Home Page Icon
Home Page
Table of Contents for
Dedication
Close
Dedication
by Dino Esposito
Programming Microsoft® ASP.NET 4
Programming Microsoft® ASP.NET 4
Dedication
A Note Regarding Supplemental Files
Acknowledgments
Introduction
Who Should Read This Book?
System Requirements
Code Samples
Errata & Book Support
We Want to Hear from You
Stay in Touch
I. The ASP.NET Runtime Environment
1. ASP.NET Web Forms Today
The Age of Reason of ASP.NET Web Forms
The Original Strengths
Page Postbacks
The View State
Server Controls
Today’s Perceived Weaknesses
More Control over HTML
Separation Between Processing and Rendering
Lightweight Pages
How Much Is the Framework and How Much Is It You?
The Page Controller Pattern
Revisiting the Page Controller Pattern
The AJAX Revolution
Moving Away from Classic ASP.NET
What’s a Paradigm Shift?
The AJAX Paradigm Shift
The Data-for-Data Model
What Web Do We Want for Developers?
AJAX as a Built-in Feature of the Web
Selective Updates
Direct Scripting
ASP.NET of the Future
ASP.NET MVC
ASP.NET MVC Highlights
A Runtime for Two
Control over Markup
ASP.NET MVC and Simplicity
ASP.NET Web Pages
Small, Simple, and Seamless
Code and View Together
Summary
2. ASP.NET and IIS
The Web Server Environment
A Brief History of ASP.NET and IIS
The Standalone ASP.NET Worker Process
The IIS Native Worker Process
A Shared Pipeline of Components
The Journey of an HTTP Request in IIS
Events in the Request Life Cycle
ASP.NET Request Processing in Integrated Pipeline Mode
Building a Response for the Request
Adding Your Own Code to the Pipeline
Some New Features in IIS 7.5
Autostarting Web Applications
Application Pool Custom Identities
Deploying ASP.NET Applications
XCopy Deployment for Web Sites
The Copy Web Site Function of Visual Studio 2010
Copying Files
Building a Setup Project
Packaging Files and Settings
The Web Deployment Tool
Building a WDT Package
Propagating IIS Settings
Web.config Transformations
Site Precompilation
In-Place Precompilation
Precompilation for Deployment
Configuring IIS for ASP.NET Applications
Recycling Policies
Unexpected Restarts
Output Caching Settings
Application Warm-up and Preloading
Behavior of a Warmed-up Application Pool
Setting Up the Application Pool
Specifying the Warm-up Code
Summary
3. ASP.NET Configuration
The ASP.NET Configuration Hierarchy
Configuration Files
The Tree of Configuration Files
The Configuration Schema
Sections and Section Groups
The <location> Section
Centralized Configuration
Machinewide Settings
Unmodifiable Settings
The <system.web> Section
The <anonymousIdentification> Section
The <authentication> Section
The <authorization> Section
The <browserCaps> Section
The <caching> Section
The <customErrors> Section
The <deployment> Section
The <globalization> Section
The <httpHandlers> Section
The <httpModules> Section
The <healthMonitoring> Section
The <hostingEnvironment> Section
The <httpCookies> Section
The <httpRuntime> Section
The <identity> Section
The <machineKey> Section
The <membership> Section
The <pages> Section
The <processModel> Section
The <profile> Section
The <roleManager> Section
The <securityPolicy> Section
The <sessionState>Section
The <siteMap> Section
The <trace> Section
The <trust> Section
The <urlMappings> Section
The <webControls> Section
The <xhtmlConformance> Section
Other Top-Level Sections
The <appSettings> Section
The <connectionStrings> Section
The <configProtectedData> Section
The <system.web.extensions> Section
The <system.webServer> Section
Managing Configuration Data
Using the Configuration API
Retrieving Web Configuration Settings
Retrieving Application Settings
Updating Application Settings
Encrypting a Section
Using a Command-Line Tool
Using a Programmatic Approach
Choosing the Encryption Provider
Creating Custom Configuration Sections
Summary
4. HTTP Handlers, Modules, and Routing
Writing HTTP Handlers
The IHttpHandler Interface
Members of the IHttpHandler Interface
A Very Simple HTTP Handler
Registering the Handler
Preconditions for Managed Handlers
Handlers Serving New Types of Resources
The Picture Viewer Handler
Designing the HTTP Handler
Implementing the HTTP Handler
Serving Images More Effectively
Loading Images from Databases
Serving Dynamically Generated Images
Writing Copyright Notes on Images
Controlling Images via an HTTP Handler
Advanced HTTP Handler Programming
Deploying Handlers as ASHX Resources
Prevent Access to Forbidden Resources
Should It Be Reusable or Not?
