ASP.NET Interview Questions on Tracing
What is an exception log?
An exception log is a list of handled exceptions that occur while your application is running. Reviewing the exception log periodically helps you verify that exceptions are being handled correctly, are not occurring too frequently, and are not preventing users from accomplishing tasks with your application.
What is Tracing and what are the adavantages of using tracing to log exceptions?
Tracing is a technique for recording events, such as exceptions, in an application. There have always been ways to record errors in an application - usually by opening a file and writing error messages to it. But tracing offers the following significant advantages:
Standardization:Building tracing into the .NET Framework ensures that programming techniques are the same across all the applications you develop with the .NET Framework.
Built-in Web support:ASP.NET extends the .NET Framework tools by including information related to the performance and behavior of Web requests.
Configuration:You can turn tracing on and off using settings in your application’s configuration file. You don’t have to recompile your application to enable or disable tracing.
Performance:While disabled, tracing statements do not affect application performance.
How do you turn tracing on and off for an ASP.NET web application?
Tracing can be turned on or off for an entire Web application or for an individual page in the application:
1. To turn tracing on for an entire application, in the application’s Web.config file, set the trace element’s Enabled attribute to True.
Or
2. To turn tracing on for a single page, set the DOCUMENT object’s Trace property to True in the Visual Studio .NET Properties window. This sets the @ Page directive’s Trace attribute to True in the Web form’s HTML.
Where is the trace output displayed by default?
By default, trace output is displayed at the end of each Web page.
While this is fine for debugging purposes, you’ll generally want to write trace output to a log file when you start testing your completed application. To write trace messages to a log file for an entire application, in the application’s Web.config file, set the trace element’s PageOutput attribute to False. ASP.NET then writes trace output to the Trace.axd file in your application’s root folder.
How do you specify, how many page requets should be written to the trace log?
The <trace> element's RequestLimit attribute can be used to specify how many page requests to write to the trace log. For example, the following line from a Web.config file turns on tracing for the application and writes the first 10 requests to the Trace.axd file:
How do you write trace messages to a log file for only selected pages in an application?To write trace messages to a log file for only selected pages in an application, follow these steps:
In the application’s Web.config file, set the trace element’s Enabled attribute to True and PageOutput attribute to False.
For each Web page you want to exclude from tracing, set the @ Page directive’s Trace attribute to False.
What is the difference between Trace.Write() and Trace.Warn() methods of a trace object?
The Trace object provides the Write and Warn methods to allow you to write messages to a request’s trace information. The two methods are identical with one difference: messages written with Trace.Write are displayed in black, whereas messages written with Trace.Warn are displayed in red.
How do you programatically check if tracing is enabled?
The Trace object’s IsEnabled property can be used to programatically check if tracing is enabled.
How do you prevent from trace output being written at the bottom of the web page?
You can prevent from trace output being written at the bottom of the web page by setting the trace element’s PageOutput attribute to False in the Web.config file.
What is the name of the file to which trace log is written?
Trace.axd
Can you view Trace.axd from a remote machine?
No, by default, you can view Trace.axd only from the local server running the application. If you want to view the trace log from a remote machine, set the trace element’s LocalOnly attribute to False in the Web.config file
An exception log is a list of handled exceptions that occur while your application is running. Reviewing the exception log periodically helps you verify that exceptions are being handled correctly, are not occurring too frequently, and are not preventing users from accomplishing tasks with your application.
What is Tracing and what are the adavantages of using tracing to log exceptions?
Standardization:Building tracing into the .NET Framework ensures that programming techniques are the same across all the applications you develop with the .NET Framework.
Built-in Web support:ASP.NET extends the .NET Framework tools by including information related to the performance and behavior of Web requests.
Configuration:You can turn tracing on and off using settings in your application’s configuration file. You don’t have to recompile your application to enable or disable tracing.
Performance:While disabled, tracing statements do not affect application performance.
How do you turn tracing on and off for an ASP.NET web application?
Tracing can be turned on or off for an entire Web application or for an individual page in the application:
1. To turn tracing on for an entire application, in the application’s Web.config file, set the trace element’s Enabled attribute to True.
Or
2. To turn tracing on for a single page, set the DOCUMENT object’s Trace property to True in the Visual Studio .NET Properties window. This sets the @ Page directive’s Trace attribute to True in the Web form’s HTML.
Where is the trace output displayed by default?
