Escolar Documentos
Profissional Documentos
Cultura Documentos
A postback is a request sent from a client to server from the same page, user is already working with.
Now just run the application to see WebForm1.aspx page and view its source code. HTML source
of the page will display form element as follows:
<code>form id="form1" action="WebForm1.aspx" method="post">
You can see that an HTML form element generated with an HTTP method as POST and
action=WebForm1.aspx. So, if a submit button is clicked, the page will postback to itself by
default.
Following figure will also give you more understanding on ASP.NET Postback.
Page controller pattern that means an implicit Front controller pattern that means
controller (code behind) would process the request anexplicitcontroller would be there to process the
request
web form has user controls for code reusability Partial views has code reusability
view and controllers are not separated view and controller are handled separately
stateful and view state is used to maintain state Stateless, so view state is not used
Has server control Has html helper
views are tightly coupled with business logic views and logics are separately managed
Master pages for constant look and feel MVC layouts for constant look and feel
Filebased urls and it needs physical files Route based urls and doesnot need a physical file.
It depends on controller
Recommended for small scale applications Recommended for large scale applications
LoadPostBackData: is also a post back stage and loads the data posted for the controls and update
them.
Load: In this stage page as well as all the controls raise their Load event. Till this stage all the controls
are initialized and loaded. In most of the cases, we are coding this event handler.
RaisePostBackEvent: is again a postback stage. For example, its raise against a button click event. We
can easily put our code here to perform certain actions.
SaveViewState: Finally, controls state is saved in this stage before Rendering HTML.
Render: This is the stage where HTML is generated for the page.
Dispose: Lastly, all objects associated with the request are cleaned up.
You can see the detailed explanation on ASP.net page life cycle here
There is a good list of events that are fired but following are few of the important events in Global.asax:
Application_Init occurs in case of application initialization for the very first time.
Application_Start fires on application start.
Session_Start fires when a new user session starts
Application_Error occurs in case of an unhandled exception generated from application.
Session_End fires when user session ends.
Application_End fires when application ends or time out.
You can read the difference between view state,session state and Application state here.
7.Difference between Response.Redirect and Server.Transfer?
Both Server.Transfer and Response.Redirect are ASP.NET objects and are used for navigation between
web-pages. However, there are noticeable differences between these two techniques:
Response.Redirect()
Response.Redirect() redirects the user to another web-page which may or may not be on
thesame server. It can redirect the user to an external website on a different server.
Response.Redirect() updates the address bar and adds the updated URL to the browser history.
User can click back on the browser to navigate to the previous page.
Response.Redirect() terminates the request with HTTP 302 status and client-side roundtrip.
Client then navigates to the new address and the browser address bar and history updates. The
client pays the cost of additional round-trips to the server on each request.
Form variables are are not transferred upon a call to Response.Redirect().
Server.Transfer()
Server.Transfer() quits current execution of the web-page and redirects the user to another web-
page on thesame server. It cannot send the user to an external website on a different server.
Server.Transfer() keeps the URL unchanged in the address bar. It happens entirely on the
server side and the client browsers address bar remains constant. User cannot click on back
button on the browser to navigate to the previous page
Server.Transfer() reduces the server request and conserves server resources. It simply changes
the focus on the Web Server and transfers the request. With Server.Transfer() there are less
number of HTTP requests, which eases pressure on the Web Server and makes the application
execute faster.
Developer can transfer Query Strings and form variables with a little bug-bashing. The
Server.Transfer()method has a second parameter preserveForm. If this is set to True, the
existing query string and form variables will be available to the transferred page. Ex
Server.Transfer(webpage2, True);
HttpModule: ASP.NET Engine uses HttpModules to inject some specific functionality along with
ASP.NET default functionality for all incoming requests regardless of its extensions. There are a number
of built-in modules already available in ASP.NET HTTP Pipeline. But we can write our own custom HTTP
module to perform some additional functionality (for example, URL rewriting or implementing some
security mechanism) for all incoming requests.
We have discussed HttpHandler and HttpModule in detailed here.
Windows Authentication: This authentication method uses built-in windows security features to
authenticate user.
Forms Authentication: authenticate against a customized list of users or users in a database.
Passport Authentication: validates against Microsoft Passport service which is basically a
centralized authentication service.
In-Process is the default approach. It stores session state locally on same web server memory
where the application is running.
StateServer mode stores session state in a process other than the one where application is
running. Naturally, it has added advantages that session state is accessible from multiple web
servers in a Web Farm and also session state will remain preserved even web application is
restarted.
SQLServer mode stores session state in SQL Server database. It has the same advantages as
that of StateServer.
Custom modes allows to define our custom storage provider.
Off mode disables session storage.
