Back to description
The evolution of ASP.NET continues! The progression from Active Server Pages 3.0 to ASP.NET 1.0 was revolutionary, to say... more
The evolution of ASP.NET continues! The progression from Active Server Pages 3.0 to ASP.NET 1.0 was revolutionary, to say the least. And now the revolution continues with the latest release of ASP.NET—version 3.5. The original introduction of ASP.NET 1.0 fundamentally changed the Web programming model. ASP.NET 3.5 is just as revolutionary in the way it will increase your productivity. As of late, the primary goal of ASP.NET is to enable you to build powerful, secure, dynamic applications using the least possible amount of code. Although this book covers the new features provided by ASP.NET 3.5, it also covers all the offerings of ASP.NET technology.
If you are new to ASP.NET and building your first set of applications in ASP.NET 3.5, you may be amazed by the vast amount of wonderful server controls it provides. You may marvel at how it enables you to work with data more effectively using a series of data providers. You may be impressed at how easily you can build in security and personalization.
The outstanding capabilities of ASP.NET 3.5 do not end there, however. This chapter looks at many exciting options that facilitate working with ASP.NET pages and applications. One of the first steps you, the developer, should take when starting a project is to become familiar with the foundation you are building on and the options available for customizing that foundation.
... less
As discussed in the previous chapter, ASP.NET evolved from Microsoft's earlier Web technology called Active Server Pages... more
As discussed in the previous chapter, ASP.NET evolved from Microsoft's earlier Web technology called Active Server Pages (referred to as ASP then and classic ASP today). This model was completely different from today's ASP.NET. Classic ASP used interpreted languages to accomplish the construction of the final HTML document before it was sent to the browser. ASP.NET, on the other hand, uses true compiled languages to accomplish the same task. The idea of building Web pages based on objects in a compiled environment is one of the main focuses of this chapter.
This chapter looks at how to use a particular type of object in ASP.NET pages called a server control, and how you can profit from using this control. We also introduce a particular type of server control—the HTML server control. The chapter also demonstrates how you can use JavaScript in ASP.NET pages to modify the behavior of server controls.
The rest of this chapter shows you how to use and manipulate server controls, both visually and programmatically, to help with the creation of your ASP.NET pages.
Of the two types of server controls, HTML server controls and Web server controls, the latter is considered the more powerful... more
Of the two types of server controls, HTML server controls and Web server controls, the latter is considered the more powerful and flexible. The previous chapter looked at how to use HTML server controls in applications. HTML server controls enable you to manipulate HTML elements from your server-side code. On the other hand, Web server controls are powerful because they are not explicitly tied to specific HTML elements; rather, they are more closely aligned to the specific functionality that you want to generate. As you will see throughout this chapter, Web server controls can be very simple or rather complex depending on the control you are working with.
The purpose of the large collection of controls is to make you more productive. These controls give you advanced functionality that, in the past, you would have had to laboriously program or simply omit. In the classic ASP days, for example, few calendars were used on Internet Web sites. With the introduction of the Calendar server control in ASP.NET 1.0, calendar creation on a site became a trivial task. Building an image map on top of an image was another task that was difficult to achieve in ASP.NET 1.x, but this capability was introduced as a new server control in ASP.NET 2.0.
This chapter introduces some of the available Web server controls. The first part of the chapter focuses on the Web server controls that were around during the ASP.NET 1.0/1.1 days. Then the chapter explores the server controls that were introduced back in ASP.NET 2.0. This chapter does not discuss every possible control because some server controls are introduced and covered in other chapters throughout the book.
When you look at the Toolbox window in Visual Studio 2008—especially if you’ve read Chapters 2 and 3, which cover the various... more
When you look at the Toolbox window in Visual Studio 2008—especially if you’ve read Chapters 2 and 3, which cover the various server controls at your disposal—you may be struck by the number of server controls that come with ASP.NET 3.5. This chapter takes a look at a specific type of server control you find in the Toolbox window: the validation server control.
Validation server controls are a series of controls that enable you to work with the information your end users input into the form elements of the applications you build. These controls work to ensure the validity of the data being placed in the form.
Before you learn how to use these controls, however, this chapter will first take a look at the process of validation.
Visual inheritance is a great new enhancement to your Web pages provided by ASP.NET 3.5. This feature was introduced to ASP... more
Visual inheritance is a great new enhancement to your Web pages provided by ASP.NET 3.5. This feature was introduced to ASP.NET in version 2.0. In effect, you can create a single template page that can be used as a foundation for any number of ASP.NET content pages in your application. These templates, called master pages, increase your productivity by making your applications easier to build and easier to manage after they are built. Visual Studio 2008 includes full designer support for master pages, making the developer experience richer than ever before. This chapter takes a close look at how to utilize master pages to the fullest extent in your applications and begins by explaining the advantages of master pages.
When you build a Web application, it usually has a similar look-and-feel across all its pages. Not too many applications... more
When you build a Web application, it usually has a similar look-and-feel across all its pages. Not too many applications are designed with each page dramatically different from the next. Generally, for your applications, you use similar fonts, colors, and server control styles across all the pages.
You can apply these common styles individually to each and every server control or object on each page, or you can use a capability provided by ASP.NET 3.5 to centrally specify these styles. All pages or parts of pages in the application can then access them.
Themes are the text-based style definitions in ASP.NET 3.5 that are the focus of this chapter.
One of the most exciting features of ASP.NET 1.0/1.1 was its capability to bind entire collections of data to controls at... more
One of the most exciting features of ASP.NET 1.0/1.1 was its capability to bind entire collections of data to controls at runtime without requiring you to write large amounts of code. The controls understood they were data-bound and would render the appropriate HTML for each item in the data collection. Additionally, you could bind the controls to any type of data sources, from simple arrays to complex Oracle database query results. This was a huge step forward from ASP, in which each developer was responsible for writing all the data access code, looping through a recordset, and manually rendering the appropriate HTML code for each record of data.
