Important Topics.

Discussion in 'ASP .Net' started by shamirza, Jan 18, 2007.

  1. shamirza

    shamirza Guest

    · What is view state and use of it?
    The current property settings of an ASP.NET page and those of any
    ASP.NET server controls contained within the page. ASP.NET can detect
    when a form is requested for the first time versus when the form is
    posted (sent to the server), which allows you to program accordingly.

    · What are user controls and custom controls?
    Custom controls:
    A control authored by a user or a third-party software vendor that
    does not belong to the .NET Framework class library. This is a
    generic term that includes user controls. A custom server control is
    used in Web Forms (ASP.NET pages). A custom client control is used in
    Windows Forms applications.

    User Controls:
    In ASP.NET: A user-authored server control that enables an ASP.NET page
    to be re-used as a server control. An ASP.NET user control is
    authored declaratively and persisted as a text file with an .ascx
    extension. The ASP.NET page framework compiles a user control on the
    fly to a class that derives from the System.Web.UI.UserControl

    · What are the validation controls?
    A set of server controls included with ASP.NET that test user input in
    HTML and Web server controls for programmer-defined requirements.
    Validation controls perform input checking in server code. If the user
    is working with a browser that supports DHTML, the validation controls
    can also perform validation using client script.

    · What's the difference between Response.Write()
    The latter one allows you to write formattedoutput.
    · What methods are fired during the page load? Init()
    When the page is instantiated, Load() - when the page is loaded into
    server memory,PreRender () - the brief moment before the page is
    displayed to the user as HTML, Unload() - when page finishes loading.
    Where does the Web page belong in the .NET Framework class hierarchy?

    · Where do you store the information about the user's locale?

    · What's the difference between Codebehind="MyCode.aspx.cs" and
    CodeBehind is relevant to Visual Studio.NET only.

    · What's a bubbled event?
    When you have a complex control, likeDataGrid, writing an event
    processing routine for each object (cell, button,row, etc.) is quite
    tedious. The controls can bubble up their eventhandlers, allowing the
    main DataGrid event handler to take care of its constituents.
    Suppose you want a certain ASP.NET function executed on MouseOver over
    a certain button.

    · Where do you add an event handler?
    It's the Attributesproperty, the Add function inside that property.

    e.g. btnSubmit.Attributes.Add("onMouseOver","someClientCode();")

    · What data type does the RangeValidator control support?
    Integer,String and Date.

    · What are the different types of caching?
    Caching is a technique widely used in computing to increase performance
    by keeping frequently accessed or expensive data in memory. In context
    of web application, caching is used to retain the pages or data across
    HTTP requests and reuse them without the expense of recreating
    them.ASP.NET has 3 kinds of caching strategiesOutput CachingFragment
    CachingOutput Caching: Caches the dynamic output generated by a
    request. Some times it is useful to cache the output of a website even
    for a minute, which will result in a better performance. For caching
    the whole page the page should have OutputCache directive.<%@
    OutputCache Duration="60" VaryByParam="state" %>
    Fragment Caching: Caches the portion of the page generated by the
    request. Some times it is not practical to cache the entire page, in
    such cases we can cache a portion of page<%@ OutputCache Duration="120"
    Data Caching: Caches the objects programmatically. For data caching provides a cache object for eg: cache["States"] = dsStates;
    · What do you mean by authentication and authorization?
    Authentication is the process of validating a user on the credentials
    (username and password) and authorization performs after
    authentication. After Authentication a user will be verified for
    performing the various tasks, It access is limited it is known as

    · What are different types of directives in .NET?
    @Page: Defines page-specific attributes used by the ASP.NET page parser
    and compiler. Can be included only in .aspx files <%@ Page
    AspCompat="TRUE" language="C#" %>
    @Control:Defines control-specific attributes used by the ASP.NET page
    parser and compiler. Can be included only in .ascx files. <%@
    Control Language="VB" EnableViewState="false" %>
    @Import: Explicitly imports a namespace into a page or user control.
    The Import directive cannot have more than one namespace
    attribute. To import multiple namespaces, use multiple @Import
    directives. <% @ Import Namespace="System.web" %>
    @Implements: Indicates that the current page or user control implements
    the specified .NET framework interface.<%@ Implements
    Interface="System.Web.UI.IPostBackEventHandler" %>
    @Register: Associates aliases with namespaces and class names for
    concise notation in custom server control syntax.<%@ Register
    Tagprefix="Acme" Tagname="AdRotator" Src="AdRotator.ascx" %>
    @Assembly: Links an assembly to the current page during compilation,
    making all the assembly's classes and interfaces available
    for use on the page. <%@ Assembly Name="MyAssembly" %><%@ Assembly
    Src="MySource.vb" %>
    @OutputCache: Declaratively controls the output caching policies of an
    ASP.NET page or a user control contained in a page<%@
    OutputCache Duration="#ofseconds" Location="Any | Client | Downstream |
    Server | None" Shared="True | False" VaryByControl="controlname"
    VaryByCustom="browser | customstring" VaryByHeader="headers"
    VaryByParam="parametername" %>
    @Reference: Declaratively indicates that another user control or page
    source file should be dynamically compiled and linked
    against the page in which this directive is declared.

    · How do I debug an ASP.NET application that wasn't written with
    Visual Studio.NET and that doesn't use code-behind?
    Start the DbgClr debugger that comes with the .NET Framework SDK, open
    the file containing the code you want to debug, and set your
    breakpoints. Start the ASP.NET application. Go back to DbgClr, choose
    Debug Processes from the Tools menu, and select aspnet_wp.exe from
    the list of processes. (If aspnet_wp.exe doesn't appear in the
    list,check the "Show system processes" box.) Click the Attach
    button to attach to aspnet_wp.exe and begin debugging.
    Be sure to enable debugging in the ASPX file before debugging it with
    DbgClr. You can enable tell ASP.NET to build debug executables by
    placing a
    <%@ Page Debug="true" %> statement at the top of an ASPX file or a
    <COMPILATION debug="true" />statement in a Web.config file.

    · Can a user browsing my Web site read my Web.config or Global.asax
    No. The <HTTPHANDLERS>section of Machine.config, which holds the master
    configuration settings for ASP.NET, contains entries that map ASAX
    files, CONFIG files, and selected other file types to an HTTP handler
    named HttpForbiddenHandler, which fails attempts to retrieve the
    associated file. You can modify it by editing Machine.config or
    including an section in a local Web.config file.

    · What's the difference between Page.RegisterClientScriptBlock and
    RegisterClientScriptBlock is for returning blocks of client-side script
    containing functions. RegisterStartupScript is for returning blocks of
    client-script not packaged in functions-in other words, code that's
    to execute when the page is loaded. The latter positions script blocks
    near the end of the document so elements on the page that the script
    interacts are loaded before the script runs.<%@ Reference
    Control="MyControl.ascx" %>
    · Is it necessary to lock application state before accessing it?
    Only if you're performing a multistep update and want the update to be
    treated as an atomic operation. Here's an example:
    Application.Lock ();
    Application["ItemsSold"] = (int)
    Application["ItemsSold"] + 1;
    Application["ItemsLeft"] = (int)
    Application["ItemsLeft"] - 1;
    Application.UnLock ();
    By locking application state before updating it and unlocking it
    afterwards, you ensure that another request being processed on another
    thread doesn't read application state at exactly the wrong time and
    see an inconsistent view of it. If I update session state, should I
    lock it, too? Are concurrent accesses by multiple requests executing on
    multiple threads a concern with session state?
    Concurrent accesses aren't an issue with session state, for two
    reasons. One, it's unlikely that two requests from the same user will
    overlap. Two, if they do overlap, ASP.NET locks down session state
    during request processing so that two threads can't touch it at once.
    Session state is locked down when the HttpApplication instance that's
    processing the request fires an AcquireRequestState event and unlocked
    when it fires a ReleaseRequestState event.
    Do ASP.NET forms authentication cookies provide any protection against
    replay attacks? Do they, for example, include the client's IP address
    or anything else that would distinguish the real client from an
    No. If an authentication cookie is stolen, it can be used by an
    attacker. It's up to you to prevent this from happening by using an
    encrypted communications channel (HTTPS). Authentication cookies issued
    as session cookies, do, however,include a time-out valid that
    limits their lifetime. So a stolen session cookie can only be used in
    replay attacks as long as the ticket inside the cookie is valid. The
    default time-out interval is 30 minutes.You can change that by
    modifying the timeout attribute accompanying the <forms> element in
    Machine.config or a local Web.config file. Persistent authentication
    cookies do not time-out and therefore are a more serious security
    threat if stolen.
    · How do I send e-mail from an ASP.NET application?

    MailMessage message = new MailMessage ();
    message.From = <email>;
    message.To = <email>;
    message.Subject = "Scheduled Power Outage";
    message.Body = "Our servers will be down tonight.";
    SmtpMail.SmtpServer = "localhost";
    SmtpMail.Send (message);
    MailMessage and SmtpMail are classes defined in the .NET Framework
    Class Library's System.Web.Mail namespace. Due to a security change
    made to ASP.NET just before it shipped, you need to set SmtpMail's
    SmtpServer property to "localhost" even though "localhost" is the
    default. In addition, you must use the IIS configuration applet to
    enable localhost ( to relay messages through the local SMTP
    · What are VSDISCO files?
    VSDISCO files are DISCO files that support dynamic discovery of Web
    services. If you place the following VSDISCO file in a directory on
    your Web server, for example, it returns references to all ASMX and
    DISCO files in the host directory and any subdirectories not
    noted in <exclude> elements:
    <?xml version="1.0" ?>

    <exclude path="_vti_cnf" />
    <exclude path="_vti_pvt" />
    <exclude path="_vti_log" />
    <exclude path="_vti_script" />
    <exclude path="_vti_txt" />
    · How does dynamic discovery work?
    ASP.NET maps the file name extension VSDISCO to an HTTP handler that
    scans the host directory and subdirectories for ASMX and DISCO files
    and returns a dynamically generated DISCO document. A client who
    requests a VSDISCO file gets back what appears to be a static DISCO
    Note that VSDISCO files are disabled in the release version of ASP.NET.
    You can reenable them by uncommenting the line in the <httpHandlers>
    section of Machine.config that maps *.vsdisco to
    System.Web.Services.Discovery.DiscoveryRequestHandler and granting the
    ASPNET user account permission to read the IIS metabase. However,
    Microsoft is actively discouraging the use of VSDISCO files because
    they could represent a threat to Web server security.

    · Is it possible to prevent a browser from caching an ASPX page?
    Just call SetNoStore on the HttpCachePolicy object exposed through the
    Response object's Cache property, as demonstrated here:

    <%@ Page Language="C#" %>
    Response.Cache.SetNoStore ();
    Response.Write (DateTime.Now.ToLongTimeString ());
    SetNoStore works by returning a Cache-Control: private, no-store header
    in the HTTP response. In this example, it prevents caching of a Web
    page that shows the current time.
    · What does AspCompat="true" mean and when should I use it?
    AspCompat is an aid in migrating ASP pages to ASPX pages. It defaults
    to false but should be set to true in any ASPX file that creates
    apartment-threaded COM objects--that is, COM objects registered
    ThreadingModel=Apartment. That includes all COM objects written with
    Visual Basic 6.0. AspCompat should also be set to true (regardless of
    threading model) if the page creates COM objects that access
    intrinsic ASP objects such as Request and Response. The following
    directive sets AspCompat to true:
    <%@ Page AspCompat="true" %>
    Setting AspCompat to true does two things. First, it makes intrinsic
    ASP objects available to the COM components by placing unmanaged
    wrappers around the equivalent ASP.NET objects. Second, it improves the
    performance of calls that the page places to apartment- threaded COM
    objects by ensuring that the page (actually, the thread that processes
    the request for the page) and the COM objects it creates share an
    apartment. AspCompat="true" forces ASP.NET request threads into
    single-threaded apartments (STAs). If those threads create COM objects
    marked ThreadingModel=Apartment, then the objects are created in the
    same STAs as the threads that created them. Without AspCompat="true,"
    request threads run in a multithreaded apartment (MTA) and each call to
    an STA-based COM object incurs a performance hit when it's marshaled
    across apartment boundaries.
    Do not set AspCompat to true if your page uses no COM objects or if it
    uses COM objects that don't access ASP intrinsic objects and that are
    registered ThreadingModel=Free or ThreadingModel=Both.
    · Explain the differences between Server-side and Client-side code?
    Server side scripting means that all the script will be executed by
    the server and interpreted as needed. ASP doesn't have some of the
    functionality like sockets, uploading, etc. For these you have to make
    a custom components usually in VB or VC++. Client side scripting means
    that the script will be executed immediately in the browser such as
    form field validation, clock, email validation, etc. Client side
    scripting is usually done in VBScript or JavaScript. Download time,
    browser compatibility, and visible code - since JavaScript and
    VBScript code is included in the HTML page, then anyone can see the
    code by viewing the page source. Also a possible security hazards for
    the client computer.