12.Hyperlink Vs LinkButton in ASP.NET?
A Hyperlink redirects to a given URL identified by NavigateURL property but a LinkButton which actually
displays a Hyperlink style button causes a postback to the same page but it doesnt redirect to a given
URL.
13.Globalization Vs Localization
When we need to build an application that work for multiple cultures e.g en-US, ar-SAetc, this process of
designing and building applications that work for more than one cultures is called globalization. However,
customizing an application for a specific culture is localization. Both globalization and localization
normally go together.
while UICulture is specific in localizing visual part of a webpage like Language being used to display the
contents of the web page.
HTTP is a stateless protocol by nature. So, we need some mechanism to preserve state (i.e. state of a
webpage, a control or an object etc.) between subsequent requests to server from one or more clients.
and this mechanism is referred as State Management in ASP.net
Session.Clear() clears all the session values but doesnt destroy the Session.
In otherwords ,Session.Clear() is like deleting all files inside a folder (say Root) but Session.Abandon()
means deleting the Root folder.
Local resources are specific to web page and stored in a folder App_LocalResources.
It can be accessible to that specific page only. Global resources are accessed by almost all application
pages and stored in App_GlobalResources folder.
Statically typed This means the type of variable declared is decided Dynamically typed This means
by the compiler at compile time. the type of variable declared is
decided by the compiler at run
time.
var type of variables are required to be initialized at the time of No need to initialize at the time of
declaration or else they encounter the compile time error: Implicitly- declaration.
typed local variables must be initialized.
Looking at the value assigned to the variable str, the compiler will treat str=I am a string; //Works fine
the variable str as string. and compiles
Since the compiler knows about the type and themethods and Since the compiler comes to
properties of the type at the compile time itself about the type and the methods
and properties of the type at the
run time.
Intellisense help is available for the var type of variables. This is Intellisense help is not available
because, its type is inferred by the compiler from the type of value it is for dynamic type of variables
assigned and as a result, the compiler has all the information related to since their type is unknown until
the type run time. So intellisense help is
not available. Even if you are
informed by the compiler as This
operation will be resolved at run-
time.
will throw a compile error since the variable is not initialized. The Will compile
compiler needs that this variable should be initialized so that it
can infera type from the value.
String is immutable, Immutable means if you StringBuilder is mutable, means if create string builder
create string object then you cannot modify it object then you can perform any operation like insert,
and It always create new object of stringtype in replace or append without creating new instance
memory. forevery time.it will update string at one place in memory
doesnt create new space in memory.
Any operation that appears to change the string, Any operation that appears to modify or append new
it creates a new instance of stringtype in string, it doesnt create a new instance of string typein
memory memory
The maximum size of a String object in memory The default capacity of this object is 16 characters, and
is 2 GB (about 1 billion characters). its maximum capacity is more than 2 billion characters.
String is slower as compare to string builder StringBuilder is faster as compare to string object when
object when we deals with large size of strings we deals with large size of strings
String is efficient when we deals with static or StringBuilder is efficient when we deals with dynamic or
smaller size of string means we dont need to larger size of string means we want to modify that string
modify later on later on
Load on server is reduced when data is fetched from Cache instead of original source, thus
improving scalability of an application.
Caching normally keep serving application data even if the original source is temporarily down,
thus improving availability of an application.
Advantages:
Disadvantages:
Data Cache
In some scenarios, we may store frequently used objects into cache using ASP.NET Cache API.
So, later on, that object will be loaded from cache instead of instantiating object again and fetching data
from original source for it.
4. Authentication Vs Authorization?
Authentication and Authorization are two key security related concepts that are independent but normally
go together.
Authentication is a process that verifies the identity of a user. On ther hand, Authorization is the process
of assigning rights/privileges to already authenticated user.
For example, when a user tries to login a web application. First of all, user identity is verified that either
he/she is valid registered user of application.
If his/her identity validated successfully then appropriate privileges are assigned accordingly.
Different users may have different privileges on same application, for example, user1 can only view/read
some records while user2 may have privileges for all CRUD (Create, Read, Update, Delete) operations
on same data.
Duration value is in seconds and it tells the page that how long to cache the contents?
Now, when we will access the page, it will verify that either it exists in Cache? if Yes, then verify that is it
expired? If not then fetch it from Cache and render otherwise create a new instance of the page and put it
back to Cache.
The other parameter of this directive is VaryByParam. If its value is specified to something as follows:
Now, Cache is dependent on the value of this parameter, If the value of parameter remains same, page
will be fetched from Cache otherwise it will be refreshed again.For in-depth details on Page Output
Cache, follow here.
