exception classes. COM handles errors through 32-bit data types called HRESULTs. All of the .NET exception classes include HResult properties that map to COM HRESULT codes.
If an exception occurs in a .NET object, the exception is automatically mapped to the appropriate HRESULT and returned to COM. Similarly, if an exception occurs in a COM object, the COM HRESULT is mapped to the appropriate exception class, which is returned to .NET, where it can be handled just like any other exception.
If you are creating your own .NET exception classes for use with COM, be sure to set the class’s HResult property so that the exception can be handled within COM.
What are the technical limitations of COM Interop?
The .NET Framework was developed to address the limitations of COM. Because of this evolution, there are limits to the .NET features that you can use from COM. The following list describes these limits:
Static members : COM requires objects to be created before use, so it does not support .NET Static members.
New members : COM flattens the inheritance tree of .NET objects, so members in a derived class that hides members inherited from a base class are not callable.
Constructors with parameters : COM can’t pass parameters to an object’s constructor.
What are the practical limitations of using COM objects?
The following are the practical limitations of using COM objects from .NET:
Shared solutions might not allow COM objects : ASP.NET host that use nondedicated servers can limit or prohibit the installation of COM objects on their servers.
COM objects are prone to memory leaks : COM uses reference counting to determine when to destroy objects and free memory. It is possible for this reference count to become incorrect, leaving objects in memory indefinitely.
Type libraries might be inaccurate : Because COM separates the object’s description from its implementation, it’s possible for this description to not accurately reflect the object. In this case, the generated interop assembly will also include those inaccuracies.
COM is unmanaged code : All the limitations of unmanaged code apply to COM objects as well.
Interview Questions on ASP.NET Exception Handling
What are Exceptions?
Exceptions are unusual occurrences that happen within the logic of an application.
What are the 3 approaches to handle exceptions in a Web application?
1. Use exception-handling structures to deal with exceptions within the scope of a procedure. This technique is called structured exception handling (SEH) in the Visual Studio .NET documentation.
try
catch
finally
2. Use error events to deal with exceptions within the scope of an object.
Page_Error
Global_Error
Application_Error
3. Use custom error pages to display informational messages for unhandled exceptions within the scope of a Web application.
Where will the control flow if an exception occurs inside a try block?
If a statement in a try block causes an exception, control flow passes immediately to the next catch statement. When control flow passes to a catch block, the statements contained in the catch block are processed to correct the error or otherwise handle the exception.
Will the finally block gets executed, if an exception occurs?
Yes, a finally block will always be executed irrespective of whether an exception has occured or not.
What is the main use of a finally block in exception handling?
Finally block is mainly used to free resources used within the try block.
How do you raise an exception?
Use the throw keyword to raise an exception. Use this keyword within your exception-handling structure to immediately pass control flow to the catch statement.
Will the following code block compile?
try
{
throw new System.IO.FileNotFoundException();
}
catch (Exception E)
{
Response.Write(E.Message);
}
catch (System.IO.FileNotFoundException FNFE)
{
Response.Write(FNFE.Message);
}
No, a compile time error A previous catch clause already catches all exceptions of this or of a super type ('System.Exception').
Catch blocks are evaluated in the order in which they appear in code. The exception declaration of each catch block determines which type of exception the catch block handles. Always order catch blocks from most specific to most general. So, in the preceding sample, FileNotFoundException should be placed before the general Exception catch block.
What is ApplicationException class used for?
If you are creating a large application or creating components that are used by other applications, you might want to define your own exception classes based on the ApplicationException class. For example, the following code defines a class for the UserLoggedOnException:
public class UserLoggedOnException : System.ApplicationException
{
// Exception constructor (overloaded).
public UserLoggedOnException()
: this("The user is already logged on to the server", null)
{
}
public UserLoggedOnException(string message)
: this(message, null)
{
}
public UserLoggedOnException(string message, Exception inner)
: base(message, inner)
{
}
}
The preceding UserLoggedOnException class inherits its properties and methods from the ApplicationException base class. The new exception class provides only its own constructor to set the default message to display. This is a standard practice.
What are Error Events?
Another way to handle exceptions is through the Web objects’ built-in error events. When an unhandled exception occurs in a Web application, ASP.NET fires the error events shown below.
Page_Error : Occurs when an unhandled exception occurs on the page. This event procedure resides in the Web form.
Global_Error : Occurs when an unhandled exception occurs in the application. This event procedure resides in the Global.asax file.
Application_Error : Occurs when an unhandled exception occurs in the application. This event procedure resides in the Global.asax file.
Error events let you handle exceptions for an entire object in a single, centralized location—the error event procedure. This is different from using exception-handling structures, in which exceptions are handled within the procedure where they occurred. You can use error events in the following ways:
As a substitute for exception-handling structures :
Because error events occur outside the scope of the procedure in which the error occurred, you have less information about the steps leading up to the exception and therefore less ability to correct the exception condition for the user. However, using exception-handling events is fine for tasks where you might not be able to correct the exception in code.
