Saturday, March 27, 2010

.NET 4 ASP.NET Congifuring & Deploying Web Applications 70-515 Exam Prep ASP.NET – Catto Code Crackin #6

Hey Now Everybody,

In this 6th post of the Catto Code Crackin series we’ll continue with the section ‘Working with Data & Services’. In the .NET 3.5 exam ‘Config & Deploying Web Apss’ are ~10%. In the .NET 4 exam the section is listed as ‘Config & Deploying Web Apps is listed as 19%. Data to me is very fun to work with. It’s one topic that where I’m very interested in learning new data access layers & spending time developing with data driven sites.

Microsoft announced the .NET 4.0 Beta Exams on St. Patrick’s Day which are a free exam & if passed you get certified. Much of the study & prep materials are not available yet, therefore I’ve been studying for a similar exam 70-562 which is the .NET 3.5 ASP.NET Application Development. I hope by posting this content it will help myself along with other people in the community learn & get excited about .NET 4. If you are serious about studying for a MS Exam 2 must have resources: the Self Paced training books are a great books to buy along with practice exams from eBay.

Let’s start with taking a look at the official skills measured from MS. Here are the main points from the skill:

1 Authorization
2 Config Providers
3 HttpHandlers
4 Init & Error Handling
5 Ref & Config Services
6 Projects & Solutions
7 Debugging
8 Deploying

Configuring and Extending a Web Application (15%)

Now book important content from chapter 14, 16 & another 4?

Ch 1.3 Working with Web.Config Files

Web sites based on a hierarchy of XML configuration files, starting with the machine.config. followed by the web.config file that is in the same folder. After that you might have a web.config file in the root of the website in each web app & in any subdirectory in a web app.

The config file can be edited with a text XML editor (I always 99.9% of time use Visual Studio). The configuration snap in for MMC or the WSAT

The WSAT is used to add and modify the web site settings.

Ch 4.2 You can use the Application collection to store info that is accessible from all web pages but is not user specific. To initialize Application variables respond to the Application_Start event in your global.aspx file.

You can use Session collection to store user specific information that is accessible from all web pages To initialize Session variables respond to the session_start event in your global.aspx file You can store session info in the servers memory using the inProc session state mode store it in ASP.NET State Service server using the StateServer mode store in a database using the SQL Server mode implement your own custom session state storage using the custom.mode or turn session state off completely.

Ch 16.1. Web setup projects allow you to create executable setup.exe files and windows installer packages (.msi files ) that administers can use to easily deploy your app to the web servers

The copy web tool can synchronize a web site between a remote and your local pc. It’s good cause if we want to deploy & test on your local pc & then upload the site to a remote web servers. The copy web tool can also be useful in environments with multiple developers because it detects versioning conflicts.

Pre compiling a web app removes the delay that occurs when ASP.NET compiles an application after the first user request. To precompile a web app use the Publish web site tool.

You can use the Cache object to store data of any type. You can then access the cashed data from other web pages in your app. The Cache object is an excellent way to reduce the number of database calls & file reads. Use the Cache.Add and Cache.Insert methods to add an object to the cache with a dependency to ensure the cached object does not become stale.

Page output caching stores a copy of a rendered page (or user control) in the server’s memory. Subsequent requests for the given resources are served from memory. Page output caching practically eliments rendering time.

Configure authentication, authorization & impersonation

14.1 Working with Profiles

14.2 Using ASP.NET Membership

14.3 Securing Your Site

You can configure user profiles using the Web.config file & the <profile> element. You add fields to this element based on which data elements you intend to track for users of your site.

ASP.NET automatically creates a strongly types object based on your profile field setting in the web.config file. You can access this class & it’s properties through the Profile <FiledName> syntax in your code.

You call the Profile.Save method to save a user’s profile to a database.

By default ASP.NET uses the SQLProfileProvider to store & retrieve user profile information to a SQL Server DB canlled ASPNETDB.mdf. You can change the provider & db using configuration files friendly adjustments.

ASP.NET provides several login controls to enable you to easily build pages that support creating user accounts, logging in, logging out, & resetting passwords. These controls include loginView, LoginStatus< PasswordRecovery, CreateUserWizard, & ChangePassword. (this is a good one eh?)

Use the Membership class when you need to perform user management tasks from w/in your code, such as creating, deleting, or modifying user accounts. This class enables you to create custom forms that provide similar functionalitly to that provided by the standasrd ASP.NET login controls.

