processed ?
Following is the sequence in which the events occur :-
√ Page_Init.
√ Page_Load.
√ Control events
√ Page_Unload event.
Page_init event only occurs when first time the page is started, but Page_Load occurs in
subsequent request of the page.
(B) In which event are the controls fully loaded ?
Page_load event guarantees that all controls are fully loaded. Controls are also accessed
in Page_Init events but you will see that viewstate is not fully loaded during this event.
(B) How can we identify that the Page is PostBack ?
Page object has a “IsPostBack” property which can be checked to know that is the page
posted back.
(B) How does ASP.NET maintain state in between
subsequent request ?
Refer caching chapter.
(A) What is event bubbling ?
Server controls like Datagrid, DataList, Repeater can have other child controls inside
them. Example DataGrid can have combo box inside datagrid. These child control do not
raise there events by themselves, rather they pass the event to the container parent (which
can be a datagrid, datalist, repeater), which passed to the page as “ItemCommand” event.
As the child control send there events to parent this is termed as event bubbling.
223
(B) How do we assign page specific attributes ?
Page attributes are specified using the @Page directive.
(A) Administrator wants to make a security check that no
one has tampered with ViewState, how can he ensure this ?
Using the @Page directive EnableViewStateMac to True.
(B) What is the use of @ Register directives ?
@Register directive informs the compiler of any custom server control added to the
page.
(B) What’s the use of SmartNavigation property ?
It’s a feature provided by ASP.NET to prevent flickering and redrawing when the page is
posted back.
Note:- This is only supported for IE browser. Project’s who have browser compatibility as
requirements have to think some other ways of avoiding flickering.
(B) What is AppSetting Section in “Web.Config” file ?
Web.config file defines configuration for a webproject. Using “AppSetting” section we
can define user defined values. Example below defined is “ConnectionString” section
which will be used through out the project for database connection.
(B) Where is ViewState information stored ?
In HTML Hidden Fields.
224
(I) What is the use of @ OutputCache directive in ASP.NET?
It is basically used for caching. See more for Caching chapter.
(B) How can we create custom controls in ASP.NET ?
User controls are created using .ASCX in ASP.NET. After .ASCX file is created you need
to two things in order that the ASCX can be used in project:.
√ Register the ASCX control in page using the
√ Now to use the above accounting footer in page you can use the below directive.
(B) How many types of validation controls are provided by
ASP.NET ?
There are six main types of validation controls :-
RequiredFieldValidator
It checks whether the control have any value. It's used when you want the control should
not be empty.
RangeValidator
It checks if the value in validated control is in that specific range. Example
TxtCustomerCode should not be more than eight length.
CompareValidator
It checks that the value in controls should match the value in other control. Example
Textbox TxtPie should be equal to 3.14.
RegularExpressionValidator
When we want the control value should match with a specific regular expression.
225
CustomValidator
It is used to define UserDefined validation.
ValidationSummary
It displays summary of all current validation errors.
Note:- It's rare that some one will ask step by step all the validation controls. Rather they
will ask for what type of validation which validator will be used. Example in one of the
interviews i was asked how you display summary of all errors in the validation control...So
there goes the last one Validation summary.
(B) Can you explain what is “AutoPostBack” feature in
ASP.NET ?
If we want the control to automatically postback in case of any event, we will need to
check this attribute as true. Example on a ComboBox change we need to send the event
immediately to the server side then set the “AutoPostBack” attribute to true.
(B) How can you enable automatic paging in DataGrid ?
Following are the points to be done in order to enable paging in Datagrid :-
√ Set the “AllowPaging” to true.
√ In PageIndexChanged event set the current pageindex clicked.
Note:- The answers are very short, if you have implemented practically its just a revision.
If you are fresher just make sample code using Datagrid and try to implement this
functionality.
(B) What’s the use of “GLOBAL.ASAX” file ?
It allows to executing ASP.NET application level events and setting application-level
variables.
(B) What is the difference between “Web.config” and
“Machine.Config” ?
226
“Web.config” files apply settings to each web application, while “Machine.config” file
apply settings to all ASP.NET applications.
(B) What is a SESSION and APPLICATION object ?
Session object store information between HTTP requests for a particular user, while
application object are global across users.
(A) What is the difference between Server.Transfer and
response.Redirect ?
Following are the major differences between them:-
√ Response.Redirect sends message to the browser saying it to move to some
different page, while server.transfer does not send any message to the browser
but rather redirects the user directly from the server itself. So in server.transfer
there is no round trip while response.redirect has a round trip and hence puts
a load on server.
√ Using Server.Transfer you can not redirect to a different from the server itself.
Example if your server is www.yahoo.com you can use server.transfer to move
to www.microsoft.com but yes you can move to www.yahoo.com/travels, i.e.
within websites. This cross server redirect is possible only using
Response.redirect.
√ With server.transfer you can preserve your information. It has a parameter
called as “preserveForm”. So the existing query string etc. will be able in the
calling page. In response.redirect you can maintain the state, but has
lot of drawbacks.
If you are navigating within the same website use “Server.transfer” or else go for
“response.redirect()”
(A)What is the difference between Authentication and
authorization?
This can be a tricky question. These two concepts seem altogether similar but there is
wide range of difference. Authentication is verifying the identity of a user and authorization
is process where we check does this identity have access rights to the system. In short we
227
can say the following authentication is the process of obtaining some sort of credentials
from the users and using those credentials to verify the user’s identity. Authorization is
the process of allowing an authenticated user access to resources. Authentication always
proceed to Authorization; even if your application lets anonymous users connect and use
the application, it still authenticates them as being anonymous.
(I) What is impersonation in ASP.NET ?
By default, ASP.NET executes in the security context of a restricted user account on the
local machine. Sometimes you need to access network resources such as a file on a shared
drive, which requires additional permissions. One way to overcome this restriction is to
use impersonation. With impersonation, ASP.NET can execute the request using the
identity of the client who is making the request, or ASP.NET can impersonate a specific
account you specify in web.config.
(B) Can you explain in brief how the ASP.NET authentication
process works?
ASP.NET does not run by itself, it runs inside the process of IIS. So there are two
authentication layers which exist in ASP.NET system. First authentication happens at
the IIS level and then at the ASP.NET level depending on the WEB.CONFIG file.
Below is how the whole process works:-
√ IIS first checks to make sure the incoming request comes from an IP address
that is allowed access to the domain. If not it denies the request.
√ Next IIS performs its own user authentication if it is configured to do so. By
default IIS allows anonymous access, so requests are automatically
authenticated, but you can change this default on a per – application basis
with in IIS.
√ If the request is passed to ASP.net with an authenticated user, ASP.net checks
to see whether impersonation is enabled. If impersonation is enabled, ASP.net
acts as though it were the authenticated user. If not ASP.net acts with its own
configured account.
√ Finally the identity from step 3 is used to request resources from the operating
system. If ASP.net authentication can obtain all the necessary resources it
grants the users request otherwise it is denied. Resources can include much
228
more than just the ASP.net page itself you can also use .Net’s code access
security features to extend this authorization step to disk files, Registry keys
and other resources.
