book

Programming ASP.NET, Second Edition

by Jesse Liberty, Dan Hurwitz

September 2003

Intermediate to advanced

1008 pages

26h 5m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Programming ASP.NET, 2nd Edition
Preface
About This Book
How This Book Is Organized
Who This Book Is For
Conventions Used in This Book
Support: A Note from Jesse Liberty
We’d Like to Hear from You
Acknowledgments
1. ASP.NET and the .NET Framework
The .NET Framework
ASP.NET
ASP.NET Versus ASPLanguages: C# and VB.NETVisual Studio .NET

Hello World
The HTML VersionThe ASP VersionHello World the ASP.NET WayHello World Using Visual Studio .NET
2. Visual Studio .NET
Start Page
Projects and Solutions
SolutionsProjectsTemplatesProject Names
The Integrated Development Environment (IDE)
LayoutMenus and ToolbarsFile MenuNewOpenAdd New Item . . . (Ctrl+Shift+A)Add Existing Item . . . (Shift+Alt+A)Add ProjectOpen SolutionClose SolutionAdvanced Save Options . . .Source ControlEdit MenuCycle Clipboard Ring (Ctrl+Shift+V)Find and Replace/ Find in Files (Ctrl+Shift+F)Find and Replace/Replace in Files (Ctrl+Shift+H)Find and Replace/Find Symbol (Alt+F12)Go To...Insert File As Text...AdvancedIncremental search (Ctrl+I)BookmarksOutliningIntelliSenseView MenuOpen and Open With . . .Solution Explorer (Ctrl+Alt+L)Properties Windows (F4)Server Explorer (Ctrl+Alt+S)Class View (Ctrl+Shift+C)Object Browser (Ctrl+Alt+J)Other WindowsProject MenuAdd . . .Exclude From ProjectAdd Reference...Add Web Reference...Set as StartUp ProjectProject Dependencies... / Project Build Order...Build MenuDebug MenuData MenuFormat MenuTools MenuConnect to Device . . .Connect to Database...Connect to Server...Add/Remove Toolbox Items . . .Build Comment Web Pages...MacrosExternal Tools...Customize...Options...Window MenuHelp MenuDynamic Help (Ctrl+F1)Contents... (Ctrl+Alt+F1) / Index... (Ctrl+Alt+F2) / Search... (Ctrl+Alt+F3)Index Results... (Shift+Alt+F2)Search Results... (Shift+Alt+F3)Edit Filters...Check for Updates
Building and Running
3. Events
Event Model
ASP Versus ASP.NET Events
Event Arguments
Application and Session Events
Page and Control Events
IsPostBack
Postback Versus Non-Postback Events
Comparing ASP.NET to ASP
Events in Visual Studio .NET
4. Controls
HTML Server Controls
ASP (Web Server) Controls
ASP.NET and BrowsersASP Control HierarchyComparing HTML and ASP Server Controls
5. ASP Control Details
The Basics
Label Control
TextBox Control
Button Controls
HyperLink Control
Selecting Values
CheckBox ControlRadioButton Control
Selecting from a List
ListItem ObjectCheckBoxList ControlAdding items staticallyAdding items programmatically from an arrayAdding items from a data sourceResponding to user selectionsRadioButtonList ControlDropDownList ControlListBox Control
Tables
Table RowsTable CellsCell Width
Panel Control
Images
Image ControlAdRotator ControlTargetAdvertisement file
Calendar
Programming the Calendar ControlSelectionChanged eventDayRender eventVisibleMonthChanged event
6. Programming Web Forms
Code-Behind
State
View StateState BagApplication StateSession StateSession state configurationSession scoped application objects
Lifecycle
Directives
Application DirectiveAssembly DirectiveControl DirectiveImplements DirectiveImport DirectiveOutputCache DirectivePage DirectiveReference DirectiveRegister Directive
7. Tracing, Debugging, and Error Handling
Creating the Sample Application
Tracing
Page-Level TracingInserting into the Trace LogApplication-Level TracingTrace Viewer
Debugging
The Debug ToolbarBreakpointsSetting a breakpointBreakpoint windowBreakpoint propertiesConditionHit countBreakpoint iconsStepping through codeExamining variables and objectsImmediate windowAutos windowLocals windowThis/Me windowWatch windowCall Stack windowThreads windowModules windowDisassembly windowRegisters windowMemory windowsConfiguration
Error Handling
Unhandled ErrorsApplication-wide Error PagesPage-Specific Error Pages
8. Validation
The RequiredFieldValidator
The Summary Validator
The Compare Validator
Checking the Input TypeComparing to Another Control
Range Checking
Regular Expressions
Custom Validation
9. Data Binding
ArrayList
Data Binding and Postback
Binding to a Class
Binding to Other Simple Controls
Binding Radio Buttons and Checkboxes
10. List-Bound Controls, Part I
Shared Properties and CollectionsDataSourceItems
The DataGrid Control
Version 1: Displaying DataVersion 2: Controlling the ColumnsData-bound columnsHandling the ItemDataBound eventConditionally setting the severity colorCreating the hyperlinkVersion 3: The Details PageSummary footerCreating the details pageVersion 4: Sorting and PagingResults on one pageImplementing the OnSortCommand event handlerAdding a sort symbolImplementing pagingHandling the event for page navigation
Next Steps
11. Accessing Data with ADO.NET
Bug Database Design
The ADO.NET Object Model
The DataSet ClassThe DataTable classThe DataRow classDBCommand and DBConnectionThe DataAdapter ObjectThe Data Reader
Getting Started with ADO.NET
Managed Providers
Creating a Data Grid
Displaying Relational DataDisplaying Parent/Child RelationshipsUsing a DataReaderDataViewCreating Data Relations
Creating Data Objects by Hand
Creating the DataTable by HandSetting column propertiesSetting constraintsAdding data to the tableAdding additional tables to the DataSetAdding rows with an array of objectsCreating Primary KeysCreating Foreign KeysCreating Data Relations