    · What type of code (server or client) is found in a Code-Behind

    · Should validation (did the user enter a real date) occur
    server-side or client-side? Why?
    Client-side validation because there is no need to request a server
    side date when you could obtain a date from the client machine.

    · What are ASP.NET Web Forms? How is this technology different than
    what is available though ASP?
    Web Forms are the heart and soul of ASP.NET. Web Forms are the User
    Interface (UI) elements that give your Web applications their look and
    feel. Web Forms are similar to Windows Forms in that they provide
    properties, methods, and events for the controls that are placed onto
    them. However, these UI elements render themselves in the appropriate
    markup language required by the request, e.g. HTML. If you use
    Microsoft Visual Studio .NET, you will also get the familiar
    drag-and-drop interface used to create your UI for your Web

    · What is the difference between Server.Transfer and
    Response.Redirect? Why would I choose one over the other?
    In earlier versions of IIS, if we wanted to send a user to a new Web
    page, the only option we had was Response.Redirect. While this method
    does accomplish our goal, it has several important drawbacks. The
    biggest problem is that this method causes each page to be treated as a
    separate transaction. Besides making it difficult to maintain your
    transactional integrity, Response.Redirect introduces some additional
    headaches. First, it prevents good encapsulation of code. Second, you
    lose access to all of the properties in the Request object. Sure,
    there are workarounds, but they're difficult. Finally,
    Response.Redirect necessitates a round trip to the client, which, on
    high-volume sites, causes scalability problems.
    As you might suspect, Server.Transfer fixes all of these problems. It
    does this by performing the transfer on the server without requiring a
    roundtrip to the client.

    · How can you provide an alternating color scheme in a Repeater
    AlternatingItemTemplate Like the ItemTemplate element, but rendered for
    every other row (alternating items) in the Repeater control. You can
    specify a different appearance for the AlternatingItemTemplate element
    by setting its style properties.

    · Which template must you provide, in order to display data in a
    Repeater control?

    · What event handlers can I include in Global.asax?
    Application_Start,Application_End, Application_AcquireRequestState,
    Application_AuthenticateRequest, Application_AuthorizeRequest,
    Application_BeginRequest, Application_Disposed,
    Application_EndRequest, Application_Error,
    Application_PreSendRequestContent, Application_PreSendRequestHeaders,
    Application_ReleaseRequestState, Application_ResolveRequestCache,
    Application_UpdateRequestCache, Session_Start,Session_End
    You can optionally include "On" in any of method names. For example,
    you can name a BeginRequest event handler.Application_BeginRequest or
    Application_OnBeginRequest.You can also include event handlers in
    Global.asax for events fired by custom HTTP modules.Note that not all
    of the event handlers make sense for Web Services (they're designed for
    ASP.NET applications in general, whereas .NET XML Web Services are
    specialized instances of an ASP.NET app). For example, the
    Application_AuthenticateRequest and Application_AuthorizeRequest events
    are designed to be used with ASP.NET Forms authentication.

    · What is different b/w webconfig.xml & Machineconfig.xml
    Web.config & machine.config both are configuration files.Web.config
    contains settings specific to an application where as machine.config
    contains settings to a computer. The Configuration system first
    searches settings in machine.config file & then looks in application
    configuration files.Web.config, can appear in multiple directories on
    an ASP.NET Web application server. Each Web.config file applies
    configuration settings to its own directory and all child directories
    below it. There is only Machine.config file on a web server.
    If I'm developing an application that must accomodate multiple security
    levels though secure login and my ASP.NET web appplication is spanned
    across three web-servers (using round-robbin load balancing) what would
    be the best approach to maintain login-in state for the users?
    Use the state server or store the state in the database. This can be
    easily done through simple setting change in the web.config.
    sqlConnectionString="data source=; user id=sa; password="
    You can specify mode as "stateserver" or "sqlserver".
    Where would you use an iHTTPModule, and what are the limitations of any
    approach you might take in implementing one
    "One of ASP.NET's most useful features is the extensibility of the HTTP
    pipeline, the path that data takes between client and server. You can
    use them to extend your ASP.NET applications by adding pre- and
    post-processing to each HTTP request coming into your application. For
    example, if you wanted custom authentication facilities for your
    application, the best technique would be to intercept the request when
    it comes in and process the request in a custom HTTP module.
    · How do you turn off cookies for one page in your site?
    Since no Page Level directive is present, I am afraid that cant be

    · How do you create a permanent cookie?
    Permanent cookies are available until a specified expiration date, and
    are stored on the hard disk.So Set the 'Expires' property any value
    greater than DataTime.MinValue with respect to the current datetime. If
    u want the cookie which never expires set its Expires property equal to

    · Which method do you use to redirect the user to another page
    without performing a round trip to the client?
    Server.Transfer and Server.Execute

    · What property do you have to set to tell the grid which page to go
    to when using the Pager object?

    · Should validation (did the user enter a real date) occur
    server-side or client-side? Why?
    It should occur both at client-side and Server side.By using expression
    validator control with the specified expression ie.. the regular
    expression provides the facility of only validatating the date
    specified is in the correct format or not. But for checking the date
    where it is the real data or not should be done at the server side, by
    getting the system date ranges and checking the date whether it is in
    between that range or not.

