Asp .NET WebDev interview questions - Part 1 Posted by Unknown on 11:02 AM

1. Which of the following languages is NOT included in the default .NET Framework installation?
   • C#
   • VB.NET
   • JScript.NET
   • VBScript.NET
2. What are the different types of serialization supported in .NET Framework
   • XmlSerializer
   • SoapFormatter
   • XPathNavigator
   • HttpFormatter
3. The CLR uses which format for assembly version numbers
   • Major:Minor:Revision:Build
   • Major:Build:Minor:Revision
   • Major:Revision:Minor:Build
   • Major:Minor:Build:Revision

ASP.net Q/A Part 3 Posted by Unknown on 8:05 AM

What are major events in GLOBAL.ASAX file ?
The Global.asax file, which is derived from the HttpApplication class, maintains a pool
of HttpApplication objects, and assigns them to applications as needed. The Global.asax file contains the following events:
Application_Init: Fired when an application initializes or is first called. It is invoked for all HttpApplication object instances.
Application_Disposed: Fired just before an application is destroyed. This is the ideal location for cleaning up previously used resources.
Application_Error: Fired when an unhandled exception is encountered within the
application.
Application_Start: Fired when the first instance of the HttpApplication class is created.
It allows you to create objects that are accessible by all HttpApplication instances.
Application_End: Fired when the last instance of an HttpApplication class is destroyed.
It is fired only once during an application's lifetime.
Application_BeginRequest: Fired when an application request is received. It is the first event fired for a request, which is often a page request (URL) that a user enters.
Application_EndRequest: The last event fired for an application request.
Application_PreRequestHandlerExecute: Fired before the ASP.NET page framework begins executing an event handler like a page or Web service.
Application_PostRequestHandlerExecute: Fired when the ASP.NET page framework has finished executing an event handler.
Applcation_PreSendRequestHeaders: Fired before the ASP.NET page framework sends HTTP headers to a requesting client (browser).
Application_PreSendContent: Fired before the ASP.NET page framework send content to a requesting client (browser).
Application_AcquireRequestState: Fired when the ASP.NET page framework gets the current state (Session state) related to the current request.
Application_ReleaseRequestState: Fired when the ASP.NET page framework completes execution of all event handlers. This results in all state modules to save their current state data.
Application_ResolveRequestCache: Fired when the ASP.NET page framework completes an authorization request. It allows caching modules to serve the request from the cache,thus bypassing handler execution.
Application_UpdateRequestCache: Fired when the ASP.NET page framework completes handler execution to allow caching modules to store responses to be used to handle subsequent requests.
Application_AuthenticateRequest: Fired when the security module has established the current user's identity as valid. At this point, the user's credentials have been validated.
Application_AuthorizeRequest: Fired when the security module has verified that a user can access resources.
Session_Start: Fired when a new user visits the application Web site.
Session_End: Fired when a user's session times out, ends, or they leave the application Web site.
Note :- During interview you do not have to really cram all these events. But just keep the basic events in mind

What order they are triggered ?
They're triggered in the following order:
Application_BeginRequest
Application_AuthenticateRequest
Application_AuthorizeRequest
Application_ResolveRequestCache
Application_AcquireRequestState
Application_PreRequestHandlerExecute
Application_PreSendRequestHeaders
Application_PreSendRequestContent
Application_PostRequestHandlerExecute
Application_ReleaseRequestState
Application_UpdateRequestCache
Application_EndRequest.

How can we force all the validation control to run ?
Page.Validate

How can we check if all the validation control are valid
and proper ?
Using the Page.IsValid() property you can check whether all the validation are done.
If client side validation is enabled in your Web page, does that mean server side code is not run?
When client side validation is enabled server emit’s JavaScript code for the custom validators. But note that does not mean that server side checks on custom validators do not execute. It does this redundant check two times as some of the validators do not support client side scripting.

