Anda di halaman 1dari 53



1. Describe the role of inetinfo.exe, aspnet_isapi.dll and

aspnet_wp.exe in the page loading process.
Inetinfo.exe is the Microsoft IIS server running, handling ASP.NET
requests among other things. When an ASP.NET request is received
(usually a file with .aspx extension),the ISAPI filter aspnet_isapi.dll
takes care of it by passing the request to the actual worker process

2. What’s the difference between Response.Write() And

The latter one allows you to write formatted output.

3. What methods are fired during the page load?

Init() - when the pageis instantiated, Load() - when the page is loaded
into server memory, PreRender() - the brief moment before the page is
displayed to the user as HTML, Unload() - when page finishes loading.

4. Where does the Web page belong in the .NET Framework class

5. Where do you store the information about the user’s locale?


6. What’s the difference between Codebehind="MyCode.aspx.cs"

and Src="MyCode.aspx.cs"?
CodeBehind is relevant to Visual Studio.NET only.

7. What’s a bubbled event?

When you have a complex control, like DataGrid, writing an event
processing routine for each object (cell, button, row, etc.) is quite
tedious. The controls can bubble up their eventhandlers, allowing the
main DataGrid event handler to take care of its constituents.

8. Suppose you want a certain ASP.NET function executed on

MouseOver overa certain button. Where do you add an event
It’s the Attributesproperty, the Add function inside that property. So
btnSubmit. Attributes.Add("onMouseOver","someClientCode();")

9. What data type does the RangeValidator control support?

Integer, String and Date.

10.Explain the differences between Server-side and Client-side

Server-side code runs on the server. Client-side code runs in the
clients’ browser.

11.What type of code (server or client) is found in a Code-Behind

Server-side code.

12. Should validation (did the user enter a real date) occur server-
side or client-side? Why?
Client-side. This reduces an additional request to the server to validate
the users input.

13.What does the "EnableViewState" property do? Why would I want

it on or off?
It enables the viewstate on the page. It allows the page to save the
users input on a form.

14.What is the difference between Server.Transfer and

Response.Redirect? Why would I choose one over the other?
Server.Transfer is used to post a form to another page.
Response.Redirect is used to redirect the user to another page or site.
15.Can you give an example of what might be best suited to place in
the Application_Start and Session_Start subroutines?
This is where you can set the specific variables for the Application and
Session objects.

16.If I’m developing an application that must accommodate multiple

security levels though secure login and my ASP.NET web
application is spanned across three web-servers (using round-
robin load balancing) what would be the best approach to
maintain login-in state for the users?
Maintain the login state security through a database.
17.Can you explain what inheritance is and an example of when you
might use it?
When you want to inherit (use the functionality of) another class. Base
Class Employee. A Manager class could be derived from the Employee
base class.

18.Describe the difference between inline and code behind.

Inline code written along side the html in a page. Code-behind is code
written in a separate file and referenced by the .aspx page.
19. Which method do you invoke on the DataAdapter control to load
your generated dataset with data?
The .Fill() method

20.Can you edit data in the Repeater control?

No, it just reads the information from its data source

21.Which template must you provide, in order to display data in a

Repeater control?

22.How can you provide an alternating color scheme in a Repeater

Use the AlternatingItemTemplate

23.What property must you set, and what method must you call in
your code, in order to bind the data from some data source to the
Repeater control?
You must set the DataSource property and call the DataBind method.

24. What base class do all Web Forms inherit from?

The Page class.

25.Name two properties common in every validation control?

ControlToValidate property and Text property.

26. What tags do you need to add within the asp:datagrid tags to bind
columns manually?
Set AutoGenerateColumns Property to false on the datagrid tag
27.What tag do you use to add a hyperlink column to the DataGrid?

28. What is the transport protocol you use to call a Web service?
SOAP is the preferred protocol.

29. True or False: A Web service can only be written in .NET?


30. What does WSDL stand for?

(Web Services Description Language)

31. Which property on a Combo Box do you set with a column name,
prior to setting the DataSource, to display data in the combo box?
DataTextField property

32. Which control would you use if you needed to make sure the
values in two different controls matched?
CompareValidator Control

33. True or False: To test a Web service you must create a windows
application or Web application to consume this service?
False, the webservice comes with a test page and it provides HTTP-
GET method to test.

34.How do you debug an ASP.NET Web application?

Attach the aspnet_wp.exe process to the DbgClr debugger.
35.What are three test cases you should go through in unit testing?
Positive test cases (correct data, correct output), negative test cases
(broken or missing data, proper handling), exception test cases
(exceptions are thrown and caught properly).
36. What is main difference between Global.asax and Web.Config?
ASP.NET uses the global.asax to establish any global objects that your
Web application uses. The .asax extension denotes an application file
rather than .aspx for a page file. Each ASP.NET application can contain
at most one global.asax file. The file is compiled on the first page hit to
your Web application. ASP.NET is also configured so that any attempts
to browse to the global.asax page directly are rejected. However, you
can specify application-wide settings in the web.config file. The
web.config is an XML-formatted text file that resides in the Web site’s
root directory. Through Web.config you can specify settings like custom
404 error pages, authentication and authorization settings for the Web
site, compilation options for the ASP.NET Web pages, if tracing should
be enabled, etc.

37. How do you turn off SessionState in the web.config file?

In the system.web section of web.config, you should locate the
httpmodule tag and you simply disable session by doing a remove tag
with attribute name set to session.

<remove name="Session” />

38. What is the difference between a web service and a web site?
Web sites are pictures of data designed to be viewed in a browser. A
web service is designed to be accessed directly by another service or
software application. It is reusable pieces of software that interact
programmatically over the network.

39. Can two different programming languages be mixed in a single

ASPX file.
No. uses parsers to strip the code from aspx file and copy it to
temporary files containing derived page classes, and a given parser
understands only one language.

40. Can I use code-behind with global.asax files?

Yes. <%@application Inherits=”myapp” %>

41. Can you override method=”post” in a <form runat=”server” > tag

by writing <form method=”get” runat=”server”?

42. Can aspx file contain more then one form marked runat=”Server”
43. Is possible to see the code that generate from an aspx
Yes. Enable debugging by including a <%@ page debug=”true” %>
directive in the aspx file or <compilation debug=”true”> statement in
web.config. then llok for the generated VB file in a sub directory
temporary files.

44. Does support server-side Includes?


45. What event handlers can I include in a global.asax?

Application start and end event handlers, session start and session
end event handlers.
• Application_start
• Application_end
• Session_start
• Session_end
Per-request event handlers( listed in the order in which they are called)
• Application_BeginRequest
• Application_AuthenticateRequest
• Application_AuthorizeRequest
• Application_ResolveRequestCache
• Application_AcquireRequeststate
• Application_PreRequestHandlerExecute
• Application_PostRequestHandlerExecute
• Application_ReleaseRequestState
• Application_UpdateRequestCache
• Application_EndRequest
Non-deterministic event handlers
• Application_error
• Application_disposed

46. Is it possible to protect view state from tampering when it’s

passed over an unencrypted channel?
Yes. Simply include an @ page directive with an
enableViewStateMac=”true” attribute in each aspx file to protect or
<page EnableviewstateMac=”true”> in web.config

47. Is it possible to encrypt view state when it is passed over an

unencrypted channel?

48. Do web controls support CSS?

Yes. All web controls inherit a property named CssClass from the base
class system.web.ui.webcontrols.webcontrol.

49. Are server controls compatible with netscape navigator?

Most are. But validation controls don’ work.

50. What namespace are imported by default in aspx files?

• System
• System.collections
• System.collections.Specialized
• System.configration
• System.text
• System.text.regularexpersions
• System.web
• System.web.caching
• System.web.sessionstate
• System.web.ui
• System.web.ui.htmlcontrols
• System.web.ui.webcontrols

51. What assemblies can I reference in an aspx file without using @

assembly directives?
• Mscorlib.dll
• System.dll
• System.drawing.dll
• System.web.dll
• System.xml.dll
This list of default assemblies is defined in the assemblies section of
machine.config. you can modify it by editing machine.config or including
an section in a local web.config file.

52. Can I create server controls of my own?

Yes. You can modify existing server controls by deriving from the
corresponding control classes or create server controls from scratch by
deriving from system.web.ui.control.