By default, trace output is displayed at the end of each Web page.
While this is fine for debugging purposes, you’ll generally want to write trace output to a log file when you start testing your completed application. To write trace messages to a log file for an entire application, in the application’s Web.config file, set the trace element’s PageOutput attribute to False. ASP.NET then writes trace output to the Trace.axd file in your application’s root folder.
How do you specify, how many page requets should be written to the trace log?
How do you write trace messages to a log file for only selected pages in an application?To write trace messages to a log file for only selected pages in an application, follow these steps:
In the application’s Web.config file, set the trace element’s Enabled attribute to True and PageOutput attribute to False.
For each Web page you want to exclude from tracing, set the @ Page directive’s Trace attribute to False.
What is the difference between Trace.Write() and Trace.Warn() methods of a trace object?
The Trace object provides the Write and Warn methods to allow you to write messages to a request’s trace information. The two methods are identical with one difference: messages written with Trace.Write are displayed in black, whereas messages written with Trace.Warn are displayed in red.
How do you programatically check if tracing is enabled?
The Trace object’s IsEnabled property can be used to programatically check if tracing is enabled.
How do you prevent from trace output being written at the bottom of the web page?
You can prevent from trace output being written at the bottom of the web page by setting the trace element’s PageOutput attribute to False in the Web.config file.
What is the name of the file to which trace log is written?
Trace.axd
Can you view Trace.axd from a remote machine?
No, by default, you can view Trace.axd only from the local server running the application. If you want to view the trace log from a remote machine, set the trace element’s LocalOnly attribute to False in the Web.config file
Techniques to send data from one web form to another web form
What are the different techniques to send data from one web form to another web form? 1. Query strings :Use these strings to pass information between requests and responses as part of the Web address. Query strings are visible to the user, so they should not contain secure information such as passwords.
2. Cookies :
Use cookies to store small amounts of information on a client. Clients might refuse cookies, so your code has to anticipate that possibility.
3. Session state :
Use Session state variables to store items that you want keep local to the current session (single user).
4. Application state :
Use Application state variables to store items that you want be available to all users of the application.
ASP.NET Session State and Application State Interview Questions
What is a Session?
A Session is a unique instance of the browser. A single user can have multiple instances of the browser running on his or her machine. If each instance visits your Web application, each instance has a unique session.A session starts when a user accesses a page on a Web site for the first time, at which time they are assigned a unique session ID. The server stores the user's session ID in the Session.SessionID property.
What is the default session timeout period?
20 minutes.
Where do you generally specify the Session Timeout?
You specify the Session Timeout setting in the web.config file.
Can you specify Session Timeout in a code behind file?
Yes, can specify the Session.Timeout property as shown below in a code behind file.
Session.Timeout = 10;
How do you end a user session?
You can call the Session.Abandon() method to end a user session. If a user then tries to access a page the server will assign them a new session ID and it will clear all the previous session variables. You'll typically use Session.Abandon() on log-out pages.
What type of data can you store in Application State and Session State variables?
Application State and Session State variables are used to store data that you want to keep for the lifetime of an application or for the lifetime of a session. You can store any type of data in the Application or Session state, including objects.
Are Application State or Session State variables type safe?
No, Application and Session state variables are created on the fly, without variable name or type checking.
Do maintaining Session state affects performance?
Yes
Can you turn of Session state?
Yes, Session state can be turned off at the application and page levels.
Are Application state variables available throughout the current process?
Yes, Application state variables are available throughout the current process, but not across processes. If an application is scaled to run on multiple servers or on multiple processors within a server, each process has its own Application state.
How do you disable Session state for a Web form?
To turn Session state off for a Web form set EnableSessionState property of the Page to False.
How do you turn Session state off for an entire web application?
In the Web.config file, set the sessionstate tag to False.
What are Application State variables?
Application State variables are global variables that are available from anywhere in the application. All Sessions can access Application State variables.
How to add and remove data to Application State Variables?
//Code to add data to Application StateApplication.Add("AppName", "Sample");
//Code to remove data from Application State
Application.Remove("AppName");
How do you remove all Application State Variables data?
//Code to remove all Application State Variables data
Application.RemoveAll();
ASP.NET Interview Questions on web application Security
What is the difference between Authentication and Authorization?
Authentication is the process of identifying users. Authorization is the process of granting access to those users based on identity. Together, authentication and authorization provide the means to keeping your Web application secure from intruders.