Use the Roles class when you need ot perform role management tasks from within you code such as adding users to roles, removing users from roles, creating new roles, or examining to which roles a user belongs.

You can fonfigure an app to require Windows credentials from a user by either configuring IIS, configureing the web.config file or both.

To create custom ASP.NET forms for user authentication, first configure your Web.Config file to specify the authentication form. Then creat an ASP.NET web form to prompt the user for credentials & write code to verify the credentials & the authenticate the user. You should also provide a way for users to log off.

ASP.NET web apps support Passport which uses a centralized authentication service provided by Microsoft for a fee. (not included in the .NET 4 exam. Cardspace of .NET 3 hasn’t yet taken off eh?)

If an app does not require authentication, you can explicitly configure it for anonymous access.

By default, ASP.NET accesses resources using ASP.NET credentials. If you need to access resources from the user’s account or from a specific user account. You can use impersonation, ieither from withing your code or by configuring the web.config file.

To control which users can access folders & files in a web app, you can use either NTFS file permissions or web.config files.

Sites identify users. Authentication verifies a user.



Exam questions study style

1 Create a user profile that uses a custom type as one of the profile properties.

Custom types that you wish to use as profile properties must be marked serializable.

When you use a custom type, you must qualify it by namespace and class in the type attribute of the profile property.

2 The Publish Web Site tool is used to precompile and deploy Web sites. Precompiling reduces the delay when the first user requests a Web page, improving initial responsiveness of a site.

3 The code-behind model is used to separate code and user interface markup. Far from the MVC architecture.

4The LoginStatus control displays "Login," with a link to log in if the user is unauthenticated, or "Logout" to authenticated users.

5 The Copy Web tool detects when a version of a file has been modified on the Web server after it is synchronized with the local copy of a file. Therefore, it can detect versioning conflicts when multiple developers work on a single site.

6 In 3.5 we can combine both C# and VB pages in a single Web site.

7 Which of the following Web.config files correctly enables the Web application to track the age of anonymous users in a variable of type Int32?

<anonymousIdentification enabled="true" />
<add name="Age" type="System.Int32" allowAnonymous="true" />|

8 A Web form that enables users to log in to your Web site. 2 controls we could use is:

The Login control is required on a login page, because it prompts the user for a user name and password.

The PasswordRecovery control is a good choice for a login page because it can be used to recover a password in the event the user forgets his or her password.

9 Our application is being deployed in a load-balanced Web farm. The load balancer is not set up for user server affinity. Rather, it routes requests to servers based on their load. Your application uses session state. We should configure the SessionState mode attribute as follows:

You must manage session state on a central server in this case. StateServer allows you to do so.

You must manage session state on a central server in this case. SqlServer allows you to do so.

10 WSAT tool will allow you to manage the settings for a single Web application. In addition, you can do so through its Web-based interface.

11 Remote HTTP can be used for remote servers with Front Page Server Extensions installed and enabled.

12 Web.config requires that all users be authenticated using a Windows user account:

<authentication mode="Windows" />
<deny users="?" />

13 Any installation changes you make should occur in the Install phase.

14 After a user creates an account, he or she is notified of the successful account creation and prompted to click Continue. The ContinueButtonClick event is called when the user clicks that button.

16 Web.config file at the Web application root will apply only to that Web application.

18 You can use the Machine.config file to manage settings for both Web and Windows applications at the machine level.

19 <configuration>
<authentication mode="Windows" />
<deny users="?" />

<location path="Marketing">
<allow roles="Catto\Marketing" />
<deny users="*" />

Members of the Catto\Marketing group have access. All other users are denied access.

21 When no filename is specified in the Web.config file, ASP.NET redirects unauthenticated users to the Login.aspx page, regardless of whether the page exists.

22 Rollback phase is used to remove changes made during the Install phase if setup is cancelled or otherwise fails. Therefore, you should undo your registry modification here if the change has already taken place.

More Section 1 Exam Practice

1.1 ASP.NET Web App project you can use the Publish Web dialog box to publish a Web application

1 2 StateServer mode stores session state in a separate process called the ASP.NET State Service. This ensures that session state is preserved if the Web application is restarted & also makes session state available to multiple Web servers in a Web farm.

SQLServer mode stores session state in a SQL Server database. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm.