53. How do you create an aspx page that periodically refresh itself?
Most browers recognize the following
<meta http-equiv=”Refresh” content=”nn”>

54. How do I send an email message from my ASP.NET page?

You can use the System.Web.Mail.MailMessage and the
System.Web.Mail.SmtpMail class to send email in your ASPX pages.
Below is a simple example of using this class to send mail in C# and
VB.NET. In order to send mail through our mail server, you would want
to make sure to set the static SmtpServer property of the SmtpMail
class to mail-fwd.
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Web" %>
<%@ Import Namespace="System.Web.Mail" %>
<title>Mail Test</title>
<script language="C#" runat="server">
private void Page_Load(Object sender, EventArgs e)
MailMessage mailObj = new MailMessage();
mailObj.From = "";
mailObj.To = "";
mailObj.Subject = "Your Widget Order";
mailObj.Body = "Your order was processed.";
mailObj.BodyFormat = MailFormat.Text;
SmtpMail.SmtpServer = "mail-fwd";
Response.Write("Mail sent successfully");
catch (Exception x)
Response.Write("Your message was not sent: " +
<form id="mail_test" method="post" runat="server">
55. Asp and asp.Net – differences?

Code Render Block Code Declaration Block

Request/Response Event Driven
Object Oriented - Constructors/Destructors,
Inheritance, overloading..
Exception Handling - Try, Catch, Finally
Down-level Support
User Controls
In-built client side validation
It can span across servers, It can survive server
Session - weren't
crashes, can work with browsers that don't support
transferable across servers
built on top of the window & its an integral part of OS under the .net framework.
IIS, it was always a It shares many of the same objects that traditional
separate entity & its applications would use, and all .net objects are
functionality was limited. available for's consumption.
Garbage Collection
Declare variable with datatype
In built graphics support

56. Order of events in an page? Control Execution Lifecycle?

Phase What a control needs to Method or event to override

Initialize Initialize settings needed Init event (OnInit method)
during the lifetime of the
incoming Web request.
Load At the end of this phase, LoadViewState method
view state the View State property of
a control is automatically
populated as described in
Maintaining State in a
Control. A control can
override the default
implementation of the
LoadViewState method to
customize state
Process Process incoming form LoadPostData method (if
post back data and update properties IPostBackDataHandler is
data accordingly. mplemented)
Load Perform actions common Load event
to all requests, such as (OnLoad method)
setting up a database
query. At this point, server
controls in the tree are
created and initialized, the
state is restored, and form
controls reflect client-side
Send Raise change events in RaisePostDataChangedEvent
post back response to state changes method (if IPostBackDataHandler is
change between the current and implemented)
notificatio previous post backs.
Handle Handle the client-side RaisePostBackEvent method(if
post back event that caused the IPostBackEventHandler is
events postback and raise implemented)
appropriate events on the
Prerender Perform any updates PreRender event
before the output is (OnPreRender method)
rendered. Any changes
made to the state of the
control in the prerender
phase can be saved, while
changes made in the
rendering phase are lost.
Save The ViewState property of SaveViewState method
state a control is automatically
persisted to a string object
after this stage. This string
object is sent to the client
and back as a hidden
variable. For improving
efficiency, a control can
override the
SaveViewState method to
modify the ViewState
Render Generate output to be Render method
rendered to the client.
Dispose Perform any final cleanup Dispose method
before the control is torn
down. References to
expensive resources such
as database connections
must be released in this
Unload Perform any final cleanup UnLoad event (On UnLoad method)
before the control is torn
down. Control authors
generally perform cleanup
in Dispose and do not
handle this event.
Note To override an EventName event, override the OnEventName
method (and call base. nEventName).

57. What are server controls?

ASP.NET server controls are components that run on the server and
encapsulate user-interface and other related functionality. They are
used in ASP.NET pages and in ASP.NET code-behind classes.

58. What is the difference between Web User Control and Web
Custom Control?Custom Controls
Web custom controls are compiled components that run on the server
and that encapsulate user-interface and other related functionality into
reusable packages. They can include all the design-time features of
standard ASP.NET server controls, including full support for Visual
Studio design features such as the Properties window, the visual
designer, and the Toolbox.
There are several ways that you can create Web custom controls:
You can compile a control that combines the functionality of two or
more existing controls. For example, if you need a control that
encapsulates a button and a text box, you can create it by compiling
the existing controls together.
If an existing server control almost meets your requirements but lacks
some required features, you can customize the control by deriving from
it and overriding its properties, methods, and events.
If none of the existing Web server controls (or their combinations) meet
your requirements, you can create a custom control by deriving from
one of the base control classes. These classes provide all the basic
functionality of Web server controls, so you can focus on programming
the features you need.
If none of the existing ASP.NET server controls meet the specific
requirements of your applications, you can create either a Web user
control or a Web custom control that encapsulates the functionality you
need. The main difference between the two controls lies in ease of
creation vs. ease of use at design time.Web user controls are easy to
make, but they can be less convenient to use in advanced scenarios.
You develop Web user controls almost exactly the same way that you
develop Web Forms pages. Like Web Forms, user controls can be
created in the visual designer, they can be written with code separated
from the HTML, and they can handle execution events. However,
because Web user controls are compiled dynamically at run time they
cannot be added to the Toolbox, and they are represented by a simple
placeholder glyph when added to a page. This makes Web user
controls harder to use if you are accustomed to full Visual Studio .NET
design-time support, including the Properties window and Design view
previews. Also, the only way to share the user control between
applications is to put a separate copy in each application, which takes
more maintenance if you make changes to the control.
Web custom controls are compiled code, which makes them easier to
use but more difficult to create; Web custom controls must be authored
in code. Once you have created the control, however, you can add it to
the Toolbox and display it in a visual designer with full Properties
window support and all the other design-time features of ASP.NET
server controls. In addition, you can install a single copy of the Web
custom control in the global assembly cache and share it between
applications, which makes maintenance easier.

Web user controls Web custom controls

Easier to create Harder to create
Limited support for consumers Full visual design tool support for
who use a visual design tool consumers
A separate copy of the control Only a single copy of the control
is required in each application is required, in the global assembly
Cannot be added to the Can be added to the Toolbox in
Toolbox in Visual Studio Visual Studio
Good for static layout Good for dynamic layout

59. Application and Session Events
The ASP.NET page framework provides ways for you to work with
events that can be raised when your application starts or stops or
when an individual user's session starts or stops:
a. Application events are raised for all requests to an application.
For example, Application_BeginRequest is raised when any
Web Forms page or XML Web service in your application is
requested. This event allows you to initialize resources that will
be used for each request to the application. A corresponding
event, Application_EndRequest, provides you with an
opportunity to close or otherwise dispose of resources used for
the request.
b. Session events are similar to application events (there is a
Session_OnStart and a Session_OnEnd event), but are raised
with each unique session within the application. A session begins
when a user requests a page for the first time from your
application and ends either when your application explicitly
closes the session or when the session times out.
You can create handlers for these types of events in the Global.asax file.

60. Difference between ASP Session and ASP.NET Session? session supports cookie less session & it can span across
multiple servers.