HTTP Handler Factories
Asynchronous Handlers
Implementing Asynchronous Handlers
Writing HTTP Modules
The IHttpModule Interface
A Custom HTTP Module
Wiring Up Events
Registering with the Configuration File
Accessing Other HTTP Modules
Examining a Real-World HTTP Module
The UrlRoutingModule Class
The PostResolveRequestCache Event
URL Routing
The URL Routing Engine
Original URL Rewriting API
URL Patterns and Routes
Routing in Web Forms
Defining Routes for Specific Pages
Programmatic Access to Route Values
Structure of Routes
Preventing Routing for Defined URLs
Summary
II. ASP.NET Pages and Server Controls
5. Anatomy of an ASP.NET Page
Invoking a Page
The Runtime Machinery
Resource Mappings
Representing the Requested Page
Partial Classes in ASP.NET Projects
Processing the Request
The HttpRuntime Class
The Application Factory
The HttpApplication Object
The Page Factory
The Processing Directives of a Page
The @Page Directive
The @Assembly Directive
The @Import Directive
The @Implements Directive
The @Reference Directive
The Page Class
Properties of the Page Class
Intrinsic Objects
Worker Properties
Context Properties
Methods of the Page Class
Rendering Methods
Controls-Related Methods
Script-Related Methods
Events of the Page Class
The Eventing Model
Introducing the View State
The Single Form Model
Asynchronous Pages
The Async Attribute
The AddOnPreRenderCompleteAsync Method
The Significance of PreRenderComplete
Building a Sample Asynchronous Page
The RegisterAsyncTask Method
Choosing the Right Approach
Async-Compliant Operations
The Page Life Cycle
Page Setup
The PreInit Event
The Init Event
The InitComplete Event
View-State Restoration
Processing Posted Data
The PreLoad Event
The Load Event
Handling Dynamically Created Controls
Handling the Postback
Detecting Control State Changes
Executing the Server-Side Postback Event
The LoadComplete Event
Page Finalization
The PreRender Event
The PreRenderComplete Event
The SaveStateComplete Event
Generating the Markup
The Unload Event
Summary
6. ASP.NET Core Server Controls
Generalities of ASP.NET Server Controls
Properties of the Control Class
Identifying a Server Control
Client ID Modes
ASP.NET Control Containers
View State of Controls
Visibility of a Server Control
Methods of the Control Class
Events of the Control Class
Other Features
Adaptive Rendering
Getting CSS-Friendly HTML
Browser-Sensitive Rendering
Themeable Controls
HTML Controls
Generalities of HTML Controls
The HtmlControl Base Class
Working with HTML Attributes
Hierarchy of HTML Controls
HTML Container Controls
Managing Header Information
Linking External CSS Files
Managing Meta Information
Navigating to a URL
Handling Events on the Server
The HtmlSelect Control
The HtmlTextArea Control
HTML Input Controls
Command Buttons
Controlling Validation
Detecting State Changes of Controls
Uploading Files
The HtmlImage Control
Web Controls
Generalities of Web Controls
Properties of Web Controls
Styling Web Controls
Managing the Style of Web Controls
Methods of Web Controls
Core Web Controls
Button Controls
HyperLinks
Images and Image Buttons
Check Boxes and Radio Buttons
Text Controls
Hidden Fields and File Upload
Miscellaneous Web Controls
The AdRotator Control
The Calendar Control
The Xml Control
The PlaceHolder Control
View Controls
Summary
7. Working with the Page
Dealing with Errors in ASP.NET Pages
Basics of Exception Handling
Exceptions in Action
Guidelines for Exception Handling
Basics of Page Error Handling
Default Error Pages
Page-Level Error Handling
Global Error Handling
Logging Exceptions
Robust Error Handling
Mapping Errors to Pages
The <customErrors> Section
Using Custom Error Pages
Handling Common HTTP Errors
Getting Information About the Exception
Error Reporting
Features of an Error Reporting System
Error Reporting Tools
Self-Logging Exceptions
Page Personalization
Creating the User Profile
Definition of the Data Model in a Web Site Project
The User Profile Class Representation
Using Collection Types
Using Custom Types
Grouping Properties
Definition of the Data Model in a WAP Project
Interacting with the Page
Creating the Profile Database
Working with Anonymous Users
Accessing Profile Properties
User Profiles in Action
Personalization Events
Migrating Anonymous Data
Profile Providers
Configuring Profile Providers