In ASP.NET 2.0, Microsoft took the concept of data binding and expanded it to make it even easier to understand and use by introducing a new layer of data abstraction called data source controls. It also brought into the toolbox a series of new and powerful databound controls such as the GridView, DetailsView, and FormView. ASP.NET 3.5 continues to make fetching and displaying data in ASP.NET as simple as possible by introducing the LinqDataSource control and the ListView control
This chapter explores all the provided data source controls, and describes other data-binding features in ASP.NET. It shows how you can use the data source controls to easily and quickly bind data to data-bound controls. It also focuses on the power of the data-bound list controls included in ASP.NET 3.5, such as the GridView, DetailsView, FormView , and the new ListView control. Finally, you take a look at changes in the inline data binding syntax and inline XML data binding.
This chapter provides information on programming with the data management features that are part of ADO.NET, a key component... more
This chapter provides information on programming with the data management features that are part of ADO.NET, a key component of the .NET Framework and of your ASP.NET development. The discussion begins with the basics of ADO.NET and later dives into the ways you can use various features that make up ADO.NET to manage data contained in a relational database.
ADO.NET, first introduced in version 1.0 of the .NET Framework, provided an extensive array of features to handle live data in a connected mode or data that is disconnected from its underlying data store. ADO.NET 1.0 was primarily developed to address two specific problems in getting at data. The first had to do with the user’s need to access data once and to iterate through a collection of data in a single instance. This need often arose in Web application development.
ADO.NET addresses a couple of the most common data-access strategies that are used for applications today. When classic ADO was developed, many applications could be connected to the data store almost indefinitely. Today, with the explosion of the Internet as the means of data communication, a new data technology is required to make data accessible and updateable in a disconnected architecture.
The first of these common data-access scenarios is one in which a user must locate a collection of data and iterate through this data a single time. This is a popular scenario for Web pages. When a request for data from a Web page that you have created is received, you can simply fill a table with data from a data store. In this case, you go to the data store, grab the data that you want, send the data across the wire, and then populate the table. In this scenario, the goal is to get the data in place as fast as possible.
The second way to work with data in this disconnected architecture is to grab a collection of data and use this data separately from the data store itself. This could be on the server or even on the client. Although the data is disconnected, you want the ability to keep the data (with all of its tables and relations in place) on the client side. Classic ADO data was represented by a single table that you could iterate through. ADO.NET, however, can be a reflection of the data store itself, with tables, columns, rows, and relations all in place. When you are done with the client-side copy of the data, you can persist the changes that you made in the local copy of data directly back into the data store. The technology that gives you this capability is the DataSet, which will be covered shortly.
Although classic ADO was geared for a two-tiered environment (client-server), ADO.NET addresses a multi-tiered environment. ADO.NET is easy to work with because it has a unified programming model. This unified programming model makes working with data on the server the same as working with data on the client. Because the models are the same, you find yourself more productive when working with ADO.NET.
.NET 3.5 introduces a new technology called Language Integrated Query, or LINQ (pronounced “link”). LINQ is designed to fill... more
.NET 3.5 introduces a new technology called Language Integrated Query, or LINQ (pronounced “link”). LINQ is designed to fill the gap that exists between traditional .NET languages, which offer strong typing and full object-oriented development, and query languages such as SQL, with syntax specifically designed for query operations. With the introduction of LINQ into .NET, query becomes a first class concept in .NET, whether object, XML, or data queries.
LINQ includes three basic types of queries, LINQ to Objects, LINQ to XML (or XLINQ), and LINQ to SQL (or DLINQ). Each type of query offers specific capabilities and is designed to query a specific source.
In this chapter, we look at all three flavors of LINQ, and how each enables you to simplify query operations. We also look at some new language features of the .NET CLR that you will use to create LINQ queries, as well as the tooling support added to Visual Studio to support using LINQ.
This is not a book about XML, the eXtensible Markup Language; but XML has become such a part of an ASP.NET programmer’s life... more
This is not a book about XML, the eXtensible Markup Language; but XML has become such a part of an ASP.NET programmer’s life that the topic deserves its own chapter. Although most of the XML functionality in the .NET Framework appears to be in the System.Xml namespace, you can find XML’s influence throughout the entire Framework including System.Data and System.Web.
System.Xml
System.Data
System.Web
XML is oft maligned and misunderstood. To some, XML is simply a text-based markup language; to others it is an object serialization format or a document-encoding standard. In fact, XML has become the de facto standard manner in which data passes around the Internet. XML, however, is not really a technology as much as it is a set of standards or guiding principles. It provides a structure within which data can be stored; but the XML specification doesn’t dictate how XML processors, parsers, formatters, and data access methods should be written or implemented. System.Xml,System.Xml.Linq, and other namespaces contain the .NET Framework 3.5’s view on how programmers should manipulate XML. Some of its techniques, such as XSLT and XML Schema, are standards-based. Others, like XmlReader and XmlWriter, started in the world of the .NET Framework and now Java has similar classes. The .NET Framework 3.5—along with new compilers for C# 3.0 and VB 9—brings LINQ and LINQ to XML as a Language-Integrated Query over XML to the table.
System.Xml.Linq
XmlReader
XmlWriter
This is an ASP.NET book, aimed at the professional Web developer, so it can't be a book all about LINQ. However, a single chapter can't do LINQ justice. Rather than making this a chapter that focuses exclusively on just System.Xml or System.Xml.Linq, this chapter will present the new LINQ model and syntax as a juxtaposition to the way you're used to manipulating XML. The examples will include both the traditional and the new LINQ way of doing things. We recognize that you won't go and rewrite all your System.Xml code to use LINQ just because it's cool, but seeing the new syntax alongside what you are used to is an excellent way to learn the syntax, and it also assists you in making decisions on which technology to use going forward.