61. What is cookie less session? How it works?

By default, ASP.NET will store the session state in the same process
that processes the request, just as ASP does. If cookies are not
available, a session can be tracked by adding a session identifier to
the URL. This can be enabled by setting the following:
<sessionState cookieless="true" />
62. How you will handle session when deploying application in more
than a server? Describe session handling in a web farm, how
does it work and what are the limits?
By default, ASP.NET will store the session state in the same process
that processes the request, just as ASP does. Additionally, ASP.NET
can store session data in an external process, which can even reside
on another machine. To enable this feature:
a. Start the ASP.NET state service, either using the Services snap-
in or by executing "net start aspnet_state" on the command line.
The state service will by default listen on port 42424. To change
the port, modify the registry key for the service:
b. Set the mode attribute of the <sessionState> section to
c. Configure the stateConnectionString attribute with the values of
the machine on which you started aspnet_state.
The following sample assumes that the state service is running on the
same machine as the Web server ("localhost") and uses the default
port (42424):
<sessionState mode="StateServer"
stateConnectionString="tcpip=localhost:42424" />
Note that if you try the sample above with this setting, you can reset
the Web server (enter iisreset on the command line) and the session
state value will persist.
63. What method do you use to explicitly kill a users session?
64. What are the different ways you would consider sending data
across pages in ASP (i.e between 1.asp to 2.asp)?
public properties
65. What is State Management in .Net and how many ways are there
to maintain a state in .Net? What is view state?
Web pages are recreated each time the page is posted to the server. In
traditional Web programming, this would ordinarily mean that all
information associated with the page and the controls on the page
would be lost with each round trip.
To overcome this inherent limitation of traditional Web programming,
the ASP.NET page framework includes various options to help you
preserve changes — that is, for managing state. The page framework
includes a facility called view state that automatically preserves
property values of the page and all the controls on it between round
However, you will probably also have application-specific values that
you want to preserve. To do so, you can use one of the state
management options.
Client-Based State Management Options:
View State
Hidden Form Fields
Query Strings
Server-Based State Management Options
Application State
Session State
Database Support

66. What are the disadvantages of view state / what are the benefits?
Automatic view-state management is a feature of server controls that
enables them to repopulate their property values on a round trip
(without you having to write any code). This feature does impact
performance; however, since a server control's view state is passed to
and from the server in a hidden form field. You should be aware of
when view state helps you and when it hinders your page's

67. When maintaining session through Sql server, what is the impact
of Read and Write operation on Session objects? will
performance degrade?
Maintaining state using database technology is a common practice
when storing user-specific information where the information store is
large. Database storage is particularly useful for maintaining long-term
state or state that must be preserved even if the server must be

68. Explain the differences between Server-side and Client-side

Server side code will process at server side & it will send the result to
client. Client side code (JavaScript) will execute only at client side.
69. Can you give an example of what might be best suited to place in
the Application_Start and Session_Start subroutines?

70. Which ASP.NET configuration options are supported in the

ASP.NET implementation on the shared web hosting platform?
Many of the ASP.NET configuration options are not configurable at the
site, application or subdirectory level on the shared hosting platform.
Certain options can affect the security, performance and stability of the
server and, therefore cannot be changed. The following settings are
the only ones that can be changed in your site’s web.config file (s):
browser Caps
client Target
custom Errors
web Controls
web Services

71. What is Role-Based security?

A role is a named set of principals that have the same privileges with
respect to security (such as a teller or a manager). A principal can be a
member of one or more roles. Therefore, applications can use role
membership to determine whether a principal is authorized to perform
a requested action.

72. How will you do windows authentication and what is the

namespace? If a user is logged under integrated windows
authentication mode, but he is still not able to logon, what might
be the possible cause for this? In ASP.Net application how do you
find the name of the logged in person under windows

73. What are the different authentication modes in the .NET

<authentication mode="Windows|Forms|Passport|None">
<forms name="name"



timeout="30" path="/" >



<user name="username"

<passport redirectUrl="internal"/>

Attribute Option Description

mode Controls the default authentication mode for
an application.
Windows Specifies Windows authentication as the
default authentication mode. Use this mode
when using any form of Microsoft Internet
Information Services (IIS) authentication:
Basic, Digest, Integrated Windows
authentication (NTLM/Kerberos), or
Forms Specifies ASP.NET forms-based
authentication as the default authentication
Passport Specifies Microsoft Passport authentication
as the default authentication mode.
None Specifies no authentication. Only anonymous
users are expected or applications can handle
events to provide their own authentication.

74. How do you specify whether your data should be passed as

Query string and Forms (Mainly about POST and GET)
Through attribute tag of form tag.

75. What are validator? Name the Validation controls in How
do u disable them? Will the validators run in server side
or client side? How do you do Client-side validation in .Net? How
to disable validator control by client side JavaScript?
A set of server controls included with ASP.NET that test user input in
HTML and Web server controls for programmer-defined requirements.
Validation controls perform input checking in server code. If the user is
working with a browser that supports DHTML, the validation controls
can also perform validation ("EnableClientScript" property set to
true/false) using client script.
The following validation controls are available in
RequiredFieldValidator Control, CompareValidator Control,
RangeValidator Control, RegularExpressionValidator Control,
CustomValidator Control, ValidationSummary Control.

76. Which two properties are there on every validation control?

ControlToValidate, ErrorMessage
77. How do you use css in
Within the <HEAD> section of an HTML document that will use these
styles, add a link to this external CSS style sheet that
follows this form:
<LINK REL="STYLESHEET" TYPE="text/css" HREF="MyStyles.css">
MyStyles.css is the name of your external CSS style sheet.

78. How do you implement postback with a text box? What is

postback and usestate?
Make AutoPostBack property to true

79. What is SQL injection?

An SQL injection attack "injects" or manipulates SQL code by adding
unexpected SQL to a query.
Many web pages take parameters from web user, and make SQL
query to the database. Take for instance when a user login, web page
that user name and password and make SQL query to the database to
check if a user has valid name and password.
Username: ' or 1=1 ---
Password: [Empty]
This would execute the following query against the users table:
select count(*) from users where user Name='' or 1=1 --' and user

80. - How to find last error which occurred?

81. How to do Caching in ASP?
<%@ OutputCache Duration="60" VaryByParam="None" %>

One version of page cached (only raw
n versions of page cached based on
query string and/or POST body
n versions of page cached based on
v1 value of v1 variable in query string or
POST body
n versions of page cached based on
v1;v2 value of v1 and v2 variables in query
string or POST body

<%@ OutputCache Duration="60" VaryByParam="none" %>

<%@ OutputCache Duration="60" VaryByParam="*" %>
<%@ OutputCache Duration="60" VaryByParam="name;age" %>
The OutputCache directive supports several other cache varying options
VaryByHeader - maintain separate cache entry for header string
changes (UserAgent, UserLanguage, etc.)
VaryByControl - for user controls, maintain separate cache entry
for properties of a user control
VaryByCustom - can specify separate cache entries for browser
types and version or provide a custom GetVaryByCustomString
method in HttpApplicationderived class

82. Any alternative to avoid name collisions other then Namespaces.

A scenario that two namespaces named N1 and N2 are there both
having the same class say A. now in another class i ve written
using N1;using N2;
and i am instantiating class A in this class. Then how will u avoid name
Ans: using alias
Eg: using MyAlias = MyCompany.Proj.Nested;

83. Where would you use an IHttpModule, and what are the
limitations of any approach you might take in implementing one?
Can you edit data in the Repeater control? Which template must you
provide, in order to display data in a Repeater control? How can you
provide an alternating color scheme in a Repeater control? What
property must you set, and what method must you call in your code, in
order to bind the data from some data source to the Repeater control?
84. What is the use of web.config? Difference between
machine.config and Web.config?
ASP.NET configuration files are XML-based text files--each named
web.config--that can appear in any directory on an ASP.NET
Web application server. Each web.config file applies configuration
settings to the directory it is located in and to all
virtual child directories beneath it. Settings in child directories can
optionally override or modify settings specified in parent directories.
The root configuration file--
provides default configuration settings for the entire machine. ASP.NET
configures IIS to prevent direct browser access to web.config files to
ensure that their values cannot become public (attempts to access
them will cause ASP.NET to return 403: Access
At run time ASP.NET uses these web.config configuration files to
hierarchically compute a unique collection of settings for
each incoming URL target request (these settings are calculated only
once and then cached across subsequent requests; ASP.NET
automatically watches for file changes and will invalidate the cache if
any of the configuration files change).

85. What is the use of sessionstate tag in the web.config file?

Configuring session state: Session state features can be configured
via the <sessionState> section in a web.config file. To double the
default timeout of 20 minutes, you can add the following to the
web.config file of an application:
<session State timeout="40" />

86. What are the different modes for the sessionstates in the
web.config file?

Off Indicates that session state is not enabled.

Inproc Indicates that session state is stored locally.
StateServer Indicates that session state is stored on a remote
SQLServer Indicates that session state is stored on the SQL

87. What is smart navigation?

When a page is requested by an Internet Explorer 5 browser, or later,
smart navigation enhances the user's experience of the page by
performing the following:
a. eliminating the flash caused by navigation.
b. persisting the scroll position when moving from page to page.
c. persisting element focus between navigations.
d. retaining only the last page state in the browser's history.
Smart navigation is best used with ASP.NET pages that require
frequent post backs but with visual content that does not change
dramatically on return. Consider this carefully when deciding whether
to set this property to true.
Set the Smart Navigation attribute to true in the @ Page directive in
the .aspx file. When the page is requested, the dynamically generated
class sets this property.