Structure of AspNetDb.mdf
Custom Profile Providers
Page Localization
Making Resources Localizable
Global and Local Resources
Using Resources: Declarative vs. Programmatic
Dealing with Global Resources
Dealing with Local Resources
Resources and Cultures
Setting the Current Culture in .NET Applications
Setting the Current Culture in ASP.NET Pages
Changing Culture on the Fly
Adding Resources to Pages
Using Script Files
Scripts at the Bottom of the Page
Using a Content Delivery Network
Reasons for Minifying a Script File
Localized Scripts
Using Cascading Style Sheets and Images
Grouping Images into Sprites
External References vs. Inline Content
Summary
8. Page Composition and Usability
Page Composition Checklist
Working with Master Pages
What’s a Master Page, Anyway?
The @Master Directive
The ContentPlaceHolder Container Control
Specifying Default Content
Writing a Content Page
The Content Control
Content Pages and Auxiliary Content
Attaching Pages to a Master
Device-Specific Masters
Processing Master and Content Pages
Compiling Master Pages
Serving the Page to Users
Nested Master Pages
Programming the Master Page
Exposing Master Properties
Invoking Properties on the Master
The @MasterType Directive
Changing the Master Page Dynamically
Styling ASP.NET Pages
What’s a Theme, Anyway?
Structure of a Theme
Theming Pages and Controls
Applying Skins
Taking Control of Theming
Loading Themes Dynamically
Page Usability Checklist
Cross-Browser Rendering
Detecting Browser Capabilities
Browser Definition Files
Browser Capabilities Providers
Search Engine Optimization
Quick SEO Checklist
SEO and ASP.NET
Tools for Measuring SEO Level
Site Navigation
Defining Site Map Information
Site Map Providers
The SiteMap Class
The SiteMapPath Control
Configuring the Site Map
Using Multiple Site Map Files
Securing ASP.NET Site Maps
Localizing Site Map Information
Localizing the Site Navigation Structure
Testing the Page
Testing the Logic of the Page
Testing the Client-Side Behavior of the Page
Testing Posted Data
Summary
9. ASP.NET Input Forms
Programming with Forms
The HtmlForm Class
Properties of the HtmlForm Class
Methods of the HtmlForm Class
Multiple Forms
Using HTML Forms
Nested HTML Forms
Multiple Server <form> Tags on a Page
Multiple View and Wizards
Cross-Page Postings
Posting Data to Another Page
The @PreviousPageType Directive
Detecting Cross-Page Postings
Redirecting Users to Another Page
Validation Controls
Generalities of Validation Controls
The BaseValidator Class
Associating Validators with Input Controls
Gallery of Controls
The CompareValidator Control
The CustomValidator Control
The RegularExpressionValidator Control
The RangeValidator Control
The RequiredFieldValidator Control
Special Capabilities
Server-Side Validation
Displaying Error Information
Multiple Validators per Control
The ValidationSummary Control
Enabling Client Validation
Validation Groups
Dealing with Validation in Cross-Page Posts
Working with Wizards
An Overview of the Wizard Control
Structure of a Wizard
Wizard Styles and Templates
The Wizard’s Programming Interface
Adding Steps to a Wizard
Types of Wizard Steps
Creating an Input Step
Defining the Sidebar
Navigating Through the Wizard
Filtering Page Navigation with Events
Canceling Events
Finalizing the Wizard
Summary
10. Data Binding
Foundation of the Data Binding Model
Feasible Data Sources
Collection Classes
ADO.NET Classes
Queryable Objects
Data-Binding Properties
The DataSource Property
The DataSourceID Property
The DataMember Property
The DataTextField Property
The DataValueField Property
The AppendDataBoundItems Property
The DataKeyField Property
Data-Bound Controls
List Controls
The DropDownList Control
The CheckBoxList Control
The RadioButtonList Control
The ListBox Control
The BulletedList Control
Iterative Controls
The Repeater Control
The DataList Control
The DataGrid Control
View Controls
The DetailsView Control
The FormView Control
The GridView Control
The ListView Control
Data-Binding Expressions
Simple Data Binding
Binding in Action
Implementation of Data-Binding Expressions
The DataBinder Class
The Eval Method
A More Compact Eval
Getting the Default Data Item
Managing Tables of Data
The GridView’s Object Model
Events of the GridView Control
Binding Data to the Grid
Configuring Columns
Bound Fields
