ASP.NET applications
Download
Report
Transcript ASP.NET applications
Alexey Polovinkin
Post graduate student, CMC department
Anatomy of ASP.NET application
The global.asax application file
ASP.NET configuration
.NET Components
Extending HTTP pipeline
All the web pages in a single web application:
◦ share the same in-memory resources (global
application data, per-user session data, cached
data)
◦ share the same core configuration settings
Virtual directory is the basic grouping
structure that delimits ASP.NET applications
web pages (.aspx files)
web services (.asmx files)
WCF services (.svc files)
core-behind files
a configuration file (web.config)
global.asax
other components
ASP.NET uses lazy initialization technique for creating
application domains.
Application can restart himself in new application
domain:
◦ in response to error conditions;
◦ depending
on
settings
in
the
computer-wide
machine.config file, when certain thresholds are reached
(length of application domain runtime, the number of
queued requests, the amount of memory used, etc.) (see
chapter 18)
◦ when application is changed (modifying web.config,
replacing existing web page or DLL assembly)
ASP.NET starts new application domain to handle all
future requests and keeps the existing application
domain alive long enough to finish handling requests.
There is an opportunity to update ASP.NET
application without needing to restart web
server and without worrying about existing
clients.
ASP.NET uses shadow copy technique
ASP.NET ability to detect changing original
files relies on ability of Windows system to
track directories and files and send
immediate change notification.
You can use assemblies from GAC and put
your own assemblies into GAC.
Directory
Description
Bin
All the precompiled .NET assemblies (usually DLLs) that the
ASP.NET web application uses
App_Code
Source code files that are dynamically compiled for application
App_Global
Resources
Global resources that are accessible to every page in the web
application
App_Local
Resources
Resources that are accessible for dedicated pages only
App_Web
References
References to web services that web application uses (WSDL
files and discovery documents)
App_Data
Data storage, including SQL Server 2005 Express database files
and XML files
App_Browsers
Browser definitions stored in XML files (see Chapter 27)
App_Themes
The themes used by the web application (see Chapter 16)
contains event handlers to react global events
defines the methods for application class
(derives from HttpApplication)
doesn’t contain any HTML or ASP.NET tags
Application_Start()
Session_Start()
Application_Error()
Session_End()
Application_End()
Application_Disposed()
%WINDIR%\Microsoft.NET\Framework\v2.0.50727\Config
defines supported configuration file sections;
configures ASP.NET worker process;
registers providers for advanced features
(profile, membership, role-based security)
configure how ASP.NET worker process
recycles application;
configure Windows account it executes under;
Ignored by IIS >= 6.0
Allow to set the server-specific key used for
encrypted data and creating digital signatures
◦ machine specific, application specific keys
◦ single key for all applications on the computer
◦ definition of the keys explicitly
◦ definition of the application-specific keys explicitly
in the web.config file
validationKey value can be from 40 to 128
characters long
decriptionKey value can be either 16(DES) or
48(3DES) characters long
safety rules:
◦ use maximum length key available
◦ use
.NET
Framework
cryptography
(System.Security.Cryptography namespace)
classes
<configuration> - entire content of ASP.NET
configuration
◦ <system.web> - ASP.NET configuration settings
◦ <appSettings> - store custom application settings
◦ <connectionStrings> - store connection strings to
databases.
Allows to specify more than one group of
settings in the same configuration file
<location> section can be used to lock
specific settings so they can’t be overridden
• you can use as few or as many configuration sections as you
want
• web.config file is case-sensetive
allows to configure the behavior of ASP.NET
application to response to various HTTP errors
Supported modes:
◦ On – custom errors are enabled;
◦ Off – custom errors are disabled;
◦ RemoteOnly – custom errors are shown only to remote
clients but full detailed errors are displyed to local
clients
Custom error settings defined in configuration
file come into effect only if ASP.NET is handling
the request
allows to define database connection strings
that will be used in application
allows adding custom settings to the
application
<add key=“KEY STRING” value=“VALUE
STRING” />
System.Configuration namespace
ConfigurationSettings class
AppSettings property
System.Web.Configuration namespace
WebConfigurationManager class
OpenWebConfiguration() method reflects the
cumulative configuration for the current
application
OpenWebConfiguration()
method
returns
Configuration object that contains all
configuration information
<appSettings> element can be used to store
custom information that application uses, but
◦ it doesn’t provide a way to store structured information
◦ it’s limited to single strings
to extend a configuration file:
◦ determine information to store in configuration file and
its structure
◦ for each element create C# class that encapsulates
information
◦ register new element in configuration file (use
<configSections> element)
Example
ASP.NET supports two encryption options:
◦ RSA
◦ DPAPI (data protection API)
Programmatic encryption
◦ ProtectSection() – encrypt data in section;
◦ UnprotectSection() – switch off encryption;
Command-line encryption (with regiis_asp)
◦ -pe specifies configuration section to encrypt
◦ -app specifies web application’s virtual path
◦ -prov specifies provider name
Two ways to create a component:
◦ Create a new .cs file in the App_Code subdirectory
◦ Create a new class library project in Visual Studio
HTTP handlers are defined in <httpHandlers>
section of configuration file (nested in the
<system.web> element)
<add> - register new handler
<remove> - unregister existing handler
participate in
processing of a
request by handling
application events
a request can flow
trough multiple HTTP
modules but it always
ends with single
HTTP handler
HTTP modules are defined in <httpModules>
section of configuration file (nested in the
<system.web> element)
<add> - register new module
<remove> - unregister existing module
To create a custom HTTP handler you need to
make a class that implements IHttpHandler
interface
verb = “*” (use for both HTTP POST and HTTP
get requests)
path – indicates the file extension that will
invoke HTTP handler
type – identifies HTTP handler class
To create a custom HTTP handler you need to
make a class that implements IHttpHandler
interface