88. What base class do all Web Forms inherit from?


89. Is it possible for me to change my aspx file extension to some

other name?
Open IIS->Default Website -> Properties
Select HomeDirectory tab
Click on configuration button
Click on add. Enter aspnet_isapi details

ONFIG) & add new extension under <httpHandlers> tag
<add verb="*" path="*.santhosh"
90.What is a WebService and what is the underlying protocol used in
it?Why Web Services?

Web Services are applications delivered as a service on the Web. Web

services allow for programmatic access of business logic over the
Web. Web services typically rely on XML-based protocols, messages,
and interface descriptions for communication and access. Web
services are designed to be used by other programs or applications
rather than directly by end user. Programs invoking a Web service are
called clients. SOAP over HTTP is the most commonly used protocol
for invoking Web services.
There are three main uses of Web services.
Application integration Web services within an intranet are commonly
used to integrate business applications running on disparate platforms.
For example, a .NET client running on Windows 2000 can easily
invoke a Java Web service running on a mainframe or Unix machine to
retrieve data from a legacy application.
Business integration Web services allow trading partners to engage in
e-business leveraging the existing Internet infrastructure.
Organizations can send electronic purchase orders to suppliers and
receive electronic invoices. Doing e-business with Web services
means a low barrier to entry because Web services can be added to
existing applications running on any platform without changing legacy
Commercial Web services focus on selling content and business
services to clients over the Internet similar to familiar Web pages.
Unlike Web pages, commercial Web services target applications not
humans as their direct users. Continental Airlines exposes flight
schedules and status Web services for travel Web sites and agencies
to use in their applications. Like Web pages, commercial Web services
are valuable only if they expose a valuable service or content. It would
be very difficult to get customers to pay you for using a Web service
that creates business charts with the customers? data. Customers
would rather buy a charting component (e.g. COM or .NET component)
and install it on the same machine as their application. On the other
hand, it makes sense to sell real-time weather information or stock
quotes as a Web service. Technology can help you add value to your
services and explore new markets, but ultimately customers pay for
contents and/or business services, not for technology

91. Are Web Services a replacement for other distributed computing

No. Web Services is just a new way of looking at existing
implementation platforms.
92. In a Webservice, need to display 10 rows from a table. So
DataReader or DataSet is best choice?
WebService will support only DataSet.

93.How to generate WebService proxy? What is SOAP, WSDL, UDDI

and the concept behind Web Services? What are various
components of WSDL? What is the use of WSDL.exe utility?

SOAP is an XML-based messaging framework specifically designed for

exchanging formatted data across the Internet, for example using
request and reply messages or sending entire documents. SOAP is
simple, easy to use, and completely neutral with respect to operating
system, programming language, or distributed computing platform.
After SOAP became available as a mechanism for exchanging XML
messages among enterprises, a better way was needed to describe
the messages and how they are exchanged. The Web Services
Description Language (WSDL) is a particular form of an XML Schema,
developed by Microsoft and IBM for the purpose of defining the XML
message, operation, and protocol mapping of a web service accessed
using SOAP or other XML protocol. WSDL defines web services in
terms of "endpoints" that operate on XML messages. The WSDL
syntax allows both the messages and the operations on the messages
to be defined abstractly, so they can be mapped to multiple physical
The Universal Description, Discovery, and Integration (UDDI)
framework defines a data model (in XML) and SOAP APIs for
registration and searches on business information, including the web
services a business exposes to the Internet. UDDI is an independent
consortium of vendors, founded by Microsoft, IBM, and Ariba, for the
purpose of developing an Internet standard for web service description
registration and discovery. Microsoft, IBM, and Ariba also are hosting
the initial deployment of a UDDI service, which is conceptually
patterned after DNS (the Internet service that translates URLs into TCP
addresses). UDDI uses a private agreement profile of SOAP (i.e. UDDI
doesn't use the SOAP serialization format because it's not well suited
to passing complete XML documents (it's aimed at RPC style
interactions). The main idea is that businesses use the SOAP APIs to
register themselves with UDDI, and other businesses search UDDI
when they want to discover a trading partner, for example someone
from whom they wish to procure sheet metal, bolts, or transistors. The
information in UDDI is categorized according to industry type and
geographical location, allowing UDDI consumers to search through
lists of potentially matching businesses to find the specific one they
want to contact. Once a specific business is chosen, another call to
UDDI is made to obtain the specific contact information for that
business. The contact information includes a pointer to the target
business's WSDL or other XML schema file describing the web service
that the target business publishes.
94. How you will protect / secure a web service?
For the most part, things that you do to secure a Web site can be used
to secure a Web Service. If you need to encrypt the data exchange,
you use Secure Sockets Layer (SSL) or a Virtual Private Network to
keep the bits secure. For authentication, use HTTP Basic or Digest
authentication with Microsoft® Windows® integration to figure out who
the caller is.
these items cannot:
a. Parse a SOAP request for valid values
b. Authenticate access at the Web Method level (they can
authenticate at the Web Service level)
c. Stop reading a request as soon as it is recognized as invalid

95. What’s the attribute for web service method? What is the
namespace for creating web service?
[Web Method]

using System. Web;

using System.Web.Services;

96. What is Remoting?

The process of communication between different operating system
processes, regardless of whether they are on the same computer. The
.NET remoting system is an architecture designed to simplify
communication between objects living in different application domains,
whether on the same computer or not, and between different contexts,
whether in the same application domain or not.

97. Difference between web services & remoting?

.NET Remoting
Can be accessed over
Can be accessed any protocol (including
only over HTTP TCP, HTTP, SMTP and
so on)
Provide support for both
Web services work in stateful and stateless
a stateless environments through
environment Singleton and SingleCall
Web services support
only the datatypes Using binary
defined in the XSD communication, .NET
Type System type system, limiting Remoting can provide
the number of objects support for rich type
that can be system
Web services support
.NET remoting requires
the client be built using
across platforms, and
Interoperability .NET, enforcing
are ideal for
Can also take
advantage of IIS for fault
Highly reliable due to
isolation. If IIS is not
the fact that Web
Reliability used, application needs
services are always
to provide plumbing for
hosted in IIS
ensuring the reliability of
the application.
Extensibility Provides extensibility Very extensible by
by allowing us to
intercept the SOAP allowing us to customize
messages during the the different
serialization and components of the .NET
deserialization remoting framework.
Ease-of- Easy-to-create and
Complex to program.
Programming deploy.

98.CAO and SAO.

Client Activated objects are those remote objects whose Lifetime is
directly controlled by the client. This is in direct contrast to SAO. Where
the server, not the client has complete control over the lifetime of the
objects. Client activated objects are instantiated on the server as soon
as the client request the object to be created. Unlike as SAO a CAO
doesn’t delay the object creation until the first method is called on the
object. (In SAO the object is instantiated when the client calls the
method on the object)
Singleton and single call.
Singleton types never have more than one instance at any one time. If
an instance exists, all client requests are serviced by that instance.
Single Call types always have one instance per client request. The
next method invocation will be serviced by a different server instance,
even if the previous instance has not yet been recycled by the system.
99. What is the use of trace utility?
Using the SOAP Trace Utility
The Microsoft® Simple Object Access Protocol (SOAP) Toolkit 2.0
includes a TCP/IP trace utility, MSSOAPT.EXE. You use this trace
utility to view the SOAP messages sent by HTTP between a SOAP
client and a service on the server.
Using the Trace Utility on the Server
to see all of a service's messages received from and sent to all clients,
perform the following steps on the server.
a. On the server, open the Web Services Description Language
(WSDL) file.
b. In the WSDL file, locate the <soap: address> element that
corresponds to the service and change the location attribute for
this element to port 8080. For example, if the location attribute
specifies <http://MyServer/VDir/Service.wsdl> change this
attribute to <http://MyServer:8080/VDir/Service.wsdl>.
c. Run MSSOAPT.exe.
d. On the File menu, point to New, and either click Formatted
Trace (if you don't want to see HTTP headers) or click
Unformatted Trace (if you do want to see HTTP headers).
e. In the Trace Setup dialog box, click OK to accept the default
Using the Trace Utility on the Client
To see all messages sent to and received from a service, do the
following steps on the client.
f. Copy the WSDL file from the server to the client.
g. Modify location attribute of the <soap:address> element in the
local copy of the WSDL document to direct the client to
localhost:8080 and make a note of the current host and port. For
example, if the WSDL contains
<http://MyServer/VDir/Service.wsdl>, change it to
<http://localhost:8080/VDir/Service.wsdl> and make note of
h. On the client, run MSSOPT.exe.
i. On the File menu, point to New, and either click Formatted
Trace (if you don't want to see HTTP headers) or click
Unformatted Trace (if you do want to see HTTP headers).
j. In the Destination host box, enter the host specified in Step 2.
k. In the Destination port box, enter the port specified in Step 2.
l. Click OK.