    · What does the "EnableViewState" property do? Why would I want it on
    or off?
    Enable ViewState turns on the automatic state management feature that
    enables server controls to re-populate their values on a round trip
    without requiring you to write any code. This feature is not free
    however, since the state of a control is passed to and from the server
    in a hidden form field. You should be aware of when ViewState is
    helping you and when it is not. For example, if you are binding a
    control to data on every round trip, then you do not need the control
    to maintain it's view state, since you will wipe out any re-populated
    data in any case. ViewState is enabled for all server controls by
    default. To disable it, set the EnableViewState property of the control
    to false.

    · What is the difference between Server.Transfer and
    Response.Redirect? Why would I choose one over the other?
    Server.Transfer() : client is shown as it is on the requesting page
    only, but the all the content is of the requested page. Data can be
    persist accros the pages using Context.Item collection, which is one of
    the best way to transfer data from one page to another keeping the page
    state alive.
    Response.Dedirect() :client know the physical location (page name and
    query string as well). Context.Items loses the persisitance when
    nevigate to destination page. In earlier versions of IIS, if we wanted
    to send a user to a new Web page, the only option we had was
    Response.Redirect. While this method does accomplish our goal, it has
    several important drawbacks. The biggest problem is that this method
    causes each page to be treated as a separate transaction. Besides
    making it difficult to maintain your transactional integrity,
    Response.Redirect introduces some additional headaches. First, it
    prevents good encapsulation of code. Second, you lose access to all of
    the properties in the Request object. Sure, there are workarounds, but
    they're difficult. Finally, Response.Redirect necessitates a round trip
    to the client, which, on high-volume sites, causes scalability
    problems. As you might suspect, Server.Transfer fixes all of these
    problems. It does this by performing the transfer on the server without
    requiring a roundtrip to the client.
    · Can you give an example of when it would be appropriate to use a
    web service as opposed to a non-serviced .NET component?
    Communicating through a Firewall When building a distributed
    application with 100s/1000s of users spread over multiple locations,
    there is always the problem of communicating between client and server
    because of firewalls and proxy servers. Exposing your middle tier
    components as Web Services and invoking the directly from a Windows UI
    is a very valid option.
    Application Integration When integrating applications written in
    various languages and running on disparate systems. Or even
    applications running on the same platform that have been written by
    separate vendors.
    Business-to-Business Integration This is an enabler for B2B
    intergtation which allows one to expose vital business processes to
    authorized supplier and customers. An example would be exposing
    electronic ordering and invoicing, allowing customers to send you
    purchase orders and suppliers to send you invoices electronically.
    Software Reuse This takes place at multiple levels. Code Reuse at the
    Source code level or binary componet-based resuse. The limiting factor
    here is that you can reuse the code but not the data behind it.
    Webservice overcome this limitation. A scenario could be when you are
    building an app that aggregates the functionality of serveral other
    Applicatons. Each of these functions could be performed by individual
    apps, but there is value in perhaps combining the the multiple apps to
    present a unifiend view in a Portal or Intranet.
    When not to use Web Services: Single machine Applicatons When the apps
    are running on the same machine and need to communicate with each other
    use a native API. You also have the options of using component
    technologies such as COM or .NET Componets as there is very little
    Homogeneous Applications on a LAN If you have Win32 or Winforms apps
    that want to communicate to their server counterpart. It is much more
    efficient to use DCOM in the case of Win32 apps and .NET Remoting in
    the case of .NET Apps
    · Can you give an example of what might be best suited to place in
    the Application_Start and Session_Start subroutines?
    The Application_Start event is guaranteed to occur only once throughout
    the lifetime of the application. It's a good place to initialize global
    variables. For example, you might want to retrieve a list of products
    from a database table and place the list in application state or the
    Cache object. SessionStateModule exposes both Session_Start and
    Session_End events.

    · What are the advantages and disadvantages of viewstate?
    The primary advantages of the ViewState feature in ASP.NET are:
    1. Simplicity. There is no need to write possibly complex code to store
    form data between page submissions.
    2. Flexibility. It is possible to enable, configure, and disable
    ViewState on a control-by-control basis, choosing to persist the values
    of some fields but not others.
    There are, however a few disadvantages that are worth pointing out:
    1. Does not track across pages. ViewState information does not
    automatically transfer from page to page. With the session
    approach, values can be stored in the session and accessed from other
    pages. This is not possible with ViewState, so storing
    data into the session must be done explicitly.
    2. ViewState is not suitable for transferring data for back-end
    systems. That is, data still has to be transferred to the back
    end using some form of data object.

    · Describe session handling in a webfarm, how does it work and what
    are the limits?
    ASP.NET Session supports storing of session data in 3 ways, i] in
    In-Process ( in the same memory that ASP.NET uses) , ii] out-of-process
    using Windows NT Service )in separate memory from ASP.NET ) or iii] in
    SQL Server (persistent storage). Both the Windows Service and SQL
    Server solution support a webfarm scenario where all the web-servers
    can be configured to share common session state store.

    1. Windows Service :
    We can start this service by Start | Control Panel | Administrative
    Tools | Services | . In that we service names ASP.NET State Service.
    We can start or stop service by manually or configure to start
    automatically. Then we have to configure our web.config file

    mode = "StateServer"
    stateConnectionString = "tcpip="
    stateNetworkTimeout = "10"
    sqlConnectionString="data source =; uid=sa;pwd="
    cookieless ="Flase"
    timeout= "20" />
    </configuration> </SYSTEM.WEB>
    Here ASP.Net Session is directed to use Windows Service for state
    management on local server (address : is TCP/IP loop-back
    address). The default port is 42424. we can configure to any port but
    for that we have to manually edit the registry.
    Follow these simple steps
    - In a webfarm make sure you have the same config file in all your web
    - Also make sure your objects are serializable.
    - For session state to be maintained across different web servers in
    the webfarm, the application path of the web-site in the IIS Metabase
    should be identical in all the web-servers in the webfarm.

    · Which template must you provide, in order to display data in a
    Repeater control?
    You have to use the ItemTemplate to Display data. Syntax is as follows,
    < ItemTemplate >
    < div class ="rItem" >
    < img src="images/<%# Container.DataItem("ImageURL")%>"
    hspace="10" />
    < b > <% # Container.DataItem("Title")%>
    < /div >
    < ItemTemplate >

    · How can you provide an alternating color scheme in a Repeater
    Using the AlternatintItemTemplate

    · What property must you set, and what method must you call in your
    code, in order to bind the data from some data source to the Repeater
    Set the DataMember property to the name of the table to bind to. (If
    this property is not set, by default the first table in the dataset is
    DataBind method, use this method to bind data from a source to a server
    control. This method is commonly used after retrieving a data set
    through a database query.