Which JavaScript file is referenced for validating the validators at the client side ?
WebUIValidation.js javascript file installed at “aspnet_client” root IIS directory is used to validate the validation controls at the client side

How to disable client side script in validators?
Set EnableClientScript to false.

How can I show the entire validation error message in a message box on the client side?
In validation summary set “ShowMessageBox” to true.

What is Tracing in ASP.NET ?
Tracing allows us to view how the code was executed in detail.

What exactly happens when ASPX page is requested from
Browser?
Note: - Here the interviewer is expecting complete flow of how an ASPX page is processed
with respect to IIS and ASP.NET engine.
Following are the steps which occur when we request a ASPX page :-
√ The browser sends the request to the webserver. Let us assume that the
webserver at the other end is IIS.
√ Once IIS receives the request he looks on which engine can serve this request.
When I mean engine means the DLL who can parse this page or compile and
send a response back to browser. Which request to map to is decided by file
extension of the page requested.
Depending on file extension following are some mapping
√ .aspx, for ASP.NET Web pages,
√ .asmx, for ASP.NET Web services,
√ .config, for ASP.NET configuration files,
√ .ashx, for custom ASP.NET HTTP handlers,
√ .rem, for remoting resources
√ Etc

How do you upload a file in ASP.NET ?
I will leave this to the readers … Just a hint we have to use System.Web.HttpPostedFile class.

ASP used STA threading model, what is the threading model used for ASP.NET ?
ASP.NET uses MTA threading model.

Explain the differences between Server-side and Clientside code?
Server side code is executed at the server side on IIS in ASP.NET framework, while
client side code is executed on the browser.

How do I sign out in forms authentication ?
FormsAuthentication.Signout()

If cookies are not enabled at browser end does form Authentication work?
No, it does not work.
What is the main difference between Gridlayout and FlowLayout ?
GridLayout provides absolute positioning for controls placed on the page. Developers that have their roots in rich-client development environments like Visual Basic will find it easier to develop their pages using absolute positioning, because they can place items exactly where they want them. On the other hand, FlowLayout positions items down the page like traditional HTML. Experienced Web developers favor this approach because it results in pages that are compatible with a wider range of browsers.If you look in to the HTML code created by absolute positioning you can notice lot of DIV tags. While in Flow layout you can see more of using HTML table to position elements which is compatible with wide range of browsers.

Asp.net Q/A Part 2 Posted by Unknown on 10:07 AM

What is the difference between “Web.config” and “Machine.Config” ?
“Web.config” files apply settings to each web application, while “Machine.config” fileapply settings to all ASP.NET applications.
What is a SESSION and APPLICATION object ?

Session object store information between HTTP requests for a particular user, while application object are global across users.

What is the difference between Server.Transfer and response.Redirect ?
Following are the major differences between them:-
√ Response.Redirect sends message to the browser saying it to move to some
different page, while server.transfer does not send any message to the browser but rather redirects the user directly from the server itself. So in server.transfer there is no round trip while response.redirect has a round trip and hence puts a load on server.
√ Using Server.Transfer you can not redirect to a different from the server itself.
Example if your server is www.yahoo.com you can use server.transfer to move
to www.microsoft.com but yes you can move to www.yahoo.com/travels, i.e. within websites. This cross server redirect is possible only using Response.redirect.
√ With server.transfer you can preserve your information. It has a parameter called as “preserveForm”. So the existing query string etc. will be able in the calling page. If you are navigating within the same website use “Server.transfer” or else go for “response.redirect()”

What is the difference between Authentication and
authorization?
This can be a tricky question. These two concepts seem altogether similar but there is wide range of difference. Authentication is verifying the identity of a user and authorization is process where we check does this identity have access rights to the system. In short we can say the following authentication is the process of obtaining some sort of credentials from the users and using those credentials to verify the user’s identity. Authorization is the process of allowing an authenticated user access to resources. Authentication always proceed to Authorization; even if your application lets anonymous users connect and use
the application, it still authenticates them as being anonymous.