As an adjunct to exception-handling structures :
Error events can provide a centralized “backstop” against exceptions that were not foreseen or handled elsewhere. Using the two exception-handling techniques together lets you catch all exceptions before the user sees them, display a reasonable message, and even record the exception in a log as part of an ongoing effort to improve your application.
Give an example to show how error events can be used to handle exceptions?
To handle an exception using error events, follow these steps:
1. In the Page_Error event procedure, get the exception that occurred using the GetLastError method.
2. Do something with the exception, such as display a message to the user, take steps to correct the problem, or write to an error log.
3. Clear the exception using the ClearError method.
4. Redisplay the page. Web form processing stops immediately when an exception occurs, so server controls and other items on the page might not be displayed after the exception is cleared.
5. Add the following code to Page_Error event procedure on the web page.
private void Page_Error(object sender, System.EventArgs e)
{
// Get the error.
Exception ex = Server.GetLastError();
// Store the message in a session object.
Session["Error"] = ex.Message;
// Clear the error message.
Server.ClearError();
// Redisplay this page.
Server.Transfer("ErrorEvents.aspx");
}
The preceding code stores the exception message as a Session state variable before clearing the exception so that the message can be displayed when the page is reloaded by the Transfer method. The following code displays the saved exception message when the page is redisplayed:
Add the following code to Page_Load event procedure on the web page.
private void Page_Load(object sender, System.EventArgs e)
{
// Display error. if any.
if (Session["Error"] != null)
{
litError.Text = "The following error occurred:
" +
Session["Error"].ToString();
// Clear the Session state variable.
Session["Error"] = null;
}
}
Can you have a try block without a catch or a finally block?
No, you cannot have a try block without a catch or a finally block. A try block cannot exist in isolation. A try block should be followed by either a catch block or a finally block or both.
Is the following code legal?
try
{
Response.Write("Try block executed");
}
finally
{
Response.Write("Finally block executed");
}
Yes, it's legal. A try statement does not have to have a catch statement if it has a finally statement.
What is wrong with using the following type of exception handler?
catch(Exception E)
{
//Some Code
}
This handler catches exceptions of type Exception, therefore, it catches any exception. This can be a poor implementation because you are losing valuable information about the type of exception being thrown and making your code less efficient. As a result, your program may be forced to determine the type of exception before it can decide on the best recovery strategy.
Will the second catch block handle the exception thrown by the first catch block?
try
{
throw new System.IO.FileNotFoundException();
}
catch (System.IO.FileNotFoundException FNFE)
{
Response.Write(FNFE.Message);
throw new Exception();
}
catch(Exception E)
{
Response.Write(E.Message);
}
No. For a catch block to handle the exception, the statement that raised the exception must be inside a try block.
What will happen to the exception raised by the code in the following Button1_Click event procedure?
protected void Button1_Click(object sender, EventArgs e)
{
throw new Exception();
try
{
Response.Write("Hello");
}
catch (Exception E)
{
Response.Write(E.Message);
}
}
The exception will not be handled by the catch block because the statement that raised the exception must be inside a try block.
Exceptions are unusual occurrences that happen within the logic of an application.
What are the 3 approaches to handle exceptions in a Web application?
1. Use exception-handling structures to deal with exceptions within the scope of a procedure. This technique is called structured exception handling (SEH) in the Visual Studio .NET documentation.
try
catch
finally
2. Use error events to deal with exceptions within the scope of an object.
Page_Error
Global_Error
Application_Error
3. Use custom error pages to display informational messages for unhandled exceptions within the scope of a Web application.
Where will the control flow if an exception occurs inside a try block?
If a statement in a try block causes an exception, control flow passes immediately to the next catch statement. When control flow passes to a catch block, the statements contained in the catch block are processed to correct the error or otherwise handle the exception.
Will the finally block gets executed, if an exception occurs?
Yes, a finally block will always be executed irrespective of whether an exception has occured or not.
What is the main use of a finally block in exception handling?
Finally block is mainly used to free resources used within the try block.
How do you raise an exception?
Use the throw keyword to raise an exception. Use this keyword within your exception-handling structure to immediately pass control flow to the catch statement.
Will the following code block compile?
try
{
throw new System.IO.FileNotFoundException();
}
catch (Exception E)
{
Response.Write(E.Message);
}
catch (System.IO.FileNotFoundException FNFE)
{
Response.Write(FNFE.Message);
}
No, a compile time error A previous catch clause already catches all exceptions of this or of a super type ('System.Exception').
Catch blocks are evaluated in the order in which they appear in code. The exception declaration of each catch block determines which type of exception the catch block handles. Always order catch blocks from most specific to most general. So, in the preceding sample, FileNotFoundException should be placed before the general Exception catch block.