    · What method do you use to explicitly kill a user s session?
    You can dump (Kill) the session yourself by calling the method
    ASP.NET automatically deletes a user's Session object, dumping its
    contents, after it has been idle for a configurable timeout interval.
    This interval, in minutes, is set in the <SESSIONSTATE>section of the
    web.config file. The default is 20 minutes.
    · How do you turn off cookies for one page in your site?
    Use Cookie.Discard property, Gets or sets the discard flag set by the
    server. When true, this property instructs the client application not
    to save the Cookie on the user's hard disk when a session ends.

    · Which two properties are on every validation control?
    We have two common properties for every validation controls
    1. Control to Validate,
    2. Error Message.

    · What tags do you need to add within the asp:datagrid tags to bind
    columns manually?
    < asp:DataGrid id="dgCart" AutoGenerateColumns="False" CellPadding="4"
    Width="448px" runat="server" >
    < Columns >
    < asp:ButtonColumn HeaderText="SELECT" Text="SELECT"
    CommandName="select" >< /asp:ButtonColumn >
    < asp:BoundColumn DataField="ProductId" HeaderText="Product ID" ><
    /asp:BoundColumn >
    < asp:BoundColumn DataField="ProductName" HeaderText="Product Name" ><
    /asp:BoundColumn >
    < asp:BoundColumn DataField="UnitPrice" HeaderText="UnitPrice" ><
    /asp:BoundColumn >
    < /Columns >
    < /asp:DataGrid >
    · How do you create a permanent cookie?
    Permanent cookies are the ones that are most useful. Permanent cookies
    are available until a specified expiration date, and are stored on the
    hard disk. The location of cookies differs with each browser, but this
    doesn't matter, as this is all handled by your browser and the
    server. If you want to create a permanent cookie called Name with a
    value of Nigel, which expires in one month, you'd use the following
    Response.Cookies ("Name") = "Nigel"
    Response.Cookies ("Name"). Expires = DateAdd ("m", 1, Now ())

    · What tag do you use to add a hyperlink column to the DataGrid?
    < asp:HyperLinkColumn > </ asp:HyperLinkColumn>

    · Which method do you use to redirect the user to another page
    without performing a round trip to the client?

    · What is the transport protocol you use to call a Web service SOAP ?
    HTTP Protocol

    · Explain role based security ?
    Role Based Security lets you identify groups of users to allow or deny
    based on their role in the organization.In Windows NT and Windows XP,
    roles map to names used to identify user groups. Windows defines
    several built-in groups, including Administrators, Users, and Guests.To
    allow or deny access to certain groups of users, add the <ROLES>element
    to the authorization list in your Web application's Web.config
    <AUTHORIZATION>< authorization >
    < allow roles="Domain Name\Administrators" / > < !-- Allow
    Administrators in domain. -- >
    < deny users="*" / > < !-- Deny anyone
    else. -- >
    < /authorization >

    · How do you register JavaScript for webcontrols ?
    You can register javascript for controls using <CONTROL
    -name>Attribtues.Add(scriptname,scripttext) method.

    · When do you set "<IDENTITY impersonate="true" />" ?
    Identity is a webconfig declaration under System.web, which helps to
    control the application Identity of the web applicaton. Which can be at
    any level(Machine,Site,application,subdirectory,or page), attribute
    impersonate with "true" as value specifies that client impersonation is

    · What are different templates available in Repeater,DataList and
    Datagrid ?
    Templates enable one to apply complicated formatting to each of the
    items displayed by a control.Repeater control supports five types of
    templates.HeaderTemplate controls how the header of the repeater
    control is formatted.ItemTemplate controls the formatting of each item
    displayed.AlternatingItemTemplate controls how alternate items are
    formatted and the SeparatorTemplate displays a separator between each
    item displyed.FooterTemplate is used for controlling how the footer of
    the repeater control is formatted.The DataList and Datagrid supports
    two templates in addition to the above five.SelectedItem Template
    controls how a selected item is formatted and EditItemTemplate
    controls how an item selected for editing is formatted.

    · What is ViewState ? and how it is managed ?
    ASP.NET ViewState is a new kind of state service that developers can
    use to track UI state on a per-user basis. Internally it uses an an
    old Web programming trick-roundtripping state in a hidden form field
    and bakes it right into the page-processing framework.It needs less
    code to write and maintain state in your Web-based forms.

    · What is web.config file ?
    Web.config file is the configuration file for the web
    application. There is one web.config file for one application
    which configures
    the particular application. Web.config file is written in XML with
    specific tags having specific meanings.It includes databa which
    connections,Session States,Error Handling,Security etc.
    For example :
    < configuration >
    < appSettings >
    < add key="ConnectionString"
    value="server=localhost;uid=sa;pwd=;database=MyDB" / >
    < /appSettings >
    < /configuration >
    · What is advantage of viewstate and what are benefits?
    When a form is submitted in classic ASP, all form values are cleared.
    Suppose you have submitted a form with a lot of information and the
    server comes back with an error. You will have to go back to the form
    and correct the information. You click the back button, and what
    happens.......ALL form values are CLEARED, and you will have to start
    all over again! The site did not maintain your ViewState.With ASP
    ..NET, the form reappears in the browser window together with all form
    values.This is because ASP .NET maintains your ViewState. The ViewState
    indicates the status of the page when submitted to the server.

    · What tags do you need to add within the asp:datagrid tags to bind
    columns manually?
    Set AutoGenerateColumns Property to false on the datagrid tag and then
    use Column tag and an ASP:databound tag
    < asp:DataGrid runat="server" id="ManualColumnBinding"
    AutoGenerateColumns="False" >
    < Columns >
    < asp:BoundColumn HeaderText="Column1" DataField="Column1"/ >
    < asp:BoundColumn HeaderText="Column2" DataField="Column2"/ >
    < /Columns >
    < /asp:DataGrid >
    <asp:DataGrid id=ManualColumnBinding runat="server"
    <COLUMNS> <asp:BoundColumn HeaderText="Column2"
    · Which property on a Combo Box do you set with a column name, prior
    to setting the DataSource, to display data in the combo box?
    DataTextField and DataValueField

    · Which control would you use if you needed to make sure the values
    in two different controls matched?
    CompareValidator is used to ensure that two fields are identical.