100. Page Class

When the Web Form is compiled, ASP.NET parses the page and its
code, generates a new class dynamically, and then compiles the new
class. The dynamically generated class is derived from the ASP.NET
Page class, but is extended with controls, your code, and the static
HTML text in the .aspx file.
This new derived Page class becomes a single executable file that is
executed on the server whenever the Web Forms page is requested.
At run time, the Page class processes incoming requests and
responds by dynamically creating HTML and streaming it back to the
browser. If the page contains Web controls (as it typically would), the
derived Page class acts as container for the controls, and instances of
the controls are created at runtime and likewise render HTML text to
the stream.
In ASP, the page consisted of static HTML interspersed with
executable code. The ASP processor read the page, extracted and ran
only the code (interpreted, rather than compiled), and then fitted the
results back into the static HTML before sending the results to the
The Page class performs these stages each time the page is called;
that is, the page is initialized, processed, and disposed every time a
round trip to the server occurs.

101.Briefly explain how code behind works and contrast that using
the inline style.

Code behind is a technique to separate the content from the script. A

form can become really cluttered with script code, HTML tags. To
reduce this clutter we can place all the script code in a separate file in
the .vb file. The first thing in the code behind file is to import
namespace. This is the first construct in the code behind file. When
make a reference to DLL file in vb we can access the methods
contained in that DLL. Similarly by importing a namespace we can
access all the functionality residing with in that name space. If you
don’t use this declaration we have to provide a fully qualified path
when referring to a method.

102.What are HTML controls, Web controls, and server controls.

HTML server controls HTML elements exposed to the server so you

can program them. HTML server controls expose an object model that
maps very closely to the HTML elements that they render.
Web server controls Controls with more built-in features than HTML
server controls. Web server controls include not only form-type controls
such as buttons and text boxes, but also special-purpose controls such
as a calendar. Web server controls are more abstract than HTML
server controls in that their object model does not necessarily reflect
HTML syntax.
Validation controls Controls that incorporate logic to allow you to
test a user's input. You attach a validation control to an input control to
test what the user enters for that input control. Validation controls are
provided to allow you to check for a required field, to test against a
specific value or pattern of characters, to verify that a value lies within
a range, and so on.
User controls Controls that you create as Web Forms pages. You
can embed Web Forms user controls in other Web Forms pages,
which is an easy way to create menus, toolbars, and other reusable

103. What are the disadvantages of viewstate/what are the


State Management

ASP.NET provides multiple ways to maintain state between server round

trips. Choosing among the options for state management available in
ASP.NET will depend upon application, and based on the some criteria:
How much information do you need to store?
Does the client accept persistent or in-memory cookies?
Do you want to store the information on the client or server?
Is the information sensitive?
What sorts of performance criteria do you have for your application?

ASP.NET supports various client-side and server-side options for state


Client-side options are:

The ViewState property
Hidden fields
Query strings

Server-side options are:

Application state
Session state

Client-Side State Management Options

Storing page information using client-side options doesn't use server
resources. Minimal security but fast server performance.
View State
Web Forms pages provide the ViewState property as a built-in structure
for automatically retaining values between multiple requests for the same
page. View state is maintained as a hidden field in the page. You can use
view state to store your own page-specific values across round trips when
the page posts back to itself. For example, if your application is
maintaining user-specific information — that is, information used in the
page but not necessarily part of any control — you can store it in view
The advantages of using view state are:
No server resources required. The view state is contained in a structure
within the page code.
Simple implementation.
Automatic retention of page and control state.
Enhanced security features. The values in view state are hashed,
compressed, and encoded for Unicode implementations, thus
representing a higher state of security than hidden fields have.
The disadvantages of using the view state are:
Performance. Because the view state is stored in the page itself, storing
large values can cause the page to slow down when users display it and
when they post it.
Security. The view state is stored in a hidden field on the page. Although
view state stores data in a hashed format, it can be tampered with. The
information in the hidden field can be seen if the page output source is
viewed directly, creating a potential security issue.

Hidden Fields
You can store page-specific information in a hidden field on your page as
a way of maintaining the state of your page.
If you use hidden fields, it is best to store only small amounts of frequently
changed data on the client. ASP.NET provides the HtmlInputHidden
control, which offers hidden field functionality.
Note If you use hidden fields you must submit your pages to the server
using the HTTP POST method rather than requesting the page via the
page URL (the HTTP GET method).
The advantages of using hidden fields are:
No server resources are required. The hidden field is stored and read
from the page.
Broad support. Almost all browsers and client devices support forms with
hidden fields.
Simple implementation.
The disadvantages of using hidden fields are:
Security. The hidden field can be tampered with. The information in the
hidden field can be seen if the page output source is viewed directly,
creating a potential security issue.
Limited storage structure. The hidden field does not support rich
structures. Hidden fields offer a single value field in which to place
information. To store multiple values, you must implement delimited
strings and the code to parse those strings.
Performance. Because hidden fields are stored in the page itself, storing
large values can cause the page to slow down when users display it and
when they post it.

Cookies are useful for storing small amounts of frequently changed
information on the client. The information is sent with the request to the
The advantages of using cookies are:
No server resources are required. The cookie is stored on the client and
read by the server after a post.
Simplicity. The cookie is a lightweight, text-based structure with simple
key-value pairs.
Configurable expiration. The cookie can expire when the browser session
ends, or it can exist indefinitely on the client computer, subject to the
expiration rules on the client.
The disadvantages of using cookies are:
Limited size. Most browsers place a 4096-byte limit on the size of a
cookie or 8192 for new browers.
User-configured refusal. Some users disable their browser or client
device's ability to receive cookies, thereby limiting this functionality.
Security. Cookies are subject to tampering. Users can manipulate cookies
on their computer, which can potentially represent a security compromise
or cause the application dependent on the cookie to fail.
Durability. The durability of the cookie on a client computer is subject to
cookie expiration processes on the client and user intervention.
Creating and reading cookies, HttpResponse.Cookies and
HttpRequest.Cookies Property.
Query Strings
A query string is information appended to the end of a page's URL.
You can use a query string to submit data back to your page or to another
page through the URL. Query strings provide a simple but limited way of
maintaining some state information. For example, they are an easy way to
pass information from one page to another, such as passing a product
number to another page where it will be processed.
Note Query strings are a viable option only when a page is requested
via its URL. You cannot read a query string from a page that has been
submitted to the server.
The advantages of using query strings are:
No server resources required. The query string is contained in the HTTP
request for a specific URL.
Broad support. Almost all browsers and client devices support passing
values in a query string.
Simple implementation. ASP.NET provides full support for the query string
method, including methods of reading query strings using the
HttpRequest.Params property.
The disadvantages of using query strings are:
Security. The information in the query string is directly visible to the user
via the browser user interface. The query values are exposed to the
Internet via the URL so in some cases security may be an issue.
Limited capacity. Most browsers and client devices impose a 255-
character limit on URL length.

Server-Side State Management Options

Server-side options for storing page information tend to have higher
security than client-side options, but they can use more Web server
resources, ASP.NET provides several options to implement server-side
state management.
Application State
ASP.NET provides application state via the HttpApplicationState class as
a method of storing global application-specific information that is visible to
the entire application. Application state variables are, in effect, global
variables for an ASP.NET application. You can store your application-
specific values in application state, which is then managed by the server.
The ideal data to insert into application state variables is data that is
shared by multiple sessions and does not change often.
Note If you store a dataset in application state, you have to cast it from
Object back to a dataset.