Button Fields
Hyperlink Fields
Check Box Fields
Image Fields
Templated Fields
Working with the GridView
Paging Data
Sorting Data
Editing Data
Data Source Components
Internals of Data Source Controls
Data Source Views
Hierarchical Data Source Views
The ObjectDataSource Control
Programming Interface of ObjectDataSource
Implementing Data Retrieval
Using Parameters
Caching Data and Object Instances
Setting Up for Paging
Updating and Deleting Data
Configuring Parameters at Runtime
Summary
11. The ListView Control
The ListView Control
The ListView Object Model
Properties of the ListView Control
Events of the ListView Control
Compared to Other View Controls
Simple Data Binding
Defining the Layout of the List
Building a Tabular Layout
Definition of the Overall Layout
Definition of the Item Template
Using Alternate Rendering for Data Items
Reflecting On the Table Layout
Building a Flow Layout
Definition of the Overall Layout
Definition of the Item Layout
Building a Tiled Layout
Grouping Items
Using the Group Separator Template
Modifying the Group Item Count Dynamically
Data-Driven Group Templates
Styling the List
Style Properties
Using Cascading Style Sheets
Working with the ListView Control
In-Place Editing
Defining the Edit Item Template
Adding Predefined Command Buttons
Adding Custom Command Buttons
Conducting the Update
Deleting an Existing Record
Showing a Message Box upon Completion
Inserting New Data Items
Setting Up the Insert Item Template
Taking Full Control of the Insert Template
Adding a Bit of Validation
Selecting an Item
Triggering the Selection
Releasing the Selection
Paging the List of Items
The DataPager Control
Using the DataPager Control
Configuring the Data Pager Fields
Pageable Containers
Sorting the List
Summary
12. Custom Controls
Extending Existing Controls
Choosing a Base Class
Inheriting from a Base Class
Extending a Base Class
A Richer HyperLink Control
Designing a Usage Scenario
A Redirector for the HyperLink Control
Building Controls from Scratch
Base Class and Interfaces
Control vs. WebControl
Related Interfaces
Choosing a Rendering Style
The Render Method
Building the Control Tree
The SimpleGaugeBar Control
Defining the Object Model
Implementing the Object Model
Setting Up the Ruler
Setting Up the Control’s Site
Rendering the SimpleGaugeBar Control
Generating the HTML for a Custom Control
Using Child Controls for Rendering
The Gauge in Action
Building a Data-Bound Control
Key Features
Adding Data-Bound Properties
Adding a Data Item Property
Overriding the PerformDataBinding Method
The GaugeBar Control
Mapping Data Source Fields to Control Properties
The GaugeBar’s Data Item Object
Data Item and View State
Ad Hoc View-State Management
Getting Bound Data
Building a Composite Templated Control
Generalities of Composite Data-Bound Controls
Creating a Hierarchy of Child Controls
The Overloaded CreateChildControls
The Control Item
The BarChart Control
The BarChart Item Object
Adding Bound Data
Events of the BarChart Control
Using the BarChart Control
Adding Template Support
Templates and User Controls
Defining a Template Property
Defining a Template Container
Setting a Template Property
Rendering a Template
Summary
III. Design of the Application
13. Principles of Software Design
The Big Ball of Mud
Reasons for the Mud
Limited Skills
Requirements Churn
Members Turnover
Alarming Symptoms
Make a Change Here, Break the Code There
Easier to Use Than to Reuse
Easier to Work Around Than to Fix
Universal Software Principles
Cohesion and Coupling
Cohesion at a Glance
Coupling at a Glance
Separation of Concerns
Identifying the Concerns
Modularity
Information Hiding
SOLID Principles
The Single Responsibility Principle
SRP Canonical Example
SRP Real-World Considerations
The Open/Closed Principle
OCP Canonical Example
OCP Real-World Considerations
Liskov’s Substitution Principle
Substitution Principle Canonical Example
Substitution Principle Real-World Considerations
The Interface Segregation Principle
Interface Segregation Canonical Example
Interface Segregation Real-World Considerations
The Dependency Inversion Principle
Dependency Inversion Canonical Example
Dependency Inversion Real-World Considerations
Tools for Dependency Injection
Managed Extensibility Framework at a Glance
MEF vs. IoC
Should You Choose MEF or an IoC?