In this case, Cache is dependent on the value of Control specified in VaryByControl parameter. For
example, content on a page are dependent on the selected values of a dropdownlist, so, VaryByControl
will have the dropdownlist control name as value.
3 objProduct,
4 null,
5
DateTime.Now.AddSeconds(60),
6
Cache.NoSlidingExpiration,
7
CacheItemPriority.High,
8
null);
To retrieve it back:
Windows Authentication: This authentication method uses built-in windows security features to
authenticate user.
Forms Authentication: authenticate against a customized list of users or users in a database.
Passport Authentication: validates against Microsoft Passport service which is basically a
centralized authentication service.
Passport benefits users because they do not need to log on to new limited-access resources or sites
Passport Authentication actually validates against a centralized authentication service i.e. Microsoft
Passport Service. We dont need to implement our own custom authentication mechanism if
implementing .NET Passport Single Sign-In (SSI) service.
1. The sign-in, sign-out, and registration pages are centrally hosted rather than being specific to
each individual site.
2. All .NET Passport sign-in and core profile cookies are strongly encrypted.
3. The central .NET Passport servers return encrypted sign-in and profile information to your site.
4. Members do not need to retype their sign-in name and password when moving from site to site.
5. Participating Web sites never receive a members password. The authentication cookie is actually
a pair of encrypted time stamps asserting when the member signed in.
6. There is no real-time, server-to-server communication between participating Web sites and the
central .NET Passport servers.
7. All information exchange occurs through the clients browser using HTTP redirects, encrypted
information on the query string, and cookies.
An example of granting or revoking permissions in configuration file using windows built-in groups as
follows:
<authorization >
<allow roles=MyDomain1Administrators / > < ! Allow Admin of this domain >
<deny users=* / > < ! Deny anyone else. >
</authorization >
Login Control:
In almost every application we need to take user credentials on a typical login page. Login control
provides the same standard functionality and reduces the effort for building it from scratch.
LoginName:
After a user successfully logged in to an application, we normally display his/her username to top right or
some other place on the page. Now, this functionality is provided by LoginName control.
LoginView Control:
LoginView control displays different view for different users. Using AnonymousTemplate and
LoggedInTemplate, different information can be presented to different users.
LoginStatus Control:
LoginStatus control implies whether a user is authenticated or not. For an unathenticated user, it displays
a link to login page. On the other hand, for authenticated user, a logout link is displayed.
LoginRecovery Control:
Password recovery is another important functionality simplified through PasswordRecovery control. It
sends an email with login credentials to registered user email.
Its .NET CLRs security system that restrict the code to perform an unwanted task by applying security
policies. Using CAS (Code Access Security), we can restrict what our code can do? and also what code
can call our code?
Defines permissions and permission sets that represent the right to access various system
resources.
Enables code to demand that its callers have specific permissions.
Enables code to demand that its callers possess a digital signature, thus allowing only callers
from a particular organization or site to call the protected code.
Enforces restrictions on code at run time by comparing the granted permissions of every caller on
the call stack to the permissions that callers must have.
caspol -security on
caspol -security off
caspol -listgroups
Impersonation is commonly used in applications that rely on Microsoft Internet Information Services (IIS)
to authenticate the user. ASP.NET impersonation is disabled by default.
For example, if a user user1 logged in and IIS is setup to run as Network Service. If user1 call a piece of
code on another computer (may be a web service call), the other computer will see the IIS user instead of
user1. But we can enable impersonation to allow user1 to access the web service using its windows
identity instead of Network Service.
<configuration>
<system.web>
<identity impersonate=true/> <! To disable set impersonate=false >
</system.web>
</configuration>
1. What is an Assembly?
Assemblies are the basic building blocks required for any application to work in .net realm.
Assemblies provides collection of types and resources that work together to form a logical unit of
functionality.
Assembly is a set of one or more modules and classes compiled in MSIL and Metadata.
Assembly name
Version number
Culture
Strong Name information
Type Reference Information
List of all files in Assembly
Information on referenced assemblies
5. What is GAC?
GAC is a central repository in a system in which assemblies are registered to shared between
application.
GACUtil.exe is used to view and change the content of GAC in system
GAC can contain multiple versions on .net assemblies
Thegautil.exe/I<assembly_name> is used to install assembly in GAC
6. What is Metadata?
Assembly metadata describes every data type and member defined in the code.
it stores name, version, culture, public key of an Assembly
Also it stores the description of types like name, visibility, base class, interfaces, implemented etc.
Metadata of an assembly is sharable among applications that execute on different platforms
DLL:
Object
Class
Inheritance
Polymorphism
Abstraction
Encapsulation
2. What is a class?
A class can be defined as the primary building block of OOP. A class contains data and behavior of an
entity.