    · What is validationsummary server control?where it is used?.
    The ValidationSummary control allows you to summarize the error
    messages from all validation controls on a Web page in a single
    location. The summary can be displayed as a list, a bulleted list, or a
    single paragraph, based on the value of the DisplayMode property. The
    error message displayed in the ValidationSummary control for each
    validation control on the page is specified by the ErrorMessage
    property of each validation control. If the ErrorMessage property of
    the validation control is not set, no error message is displayed in the
    ValidationSummary control for that validation control. You can also
    specify a custom title in the heading section of the ValidationSummary
    control by setting the HeaderText property.
    You can control whether the ValidationSummary control is displayed or
    hidden by setting the ShowSummary property. The summary can also be
    displayed in a message box by setting the ShowMessageBox property to

    · What is the sequence of operation takes place when a page is
    BeginTranaction - only if the request is transacted
    Init - every time a page is processed
    LoadViewState - Only on postback
    ProcessPostData1 - Only on postback
    Load - every time
    ProcessData2 - Only on Postback
    RaiseChangedEvent - Only on Postback
    RaisePostBackEvent - Only on Postback
    PreRender - everytime
    BuildTraceTree - only if tracing is enabled
    SaveViewState - every time
    Render - Everytime
    End Transaction - only if the request is transacted
    Trace.EndRequest - only when tracing is enabled
    UnloadRecursive - Every request

    · Difference between asp and
    "ASP (Active Server Pages) and ASP.NET are both server side
    technologies for building web sites and web applications, ASP.NET is
    Managed compiled code - asp is interpreted. and is fully Object
    oriented. ASP.NET has been entirely re-architected to provide a highly
    productive programming experience based on the .NET Framework, and a
    robust infrastructure for building reliable and scalable web

    · Name the validation control available in
    RequiredField, RangeValidator,RegularExpression,Custom
    validator,compare Validator

    · What are the various ways of securing a web site that could prevent
    from hacking etc .. ?
    1) Authentication/Authorization
    2) Encryption/Decryption
    3) Maintaining web servers outside the corporate firewall. etc.,

    · What is the difference between in-proc and out-of-proc?
    An inproc is one which runs in the same process area as that of the
    client giving tha advantage of speed but the disadvantage of stability
    becoz if it crashes it takes the client application also with
    it.Outproc is one which works outside the clients memory thus giving
    stability to the client, but we have to compromise a bit on speed.
    · When you're running a component within ASP.NET, what process is
    it running within on Windows XP? Windows 2000? Windows 2003?
    On Windows 2003 (IIS 6.0) running in native mode, the component is
    running within the w3wp.exe process associated with the application
    pool which has been configured for the web application containing the
    On Windows 2003 in IIS 5.0 emulation mode, 2000, or XP, it's running
    within the IIS helper process whose name I do not remember, it being
    quite a while since I last used IIS 5.0.
    · What does aspnet_regiis -i do ?
    Aspnet_regiis.exe is The ASP.NET IIS Registration tool allows an
    administrator or installation program to easily update the script maps
    for an ASP.NET application to point to the ASP.NET ISAPI version
    associated with the tool. The tool can also be used to display the
    status of all installed versions of ASP. NET, register the ASP.NET
    version coupled with the tool, create client-script directories, and
    perform other configuration operations.

    When multiple versions of the .NET Framework are executing side-by-side
    on a single computer, the ASP.NET ISAPI version mapped to an ASP.NET
    application determines which version of the common language runtime is
    used for the application.

    The tool can be launched with a set of optional parameters. Option "i"
    Installs the version of ASP.NET associated with Aspnet_regiis.exe and
    updates the script maps at the IIS metabase root and below. Note that
    only applications that are currently mapped to an earlier version of
    ASP.NET are affected
    · What is a PostBack?
    The process in which a Web page sends data back to the same page on the
    · What is ViewState? How is it encoded? Is it encrypted? Who uses
    ViewState is the mechanism ASP.NET uses to keep track of server control
    state values that don't otherwise post back as part of the HTTP form.
    ViewState Maintains the UI State of a Page
    ViewState is base64-encoded.
    It is not encrypted but it can be encrypted by setting
    EnableViewStatMAC="true" & setting the machineKey validation type to
    3DES. If you want to NOT maintain the ViewState, include the directive
    < %@ Page EnableViewState="false" % > at the top of an .aspx page or
    add the attribute EnableViewState="false" to any control.
    · What is the < machinekey > element and what two ASP.NET
    technologies is it used for?
    Configures keys to use for encryption and decryption of forms
    authentication cookie data and view state data, and for verification of
    out-of-process session state identification.There fore 2 ASP.Net
    technique in which it is used are Encryption/Decryption & Verification
    · What three Session State providers are available in ASP.NET 1.1?
    What are the pros and cons of each?
    ASP.NET provides three distinct ways to store session data for your
    application: in-process session state, out-of-process session state as
    a Windows service, and out-of-process session state in a SQL Server
    database. Each has it advantages.
    1.In-process session-state mode
    * When using the in-process session-state mode, session-state data is
    lost if aspnet_wp.exe or the application domain restarts.
    * If you enable Web garden mode in the < processModel > element of the
    application's Web.config file, do not use in-process session-state
    mode. Otherwise, random data loss can occur.
    * in-process session state is by far the fastest solution. If you are
    storing only small amounts of volatile data in session state, it is
    recommended that you use the in-process provider.
    2. The State Server simply stores session state in memory when in
    out-of-proc mode. In this mode the worker process talks directly to the
    State Server
    3. SQL mode, session states are stored in a SQL Server database and the
    worker process talks directly to SQL. The ASP.NET worker processes are
    then able to take advantage of this simple storage service by
    serializing and saving (using .NET serialization services) all objects
    within a client's Session collection at the end of each Web request
    Both these out-of-process solutions are useful primarily if you scale
    your application across multiple processors or multiple computers, or
    where data cannot be lost if a server or process is restarted.
    · What is the difference between HTTP-Post and HTTP-Get?
    As their names imply, both HTTP GET and HTTP POST use HTTP as their
    underlying protocol. Both of these methods encode request parameters as
    name/value pairs in the HTTP request.
    The GET method creates a query string and appends it to the script's
    URL on the server that handles the request.
    The POST method creates a name/value pairs that are passed in the body
    of the HTTP request message.
    · Name and describe some HTTP Status Codes and what they express to
    the requesting client.
    When users try to access content on a server that is running Internet
    Information Services (IIS) through HTTP or File Transfer Protocol
    (FTP), IIS returns a numeric code that indicates the status of the
    request. This status code is recorded in the IIS log, and it may also
    be displayed in the Web browser or FTP client. The status code can
    indicate whether a particular request is successful or unsuccessful and
    can also reveal the exact reason why a request is unsuccessful. There
    are 5 groups ranging from 1xx - 5xx of http status codes exists.
    101 - Switching protocols.
    200 - OK. The client request has succeeded
    302 - Object moved.
    400 - Bad request.
    500.13 - Web server is too busy.
    · Explain < @OutputCache% > and the usage of VaryByParam,
    OutputCache is used to control the caching policies of an ASP.NET page
    or user control. To cache a page @OutputCache directive should be
    defined as follows < %@ OutputCache Duration="100" VaryByParam="none" %