The advantages of using application state are:

Ease of implementation. Application state is easy to use, familiar to ASP
developers, and consistent with other .NET Framework classes.
Global scope. Because application state is accessible to all pages in an
application, storing information in application state can mean keeping only
a single copy of the information.
The disadvantages of using application state are:
Global scope. The global nature of application state can also be a
disadvantage. Variables stored in application state are global only to the
particular process the application is running in, and each application
process can have different values. Therefore, you cannot rely on
application state to store unique values or update global counters in Web-
garden and Web-farm configurations.
Durability. Because global data stored in application state is volatile, it will
be lost if the Web server process containing it is destroyed, most likely
from a server crash, upgrade, or shutdown.
Resource requirements. Application state requires server memory, which
can affect the performance of the server as well as the scalability of the
Careful design and implementation of application state can increase Web
application performance. It is best to use application state variables only
with small, infrequently changed datasets.
Session State
ASP.NET provides a session state, available as the HttpSessionState
class, as a method of storing session-specific information that is visible
within the session only.
You can store your sesion-specific values and objects in session state,
which is then managed by the server and available to the browser or
client device. The ideal data to store in session-state variables is short-
lived, sensitive data that is specific to an individual session.
The advantages of using session state are:
Ease of implementation. The session state facility is easy to use, familiar
to ASP developers, and consistent with other .NET Framework classes.
Session-specific events. Session management events can be raised and
used by your application.
Durability. Data placed in session-state variables can survive Internet
Information Services (IIS) restarts and worker-process restarts without
losing session data because the data is stored in another process space.
Platform scalability. session state can be used in both multi-computer and
multi-process configurations, therefore optimizing scalability scenarios.
Session state works with browsers that do not support HTTP cookies,
although session state is most commonly used with cookies to provide
user identification facilities to a Web application.
The disadvantage of using session state is:
Performance. Session state variables stay in memory until they are either
removed or replaced, and therefore can degrade server performance.
Session state variables containing blocks of information like large
datasets can adversely affect Web server performance as server load
Database Support
In some cases, you may wish to use database support to maintain state
on your Web site. Typically, database support is used in conjunction with
cookies or session state. For example, it is quite common for an e-
commerce Web site to maintain state information using a relational
database for the following reasons:
Data mining
The advantages of using a database to maintain state are:
Security. Access to databases is typically very secure, requiring rigorous
authentication and authorization.
Capacity. You can store as much information as you like in a database.
Persistence. Database information can be stored as long as you like, and
it is not subject to the availability of the Web server.
Robustness and data integrity. Databases include various facilities for
maintaining good data, including triggers and referential integrity,
transactions, and so on. By keeping information about transactions in a
database (rather than in session state, for example), you can recover
from errors more readily.
Accessibility. The data stored in your database is accessible to a wide
variety of information-processing tools.
Wide support. There is a large range of database tools available, and
many custom configurations are available.
The disadvantages of using a database to maintain state are:
Complexity. Using a database to support state management implies more
complex hardware and software configurations.
Performance. Poor construction of the relational data model can lead to
scaling issues. Also, leveraging too many queries to the database can
adversely affect server performance.
104.What Web Forms Pages Help You Accomplish

Web application programming presents challenges that do not typically

arise when programming traditional client-based applications. Among
the challenges are:
Implementing a rich Web user interface.
Separation of client and server.
Stateless execution.
Unknown client capabilities.
Complications with data access.
Complications with scalability.
Meeting these challenges for Web applications can require substantial
time and effort. Web Forms pages and the ASP.NET page framework
address these challenges in the following ways:
Intuitive, consistent object model.
Event-driven programming model.
Intuitive state management.
Browser-independent applications.
.NET Framework common language runtime support.
.NET Framework scalable server performance.



The difference between the Inherit and the Import keyword is that the
Import statement only brings in the definition of a set of functionality
but does not make use of it. The Inherits keyword is more dynamic. An
object that inherits certain functionality can also override and or extend
the parent functionality.

106. Types of web Controls

Intrinsic controls
List Bound controls
Rich controls
Validation control

Intrinsic controls
Text boxes Displays single line or multilane text box.
Checkbox Creates check box allows user to switch T or F
Radiobutton Creates a single Radio Button
Checkbox list creates a multi selection check box
Radiobuttonlist Creates a radio button list
Dropdown list Displays a drop down list allows to select a single
List box displays a single selection or multiselection
Button Creates a push button
Link button creates a hyperlink style button
Image button Display an Image Button
Hyperlink Displays a link that directs to another page.
Image Displays a web compatible image
Table Displays a table
Panel Provides a container for other control

Rich controls

Ad rotator displays an advertisement banner

Calendar control displays a one-month calendar

List bound controls

Checkbox list

Repeatcolumns used to assign the no. of colums to
be reapeted in
the direction

Datagrid Used to create attractive, tabular layouts of

data associated with
it. Also specify styles for the header row, footer
row, item rows,
alternating rows and creat column level
template. Also
supports features of in-line editing, sorting and

Datalist It is completely template driven. These templates

can be apply
Various styles to the header, footer, items and
alternating items.

Item template
Alternatingitem template
Separator template
Selecteditem template
Edititem template Give editing capabilities
Header template
Footer template

Datareapeter used to render HTML for repeating data.

Following templets are
used. It has no built in style and all HTML
elements must be
explicitly specified the various templates.
Item Template It is the only required
template, defines content
and layout of the list
Alternatingitem template Defines content and layout of
alternating items.
Separator Template this is for items between above
Header Template
Footer template

Validation controls

Required Field Validator Used to validate property of the control

Regular Expersion validator It checks input against the charactr
specified by developer
Compare validator Used to compare the content of the
two controls(pwd)
Range validator sed to check the input range
Custom validator Used to extend the functionality of the
Validation summary This control accumulates values
from the errormessage
Property of all the validation control of
the page and
Displays them together. Can be placed
any where on the
Page. Can control how the errors are
displayed (bulleted,
Plain text etc.

The validation control has the following properties.

Header text caption of the error list
Display mode can be List, BulletList and single paragraph
Show summary T or F. if set to false only Header text is
Show MessageBox T or F. Set true show a popup message box
instead of summary.

To disable client side validation use page directive



The SQL server provider provides direct access to a SQL server using
a protocol called TDS(Tabular data system)
OLEDB provider-can be used with a sql server database, it will not
provide any performance enchancements.


A connection is opend implicitly when using a DataAdapter or explicity
by calling the open method on the connection

The dataadapter object is populated with the resultset of the sql query
The fill method acts as a bridge between the datasource and the
dataset. It loads the data in the DataAdapter into the dataset.

Command object
The command object use sql is sqlcommand and use with oledb is
We can call stored procedure using the command object. A shortcut
way of calling storedprocedure in MS SQL is using Exicute keyword.

Command type
The property of command object is command type. Used to define the
type of command being sent to the database. There are three
command types.


Text default
Storedprocedure used to execute a database stored procedure,
pass parameters to the stored procedure using the parameters
Tabledircet used to provide a table name to the command object.


ExecuteNonQuery used when the result set is not to be returned

from database
ExecuteReader returns sqldatareader or oledbreader object after
executing the command.
Executescaler used to return a single result from the database.

Parameter Object
Method add (arguments-name of the parameter,type,size)
Property direction (this can be Input, Output, Inputoutput)


Data view in is roughly equal to database view. Different views

can be applied.


For quick and dirty means of accessing data source, data reader is
used. Data reader provides read only, forward only data. It can be
used to return a record set or execute action queries which do not
return any data. It hold one row in memory at a time opposed to
dataset. Using data set can be an issue when large tables are loaded
in memory. If multiple users accessing the same machine at the same
time serious memory drain. In such situation data reader should be


A user control can be self contained entity, compressed of both GI and

code. A user control has the functionality of legacy ASP server side
includes. However Include file are static whereas user control provides
an object model support. Which allows to program against properties
and methods. They much work like ASP.Net intrinsic controls. Like
intrinsic they can expose properties and methods. Can be written on
different language on the same web page. ( web forms use
single language). They can be used more then once on the same page
with out any naming conflicts. Because each control resides on its own
namespace.This file has the extension ascx. It should not contain
HTML,Body, form tags. The page that calls the user object will apply
these tags. Any existing web form can be converted to
user control with slight modification.