1. data member
2. properties
3. constructor
4. methods
Notes:
1. Class name should start with uppercase letter and be a noun e.g. String, Color, Button, System,
Thread etc.
2. The name of the constructor is always same as the class name
3. A class can have any number of data members, properties, constructors and methods
4. Data member defined using a class is called as object reference.
5. A class can have a data member which is an object reference of the same class Like the manager of
the employee is also a employee.
3. What is an Object?
An entity that has state and behavior is known as an object e.g. pen, table, car etc. It can be physical or
logical.
For Example: Pen is an object. Its name is Parker, color is black etc. known as its state. It is used to write,
so writing is its behavior.
Object is an instance of a class. Class is a template or blueprint from which objects are created. So object
is the instance(result) of a class. For example, you have a class called Vehicle and car is the object of
that class.
Abstraction : Abstraction is the process of exposing only the relevant data to the users without
showing unnecessary information
Polymorphism : I allows you to use an entity in multiple forms
Encapsulation : Prevents the data from unwanted access by binding of code and data in a single
unit called object
Inheritance : Promotes the reusability of code and eliminates the use of redundant code.
A class can extend only one Abstract class A class can implement several interfaces
The member of an abstract class can be private and An Interface can only have public members
protected
Any class can extend an abstract class Only an Interface can extend another Interface
Methods in an abstract class can be abstract as well as All methods in an Interface should be abstract
concrete
There can be a constructor for Abstract class Interface does not have constructor
An abstract class can Implement methods Interfaces can not contain body of any of its
method
Single Inheritance : contains one base class and one derived class
Hierarchical Inheritance : Contains one base class and multiple derived classes of same base
class
Multilevel Inheritance : Contains a class derived from a derived class
Multiple Inheritance : Contains several base class and a derived class
9. What is Constructor?
C# constructor is invoked at the time of object creation. It constructs the values i.e. provides data for the
object that is why it is known as constructor.
A constructor is a special method that is used to initialize an object. Every class has a constructor,if we
dont explicitly declare a constructor for any C# class the compiler builds a default constructor for that
class. A constructor does not have any return type. Constructors are responsible for object initialization
and memory allocation of its class.
There are basically two rules defined for the constructor.
A Destructor is used to free the dynamic allocated memory and release the resources. You can
Implement a custom method that allows to control object destruction by calling the destructor.
Public
Private
Protected
Internal
Protected internal
Method Overloading lets you have 2 methods with Method Overloading lets you have 2 methods with
same name and different signature same name and same signature
Overloading is called as compile time Overriding is called as run time polymorphism or late
polymorphism or early binding binding or dynamic polymorphism
Method overloading can be overloaded in same Method overriding is only possible in derived class
class or in the child class. not within the same class where the method is
declared
Example: Example:
{ {
Operator overloading facilitates the specification of user-defined implementation for operations wherein
one or both operands are of user-defined class or structure type. This helps user-defined types to behave
much like the fundamental primitive data types. Operator overloading is helpful in cases where the
operators used for certain types provide semantics related to the domain context and syntactic support as
found in the programming language. It is used for syntactical convenience, readability and maintainability
The signature of delegates matches the signature of the function that it points to else you will get
compilation error.
Delegates are typesafe pointers because it points to a function and holds the signature of the function.
19. What is multicast Delegate ?
A multicast delegate is a delegate that has references to more than one function.When you inoke a
multicase delegate,all the functions the delegate is pointing to are also invoked.
You need to specify the size of an array at the The size of a collection can be adjusted dynamically as
time of its declaration.It can not be resized. per users requirement.It does not have fixed size
The member of an array should be of the same Collection can have elements of different types
data type
Overriding:
1.Method overriding is an important feature of OOPS that allows us to re-write a base class function or
method with a different definition.
2.Overriding is also known as Dynamic Polymorphism because overriding is resolved at runtime.
3.The method signature, access level and return type of the hidden member has to be same as the base
class member
4.In other words both methods (base class method and derived class method) have the same name,
same number and same type of parameter in the same order with the same return type.
5.The overridden base method must be virtual, abstract or override.
By default, the members of a Class are private By default, the members of a Structure are public
Variables of a Class can be assigned as null Structure members can not have null values
Nested classes has the ability to specify private as an access modifier for the class itself.The use of the
private access modifier defines the intended accessibility of the class and prevents access from outside
the class.
Static Polymrphism:
The mechanism of linking a function with an object during compile time is called early binding. It is also
called static binding. C# provides two techniques to implement static polymorphism. They are:
1.Function overloading
2.Operator overloading
Dynamic Polymorphism:
The mechanism of linking method to an object during run time is called late binding.It is also known as
run-time polymorphism. Method overriding helps to implement Dynamic Polymorphism.