    VaryByParam: A semicolon-separated list of strings used to vary the
    output cache. By default, these strings correspond to a query string
    value sent with GET method attributes, or a parameter sent using the
    POST method. When this attribute is set to multiple parameters, the
    output cache contains a different version of the requested document for
    each specified parameter. Possible values include none, *, and any
    valid query string or POST parameter name.
    VaryByHeader: A semicolon-separated list of HTTP headers used to vary
    the output cache. When this attribute is set to multiple headers, the
    output cache contains a different version of the requested document for
    each specified header.
    · What is the difference between repeater over datalist and datagrid?
    The Repeater class is not derived from the WebControl class, like the
    DataGrid and DataList. Therefore, the Repeater lacks the stylistic
    properties common to both the DataGrid and DataList. What this boils
    down to is that if you want to format the data displayed in the
    Repeater, you must do so in the HTML markup.
    The Repeater control provides the maximum amount of flexibility over
    the HTML produced. Whereas the DataGrid wraps the DataSource contents
    in an HTML < table >, and the DataList wraps the contents in either an
    HTML < table > or < span > tags (depending on the DataList's
    RepeatLayout property), the Repeater adds absolutely no HTML content
    other than what you explicitly specify in the templates.
    While using Repeater control, If we wanted to display the employee
    names in a bold font we'd have to alter the "ItemTemplate" to include
    an HTML bold tag, Whereas with the DataGrid or DataList, we could have
    made the text appear in a bold font by setting the control's
    ItemStyle-Font-Bold property to True.
    The Repeater's lack of stylistic properties can drastically add to the
    development time metric. For example, imagine that you decide to use
    the Repeater to display data that needs to be bold, centered, and
    displayed in a particular font-face with a particular background color.
    While all this can be specified using a few HTML tags, these tags will
    quickly clutter the Repeater's templates. Such clutter makes it much
    harder to change the look at a later date. Along with its increased
    development time, the Repeater also lacks any built-in functionality to
    assist in supporting paging, editing, or editing of data. Due to this
    lack of feature-support, the Repeater scores poorly on the usability
    However, The Repeater's performance is slightly better than that of the
    DataList's, and is more noticeably better than that of the DataGrid's.
    Following figure shows the number of requests per second the Repeater
    could handle versus the DataGrid and DataList
    · Can we handle the error and redirect to some pages using
    Yes, we can do this, but to handle errors, we must know the error
    codes; only then we can take the user to a proper error message page,
    else it may confuse the user.
    CustomErrors Configuration section in web.config file:
    The default configuration is:
    < customErrors mode="RemoteOnly" defaultRedirect="Customerror.aspx" >
    < error statusCode="404" redirect="Notfound.aspx" / >
    < /customErrors >
    If mode is set to Off, custom error messages will be disabled. Users
    will receive detailed exception error messages.
    If mode is set to On, custom error messages will be enabled.
    If mode is set to RemoteOnly, then users will receive custom errors,
    but users accessing the site locally will receive detailed error
    Add an < error > tag for each error you want to handle. The error tag
    will redirect the user to the Notfound.aspx page when the site returns
    the 404 (Page not found) error.