What is Anonymous access?
Anonymous access is the way most public Web sites work. Sites containing public information allow anyone to see that information, so they don’t authenticate users. ASP.NET Web applications provide anonymous access to resources on the server by impersonation. Impersonation is the process of assigning a user account to an unknown user.
What is the account that is associated with Anonymous access?
By default, the anonymous access account is named IUSER_machinename. You use that account to control anonymous users’ access to resources on the server.
What is the default user account under which an ASP.NET web application run on a web server?
Under the default settings, ASP.NET uses the ASPNET account to run the Web application. This means that if the application attempts to perform any tasks that are not included in the ASPNET account’s privileges, a security exception will occur and access will be denied.
How do you restrict the access of anonymous users?
You restrict the access of anonymous users by setting Windows file permissions. To be secure, your server must use the Microsoft Windows NT file system (NTFS). The earlier FAT or FAT32 file systems do not provide file-level security.
What are the 3 major ways to authenticate and authorize users within an ASP.NET Web application?
Windows authentication : Identifies and authorizes users based on the server’s user list. Access to resources on the server is then granted or denied based on the user account’s privileges. This works the same way as regular Windows network security.
Forms authentication : Directs users to a logon Web form that collects user name and password information, and then authenticates the user against a user list or database that the application maintains.
Passport authentication : Directs new users to a site hosted by Microsoft so that they can register a single user name and password that will authorize their access to multiple Web sites. Existing users are prompted for their Microsoft Passport user name and password, which the application then authenticates from the Passport user list.
What is the namespace where all security related classes are present?
System.Web.Security
What type of authentication can be used for Public Internet Web application?
Anonymous access. This is the common access method for most Web sites. No logon is required, and you secure restricted resources using NTFS file permissions.
What type of authentication can be used for Intranet Web application?
Windows authentication. Windows authentication authenticates network users through the domain controller. Network users have access to Web application resources as determined by their user privileges on the server.
What type of authentication can be used for Private corporate Web application?
Windows authentication. Corporate users can access the Web application using their corporate network user names and passwords. User accounts are administered using the Windows network security tools.
What type of authentication can be used for Commercial Web application?
Forms authentication. Applications that need to collect shipping and billing information should implement Forms authentication to gather and store customer information.
What type of authentication can be used for Multiple commercial Web applications?Passport authentication. Passport authentication allows users to sign in once through a central authority. The user’s identity is then available to any application using the Passport SDK. Customer information is maintained in a Passport profile, rather than in a local database.
Can you use ASP.NET Authentication with HTM and HTML Files?
The three ASP.NET authentication modes apply to files that are part of the Web application. That includes Web forms (.aspx), modules (.asax), and other resources that are processed through the Web application’s executable. It does not automatically include HTML pages (.htm or .html). Those pages are handled by Internet Information Services (IIS), rather than ASP.NET. If you want to authenticate users who access HTML pages from within your Web application using Windows, Forms, or Passport authentication modes, you must map those files to the ASP.NET executable.
How do map .htm and .html files to the ASP.NET executable using the IIS snap-in?
To map .htm and .html files to the ASP.NET executable using the IIS snap-in, follow these steps:
1. In the IIS snap-in, select the folder containing your Web application, and then choose Properties from the Action menu. IIS displays the Properties dialog box.
2. Click the Home Directory or Virtual Directory tab, and then click Configuration. IIS displays the Application Configuration dialog box, as shown in the diagram below.
3. Click Add. IIS displays the Add/Edit Application Extension Mapping dialog box, as shown in the diagram below.
4. Click Browse, and select the aspnet_isapi.dll file. That file is stored in the Windows Microsoft .NET Framework directory; the path will be something like C:\Windows\Microsoft.NET\Framework\versionnumber\aspnet_isapi.dll.
5. Type .htm in the File Extension box, and click OK.
6. Repeat steps 3 through 5 for the .html file extension. Click OK to close the IIS dialog boxes when you’ve finished.
what is advantage of asp.net?
ASP.NET is a very valuable tool for programmers and developers as it allows them to build dynamic, rich web sites and web applications.
2. With built-in Windows authentication and per-application configuration, your applications are safe and secured.
3. It provides better performance by taking advantage of early binding, just-in-time compilation, native optimization, and caching services right out of the box.
4. The ASP.NET framework is complemented by a rich toolbox and designer in the Visual Studio integrated development environment. WYSIWYG editing, drag-and-drop server controls, and automatic deployment are just a few of the features this powerful tool provides.