Tip
In this chapter some listings will include a 'q' in the numbering scheme. These listings demonstrate how you can use LINQ to XML to accomplish the same task shown in the previous related listing. For example, Listing 10-5q shows the way you'd accomplish the task from Listing 10-5 using LINQ to XML.
You'll learn more about LINQ and it's flexibility in the all new chapter dedicated to the technology. For the purposes of this chapter, know that System.Xml.Linq introduces an all new series of objects such as XDocument and XElement that in some ways complement the existing APIs, but in many ways, eclipse them. You'll also see how these new classes have provided "bridges" back and forth between System.Xml and System.Xml.Linq that will enable you to use many new techniques for clearer, simpler code, while still utilizing the very useful, powerful (and well-tested) features of the System.Xml classes you're used to.
Ultimately, however, remember that while the .NET Framework has its own unique style of API around the uses of XML, the XML consumed and produced by these techniques is standards-based and can be used by other languages that consume XML. This chapter covers all the major techniques for manipulating XML provided by the .NET Framework. XmlReader and XmlWriter offer incredible speed but may require a bit more thought. The XmlDocument or DOM is the most commonly used method for manipulating XML but you'll pay dearly in performance penalties without careful use. ADO .NET DataSets have always provided XML support, and their deep support continues with .NET 3.5. XML Stylesheet Tree Transformations (XSLT) gained debugging capabilities in Visual Studio 2005, and is improved with new features in Visual Studio 2008, such as XSLT Data Breakpoints and better support in the editor for loading large documents. Additionally, XSLT stylesheets can be compiled into assemblies even more easily with the new command-line stylesheet compiler. ASP.NET continues to make development easier with some simple yet powerful server controls to manipulate XML.
Its flexibility and room for innovation make XML very powerful and a joy to work with.
Note that when the acronym XML appears by itself, the whole acronym is capitalized, but when it appears in a function name or namespace, only the X is capitalized, as in System.Xml or XmlTextReader. Microsoft’s API Design Guidelines dictate that if an abbreviation of three or more characters appears in a variable name, class name, or namespace, the first character is capitalized.
XmlTextReader
Internet Information Services 7.0 (IIS7) is the latest version of Microsoft’s Web Server. IIS7 has gone through significant... more
Internet Information Services 7.0 (IIS7) is the latest version of Microsoft’s Web Server. IIS7 has gone through significant architectural changes since the last version. The most notable change for ASP.NET developers is the deep integration of IIS7 and the ASP.NET Framework. This provides both ASP.NET developers and IIS7 administrators with an integrated programming environment that allows them to implement features and functionalities that were not possible before. This chapter will provide you with an overview of the IIS7 and ASP.NET integrated architecture and its constituent components, show you how to install, setup, and configure IIS7, as well as show you how to migrate your existing applications to IIS7.
The ASP.NET provider model is an important framework to understand as you build your applications. The ASP.NET provider model... more
The ASP.NET provider model is an important framework to understand as you build your applications. The ASP.NET provider model was a major change introduced in ASP.NET 2.0, so you probably already know that ASP.NET is a way to build applications for the Internet. For the Internet means that an application’s display code travels over HTTP, which is a stateless protocol. ASP.NET works with a disconnected architecture. The simple nature of this model means that requests come in and then responses are sent back. On top of that, ASP.NET does not differentiate one request from another. The server containing an ASP.NET application is simply reacting to any request thrown at it.
This means that a developer building a Web application has to put some thought into how users can remain in context between their requests to the server as they work through the application. Keeping a user in context means recording state, the state of the user, to some type of data store. This can be done in multiple ways, and no one way is the perfect way. Rather, you have to choose one of the available methods.
Note
You can read about maintaining state in an ASP.NET application in Chapter 22.
State can be stored via multiple methods, some of which include:
Application State
Session State
The Cache Object
You use all these methods on the server, but you can also employ your own custom methods—such as simply storing state in a database using your own custom schema. It is also possible to write state back to the clients, either directly on their computers or by placing state in the HTML output in the response. Some of these methods include:
Cookies
Querystrings
Hidden Fields
ViewState
The last chapter introduced the provider model found in ASP.NET 3.5 and explained how it is used with the membership and... more
The last chapter introduced the provider model found in ASP.NET 3.5 and explained how it is used with the membership and role management systems.
As discussed in the previous chapter, these systems in ASP.NET 3.5 require that some type of user state be maintained for long periods of time. Their time-interval and security requirements for state storage are greater than those for earlier systems that simply used the Session object. Out of the box, ASP.NET 3.5 gives you a series of providers to use as the underlying connectors for any data storage needs that arise from state management for these systems.
Session
The providers that come with the default install of the .NET Framework 3.5 include the most common means of state management data storage needed to work with any of the systems. But like most things in .NET, you can customize and extend the providers that are supplied.
This chapter looks at some of the ways to extend the provider model found in ASP.NET 3.5. This chapter also reviews a couple of sample extensions to the provider model. First, however, you look at some of the simpler ways to modify and extend the providers already present in the default install of .NET 3.5.
The Web applications that you develop generally have more than a single page to them. Usually you create a number of Web... more
The Web applications that you develop generally have more than a single page to them. Usually you create a number of Web pages that are interconnected in some fashion. If you also build the navigation around your collection of pages, you make it easy for the end user to successfully work through your application in a straightforward manner.
Currently, you must choose among a number of different ways to expose the paths through your application to the end user. The difficult task of site navigation is compounded when you continue to add pages to the overall application.
The present method for building navigation within Web applications is to sprinkle pages with hyperlinks. Hyperlinks are generally added to Web pages by using include files or user controls. They can also be directly hard-coded onto a page so that they appear in the header or the sidebar of the page being viewed. The difficulties in working with navigation become worse when you move pages around or change page names. Sometimes developers are forced to go to each and every page in the application just to change some aspect of the navigation.