What is impersonation in ASP.NET ?
By default, ASP.NET executes in the security context of a restricted user account on the local machine. Sometimes you need to access network resources such as a file on a shared drive, which requires additional permissions. One way to overcome this restriction is to use impersonation. With impersonation, ASP.NET can execute the request using the identity of the client who is making the request, or ASP.NET can impersonate a specific
account you specify in web.config.

Can you explain in brief how the ASP.NET authentication process works?
ASP.NET does not run by itself, it runs inside the process of IIS. So there are two
authentication layers which exist in ASP.NET system. First authentication happens at the IIS level and then at the ASP.NET level depending on the WEB.CONFIG file.
Below is how the whole process works:-
√ IIS first checks to make sure the incoming request comes from an IP address
that is allowed access to the domain. If not it denies the request.
√ Next IIS performs its own user authentication if it is configured to do so. By
default IIS allows anonymous access, so requests are automatically authenticated, but you can change this default on a per – application basis
with in IIS.
√ If the request is passed to ASP.net with an authenticated user, ASP.net checks
to see whether impersonation is enabled. If impersonation is enabled, ASP.net
acts as though it were the authenticated user. If not ASP.net acts with its own
configured account.
√ Finally the identity from step 3 is used to request resources from the operating
system. If ASP.net authentication can obtain all the necessary resources it
grants the users request otherwise it is denied. Resources can include much
more than just the ASP.net page itself you can also use .Net’s code access
security features to extend this authorization step to disk files, Registry keys
and other resources.
What are the various ways of authentication techniques in ASP.NET?
Selecting an authentication provider is as simple as making an entry in the web.config file for the application. You can use one of these entries to select the corresponding built in authentication provider:
√ authentication mode=”windows”
√ authentication mode=”passport”
√ authentication mode=”forms”
√ Custom authentication where you might install an ISAPI filter in IIS that
compares incoming requests to list of source IP addresses, and considers
requests to be authenticated if they come from an acceptable address. In that
case, you would set the authentication mode to none to prevent any of the .net authentication providers from being triggered.
Windows authentication and IIS
If you select windows authentication for your ASP.NET application, you also have to configure authentication within IIS. This is because IIS provides Windows authentication.IIS gives you a choice for four different authentication methods:
Anonymous,basic,digest and windows integrated If you select anonymous authentication, IIS doesn’t perform any authentication, Any one is allowed to access the ASP.NET application.If you select basic authentication, users must provide a windows username and password to connect. How ever this information is sent over the network in clear text, which makes basic authentication very much insecure over the internet.
If you select digest authentication, users must still provide a windows user name and password to connect. However the password is hashed before it is sent across the network.Digest authentication requires that all users be running Internet Explorer 5 or later and that windows accounts to stored in active directory.
If you select windows integrated authentication, passwords never cross the network.Users must still have a username and password, but the application uses either the Kerberos or challenge/response protocols authenticate the user. Windows-integrated authentication requires that all users be running internet explorer 3.01 or later Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Kerberos is a solution to network security
problems. It provides the tools of authentication and strong cryptography over the network to help to secure information in systems across entire enterprise
Passport authentication
Passport authentication lets you to use Microsoft’s passport service to authenticate users of your application. If your users have signed up with passport, and you configure the authentication mode of the application to the passport authentication, all authentication duties are off-loaded to the passport servers.Passport uses an encrypted cookie mechanism to indicate authenticated users. If users have already signed into passport when they visit your site, they’ll be considered authenticated by ASP.NET. Otherwise they’ll be redirected to the passport servers to log in. When they are successfully log in, they’ll be redirected back to your site.To use passport authentication you have to download the Passport Software Development
Kit (SDK) and install it on your server. The SDK can be found at http://
msdn.microsoft.com/library/default.asp?url=/downloads/list/websrvpass.aps. It includes full details of implementing passport authentication in your own applications.
Forms authentication
Forms authentication provides you with a way to handle authentication using your own custom logic with in an ASP.NET application. The following applies if you choose forms authentication.
√ When a user requests a page for the application, ASP.NET checks for the
presence of a special session cookie. If the cookie is present, ASP.NET assumes
the user is authenticated and processes the request.
√ If the cookie isn’t present, ASP.NET redirects the user to a web form you provide
You can carry out whatever authentication, it check’s you like it checks your form. When the user is authenticated, you indicate this to ASP.NET by setting a property, which creates the special cookie to handle subsequent requests.