5. Provides simplicity as ASP.NET makes it easy to perform common tasks, from simple form submission and client authentication to deployment and site configuration.
6. The source code and HTML are together therefore ASP.NET pages are easy to maintain and write. Also the source code is executed on the server. This provides a lot of power and flexibility to the web pages.
7. All the processes are closely monitored and managed by the ASP.NET runtime, so that if process is dead, a new process can be created in its place, which helps keep your application constantly available to handle requests.
8. It is purely server-side technology so, ASP.NET code executes on the server before it is sent to the browser.
9. Being language-independent, it allows you to choose the language that best applies to your application or partition your application across many languages.
10. ASP.NET makes for easy deployment. There is no need to register components because the configuration information is built-in.
11. The Web server continuously monitors the pages, components and applications running on it. If it notices any memory leaks, infinite loops, other illegal activities, it immediately destroys those activities and restarts itself.
12. Easily works with ADO.NET using data-binding and page formatting features. It is an application which runs faster and counters large volumes of users without having performance problems
Interview Questions on cascading style sheets
What are the 2 ways provided by ASP.NET to format output in a Web application?
1. Use cascading style sheets (CSS) to control the appearance of elements on a Web form.These styles can set the color, size, font, and behavior of the HTML elements on a Web page.
2. Use Extensible Stylesheet Language Transformations (XSLT) to convert information from an Extensible Markup Language (XML) file to HTML output and position that information on a Web form. XSLT puts data from the XML file into HTML elements and applies styles to those elements.
What are Cascading style sheets?
Cascading style sheets (CSS) collect and organize all of the formatting information applied to HTML elements on a Web form. Because they keep this information in a single location, style sheets make it easy to adjust the appearance of Web applications.What are the 3 levels at which formatting can be applied with in a web application?
1. Styles can be defined in a style sheet file. Styles in a style sheet can be applied to all webforms referencing the style sheet.
2. You can also define styles in the page’s head element. These styles can be applied to all elements on the current page.
3. You can also define styles inline, in the HTML tag itself. Inline styles are applicable only to the HTML element in which these styles are defined.
Inline formatting takes precedence over local formatting, which, in turn, takes precedence over global formatting. These precedence rules are the reason style sheets are referred to as cascading.
What are the advantages of storing style definitions in a style sheet file (.css) rather than locally in each Web form or inline with each HTML element?
1. Formatting can be maintained in one location so that you make changes only once for an entire application.
2. Several sets of parallel formatting rules can be maintained in separate style sheets for formatting output on different devices or for different user needs. For example, an application might provide standard, enlarged-type, and printer-friendly style sheets that the user can select at run time.
3. In general, you should use page and inline styles only when you have a really good reason to override the global styles. Relying heavily on page and inline styles can make it difficult to maintain the formatting in a Web application.What HTML element is used to reference a style sheet on webform?To reference a style sheet on webform you must add a link element to the page’s head element, as shown below.<link href="Styles.css" type="text/css" rel="stylesheet">What is the use of Style Builder?
Style Builder is used to change the appearance of any of the styles in a style sheet. Changes to the style sheet change the appearance of all Web forms that reference that style sheet.How do you modify a style sheet using style builder?To modify a style sheet using style builder, follow these steps:
1. Open the style sheet in Visual Studio. Visual Studio .NET displays the style definitions in the Document window and an outline of the style sheet in the Tool window
2. Select the style to modify from the Tool window. Visual Studio .NET displays the definition for that style in the Document window.
3. Right-click in the style definition or right-click the style in the Tool window, and select Build Style from the shortcut menu. Visual Studio .NET displays the Style Builder Wizard.
4. Use the Style Builder to compose the formatting that you want to add or modify in the selected style, and then click OK.
5. When you have finished, you’ll see that the Style Builder adds the new or modified style attributes to the style definition.Can you apply styles using class names or element IDs?Yes, Using class names allows you to apply a single style to a number of different elements or to style the same element differently, depending on how the element is used. Using element IDs allows you to apply a style to a unique element on one or more Web forms.
When you create a style rule for a class, Visual Studio .NET adds a style definition to the style sheet using a .classnameidentifier.
You apply the style class to HTML elements by using the class attribute. You apply the style to server controls by using theCssClass attribute.Can you change style sheets at run time?Yes.