book

Programming ASP .NET

by Jesse Liberty, Dan Hurwitz

February 2002

Intermediate to advanced

960 pages

25h 37m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Programming ASP.NET
Preface
About This BookHow This Book Is Organized
Who This Book Is For
Conventions Used in This Book
Support: A Note from Jesse Liberty
We’d Like to Hear from You
Acknowledgments
1. ASP.NET and the .NET Framework
The .NET Framework
ASP.NET
ASP.NET Versus ASPLanguages: C# and VB.NETVisual Studio .NET
2. Hello World
The HTML Version

The ASP Version
Hello World the ASP.NET Way
Hello World Using Visual Studio .NET
3. Events
Event Model
ASP Versus ASP.NET Events
Event Arguments
Application and Session Events
Page and Control Events
IsPostBack
Postback Versus Non-Postback Events
Comparing ASP.NET to ASP
4. Controls
HTML Server Controls
ASP (Web Server) Controls
ASP.NET and BrowsersASP Control HierarchyComparing HTML and ASP Server Controls
5. ASP Control Details
The Basics
Label Control
TextBox Control
Button Controls
HyperLink Control
Selecting Values
CheckBox ControlRadioButton Control
Selecting from a List
ListItem ObjectCheckBoxList ControlAdding items staticallyAdding items programmatically from an arrayAdding items from a data sourceResponding to user selectionsRadioButtonList ControlDropDownList ControlListBox Control
Tables
Table RowsTable CellsCell Width
Panel Control
Images
Image ControlAdRotator ControlTargetAdvertisement file
Calendar
Programming the Calendar ControlSelectionChanged eventDayRender eventVisibleMonthChanged event
6. Programming Web Forms
Code-Behind
State
View StateState BagApplication StateSession StateSession state configurationSession scoped application objects
Lifecycle
Directives
Application DirectiveAssembly DirectiveControl DirectiveImplements DirectiveImport DirectiveOutputCache DirectivePage DirectiveReference DirectiveRegister Directive
Using the IDE
Getting Started with the IDEBuilding the Project
7. Tracing, Debugging,and Error Handling
Creating the Sample Application
Tracing
Page-Level TracingInserting into the Trace LogApplication-Level TracingTrace Viewer
Debugging
The Debug ToolbarBreakpointsSetting a breakpointBreakpoint windowBreakpoint propertiesConditionHit countBreakpoint iconsStepping through codeExamining variables and objectsImmediate windowAutos windowLocals windowThis/Me windowWatch windowCall Stack windowThreads windowModules windowDisassembly windowRegisters windowMemory windowsConfiguration
Error Handling
Unhandled ErrorsApplication-wide Error PagesPage-Specific Error Pages
8. Validation
The RequiredFieldValidator
The Summary Validator
The Compare Validator
Checking the Input TypeComparing to Another Control
Range Checking
Regular Expressions
Custom Validation
9. Data Binding
ArrayList
Data Binding and Postback
Binding to a Class
Binding to Other Simple Controls
Binding Radio Buttons and Checkboxes
10. List-Bound Controls, Part I
Shared Properties and CollectionsDataSourceItems
The DataGrid Control
Version 1: Displaying DataVersion 2: Controlling the ColumnsData-bound columnsHandling the ItemDataBound eventConditionally setting the severity colorCreating the hyperlinkVersion 3: The Details PageSummary footerCreating the details pageVersion 4: Sorting and PagingResults on one pageImplementing the OnSortCommand event handlerAdding a sort symbolImplementing pagingHandling the event for page navigation
Next Steps
11. Accessing Data with ADO.NET
Bug Database Design
The ADO.NET Object Model
The DataSet ClassThe DataTable classThe DataRow classDBCommand and DBConnectionThe DataAdapter ObjectThe Data Reader
Getting Started with ADO.NET
Managed Providers
Creating a Data Grid
Displaying Relational DataDisplaying Parent/Child RelationshipsUsing a DataReaderDataViewCreating Data Relations
Creating Data Objects by Hand
Creating the DataTable by HandSetting column propertiesSetting constraintsAdding data to the tableAdding additional tables to the DataSetAdding rows with an array of objectsCreating Primary KeysCreating Foreign KeysCreating Data Relations
Stored Procedures
Invoking the Stored Procedure ProgrammaticallyInvoking a sproc with no parametersInvoking a Stored Procedure with ParametersInline argumentsInvoking a sproc with explicit parametersReturn values from a sproc
12. ADO Data Updates
Updating with SQL
Updating Data with Transactions
The ACID TestImplementing TransactionsDatabase transactionsConnection transaction
Updating Data Using Datasets
The Dataset and the Data AdapterSteps for Updating the DatabaseCreating and displaying a datasetPersisting the datasetUpdating the records in the datasetUpdating the datasetUpdating in the databaseThe delete commandThe update commandThe insert commandAdding transaction supportCalling the Update method
Multiuser Updates
Locking the RecordsComparing Original Against NewHandling the Errors
Command Builder
13. List-Bound Controls, Part II
Binding to the DataList and Repeater Controls
The Repeater Control
The HeaderTemplateThe SeparatorTemplateThe FooterTemplateThe ItemTemplateThe Code-Behind File
The DataList Control
In-Place Editing
Creating the EditTemplate ColumnsImplementing the Edit CycleImplementing the OnEditCommand event handlerImplementing the OnCancelCommand event handlerImplementing the OnUpdateCommand event handler
DataList Editing
14. Custom and User Controls
User ControlsAdding Code@Control PropertiesAdding PropertiesCreating a propertyProviding an underlying value for the propertyIntegrating the property into your codeSetting the property from the clientHandling EventsHandling events in C#Handling events in VB.NETCustom event arguments
Custom Controls
The Default (Full) Custom ControlPropertiesThe Render methodMaintaining stateCreating Derived ControlsCreating Composite ControlsModifying the CountedButton derived controlCreating the BookCounter composite controlINamingContainerContaining CountedButtonCreating the BookInquiryList composite controlControlBuilder and ParseChildren attributesRenderRendering the outputRendering the summary
15. Web Services Overview
How Web Services WorkDeveloping a Web ServiceCreating the ProxyCreating the Consumer
Protocols and Standards
HTTPHTTP-GETHTTP-POSTXMLSOAP.NET Support for Protocols
16. Creating Web Services
A Simple StockTickerThe WebService DirectiveThe Language attributeThe Class attributeDeriving from the WebService ClassApplication State via HttpContextThe WebMethod AttributeWebMethod propertiesThe BufferResponse propertyThe CacheDuration propertyThe Description propertyThe EnableSession propertyThe MessageName propertyThe TransactionOption PropertyThe WebService AttributeThe Description propertyThe Name propertyThe Namespace propertyData TypesUsing Code-BehindUsing a text editorUsing Visual Studio .NET
Creating a Discovery File
Deployment
17. Consuming Web Services
Discovery
Creating the Proxy
Manually Generating the Proxy Class Source CodeProxy Class DetailsCompiling the Proxy ClassAutomating the Process with a Batch File
Creating the Consuming Application
Using a Text EditorUsing Visual Studio .NETUsing Asynchronous Method Calls
18. Caching and Performance
Types of CachingClass CachingConfiguration CachingOutput CachingObject Caching
Output Caching
The OutputCache Page DirectiveDurationVaryByParamLocationVaryByControlVaryByCustomVaryByHeaderFragment Caching: Caching Part of a Page
Object Caching
Cache Class FunctionalityDependenciesFile change dependencyCached item dependencyTime dependencyScavengingCallback Support
The HttpCachePolicy Class
Performance
ASP.NET-Specific IssuesSession stateView stateCachingServer controlsWeb gardening and web farmingRound tripsGeneral .NET IssuesString concatenationMinimize exceptionsUse early bindingUse managed codeDisable debug modeDatabase Access IssuesStored proceduresUse DataReader classUse SQL classes rather than OleDB classes
Benchmarking and Profiling
19. Security
AuthenticationAnonymous AccessWindows AuthenticationRole-based securityBasic authenticationDigest authenticationIntegrated Windows authenticationPassport AuthenticationForms AuthenticationLogin formConfiguring IISConfiguring ASP.NETAuthenticating against web.configAuthenticating with redirect to a specified pageGetting the authentication cookieLogging outCertificate Authentication
Authorization
File AuthorizationURL Authorization
Impersonation
Application Identity
20. Controlling, Configuring,and Deploying Applications
What Is an Application?Virtual DirectoriesApplication DomainsAssemblies and the \bin Directory
Controlling the Application
HttpApplication Objectglobal.asaxDirectivesApplicationImportAssemblyScript blocksEventsGlobal static variables and instance methodsServer-side includesObject declarations
Configuring the Application
Hierarchical ConfigurationFormatConfiguration Section Handler DeclarationsConfiguration SectionsappSettingssystem.netsystem.webbrowserCapsclientTargetcompilationpagescustomErrorshttpRuntimeglobalizationhttpHandlershttpModulesprocessModelsessionStatetracewebControlswebServicesSecurity SettingsidentityauthenticationauthorizationmachineKeysecurityPolicytrustlocationCustom ConfigurationName/value pairsObjects
Deploying the Application
AssembliesXCOPY DeploymentGlobal Deployment
A. Relational Database Technology: A Crash Course
Tables, Records, and Columns
Table Design
NormalizationDeclarative Referential Integrity
SQL
Joining TablesUsing SQL to Manipulate the Database
B. Bug Database Architecture
Table Relationships
Index
Colophon