1 4 The Publish dialog box allows you to precompile a Web site. It also allows you to publish from your development server.

1 5 Session state stores state management information on the server and tracks a user with a single cookie. Session state is ideal for scenarios such as this because it tracks a user's information for a single visit across multiple Web pages.

1 6 Windows authentication can automatically authenticate users to either the Active Directory domain or the local user database. The user's browser can submit the credentials he or she used to log in to his or her computer without prompting the user for a user name and password. It’s not forms auth.

1 9 With an ASP.NET Web Application project you have complete control of the project's structure, namespaces, and compilation.

1 10 Create an ASP.NET Web site if you want to rely on ASP.NET dynamic compilation for iterative modifications. The Build command compiles Web site projects only to test them. To run Web sites, you can deploy source files and rely on ASP.NET dynamic compilation to compile pages and classes in the application.

1 11 Digest authentication, as well as Integrated Windows authentication or Basic authentication, support only Windows authentication.

1 12 ASP.NET Compilation tool (Aspnet_compiler.exe) enables you to compile an ASP.NET Web application, either in place or for deployment to a target location such as a production server. In-place compilation helps application performance because end users do not encounter a delay on the first request to the application while the application is compiled. We can provide Aspnet_compiler options to prevent the copy of .aspx files.

1 13 The assembly must be manually copied to the local Bin folder. Referencing from the GAC and configuring Copy Local no longer works in Visual Studio 2008.

1 15 You must define a membership provider to indicate the membership information store. Designate a membership provider by setting the defaultProvider attribute of the membership element to AspNetSqlProvider.

1 17 The ASP.NET Merge tool (Aspnet_merge.exe) enables you to combine and manage assemblies that are created by the ASP.NET Compilation tool (Aspnet_compiler.exe). The ASP.NET Merge tool provides additional flexibility when you precompile the Web site beyond what you can achieve with the ASP.NET Compilation tool alone.

1 18 Given integrated Windows IIS authentication, Windows ASP.NET authentication, and ASP.NET impersonation, ASP.NET will assume the client identity. You must add the accounts of the users requesting the Web page to the database.

1 19 You can easily determine whether a user is in a specific role by calling Roles.IsUserInRole. Alternatively, you can call Roles.GetRolesForUser and iterate through each role to determine user membership.

Roles.GetAllRoles retrieves a list of all roles that exist, regardless of role memberships.

1 20 Aspnet_regsql.exe, which is found in %windows%\Microsoft .NET\Framework\<version>. There is an -Ap option.

Show some Code:

Good old login control

<form id="form1" runat="server">
<asp:Login ID="Login1" runat="server">

In webconfig

<deny users="?" />

. Master page with user profile


public partial class MasterPage : System.Web.UI.MasterPage

protected void Page_Load(object sender, EventArgs e)
if (Profile.Name.Length > 0)
HyperLinkUserProfile.Text = "Welcome, " + Profile.Name;
HyperLinkUserProfile.Text = "Set Profile";
if (Profile.ColorPreference.Length > 0)
Panel1.BackColor =


<html xmlns="">
<head id="Head1" runat="server">
<title>My Site</title>
<asp:ContentPlaceHolder id="head" runat="server">
<body style="font-family: Verdana">
<form id="form1" runat="server">
<asp:Panel ID="Panel1" runat="server">
<h1>My Site</h1>
<hr />
<div style="float: right">
<asp:HyperLink ID="HyperLinkUserProfile" runat="server"
<asp:ContentPlaceHolder id="ContentPlaceHolderMain" runat="server">

public partial class UserProfile : System.Web.UI.Page

protected void Page_Load(object sender, EventArgs e)
if (!IsPostBack)
TextBoxName.Text = Profile.Name;
if (Profile.PostalCode > 0)
TextBoxPostal.Text = Profile.PostalCode.ToString();

if (Profile.ColorPreference.Length > 0)
DropDownListColors.SelectedValue = Profile.ColorPreference.ToString();

protected void ButtonSave_Click(object sender, EventArgs e)

Profile.Name = TextBoxName.Text;
Profile.PostalCode = short.Parse(TextBoxPostal.Text);
Profile.ColorPreference = DropDownListColors.SelectedValue.ToString();


As we see we covered the ‘Configuring & Deploying Web Applications’ section What are your thoughts on this section?

That is all & there will be more,


No comments: