Tuesday 29 july 2014
What all things need to remember while implementing security in a service?
- Whatever data is exchanged can only be understood by proper recipient. Even if somehow unintended recipient gets access to data, he or she should not be able to read it.
In terms of service protection this is called as “Confidentiality”.
- Whatever sender sends, receiver receives it. Let say an intruder comes in between and modifies the data. When data reaches the receiver it should reject it and throw an exception. In simple
words data should not be tempered. In terms of service protection we call it “Integrity”.
- Every user should be validated for his/her identity. In terms of service protection that is called authentication.
For technical trainings on various topics like WCF(Windows Communication Foundation), MVC, Business Intelligence, Design Patterns, WPF, TFS and Basic fundamentals feel free to contact SukeshMarla@Gmail.com or visit www.sukesh-marla.com
For more stuff like this, click here. Subscribe to article
updates or follow at twitter @SukeshMarla
See following video on creating service using WCF (Windows Communication Foundation): -
Click and see here for more advanced training in WCF(Windows Communication Foundation).
Saturday 26 july 2014
What is scavenging?
When server running your ASP.NET application runs low on memory resources, items are removed from cache depending on cache item priority. Cache item priority is set when you add item to cache. By
setting the cache item priority controls, the items scavenging are removed according to priority.
What are different types of caching using cache object of ASP.NET?
You can use two types of output caching to cache information that is to be transmitted to and displayed in a Web browser:
Page output caching adds the response of page to cache object. Later when page is requested page is displayed from cache rather than creating the page object and displaying it. Page output
caching is good if the site is fairly static.
If parts of the page are changing, you can wrap the static sections as user controls and cache the user controls using page fragment caching.
How can you cache different version of same page using ASP.NET cache object?
Output cache functionality is achieved by using “OutputCache” attribute on ASP.NET page header. Below is the syntax
<%@ OutputCache Duration="20" Location="Server" VaryByParam="state" VaryByCustom="minorversion" VaryByHeader="Accept-Language"%>
VaryByParam: - Caches different version depending on input parameters send through HTTP POST/GET.
VaryByHeader: - Caches different version depending on the contents of the page header.
VaryByCustom:- Lets you customize the way the cache handles page variations by declaring the attribute and overriding the GetVaryByCustomString handler.
VaryByControl:- Caches different versions of a user control based on the value of properties of ASP objects in the control.
How will implement Page Fragment Caching?
Page fragment caching involves the caching of a fragment of the page, rather than the entire page. When portions of the page are need to be dynamically created for each user request this is best
method as compared to page caching. You can wrap Web Forms user control and cache the control so that these portions of the page do not need to be recreated each time.
See following video on Session VS Viewstate difference: -
Click and see here for more ASP.NET step by step training.
Wednesday 23 july 2014
How can we identify that the Page is Post Back?
Page object has an “IsPostBack” property, which can be checked to know t the page is posted back.
What is the use of @ Register directives?
@Register directive informs the compiler of any custom server control added to the page.
What is the use of Smart Navigation property?
It’s a feature provided by ASP.NET to prevent flickering and redrawing when the page is posted back.
Can you explain “AutoPostBack”?
If we want the control to automatically post back in case of any event, we will need to check this attribute as true. For example on a Combo Box change if we need to send the event
immediately to the server side then we need to mark “AutoPostBack” attribute to true.
What is impersonation in ASP.NET?
By default, ASP.NET executes in the security context of a restricted user account on the local machine. Sometimes you need to access network resources such as a file on a shared drive, which
requires additional permissions. One way to overcome this restriction is to use impersonation. With impersonation, ASP.NET can execute the request using the identity of the client who is making
the request, or ASP.NET can impersonate a specific account you can specify the account in web.config.
See following video on Postback, Ispostback and Autopostback: -
Click and see here for more step by step learning ASP.NET.
Saturday 19 july 2014
What’s difference between “Optimistic” and “Pessimistic” locking?
In optimistic locking there is no locking actually. It only checks if the old values are changed, in case they are changed it means somebody has changed the data, so it raises exception.
In pessimistic locking you actually lock the record, depending on the type of lock no other process can make modifications to the record.
How many ways are there to implement optimistic locking in ADO.NET?
Following are the ways to implement optimistic locking using ADO.NET:-
- When we call “Update” method of Data Adapter it handles locking internally. If the Dataset values are not matching with current data in Database, it raises concurrency exception error. We can
easily trap this error using Try. Catch block and raise appropriate error message to the user.
- Define a Date time stamp field in the table. When actually you are firing the UPDATE SQL statements, compare the current timestamp with one existing in the database. Below is a sample SQL
which checks for timestamp before updating and any mismatch in timestamp it will not update the records. This I the best practice used by industries for locking.
Update table1 set field1=@test where Last Timestamp=@Current Timestamp
- Check for original values stored in SQL SERVER and actual changed values. In stored procedure check before updating that the old data is same as the current Example in the below shown SQL
before updating field1 we check that is the old field1 value same. If not then some one else has updated and necessary action has to be taken.
Update table1 set field1=@test where field1 = @oldfield1value
Locking can be handled at ADO.NET side or at SQL SERVER side i.e. in stored procedures. For more details of how to implementing locking in SQL SERVER read “What are different locks in SQL
SERVER?” in SQL SERVER chapter.
How can do pessimistic locking?
Pessimistic locking is done by using transaction isolation levels like read committed, read uncommitted, repeatable read and serializable.
See following video on Dataset is a disconnect while datareader is connected: -
Click and see here for more training on ADO.NET.
Wednesday 16 july 2014
What is the difference between data grid and grid view?
Grid view is a successor of data grid with following benefits: -
- Grid view has automatic paging as compared to data grid where you need to write some code for paging.
- Additional column types and rich design time capabilities.
What is the difference between Grid view, Data list and repeater?
Grid view and data grid by default display all the data in tabular format i.e. in table and rows. Developer has no control to change the table data display of datagrid.
Data list also displays data in a table but gives some flexibility in terms of displaying data row wise and column wise using the repeat direction property.
Repeater control is highly customizable. It does not display data in table by default. So you can customize from scratch the way you want to display data.
Click and see here for more basic training in ASP.NET.