Content preview from Programming ASP .NET

Authorization

Once a requesting client has been authenticated, the server must then determine whether this user is allowed to access the resources it is requesting. This process is known as authorization. You have already seen an example of authorization in Example 19-4 and Example 19-5, in the <authorization> sections in web.config. The details of authorization will now be explained. There are two ways of authorizing users: file authorization and URL authorization.

File Authorization

Any Windows operating system that supports NTFS (this includes Windows NT, Windows 2000, and Windows XP) uses a security system based on Access Control Lists (ACLs). ACLs control access to any specific file or directory based on the requesting user’s membership in a Windows Domain or Active Directory and the group(s) to which that user belongs. You have seen users and groups in Figure 19-4.

Tip

You will only be able to use file authorization if the hard drive(s) containing the resources are formatted using NTFS.

If all the legitimate users of a web application are known to have Windows user accounts, then you can use file authorization to authorize a user’s access to a resource. Each user is assigned to an appropriate group and that group is given the necessary permissions, using the Computer Management console, to use the application.

Tip

For further information on the minimum file access rights required by a web application, see the Microsoft Knowledge Base Article Q187506, “List of NTFS Permissions ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 0596001711Catalog Page Errata

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Programming ASP .NET

by Jesse Liberty, Dan Hurwitz

Authorization

File Authorization

Tip

Tip

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.