ASP.NET 3.5 tackles this problem by providing a navigation system that makes it quite trivial to manage how end users work through the applications you create. This capability in ASP.NET is complex; but the great thing is that it can be as simple as you need it to be, or you can actually get in deep and control every aspect of how it works.
The site navigation system includes the capability to define your entire site in an XML file that is called a site map. After you define a site map, you can work with it programmatically using the SiteMap class. Another aspect of the sitemap capability available in ASP.NET is a data provider that is specifically developed to work with site map files and to bind them to a series of navigation-based server controls. This chapter looks at all these components in the ASP.NET 3.5 navigation system. The following section introduces site maps.
SiteMap
Many Web applications must be customized with information that is specific to the end user who is presently viewing the page... more
Many Web applications must be customized with information that is specific to the end user who is presently viewing the page. In the past, the developer usually provided storage of personalization properties for end users viewing the page by means of cookies, the Session object, or the Application object. Cookies enabled storage of persistent items so that when the end user returned to a Web page, any settings related to him were retrieved in order to be utilized again by the application. Cookies are not the best way to approach persistent user data storage, however, mainly because they are not accepted by all computers and also because a crafty end user can easily alter them.
Application
As you will see in Chapter 16, ASP.NET membership and role management capabilities are ways that ASP.NET can conveniently store information about the user. How can you, as the developer, use the same mechanics to store custom information?
ASP.NET 3.5 provides you with an outstanding feature—personalization. The ASP.NET personalization engine provided with this latest release can make an automatic association between the end user viewing the page and any data points stored for that user. The personalization properties that are maintained on a per-user basis are stored on the server and not on the client. These items are conveniently placed in a data store of your choice (such as Microsoft’s SQL Server) and, therefore, the end user can then access these personalization properties on later site visits.
This feature is an ideal way to start creating highly customizable and user-specific sites without building any of the plumbing beforehand. In this case, the plumbing has been built for you! The personalization feature is yet another way that the ASP.NET team is making developers more productive and their jobs easier.
The authentication and authorization of users are important functions in many Web sites and browser-based applications. Traditionally... more
The authentication and authorization of users are important functions in many Web sites and browser-based applications. Traditionally, when working with Microsoft's Windows Forms applications (thick-client), you depended on Windows Integrated Authentication; when working with browser-based applications (thin-client), you used forms authentication.
Forms authentication enabled you to take requests that were not yet authenticated and redirect them to an HTML form using HTTP client-side redirection. The user provided his login information and submitted the form. After the application authenticated the request, the user received an HTTP cookie, which was then used on any subsequent requests. This kind of authentication was fine in many ways, but it required developers to build every element and even manage the back-end mechanics of the overall system. This was a daunting task for many developers and, in most cases, it was rather time-consuming.
ASP.NET 3.5 includes an authentication and authorization management service that takes care of the login, authentication, authorization, and management of users who require access to your Web pages or applications. This outstanding membership and role management service is an easy-to-implement framework that works out of the box using Microsoft SQL Server as the back-end data store. This framework also includes an API that allows for programmatic access to the capabilities of both the membership and role management services. In addition, a number of membership and role management–focused server controls make it easy to create Web applications that incorporate everything these services have to offer.
Before you look at the membership and role management features of ASP.NET 3.5, here's a quick review of authentication and authorization. This is vital to understand before proceeding.
Internet and intranet applications have changed considerably since their introduction in the 1990s. Today’s applications... more
Internet and intranet applications have changed considerably since their introduction in the 1990s. Today’s applications do not simply display the same canned information to every viewer; they do much more. Because of the wealth of information being exposed to end users, Internet and intranet applications must integrate large amounts of customization and personalization into their offerings.
Web sites that provide a plethora of offerings give end users the option to choose which parts of the site they want to view and which parts they want to hide. Ideally, end users can personalize the pages, deciding for themselves the order in which the content appears on the page. They should be able to move items around on the page as if it were a design surface.
In this situation, after pages are customized and established, end users need the capability to export their final page settings for storage. You certainly would not want an end user who has highly customized a page or a series of pages in your portal to be forced to reapply the settings each time he visits the site. Instead, you want to retain these setting points by moving them to a data store for later exposure.
Adding this kind of functionality is expensive—expensive in the sense that it can take a considerable amount of work on the part of the developer. Until ASP.NET 2.0, the developer had to build a personalization framework to be used by each page requiring the functionality. This type of work is error prone and difficult to achieve, which is why in most cases it was not done.
But wait…
When HTML was first introduced by Tim Berners-Lee, it was intended to be a simple way for researchers using the Internet... more
When HTML was first introduced by Tim Berners-Lee, it was intended to be a simple way for researchers using the Internet to format and cross-link their research documents. At the time, the Web was still primarily text-based; therefore, the formatting requirements for these documents were fairly basic. HTML needed only a small handful of basic layout concepts such as a title, paragraph, headers, and lists. As the Web was opened up to the general public, graphical browsers were introduced, and as requirements for formatting Web pages continued to expand, newer versions of HTML were introduced. These newer versions expanded the original capabilities of HTML to accommodate the new, rich graphical browser environment, allowing table layouts, richer font styling, images, and frames.
While all of these improvements to HTML were helpful, HTML still proved to be inadequate for allowing developers to create complex, highly stylized Web pages. Therefore, in 1994 a new technology called Cascading Style Sheets was introduced. CSS served as a complementary technology to HTML, giving developers of Web pages the power they needed to finely control the style of their Web pages.
As the Web has matured, CSS has gained popularity as developers realized that it has significant advantages over standard HTML styling capabilities. Unlike HTML, which was originally conceived as primarily a layout mechanism, CSS was conceived from the beginning to provide rich styling capabilities to Web pages. The cascading nature of CSS makes it easy to apply styles with a broad stroke to an entire application, and only where necessary override those styles. CSS makes is easy to externally define Web site style information, allowing for a clear separation of Web page style and structure. CSS also allows developers to greatly reduce the file size of a Web page, which translates into faster page load times and reduced bandwidth consumption.
While the point of this chapter is not to convince you that CSS is the best solution for styling your Web site, it will help you understand how you can leverage these technologies in your ASP.NET-based Web applications. It will start with a brief overview of CSS and how it works with HTML, and then move into creating Web sites in Visual Studio using HTML and CSS. Finally, you look at how you can use ASP.NET and CSS together.
AJAX is definitely the hot buzzword in the Web application world at the moment. AJAX is an acronym for... more
AJAX is definitely the hot buzzword in the Web application world at the moment. AJAX is an acronym for Asynchronous JavaScript and XML and, in Web application development, it signifies the capability to build applications that make use of the XMLHttpRequest object.
XMLHttpRequest
The creation and the inclusion of the XMLHttpRequest object in JavaScript and the fact that most upper-level browsers support it led to the creation of the AJAX model. AJAX applications, although they have been around for a few years, gained popularity after Google released a number of notable, AJAX-enabled applications such as Google Maps and Google Suggest. These applications demonstrated the value of AJAX.
Shortly thereafter, Microsoft released a beta for a new toolkit that enabled developers to incorporate AJAX features in their Web applications. This toolkit, code-named Atlas and later renamed ASP.NET AJAX, makes it extremely simple to start using AJAX features in your applications today.
The ASP.NET AJAX toolkit was not part of the default .NET Framework 2.0 install. If you are using the .NET Framework 2.0, it is an extra component that you must download from the Internet.
ASP.NET AJAX applications were introduced in the previous chapter. With the install of the .NET Framework 3.5 and through... more
ASP.NET AJAX applications were introduced in the previous chapter. With the install of the .NET Framework 3.5 and through using Visual Studio 2008, you will find a few controls available that allow you to build ASP.NET applications with AJAX capabilities. This is the framework to take your applications to the next level because there is so much that can be accomplished with it, including adding specific AJAX capabilities to your user and custom server controls. Every AJAX enhancement added to your application AJAX will make your application seem more fluid and responsive to the end user.
You might be wondering where the big new AJAX-enabled server controls are for this edition of Visual Studio 2008 if this is indeed a new world for building controls. The reason you do not see a new section of AJAX server controls is that Microsoft’s has treated them as an open-source project instead of just blending them into Visual Studio 2008.
Developers at Microsoft and in the community have been working on a series of AJAX-capable server controls that you can use in your ASP.NET applications. These controls are collectively called the ASP.NET AJAX Control Toolkit. AJAXYou will find a link to the control toolkit for download at www.asp.net/AJAX. When you choose to download the control toolkit from this page, you will be directed to the ASP.NET AJAX Control Toolkit’s page on CodePlex at www.codeplex.com/Release/ProjectReleases.aspx?ProjectName=AtlasControlToolkit
AJAX
www.asp.net/AJAX
www.codeplex.com/Release/ProjectReleases.aspx?ProjectName=AtlasControlToolkit
Not every page that you build with ASP.NET is meant to be open and accessible to everyone on the Internet. Sometimes, you... more
Not every page that you build with ASP.NET is meant to be open and accessible to everyone on the Internet. Sometimes, you want to build pages or sections of an application that are accessible to only a select group of your choosing. For this reason, you need the security measures explained in this chapter. They can help protect the data behind your applications and the applications themselves from fraudulent use.
Security is a very wide-reaching term. During every step of the application-building process, you must, without a doubt, be aware of how mischievous end users might attempt to bypass your lockout measures. You must take steps to ensure that no one can take over the application or gain access to its resources. Whether it involves working with basic server controls or accessing databases, you should be thinking through the level of security you want to employ to protect yourself.
How security is applied to your applications is truly a measured process. For instance, a single ASP.NET page on the Internet, open to public access, has different security requirements than does an ASP.NET application that is available to only selected individuals because it deals with confidential information such as credit card numbers or medical information.
The first step is to apply the appropriate level of security for the task at hand. Because you can take so many different actions to protect your applications and the resources, you have to decide for yourself which of these measures to employ. This chapter looks at some of the possibilities for protecting your applications.
Notice that security is discussed throughout this book. In addition, a couple chapters focus on specific security frameworks provided by ASP.NET 3.5 that are not discussed in this chapter. Chapters 15 and 16 discuss ASP.NET’s membership and role management frameworks, as well as the personalization features in this version. These topics are aspects of security that can make it even easier for you to build safe applications. Although these new security frameworks are provided with this latest release of ASP.NET, you can still build your own measures as you did in the previous versions of ASP.NET. This chapter discusses how to do so.
An important aspect of security is how you handle the authentication and authorization for accessing resources in your applications. Before you begin working through some of the authentication/authorization possibilities in ASP.NET, you should know exactly what we mean by those two terms.
Why is state management such a difficult problem that it requires an entire chapter in a book on programming? In the old... more
Why is state management such a difficult problem that it requires an entire chapter in a book on programming? In the old days (about 15 years ago), using standard client-server architecture meant using a fat client and a fat server. Perhaps your Visual Basic 6 application could talk to a database. The state was held either on the client-side or in the server-side database. Typically, you could count on a client having a little bit of memory and a hard drive of its own to manage state. The most important aspect of traditional client/server design, however, was that the client was always connected to the server. It’s easy to forget, but HTTP is a stateless protocol. For the most part, a connection is built up and torn down each time a call is made to a remote server. Yes, HTTP 1.1 includes a keep-alive technique that provides optimizations at the TCP level. Even with these optimizations, the server has no way to determine that subsequent connections came from the same client.
Although the Web has the richness of DHTML and Ajax, JavaScript, and HTML 4.0 on the client side, the average high-powered Intel Core Duo with a few gigabytes of RAM is still being used only to render HTML. It’s quite ironic that such powerful computers on the client side are still so vastly underutilized when it comes to storing state. Additionally, although many individuals have broadband, it is not universally used. Developers must still respect and pay attention to the dial-up users of the world. When was the last time that your project manager told you that bandwidth was not an issue for your Web application?
The ASP.NET concept of a Session that is maintained over the statelessness of HTTP is not a new one, and it existed before ASP.NET and even before classic ASP. It is, however, a very effective and elegant way to maintain state. There are, however, a number of different choices available to you, of which the ASP.NET session is just one. There have been a few subtle changes between ASP.NET 1.x and 2.0/3.5 that will be covered in this chapter. The Session object remains as before, but the option to plug in your own session state provider is now available.
Performance is a key requirement for any application or piece of code that you develop. The browser helps with client-side... more
Performance is a key requirement for any application or piece of code that you develop. The browser helps with client-side caching of text and images, whereas the server-side caching you choose to implement is vital for creating the best possible performance. Caching is the process of storing frequently used data on the server to fulfill subsequent requests. You will discover that grabbing objects from memory is much faster than re-creating the Web pages or items contained in them from scratch each time they are requested. Caching increases your application’s performance, scalability, and availability. The more you fine-tune your application's caching approach, the better it performs.
This chapter focuses on caching, including the SQL invalidation caching capabilities that ASP.NET provides. This chapter takes a close look at this unique aspect of caching. When you are using SQL cache invalidation, if the result set from SQL Server changes, the output cache can be triggered to change automatically. This ensures that the end user always sees the latest result set, and the data presented is never stale. After introducing SQL cache invalidation, this chapter also covers other performance enhancements. It discusses the new Post-Cache Substitution feature, which caches entire pages while dynamically replacing specified bits of content. Lastly, this chapter covers a new capability that enables a developer to create custom dependencies.
Your code always runs exactly as you wrote it, and you will never get it right the first time. So, expect to spend about... more
Your code always runs exactly as you wrote it, and you will never get it right the first time. So, expect to spend about 30 percent of your time debugging and, to be a successful debugger, learn to use the available tools effectively. Visual Studio has upped the ante, giving you a host of new features that greatly improve your debugging experience. So many of these new features, however, can be overwhelming at first. This chapter breaks down all the techniques available to you, one at a time, while presenting a holistic view of Visual Studio, the Common Language Runtime (CLR), and the Base Class Library (BCL).
Everyone knows that debugging is twice as hard as writing a program in the first place. So if you're as clever as you can be when you write it, how will you ever debug it?
—Brian Kernighan
Additionally, because debugging is more than stepping through code, this chapter discusses efficient error and exception handling, tracing and logging, and cross-language (C#, Visual Basic, client-side JavaScript, XSLT, and SQL Stored Procedure) debugging.
Although most of this book concentrates specifically on learning and using the features of ASP.NET 3.5, .NET provides an... more
Although most of this book concentrates specifically on learning and using the features of ASP.NET 3.5, .NET provides an enormous amount of additional functionality in other areas of the Base Class Library (BCL). This chapter examines a few of the common base classes that you can use to enhance your ASP.NET applications. First, you look at using the frameworks System.IO namespace to manage files on the local file system. Next, you explore how to use the various Stream classes within the framework to read from and write different data formats to memory and the local file system. Finally, you learn how to use the .NET Framework to communicate with other computers across the Internet using common protocols such as HTTP and FTP.
System.IO
A Word about I/O Security
Although this chapter is not specifically about ASP.NET security, you need to understand the impact of local system security on what the ASP.NET Worker Process is allowed to do inside of the IO namespace. Remember that generally, when your code is executed by IIS, it executes under the context of the ASP.NET Worker Process user account (ASPNET) and, therefore, your application may be restricted by that account’s security rights. For example, by default, the ASP.NET Worker Process does not have rights to write to the local disk. The two main areas that you should look at to get a very basic understanding of the impact of security on an application are impersonation and user account ACLs. ASP.NET security is discussed thoroughly in Chapter 18.
Additionally, this chapter demonstrates how to use classes in the BCL to delete files and directories and to modify the permissions of directories and files. Recognize that it is entirely possible to permanently delete important data from your hard drive or change the permissions of a resource, which would result in you losing the ability to access the resource. Be very careful when using these classes against the file system.
In an object-oriented environment like .NET, the encapsulation of code into small, single-purpose, reusable objects is one... more
In an object-oriented environment like .NET, the encapsulation of code into small, single-purpose, reusable objects is one of the keys to developing a robust system. For instance, if your application deals with customers, you might want to consider creating a customer's object that encapsulates all the functionality a customer might need. The advantage is that you create a single point with which other objects can interact, and you have only a single point of code to create, debug, deploy, and maintain. In this scenario, the customer object is typically known as a business object because it encapsulates all the business logic needed for a customer.
Several other types of reusable objects are available in .NET. In this chapter, we concentrate on discussing and demonstrating how you can create reusable visual components for an ASP.NET application. The two types of reusable components in ASP.NET are user controls and server controls.
A user control encapsulates existing ASP.NET controls into a single container control, which you can easily reuse throughout your Web project.
A server control encapsulates the visual design, behavior, and logic for an element that the user interacts with on the Web page.
Visual Studio ships with a large number of server controls that you are probably already familiar with, such as the Label, Button, and TextBox controls. This chapter talks about how you can create custom server controls and extend existing server controls.
Because the topics of user controls and server controls are so large, and because discussing the intricacies of each could easily fill an entire book by itself, this chapter can't possibly investigate every option available to you. Instead, it attempts to give you a brief overview of building and using user controls and server controls and demonstrates some common scenarios for each type of control. By the end of this chapter, you should have learned enough that you can get started building basic controls of each type and be able to continue to learn on your own.