What is ApplicationException class used for?
If you are creating a large application or creating components that are used by other applications, you might want to define your own exception classes based on the ApplicationException class. For example, the following code defines a class for the UserLoggedOnException:
public class UserLoggedOnException : System.ApplicationException
{
// Exception constructor (overloaded).
public UserLoggedOnException()
: this("The user is already logged on to the server", null)
{
}
public UserLoggedOnException(string message)
: this(message, null)
{
}
public UserLoggedOnException(string message, Exception inner)
: base(message, inner)
{
}
}
The preceding UserLoggedOnException class inherits its properties and methods from the ApplicationException base class. The new exception class provides only its own constructor to set the default message to display. This is a standard practice.
What are Error Events?
Another way to handle exceptions is through the Web objects’ built-in error events. When an unhandled exception occurs in a Web application, ASP.NET fires the error events shown below.
Page_Error : Occurs when an unhandled exception occurs on the page. This event procedure resides in the Web form.
Global_Error : Occurs when an unhandled exception occurs in the application. This event procedure resides in the Global.asax file.
Application_Error : Occurs when an unhandled exception occurs in the application. This event procedure resides in the Global.asax file.
Error events let you handle exceptions for an entire object in a single, centralized location—the error event procedure. This is different from using exception-handling structures, in which exceptions are handled within the procedure where they occurred. You can use error events in the following ways:
As a substitute for exception-handling structures :
Because error events occur outside the scope of the procedure in which the error occurred, you have less information about the steps leading up to the exception and therefore less ability to correct the exception condition for the user. However, using exception-handling events is fine for tasks where you might not be able to correct the exception in code.
As an adjunct to exception-handling structures :
Error events can provide a centralized “backstop” against exceptions that were not foreseen or handled elsewhere. Using the two exception-handling techniques together lets you catch all exceptions before the user sees them, display a reasonable message, and even record the exception in a log as part of an ongoing effort to improve your application.
Give an example to show how error events can be used to handle exceptions?
To handle an exception using error events, follow these steps:
1. In the Page_Error event procedure, get the exception that occurred using the GetLastError method.
2. Do something with the exception, such as display a message to the user, take steps to correct the problem, or write to an error log.
3. Clear the exception using the ClearError method.
4. Redisplay the page. Web form processing stops immediately when an exception occurs, so server controls and other items on the page might not be displayed after the exception is cleared.
5. Add the following code to Page_Error event procedure on the web page.
private void Page_Error(object sender, System.EventArgs e)
{
// Get the error.
Exception ex = Server.GetLastError();
// Store the message in a session object.
Session["Error"] = ex.Message;
// Clear the error message.
Server.ClearError();
// Redisplay this page.
Server.Transfer("ErrorEvents.aspx");
}
The preceding code stores the exception message as a Session state variable before clearing the exception so that the message can be displayed when the page is reloaded by the Transfer method. The following code displays the saved exception message when the page is redisplayed:
Add the following code to Page_Load event procedure on the web page.
private void Page_Load(object sender, System.EventArgs e)
{
// Display error. if any.
if (Session["Error"] != null)
{
litError.Text = "The following error occurred:
" +
Session["Error"].ToString();
// Clear the Session state variable.
Session["Error"] = null;
}
}
Can you have a try block without a catch or a finally block?
No, you cannot have a try block without a catch or a finally block. A try block cannot exist in isolation. A try block should be followed by either a catch block or a finally block or both.
Is the following code legal?
try
{
Response.Write("Try block executed");
}
finally
{
Response.Write("Finally block executed");
}
Yes, it's legal. A try statement does not have to have a catch statement if it has a finally statement.
What is wrong with using the following type of exception handler?
catch(Exception E)
{
//Some Code
}
This handler catches exceptions of type Exception, therefore, it catches any exception. This can be a poor implementation because you are losing valuable information about the type of exception being thrown and making your code less efficient. As a result, your program may be forced to determine the type of exception before it can decide on the best recovery strategy.
Will the second catch block handle the exception thrown by the first catch block?
try
{
throw new System.IO.FileNotFoundException();
}
catch (System.IO.FileNotFoundException FNFE)
{
Response.Write(FNFE.Message);
throw new Exception();
}
catch(Exception E)
{
Response.Write(E.Message);
}
No. For a catch block to handle the exception, the statement that raised the exception must be inside a try block.
What will happen to the exception raised by the code in the following Button1_Click event procedure?
protected void Button1_Click(object sender, EventArgs e)
{
throw new Exception();
try
{
Response.Write("Hello");
}
catch (Exception E)
{
Response.Write(E.Message);
}
}
The exception will not be handled by the catch block because the statement that raised the exception must be inside a try block.
Subscribe to:
Posts (Atom)