Stored Procedures
Invoking the Stored Procedure ProgrammaticallyInvoking a sproc with no parametersInvoking a Stored Procedure with ParametersInline argumentsInvoking a sproc with explicit parametersReturn values from a sproc
12. ADO Data Updates
Updating with SQL
Updating Data with Transactions
The ACID TestImplementing TransactionsDatabase transactionsConnection transaction
Updating Data Using Datasets
The Dataset and the Data AdapterSteps for Updating the DatabaseCreating and displaying a datasetPersisting the datasetUpdating the records in the datasetUpdating the datasetUpdating in the databaseThe delete commandThe update commandThe insert commandAdding transaction supportCalling the Update method
Multiuser Updates
Locking the RecordsComparing Original Against NewHandling the Errors
Command Builder
13. List-Bound Controls, Part II
Binding to the DataList and Repeater Controls
The Repeater Control
The HeaderTemplateThe SeparatorTemplateThe FooterTemplateThe ItemTemplateThe Code-Behind File
The DataList Control
In-Place Editing
Creating the EditTemplate ColumnsImplementing the Edit CycleImplementing the OnEditCommand event handlerImplementing the OnCancelCommand event handlerImplementing the OnUpdateCommand event handler
DataList Editing
14. Custom and User Controls
User ControlsAdding Code@Control PropertiesAdding PropertiesCreating a propertyProviding an underlying value for the propertyIntegrating the property into your codeSetting the property from the clientHandling EventsHandling events in C#Handling events in VB.NETCustom event arguments
Custom Controls
The Default (Full) Custom ControlPropertiesThe Render methodMaintaining stateCreating Derived ControlsCreating Composite ControlsModifying the CountedButton derived controlCreating the BookCounter composite controlINamingContainerContaining CountedButtonCreating the BookInquiryList composite controlControlBuilder and ParseChildren attributesRenderRendering the outputRendering the summary
15. Web Services Overview
How Web Services WorkDeveloping a Web ServiceCreating the ProxyCreating the Consumer
Protocols and Standards
HTTPHTTP-GETHTTP-POSTXMLSOAP.NET Support for Protocols
16. Creating Web Services
A Simple StockTickerThe WebService DirectiveThe Language attributeThe Class attributeDeriving from the WebService ClassApplication State via HttpContextThe WebMethod AttributeWebMethod propertiesThe BufferResponse propertyThe CacheDuration propertyThe Description propertyThe EnableSession propertyThe MessageName propertyThe TransactionOption propertyThe WebService AttributeThe Description propertyThe Name propertyThe Namespace propertyData TypesUsing Code-BehindUsing a text editorUsing Visual Studio .NET
Creating a Discovery File
Deployment
17. Consuming Web Services
Discovery
Creating the Proxy
Manually Generating the Proxy Class Source CodeProxy Class DetailsCompiling the Proxy ClassAutomating the Process with a Batch File
Creating the Consuming Application
Using a Text EditorUsing Visual Studio .NETUsing Asynchronous Method Calls
18. Caching and Performance
Types of CachingClass CachingConfiguration CachingOutput CachingObject Caching
Output Caching
The OutputCache Page DirectiveDurationVaryByParamLocationVaryByControlVaryByCustomVaryByHeaderFragment Caching: Caching Part of a Page
Object Caching
Cache Class FunctionalityDependenciesFile change dependencyCached item dependencyTime dependencyScavengingCallback Support
The HttpCachePolicy Class
Performance
ASP.NET-Specific IssuesSession stateView stateCachingServer controlsWeb gardening and web farmingRound tripsGeneral .NET IssuesString concatenationMinimize exceptionsUse early bindingUse managed codeDisable debug modeDatabase Access IssuesStored proceduresUse DataReader classUse SQL or Oracle classes rather than OleDB classes
Benchmarking and Profiling
19. Security
AuthenticationAnonymous AccessWindows AuthenticationRole-based securityBasic authenticationDigest authenticationIntegrated Windows authenticationPassport AuthenticationForms AuthenticationLogin formConfiguring IISConfiguring ASP.NETAuthenticating against web.configAuthenticating with redirect to a specified pageGetting the authentication cookieLogging outCertificate Authentication
Authorization
File AuthorizationURL Authorization
Impersonation
Application Identity
20. Controlling, Configuring,and Deploying Applications
What Is an Application?Virtual DirectoriesApplication DomainsAssemblies and the \bin Directory
Controlling the Application
HttpApplication Objectglobal.asaxDirectivesApplicationImportAssemblyScript blocksEventsGlobal static variables and instance methodsServer-side includesObject declarations
Configuring the Application
Hierarchical ConfigurationFormatConfiguration Section Handler DeclarationsConfiguration SectionsappSettingssystem.netsystem.webbrowserCapsclientTargetcompilationpagescustomErrorshttpRuntimeglobalizationhttpHandlershttpModulesprocessModelsessionStatetracewebControlswebServicesSecurity settingsidentityauthenticationauthorizationmachineKeysecurityPolicytrustlocationCustom ConfigurationName/value pairsObjects
Deploying the Application
AssembliesXCOPY DeploymentGlobal Deployment
A. Relational Database Technology: A Crash Course
Tables, Records, and Columns
Table Design
NormalizationDeclarative Referential Integrity
SQL
Joining TablesUsing SQL to Manipulate the Database
B. Bug Database Architecture
Table Relationships
Index
Colophon

Content preview from Programming ASP.NET, Second Edition

Chapter 19. Security

Back in the good old days—before the Internet—when personal computers were mostly standalone or, at most, connected to an office LAN, security was not such a big deal. Until viruses were invented and became a real threat, security for most PCs meant screen-saver passwords and a lock on the office door.

All that has changed. Today’s computers are interconnected in myriad ways, on local networks and over the Internet. The pipes of data that connect your machine to the rest of the world are double-edged swords: tremendously beneficial, but at the same time potentially harmful, opening your machine to outsiders. Some of those outsiders are malicious or just plain unwelcome. In any case, it is the job of security to let the good stuff in and keep the bad stuff out.

As part of the .NET Framework, ASP.NET has a very robust security infrastructure. ASP.NET is designed to work with Microsoft Internet Information Server (IIS), Windows 2000/XP/2003, and the NTFS filesystem. Consequently, there is tight integration with the security provided inherently in those environments. If you can be certain that all your clients will be using Windows and Internet Explorer, there are features you can take advantage of to make your job as software developer that much easier. Alternatively, you can implement your own security system completely independent of Windows or NTFS.

The fundamental role of security in ASP.NET is to selectively restrict access to portions of a web site. It does ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 0596004877Catalog Page Errata

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Programming ASP.NET, Second Edition

by Jesse Liberty, Dan Hurwitz

Chapter 19. Security

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.