MEF in Action
Unity at a Glance
Registering Types and Instances
Resolving Dependencies
Declarative Configuration
Lifetime Managers
Summary
14. Layers of an Application
A Multitiered Architecture
The Overall Design
Methodologies
The Business Layer
Design Patterns for the BLL
The Transaction Script Pattern
The Table Module Pattern
The Active Record Pattern
The Domain Model Pattern
The Application Logic
The Service Layer Pattern
When the Application Logic Is Deployed Remotely
Exposing Entities to the Presentation Layer
Data Transfer Objects
The Data Access Layer
Implementation of a DAL
DAL and the Table Module Pattern
DAL and the Active Record Pattern
DAL and the Domain Model Pattern
Interfacing the DAL
Support for Multiple Databases
The Repository Pattern
Using an Object/Relational Mapper
LINQ-to-SQL
Entity Framework
NHibernate
O/RM Tools and SQL Code
Beyond Classic Databases
Going to the Cloud
Microsoft Dynamics CRM 2011
Schema-less Storage
Summary
15. The Model-View-Presenter Pattern
Patterns for the Presentation Layer
The MVC Pattern
Generalities of the MVC Pattern
Role of the Model
Role of the View
Role of the Controller
Web Forms and the MVC Pattern
The MVP Pattern
Generalities of the MVP Pattern
Role of the Model
Role of the View
Role of the Presenter
Web Forms and the MVP Pattern
The MVVM Pattern
Generalities of the MVVM Pattern
Web Forms and MVVM
Implementing Model View Presenter
Abstracting the View
From Use-Cases to the View
Implementing the Interface
Creating the Presenter
Getting a Presenter’s Instance
Using the Presenter
How Does the Presenter Retrieve Data?
Connecting the Presenter to the Service Layer
Presenter in Action
Sharing the Presenter with a Windows Application
Navigation
The Application Controller Pattern
Defining the Navigation Workflow
Navigating Within a Web Forms Site
Testability in Web Forms with MVP
Writing Testable Code
Aspects of Testable Code
Unit Testing
Test-Driven Development
Testing a Presenter Class
Creating a Unit Test
Testing Presenters in Isolation
Summary
IV. Infrastructure of the Application
16. The HTTP Request Context
Initialization of the Application
Properties of the HttpApplication Class
Application Modules
Methods of the HttpApplication Class
Events of the HttpApplication Class
The global.asax File
Compiling global.asax
Syntax of global.asax
Application Directives
Code Declaration Blocks
Server-Side <object> Tags
Static Properties
The HttpContext Class
Properties of the HttpContext Class
Methods of the HttpContext Class
URL Rewriting
Loading Resources Programmatically
The Server Object
Properties of the HttpServerUtility Class
Methods of the HttpServerUtility Class
Embedding Another Page’s Results
Server-Side Redirection
The HttpResponse Object
Properties of the HttpResponse Class
Setting the Response Cache Policy
Setting an Output Filter
Methods of the HttpResponse Class
Output Caching Features
Large File Transmission
The HttpRequest Object
Properties of the HttpRequest Class
Information About the Request
Information from the Client
Information About the Connection
Methods of the HttpRequest Class
Saving the Request to Disk
Validating Client Input
Summary
17. ASP.NET State Management
The Application’s State
Properties of the HttpApplicationState Class
Methods of the HttpApplicationState Class
State Synchronization
Tradeoffs of Application State
The Session’s State
The Session-State HTTP Module
State Client Managers
Creating the HttpSessionState Object
Synchronizing Access to the Session State
Properties of the HttpSessionState Class
Methods of the HttpSessionState Class
Working with a Session’s State
Identifying a Session
Generating the Session ID
Session Cookies
Cookieless Sessions
Issues with Cookieless Sessions
Cookieless Sessions and Security
Cookieless Sessions and SEO
Configuring the Session State
Lifetime of a Session
The Session_Start Event
The Session_End Event
Why Does My Session State Sometimes Get Lost?