Sometimes, just creating dynamic Web pages with the latest languages and databases does not give you, the developer, enough... more
Sometimes, just creating dynamic Web pages with the latest languages and databases does not give you, the developer, enough control over an application. At times, you need to be able to dig deeper and create applications that can interact with the Web server itself. You want to be able to interact with the low-level processes, such as how the Web server processes incoming and outgoing HTTP requests.
Before ASP.NET, to get this level of control using IIS, you were forced to create ISAPI extensions or filters. This proved to be quite a daunting and painful task for many developers because creating ISAPI extensions and filters required knowledge of C/C++ and knowledge of how to create native Win32 DLLs. Thankfully, in the .NET world, creating these types of low-level applications is really no more difficult than most other tasks you would normally perform. This chapter looks at two methods of manipulating how ASP.NET processes HTTP requests, the HttpModule, and the HttpHandler. Each method provides a unique level of access to the underlying processing of ASP.NET and can be a powerful tool for creating Web applications.
One of the best practices in programming is to separate your application into workable and separate components—also known... more
One of the best practices in programming is to separate your application into workable and separate components—also known as business objects. This makes your applications far easier to manage and enables you to achieve the goal of code reuse because you can share these components among different parts of the same application or between entirely separate applications.
Using business components enables you to build your ASP.NET applications using a true three-tier model where the business tier is in the middle between the presentation and data tiers. In addition, using business objects enables you to use multiple languages within your ASP.NET applications. Business objects can be developed in one programming language while the code used for the presentation logic is developed in another.
If you are moving any legacy applications or aspects of these applications to an ASP.NET environment, you might find that you need to utilize various COM components. This chapter shows you how to use both .NET and COM components in your ASP.NET pages and code.
This chapter also explains how you can mingle old ActiveX (COM) DLLs with new .NET components. So when all is said and done, you should feel somewhat relieved. You will see that you have not wasted all the effort you put into building componentized applications using the “latest” ActiveX technologies.
When the .NET Framework 1.0 was first introduced, much of the hype around its release was focused on XML Web services. In... more
When the .NET Framework 1.0 was first introduced, much of the hype around its release was focused on XML Web services. In fact, Microsoft advertised that the main purpose of the newly released .NET Framework 1.0 was to enable developers to build and consume XML Web services with ease. Unfortunately, the new Web services model was slow to be accepted by the development community because it was so radically different from those that came before. Decision makers in the development community regarded this new Web services model with a cautious eye.
Since then, Microsoft has stopped trumpeting that .NET is all about Web services and instead has really expanded the power of .NET and its relation to applications built within the enterprise. Still, the members of the IT community continued to look long and hard at the Web services model (Microsoft is no longer alone in hyping this new technology), examining how it could help them with their current issues and problems.
This chapter looks at building XML Web services and how you can consume XML Web service interfaces and integrate them into your ASP.NET applications. It begins with the foundations of XML Web services in the .NET world by examining some of the underlying technologies such as SOAP, WSDL, and more.
Developers usually build Web applications in their native language and then, as the audience for the application expands,... more
Developers usually build Web applications in their native language and then, as the audience for the application expands, they then realize the need to globalize the application. Of course, the ideal is to build the Web application to handle an international audience right from the start—but, in many cases, this may not be possible because of the extra work it requires.
It is good to note that with the ASP.NET 3.5 framework, a considerable effort has been made to address the internationalization of Web applications. You quickly realize that changes to the API, the addition of capabilities to the server controls, and even Visual Studio itself equip you to do the extra work required more easily to bring your application to an international audience. This chapter looks at some of the important items to consider when building your Web applications for the world.
Those of you who remember the "Classic" ASP days know that ASP’s configuration information was stored in a binary repository... more
Those of you who remember the "Classic" ASP days know that ASP’s configuration information was stored in a binary repository called the Internet Information Services (IIS) metabase. To configure a classic ASP application, you had to modify the metabase, either through script or, more commonly, through the IIS Microsoft Management Console (MMC) snap-in.
Unlike classic ASP, all the available versions of ASP.NET do not require extensive use of the IIS metabase. Instead, ASP.NET uses an XML file-based configuration system that is much more flexible, accessible, and easier to use. When building ASP.NET, the ASP.NET team wanted to improve the manageability of the product. Although the release of ASP.NET 1.0 was a huge leap forward in Web application development, it really targeted the developer. What was missing was the focus on the administrator—the person who takes care of Web applications after they are built and deployed. ASP.NET today makes it quite easy for you to configure an ASP.NET application by working either directly with the various configuration files or by using GUI tools that, in turn, interact with configuration files. Before examining the various GUI-based tools in detail in Chapter 34, you first take an in-depth look at how to work directly with the XML configuration files to change the behavior of your ASP.NET applications.
This chapter covers the following:
Introduction to the ASP.NET configuration file
An overview of the ASP.NET configuration settings
How to encrypt portions of your configuration files
An examination of the ASP.NET 3.5 configuration APIs
How to store and retrieve sensitive information
The journey into these new configuration enhancements starts with an overview of configuration in ASP.NET.
Many ASP.NET developers do more than just build an application and walk away. They definitely think about how the application... more
Many ASP.NET developers do more than just build an application and walk away. They definitely think about how the application will behave after it is deployed. Instrumentation is the task that developers undertake to measure and monitor their ASP.NET applications. Depending on the situation, some instrumentation operations occur at design time, whereas others are ongoing processes that begin at runtime.
ASP.NET 3.5 gives you greater capability to apply instrumentation techniques to your applications. You will find that the ASP.NET framework includes a large series of performance counters, the capability to work with the Windows Event Tracing system, possibilities for application tracing (covered in Chapter 24), and the most exciting part of this discussion—a health monitoring system that allows you to log a number of different events over an application’s lifetime.
You can monitor a deployed application in several ways. First, you learn how to work with the Windows event log.