Business objects are a library of functions and classes that can be

used in any project.
Commonly used code is encapsulated in a business object. This object
serves as a service class
to another object. It instantiated as required and destroyed after use. A
business object does not
have any UI.
Promotes encapsulation : Encapsulate frequently used functionality
into an object and expose
its properties and methods. For example database access and
manipulation routines. Instead of
writing script in each page create a business object that will do.
Easy maintenance: Encapsulated code residing in one object is easy
to maintain instead
distributed over various web pages. If any changes in the business
logic affect all the pages.
Improves with reuse: Developers gradually build a tried and tested
function library, which
can then be shared with other developers.


Web service is that it is a library of functions, encapsulated with in a

business object that is accessed using SOAP
(Simple Object Access Protocol) and XML. Web service is similar to
business object the only difference is that the
function are processed with a special webmethod() attribute that marks
them as web services.


The Global.asax file, also known as the ASP.NET application file, is an

optional file that contains code for responding to application-level
events raised by ASP.NET or by HTTP modules. The Global.asax file
resides in the root directory. At run time, Global.asax is parsed and
compiled into a dynamically generated .NET Framework class derived
from the HttpApplication base class. The Global.asax file itself is
configured so that any direct URL request for it is automatically
rejected; external users cannot download or view the code written
within it.
The ASP.NET Global.asax file can co-exist with the ASP Global.asax
file in the same virtual directory. These two files can’t share application
and session state variables. You can create a Global.asax file either in
a WYSIWYG designer, in Notepad.
The Global.asax file is optional. If you do not define the file, the
ASP.NET page framework assumes that you have not defined any
application or session event handlers.
When you save changes to an active Global.asax file, the ASP.NET
page framework detects that the file has been changed. It completes
all current requests for the application, sends the Application_OnEnd
event to any listeners, and restarts the application domain. In effect,
this reboots the application, closing all browser sessions and flushing
all state information. When the next incoming request from a browser
arrives, the ASP.NET page framework re-parses and recompiles the
Global.asax file and raises the
1. Application_OnStart event.
2. Application_begin request
3. Session_start
4. Page_load
5. Application_endrequest
Application_begin request

When the page is requested 1, 2, 3 and 4 fires.

When the page is refreshed 1, 3 and 4 fires.
When the session is abandoned 1, 2, 3 and 4 fires.


Caching is important technique in building web sites. Some items of

the web site are expensive to construct and
Such items should be created once and stashed away in memory for a
fixed duration of time or until they
changed. Subsequent calls to these resources will not recreate the
resources but simply retrieve it from cache .
for example shopping and price list. support two types of caching

Output caching Process of caching an entire page. Work with get
request not post.
Data caching caching objects only need.
Cache.insert and cache.remove are used.

116. TRACING provide Tracing service for debugging purpose instead of
writing in response.write.
Trace.write or warn.write() are used to output debugging. They are two
Page level applies to a single page using trace=true attribute on the
top level, output shown at the bottom of the page.
Application level it should be used in a trace section in the
configuration file at application root directory.

117. Developing High-Performance ASP.NET Applications

Any programming model, writing code to create an ASP.NET Web

application has a number of pitfalls that can cause performance
problems. The following guidelines list specific techniques that you can
use to avoid writing code that does not perform at acceptable levels.
Disable session state when you are not using it. Not all applications
or pages require per-user session state, and you should disable it for
any that do not.
To disable session state for a page, set the EnableSessionState
attribute in the @ Page directive to false. For example, <%@ Page
EnableSessionState="false" %>.
Note If a page requires access to session variables, but will not
create or modify them, set EnableSessionState attribute in the @
Page directive to ReadOnly.
Session state may also be disabled for XML Web service methods..
To disable session state for an application, set the mode attribute to
off in the sessionstate configuration section in the application's
web.config file. For example, <sessionstate mode="off" />.
Choose your session-state provider carefully. ASP.NET provides
three distinct ways to store session data for your application: in-
process session state, out-of-process session state as a Windows
service, and out-of-process session state in a SQL Server database.
Each has it advantages, but in-process session state is by far the
fastest solution. If you are only storing small amounts of volatile data in
session state, it is recommended that you use the in-process provider.
The out-of-process solutions are primarily useful if you scale your
application across multiple processors or multiple computers, or where
data cannot be lost if a server or process is restarted.
Avoid unnecessary round trips to the server. there are
circumstances in which using ASP.NET server controls and post-back
event handling are inappropriate.
Typically, you need to initiate round trips to the server only when your
application is retrieving or storing data. Most data manipulations can
take place on the client in between these round trips. For example,
validating user input from HTML forms can often take place on the
client before that data is submitted to the server. In general, if you do
not need to relay information to the server to be stored in a database,
then you should not write code that causes a round trip.
Use Page.IsPostback to avoid performing unnecessary
processing on a round trip. If you write code that handles server
control post-back processing, you will sometimes want other code to
execute the first time the page is requested, rather than the code that
executes when a user posts an HTML form contained in the page. Use
the Page.IsPostBack property to conditionally execute code depending
on whether the page is generated in response to a server control
event. For example, the following code demonstrates how to create a
database connection and command that binds data to a DataGrid
server control if the page is requested for the first time.
Use server controls in appropriate circumstances. Review your
application code to make sure that your use of ASP.NET server
controls is necessary. Even though they are extremely easy to use,
server controls are not always the best choice to accomplish a task,
since they use server resources. In many cases, a simple rendering or
data-binding substitution will do.
Save server control view state only when necessary. Automatic
view-state management is a feature of server controls that enables
them to repopulate their property values on a round trip (without you
having to write any code). This feature does impact performance,
however, since a server control's view state is passed to and from the
server in a hidden form field. You should be aware of when view state
helps you and when it hinders your page's performance. For example,
if you are binding a server control to data on every round trip, the
saved view state is replaced with new values that are obtained from
the data-binding operation. In this case, disabling view state saves
processing time.
View state is enabled for all server controls by default. To disable it, set
the EnableViewState property of the control to false, as in the
following DataGrid server control example.
<asp:datagrid EnableViewState="false"
datasource="..." runat="server"/>
You can also disable view state for an entire page by using the @
Page directive. This is useful when you don't post back to the server
from a page:
<%@ Page EnableViewState="false" %>
Note The EnableViewState attribute is also supported in the @
Control directive, which allows you to control whether view state is
enabled for a user control.
Use Response.Write for String concatenation. Use the
HttpResponse.Write method in your pages or user controls for string
concatenation. This method offers buffering and concatenation
services that are very efficient. If you are performing extensive
concatenation, however, use multiple Response.Write calls. This
technique, shown in the following example, is faster than
concatenating a string with a single call to the Response.Write
Don't rely on exceptions in your code. Since exceptions cause
performance to suffer significantly, you should never use them as a
way to control normal program flow. If it is possible to detect in code a
condition that would cause an exception, do so. Do not catch the
exception itself before you handle that condition. Common scenarios
include checking for null, assigning a value to a String that will be
parsed into a numeric value, or checking for specific values before
applying math operations.
Use early binding in Visual Basic .NET or JScript code. Historically,
one of the reasons that developers enjoy working with Visual Basic,
VBScript, and JScript is their "typeless" nature. Variables can be
created simply by using them and they need no explicit type
declaration. When assigning from one type to another, conversions are
performed automatically. Unfortunately, this convenience can cause
your application's performance to suffer greatly.
The Visual Basic language now supports type-safe programming
through the use of the Option Strict compiler directive. For backward
compatibility purposes, ASP.NET does not enable this option by
default. For optimal performance, however, it is highly recommended
that you enable this option in your pages. To enable Option Strict,
include a Strict attribute in the @ Page directive or, for a user control,
the @ Control directive. The following example demonstrates how to
set this attribute and four variable calls that show how using this
attribute will cause compiler errors to occur.
Use SQL Server stored procedures for data access. Of all the data
access methods provided by the .NET Framework, SQL Server-based
data access is the recommended choice for building high-performance,
scalable Web applications. When using the managed SQL Server
provider, you can get an additional performance boost by using
compiled stored procedures instead of ad-hoc queries.
Use the SqlDataReader class for a fast forward-only data cursor.
The SqlDataReader class provides a means to read a forward-only
data stream retrieved from a SQL Server database. If situations arise
while you are creating an ASP.NET application that allow you to use it,
the SqlDataReader class offers higher performance than the DataSet
Cache data and page output whenever possible. ASP.NET provides
simple mechanisms for caching page output or data when they do not
need to be computed dynamically for every page request. In addition,
designing pages and data requests to be cached, particularly in areas
of your site that you expect heavy traffic, can optimize the performance
of those pages. More than any feature of the .NET Framework, using
the cache appropriately can affect the performance of your site,
Be sure to disable debug mode. Always remember to disable debug
mode before deploying a production application or conducting any
performance measurements. If debug mode is enabled, the
performance of your application can suffer a great deal.