What’s difference between Datagrid, Datalist and repeater ?
A Datagrid, Datalist and Repeater are all ASP.NET data Web controls.
They have many things in common like DataSource Property, DataBind Method
ItemDataBound and ItemCreated.When you assign the DataSource Property of a Datagrid to a DataSet then each DataRow present in the DataRow Collection of DataTable is assigned to a corresponding DataGridItem and this is same for the rest of the two controls also. But The HTML code generated for a Datagrid has an HTML TABLE element created for the particular DataRow and its a Table form representation with Columns and Rows. For a Datalist its an Array of Rows and based on the Template Selected and the RepeatColumn Property value We can specify how many DataSource records should appear per HTML row. In short in datagrid we have one record per row, but in datalist we can have five or six rows per row.For a Repeater Control, the Datarecords to be displayed depends upon the Templates specified and the only HTML generated is the due to the Templates.In addition to these, Datagrid has a in-built support for Sort, Filter and paging the Data,which is not possible when using a DataList and for a Repeater Control we would require to write an explicit code to do paging.

From performance point of view how do they rate ?
Repeater is fastest followed by Datalist and finally datagrid.

What is the method to customize columns in DataGrid?
Use the template column.

How can we format data inside DataGrid?
Use the DataFormatString property.

How to decide on the design consideration to take a Datagrid, datalist or repeater?
Many make a blind choice of choosing datagrid directly, but that's not the right way.Datagrid provides ability to allow the end-user to sort, page, and edit its data. But it comes at a cost of speed. Second the display format is simple that is in row and columns.Real life scenarios can be more demanding that With its templates, the DataList provides more control over the look and feel of the displayed data than the DataGrid. It offers better performance than datagrid Repeater control allows for complete and total control. With the Repeater, the only HTML
emitted are the values of the databinding statements in the templates along with the HTML markup specified in the templates—no "extra" HTML is emitted, as with the DataGrid and DataList. By requiring the developer to specify the complete generated HTML markup, the Repeater often requires the longest development time. But repeater does not provide editing features like datagrid so everything has to be coded by programmer.However, the Repeater does boast the best performance of the three data Web controls.Repeater is fastest followed by Datalist and finally datagrid.
Difference between ASP and ASP.NET?
ASP.NET new feature supports are as follows :-
Better Language Support
√ New ADO.NET Concepts have been implemented.
√ ASP.NET supports full language (C#, VB.NET, C++) and not simple scripting
like VBSCRIPT..
Better controls than ASP
√ ASP.NET covers large set’s of HTML controls..
√ Better Display grid like Datagrid, Repeater and datalist.Many of the display
grids have paging support.
Controls have events support
√ All ASP.NET controls support events.
√ Load, Click and Change events handled by code makes coding much simpler
and much better organized.
Compiled Code
The first request for an ASP.NET page on the server will compile the ASP.NET code and keep a cached copy in memory. The result of this is greatly increased performance.
Better Authentication Support
ASP.NET supports forms-based user authentication, including cookie management and automatic redirecting of unauthorized logins. (You can still do your custom login page and custom user checking).
User Accounts and Roles
ASP.NET allows for user accounts and roles, to give each user (with a given role) access to different server code and executables.
High Scalability
√ Much has been done with ASP.NET to provide greater scalability.
√ Server to server communication has been greatly enhanced, making it possible
to scale an application over several servers. One example of this is the ability
to run XML parsers, XSL transformations and even resource hungry session
objects on other servers.
Easy Configuration
√ Configuration of ASP.NET is done with plain text files.
√ Configuration files can be uploaded or changed while the application is running.
No need to restart the server. No more metabase or registry puzzle.
Easy Deployment
No more server restart to deploy or replace compiled code. ASP.NET simply redirects all new requests to the new code.

Asp.net Q/A Part 1 Posted by Unknown on 10:26 AM

Asp.net Q/A Part 1

What’ is the sequence in which ASP.NET events are processed ?
Following is the sequence in which the events occur :-
√ Page_Init.
√ Page_Load.
√ Control events
√ Page_Unload event.
Page_init event only occurs when first time the page is started, but Page_Load occurs in subsequent request of the page.

In which event are the controls fully loaded ?
Page_load event guarantees that all controls are fully loaded. Controls are also accessed in Page_Init events but you will see that viewstate is not fully loaded during this event.

How can we identify that the Page is PostBack ?
Page object has a “IsPostBack” property which can be checked to know that is the page posted back.

What is event bubbling ?
Server controls like Datagrid, DataList, Repeater can have other child controls inside them. Example DataGrid can have combo box inside datagrid. These child control do not raise there events by themselves, rather they pass the event to the container parent (which can be a datagrid, datalist, repeater), which passed to the page as “ItemCommand” event.As the child control send there events to parent this is termed as event bubbling.

How do we assign page specific attributes ?
Page attributes are specified using the @Page directive.

If we want to make sure that no one has tampered with ViewState, how do we ensure it?
Using the @Page directive EnableViewStateMac to True.

What is the use of @ Register directives ?
@Register directive informs the compiler of any custom server control added to the page.

What’s the use of SmartNavigation property ?
It’s a feature provided by ASP.NET to prevent flickering and redrawing when the page is posted back.
Note:- This is only supported for IE browser. Project’s who have browser compatibility as requirements have to think some other ways of avoiding flickering.

What is AppSetting Section in “Web.Config” file ?
Web.config file defines configuration for a webproject. Using “AppSetting” section we can define user defined values. Example below defined is “ConnectionString” section which will be used through out the project for database connection.

Where is ViewState information stored ?
In HTML Hidden Fields.

How many types of validation controls are provided by ASP.NET ?
There are six main types of validation controls :-
RequiredFieldValidator
It checks whether the control have any value. It's used when you want the control should not be empty.
RangeValidator
It checks if the value in validated control is in that specific range. Example TxtCustomerCode should not be more than eight length.
CompareValidator
It checks that the value in controls should match some specific value. Example Textbox
TxtPie should be equal to 3.14.
RegularExpressionValidator
When we want the control value should match with a specific regular expression.
CustomValidator
It is used to define UserDefined validation.
ValidationSummary
It displays summary of all current validation errors.
Note:- It's rare that some one will ask step by step all the validation controls. Rather they will ask for what type of validation which validator will be used. Example in one of the interviews i was asked how you display summary of all errors in the validation control...just uttered one word Validation summary.

Can you explain what is “AutoPostBack” feature in ASP.NET ?
If we want the control to automatically postback in case of any event, we will need to check this attribute as true. Example on a ComboBox change we need to send the event immediately to the server side then set the “AutoPostBack” attribute to true.

How can you enable automatic paging in DataGrid ?
Following are the points to be done in order to enable paging in Datagrid :-
√ Set the “AllowPaging” to true.
√ In PageIndexChanged event set the current pageindex clicked.
Note:- The answers are very short, if you have implemented practically its just a revision.If you are fresher just make sample code using Datagrid and try to implement this functionality.

What’s the use of “GLOBAL.ASAX” file ?
It allows to executing ASP.NET application level events and setting application-level variables.