    There is a page MainForm.aspx
    Private Sub Page_Load(ByVal sender As System.Object, ByVal e As
    System.EventArgs) Handles MyBase.Load
    'Put user code to initialize the page here
    Dim str As System.Text.StringBuilder
    str.Append("hi") ' Error Line as str is not instantiated
    End Sub
    < customErrors mode="On" defaultRedirect="Error.aspx"/ >
    ' a simple redirect will take the user to Error.aspx [user defined]
    error file.
    < customErrors mode="RemoteOnly" defaultRedirect="Customerror.aspx" >
    < error statusCode="404" redirect="Notfound.aspx" / >
    < /customErrors >
    'This will take the user to NotFound.aspx defined in IIS.
    · How do you implement Paging in .Net?
    The DataGrid provides the means to display a group of records from the
    data source (for example, the first 10), and then navigate to the
    "page" containing the next 10 records, and so on through the data.
    Using Ado.Net we can explicit control over the number of records
    returned from the data source, as well as how much data is to be cached
    locally in the DataSet.
    1.Using DataAdapter.fill method give the value of 'Maxrecords'
    (Note: - Don't use it because query will return all records but fill
    the dataset based on value of 'maxrecords' parameter).
    2.For SQL server database, combines a WHERE clause and a ORDER BY
    clause with TOP predicate.
    3.If Data does not change often just cache records locally in DataSet
    and just take some records from the DataSet to display.
    · What is the difference between Server.Transfer and
    Server.Transfer() : client is shown as it is on the requesting page
    only, but the all the content is of the requested page. Data can be
    persist across the pages using Context.Item collection, which is one of
    the best way to transfer data from one page to another keeping the page
    state alive.
    Response.Dedirect() :client knows the physical location (page name and
    query string as well). Context.Items loses the persistence when
    navigate to destination page. In earlier versions of IIS, if we wanted
    to send a user to a new Web page, the only option we had was
    Response.Redirect. While this method does accomplish our goal, it has
    several important drawbacks. The biggest problem is that this method
    causes each page to be treated as a separate transaction. Besides
    making it difficult to maintain your transactional integrity,
    Response.Redirect introduces some additional headaches. First, it
    prevents good encapsulation of code. Second, you lose access to all of
    the properties in the Request object. Sure, there are workarounds, but
    they're difficult. Finally, Response.Redirect necessitates a round trip
    to the client, which, on high-volume sites, causes scalability
    problems. As you might suspect, Server.Transfer fixes all of these
    problems. It does this by performing the transfer on the server without
    requiring a roundtrip to the client.
    Response.Redirect sends a response to the client browser instructing it
    to request the second page. This requires a round-trip to the client,
    and the client initiates the Request for the second page.
    Server.Transfer transfers the process to the second page without making
    a round-trip to the client. It also transfers the HttpContext to the
    second page, enabling the second page access to all the values in the
    HttpContext of the first page.
    · Can you create an app domain?
    Yes, We can create user app domain by calling on of the following
    overload static methods of the System.AppDomain class
    1. Public static AppDomain CreateDomain(String friendlyName)
    2. Public static AppDomain CreateDomain(String friendlyName, Evidence
    3. Public static AppDomain CreateDomain(String friendlyName, Evidence
    securityInfo, AppDomainSetup info)
    4. Public static AppDomain CreateDomain(String friendlyName, Evidence
    securityInfo, String appBasePath, String appRelativeSearchPath, bool
    · What are the various security methods which IIS Provides apart from
    ..NET ?
    The various security methods which IIS provides are
    a) Authentication Modes
    b) IP Address and Domain Name Restriction
    c) DNS Lookups DNS Lookups
    d) The Network ID and Subnet Mask
    e) SSL
    · What is Web Gardening? How would using it affect a design?
    The Web Garden Model
    The Web garden model is configurable through the section of the
    machine.config file. Notice that the section is the only configuration
    section that cannot be placed in an application-specific web.config
    file. This means that the Web garden mode applies to all applications
    running on the machine. However, by using the node in the
    machine.config source, you can adapt machine-wide settings on a
    per-application basis.
    Two attributes in the section affect the Web garden model. They are
    webGarden and cpuMask. The webGarden attribute takes a Boolean value
    that indicates whether or not multiple worker processes (one per each
    affinitized CPU) have to be used. The attribute is set to false by
    default. The cpuMask attribute stores a DWORD value whose binary
    representation provides a bit mask for the CPUs that are eligible to
    run the ASP.NET worker process. The default value is -1 (0xFFFFFF),
    which means that all available CPUs can be used. The contents of the
    cpuMask attribute is ignored when the webGarden attribute is false. The
    cpuMask attribute also sets an upper bound to the number of copies of
    aspnet_wp.exe that are running.
    Web gardening enables multiple worker processes to run at the same
    time. However, you should note that all processes will have their own
    copy of application state, in-process session state, ASP.NET cache,
    static data, and all that is needed to run applications. When the Web
    garden mode is enabled, the ASP.NET ISAPI launches as many worker
    processes as there are CPUs, each a full clone of the next (and each
    affinitized with the corresponding CPU). To balance the workload,
    incoming requests are partitioned among running processes in a
    round-robin manner. Worker processes get recycled as in the single
    processor case. Note that ASP.NET inherits any CPU usage restriction
    from the operating system and doesn't include any custom semantics for
    doing this.
    All in all, the Web garden model is not necessarily a big win for all
    applications. The more stateful applications are, the more they risk to
    pay in terms of real performance. Working data is stored in blocks of
    shared memory so that any changes entered by a process are immediately
    visible to others. However, for the time it takes to service a request,
    working data is copied in the context of the process. Each worker
    process, therefore, will handle its own copy of working data, and the
    more stateful the application, the higher the cost in performance. In
    this context, careful and savvy application benchmarking is an absolute
    Changes made to the section of the configuration file are effective
    only after IIS is restarted. In IIS 6, Web gardening parameters are
    stored in the IIS metabase; the webGarden and cpuMask attributes are
    · What is view state?.where it stored?.can we disable it?
    The web is state-less protocol, so the page gets instantiated,
    executed, rendered and then disposed on every round trip to the server.
    The developers code to add "statefulness" to the page by using
    Server-side storage for the state or posting the page to itself. When
    require to persist and read the data in control on webform, developer
    had to read the values and store them in hidden variable (in the form),
    which were then used to restore the values. With advent of .NET
    framework, ASP.NET came up with ViewState mechanism, which tracks the
    data values of server controls on ASP.NET webform. In effect,ViewState
    can be viewed as "hidden variable managed by ASP.NET framework!". When
    ASP.NET page is executed, data values from all server controls on page
    are collected and encoded as single string, which then assigned to
    page's hidden atrribute "< input type=hidden >", that is part of page
    sent to the client.
    ViewState value is temporarily saved in the client's browser.ViewState
    can be disabled for a single control, for an entire page orfor an
    entire web application. The syntax is:
    Disable ViewState for control (Datagrid in this example)
    < asp:datagrid EnableViewState="false" ... / >
    Disable ViewState for a page, using Page directive
    < %@ Page EnableViewState="False" ... % >
    Disable ViewState for application through entry in web.config
    < Pages EnableViewState="false" ... / >
    shamirza, Jan 18, 2007
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Stefan Kiryazov
    Stefan Kiryazov (MCAD)
    Jan 25, 2005
  2. Sean Monaghan
    Sep 30, 2005
  3. sudhakar

    thesis topics in xml

    sudhakar, May 18, 2005, in forum: XML
    Sep 3, 2009
  4. Replies:
    Nov 10, 2005
  5. intermediate

    Topics in .NET Webservices

    intermediate, Dec 28, 2005, in forum: ASP .Net Web Services
    Abel Eduardo Pereira
    Dec 30, 2005