118.What is ASP.NET? is a programming framework built on the CLR that can be used

on a server to build powerful web applications. offers several
advantages over the previous web development modules.
Enhanced performance. is compiled CLR code running on
the server. Unlike its interpreted predecessors, can take
advantages of early binding, JIT compilation, native optimization and
caching services right out of the box. This amounts to dramatically
better performance before you ever write a line of code.
World class tool support. The framework is complemented
by a rich toolbox and designer in the VS IDE.
Power and flexibility. Because is based on the CLR, the
power and flexibility of that entire platform is available to web
application developers. The .net framework class library, messaging,
and data access solutions are all accessible from the web. is
also language independent. So you can chose any language that best
applies to your applications.
Simplicity. makes it easy to perform common task, from
simple form submission and client authentication to deployment and
site configuration. For example the page framework allows you
to build user interface that cleanly separate application logic from
presentation code and handle events in a simple, visual basic. CLR
simplies development, with managed code services such as automatic
reference counting and garbage collection.
Manageability. employs a test based, hierarchical
configuration system, which simplifies applying settings to your server
environment and web applications. Because configuration information
is stored as a plain text, new settings may be applied without the aid of
local administration tools. This “zero local administration” philosophy
extends to deploying framework applications as well. An framework applications is deployed to a server simply by
copying the necessary files to the server. No server restart is required,
even to deploy or replace running compiled code.
Scalability and Availability. has been designed with
scalability in mind, with features specifically tailored to improve
performance in clustered and multiprocessor environments. Further,
processes are closely monitored and managed by the runtime,
so that if one misbehaves a new process can be created in its place,
which helps application constantly available to handle request.
Customizability and extensibility. delivers a well factored
architecture that allows developers to plug-in their code at the
appropriate level. In fact it is possible to extend or replace any
subcomponent of the runtime with your own custom-written
component. Implementing custom authentication or state service has
never been easier.
Security. With built in windows authentication and per-application
configuration you can be assured that your applications are secure.
Language support. The .net platform currently offers built-in support
for three languages. C#,VB and Jscript.

119.What is ASP.Net web forms?

The web form page framework is a scalable CLR programming
model that can be used on the server to dynamically generate web
pages. The web forms framework has been specifically
designed to address a number of key deficiencies in the previous
model. In particular it provides the ability to create and use reusable UI
controls that can encapsulate common functionality and thus reduce
the amount of code that a page developer has to write. web forms provide an easy and powerful way to build dynamic
Web UI. web forms pages can target any browser client web form pages provide syntax compatibility with existing asp
pages. server controls provide an easy way to encapsulate common
functionality. ships with 45 built-in server controls. Developers can also use
controls built by third parties. server controls can automatically project both uplevel and
down level HTML templates provide an easy way to customize the look and feel
of list server controls. validation controls provide an easy way to do declarative client
or server data validation.


Directives are instructions to the compiler that tell it how the page
should be run.
eg. Page,Import

<Script runat=server>

runat parameter
value server

121. What is the difference between an HTTP GET and

POST? When would you use each?
Get Method:
1.Using Get method we can pass the query string .
2.Get method send the information along with the URL.
3. Using get Method, maximum 255 characters we can pass
along with the URL as a querystring

Post method:
we can’t pass querystring.
post method send the information as apart of HTTP headers.
Unlimited no of characters we can pass using Post method

122. How would you assess how many visitors you have on
a site? Which tools have you used to make this easier?
Ans: Using Hit counter we can count the no of users visited on our site

123. Which scripting languages have you used on both the

server and the client? Why did you choose to use these in these
Ans: Server Side Script : VBScript
Client side Script: JavaScript.
Since IE (Internet Explorer) Supports that the script can be used as
client and Server side Script. But Netscape Navigator Supports VB
Script as the only Server Side Script. And javascript as the client side
script. Since our Site should be compatible on both the browser IE,
Netscape Navigator. Hence we chosen the the above.

124. How would you prevent certain people getting access

to certain parts of site?
Ans: This could be done easily. When the page is loaded,(before
displaying the page.) we have to check Whether the user have the
valid permission to view the page. If he has the permission allow him
to view. Else give an Error message saying that “You don’t have
access to view the Page.”

125. Explain the various methods or technologies that you

have used to send an email from a web server? For example, this
could be a feedback form on the site.
Ans: Email can be send by using 1.clientside script , 2. Server side

Client side Script : Mailto: - Method

Server Side : Use CDONTS Component Invoke the Send Method to
send mail.

126.What is the file “global.asa” used for?

Ans : global.asax is a text file which resides in side the virtual directory.
When ever the request comes to the webserver, global.asax get
This file gives the global scope. In Application_OnStart event we can
declare variables,methods, that can be used in all pages of the
Application. Also In Application_onEnd event we can destroy the

1) How ASP and ASP.NET page works? Explain about

page life cycle?
2) What are the contents of cookie?
3) How do you create a permanent cookie?
4) What is ViewState? What does the "EnableViewState"
property do? Why would I want it on or off?
5) Briefly describe the role of global.asax?
6) How can u debug your .net application?
7) How do u deploy your application?
8) Where do we store our connection string in
9) Various steps taken to optimize a web based application
(caching, stored procedure etc.)
10) How does ASP.NET framework maps client side events to
Server side events.
11) Security types in ASP/ASP.NET? Different Authentication
12) How .Net has implemented security for web applications?
13) How to do Forms authentication in
14) Explain authentication levels in .net ?
15) Explain autherization levels in .net ?
16) How can you debug an ASP page, without touching the
17) How can u handle Exceptions in Asp.Net?
18) How can u handle Un Managed Code Exceptions in
19) What is the Global ASA(X) File?
20) Which is the namespace used to write error message in
event Log File?
21) What are the page level transaction and class level
22) What are different transaction options?
23) What is the namespace for encryption?
24) What is the difference between application and cache
25) What is the difference between control and component?
26) You ve defined one page_load event in aspx page and
same page_load event in code behind how will prog run?
27) In what order do the events of an ASPX page execute. As a
developer is it important to undertsand these events?
28) How would you get ASP.NET running in Apache web
servers - why would you even do this?
29) What tags do you need to add within the asp:datagrid tags
to bind columns manually
30) What is AutoEventWireup attribute for ?
31) How can we create pie chart in
32) What is a proxy in web service? How do I use a proxy
server when invoking a Web service?
33) asynchronous web service means?
34) What are the events fired when web service called?
35) How will do transaction in Web Services?
36) How does SOAP transport happen and what is the role of
HTTP in it? How you can access a webservice using soap?
37) What are the different formatters can be used in both?
Why?.. binary/soap
38) How will you expose/publish a webservice?
39) What is disco file?
40) Can you pass SOAP messages through remoting?
41) What is Asynchronous Web Services?
42) Web Client class and its methods?
43) Flow of remoting?
44) What is the other method, other than GET and POST, in
45) Where on the Internet would you look for Web services?

46:GridView Events
PageIndexchanged event
PageIndexChanging Event
Row CancelingEdit Event
Row CommandEvent
RowCreated Event
Row DataBOundEvent
Row Deleted Event
Roe Deleting Event
Row Editing Event
Row Updated Event
Row Updating Event
SelectedIndexChanging Event
SelectedIndexChanged Event
Sorted Event
Sorting Event