You have almost reached the end of this book; you have been introduced to ASP.NET 3.5 with its wonderful features designed... more
You have almost reached the end of this book; you have been introduced to ASP.NET 3.5 with its wonderful features designed to help you become a better and more efficient programmer. However, with all advancement comes complexity, as is the case in the areas of ASP.NET configuration and management. The good news is that the ASP.NET development team realized this and provided tools and APIs that enable developers to configure and manage ASP.NET–based applications with reliability and comfort.
This chapter covers these tools in great detail in an effort to educate you about some of the options available to you. This chapter explores two powerful configuration tools: the ASP.NET Web Site Administration Tool, a Web-based application, and the IIS Manager, which is used to configure your ASP.NET applications.
Packaging and deploying ASP.NET applications are topics that usually receive little attention. This chapter is going to take... more
Packaging and deploying ASP.NET applications are topics that usually receive little attention. This chapter is going to take a more in-depth look at how you can package and deploy your ASP.NET applications after they are built. After you have developed your ASP.NET application on a development computer, you will need to deploy the finished product to a quality assurance or staging server, and eventually on a production server.
An important reason to consider the proper packaging and deploying of your ASP.NET applications is that many applications are built as saleable products, starter kits, or solutions. In this case you may have to allow complete strangers to download and install these products in their own—environments that you have absolutely no control over. If this is the case, it is ideal to give the consumer a single installer file that ensures proper installation of the application in any environment.
But regardless of whether you will distribute your web application outside your company you still need a way to deploy it to another server where it can be tested before production deployment. You should never assume that it will be perfect just because it worked on your computer. Most of the time we just develop using the internal web server in Visual Studio, so we will need a full test using IIS before we assume all is well. Even if you do test with IIS on your computer there are still deployment related factors that need to be ironed out and fully tested before the application goes to production.
Before you start, you should understand the basics of packaging and deploying ASP.NET applications. In the process of packaging your ASP.NET applications, you are putting your applications into a package and utilizing a process of deployment that is initiated through a deployment procedure, such as using a Windows installer.
In some cases, you build your ASP.NET 3.5 applications from scratch—starting everything new. In many instances, however,... more
In some cases, you build your ASP.NET 3.5 applications from scratch—starting everything new. In many instances, however, this is not an option. You need to take an ASP.NET application that was previously built on the 1.0, 1.1, or 2.0 versions of the .NET Framework and migrate the application so that it can run on the .NET Framework 3.5.
This appendix focuses on migrating ASP.NET 1.x or 2.0 applications to the 3.5 framework.
I've always believed that I'm only as good as my tools. I've spent years combing the Internet for excellent tools to help... more
I've always believed that I'm only as good as my tools. I've spent years combing the Internet for excellent tools to help me be a more effective developer. There are thousands of tools out there to be sure, many overlapping in functionality with others. Some tools do one thing incredibly well and others aim to be a Swiss Army Knife with dozens of small conveniences packed into their tiny toolbars. Here is a short, exclusive list of some of the ASP.NET tools that I keep turning back to. These are tools that I find myself using consistently while developing ASP.NET-based Web sites. I recommend that you give them a try if they sound useful. Many are free; some are not. In my opinion, each is worth at least a trial on your part, and many are worth your hard earned money as they'll save you precious time.
These tools can be easily searched for in your favorite search engine and found in the first page. For those that are harder to find, I've included URLs. I also encourage you to check out my annually updated Ultimate Tools List at www.hanselman.com/tools and you might also enjoy my weekly podcast at www.hanselminutes.com as we often discover and share new tools for the developer enthusiast.
www.hanselman.com/tools
www.hanselminutes.com
Enjoy!
–Scott Hanselman
Silverlight is a lightweight browser plug-in from Microsoft that runs not only on all major browsers on Windows, but also... more
Silverlight is a lightweight browser plug-in from Microsoft that runs not only on all major browsers on Windows, but also on the Mac. Silverlight 1.0 was released in September of 2007. Many books have been written already on the subject. And now, Silverlight 2.0 is fast on the heels of version 1.0. Microsoft also announced “Moonlight,” a partnership with Novell and the Open Source Mono Project to bring Silverlight-like technology to Linux—you already know this, don’t you?
It is outside the scope of this book to give more than an introduction to Silverlight. Rather than just offering the standard “Hello World” example, however, we thought we’d try something more pragmatic. As this is a book on Professional ASP.NET, why not explore the scenario that a typical ASP.NET programmer (not a designer or an artist) would find herself in? Along the way you’ll learn about Silverlight and its capabilities, and perhaps it will inspire you to include Silverlight in your applications. You should read books such as Silverlight 1.0 (Wiley Publishing, Inc., 2007) to familiarize yourself with this deceptively deep new technology.
Thank you to Eilon Lipton for his help with this application!
This small appendix points you to some of the more valuable online resources for enhancing your understanding of ASP.NET.... more
This small appendix points you to some of the more valuable online resources for enhancing your understanding of ASP.NET.
Purchase Before purchasing this product, please be sure you have met all software and system requirements, and that you understand any limits placed upon its use.
Return Policy Wrox Chapters on Demand are non-returnable and non-refundable.
Reader Software Wrox Chapters on Demand are offered as PDFs, and they must be viewed using the Adobe Reader. If you do not have the Reader installed, it can be downloaded for free at Adobe.com.
Test Download As Wrox Chapters on Demand purchases are non-returnable, it is advisable that you test your system and software configurations with a free sample download before you place an order.
Usage Rights for a Wrox Chapter on Demand File Any Wrox Chapter on Demand product you purchase from this site will come with certain restrictions that allow Wiley to protect the copyrights of its products. After you purchase and download this title, you:
If you have any questions about these restrictions, you may contact Customer Care at (877) 762-2974 (8 a.m. - 5 p.m. EST, Monday - Friday). If you have any issues related to Technical Support, please contact us at 800-762-2974 (United States only) or 317-572-3994 (International) 8 a.m. - 8 p.m. EST, Monday - Friday).
Related Books
View Cart