Persist Session Data to Remote Servers
State Serialization and Deserialization
Storing Session Data
Configuring the StateServer Provider
Persist Session Data to SQL Server
Performance and Robustness
Configuring Session State for SQL Server Support
Creating the SQL Server Data Store
Reverting to the Hosting Identity
Customizing Session State Management
Building a Custom Session State Provider
Defining the Session State Store
Locking and Expiration
Replacing the Session Data Dictionary
Registering a Custom Session State Provider
Generating a Custom Session ID
The Default Behavior
A Homemade Session ID Manager
The View State of a Page
The StateBag Class
View State Properties
View State Methods
Common Issues with View State
Encrypting and Securing
Machine Authentication Check
Size Thresholds and Page Throughput
Programming the View State
Disabling View State
Determining When to Disable View State
The Control State
Programming the Control State
Keeping the View State on the Server
Summary
18. ASP.NET Caching
Caching Application Data
The Cache Class
Fundamental Aspects of the Cache Object
Properties of the Cache Class
Methods of the Cache Class
An Interior View
Working with the ASP.NET Cache
Inserting New Items in the Cache
Removing Items from the Cache
Tracking Item Dependencies
Defining a Removal Callback
Setting the Item’s Priority
Controlling Data Expiration
Practical Issues
Should I Cache or Should I Fetch?
Building a Wrapper Cache Object
Clearing the Cache
Cache Synchronization
Per-Request Caching
Designing a Custom Dependency
Extensions to the CacheDependency Base Class
Getting Change Notifications
The AggregateCacheDependency Class
A Cache Dependency for XML Data
Designing the XmlDataCacheDependency Class
Implementing the Dependency
Testing the Custom Dependency
SQL Server Cache Dependency
Taking Advantage of SQL Server Dependencies
Distributed Cache
Features of a Distributed Cache
High Availability
Topology
Freshness of Data
Integration with the Data Access Layer
AppFabric Caching Services
Fast Facts
Architecture of Caching Services
Client-Side Configuration of Caching Services
Programming Caching Services
Other Solutions
Memcached
SharedCache
Commercial Solutions
Caching ASP.NET Pages
ASP.NET and the Browser Cache
Typical Behavior of the Browser Cache
Typical Behavior of an ASP.NET Page
Typical Behavior of Static Resources
Making ASP.NET Pages Cacheable
The @OutputCache Directive
Choosing a Location for the Page Output
Choosing a Duration for ASP.NET Page Output
IIS Kernel Caching
Adding a Database Dependency to Page Output
The HttpCachePolicy Class
Properties of the HttpCachePolicy Class
Methods of the HttpCachePolicy Class
Server Cache-Validation Callback
Caching Multiple Versions of a Page
Vary by Parameters
Dealing with Postback Pages
Vary by Headers
Vary by Custom Strings
Caching Portions of ASP.NET Pages
What’s a User Control, Anyway?
Caching the Output of User Controls
Vary by Controls
The Shared Attribute
Fragment Caching in Cacheable Pages
Advanced Caching Features
Caching Profiles
Post-Cache Substitution
Output Cache Providers
Summary
19. ASP.NET Security
Where the Threats Come From
The ASP.NET Security Context
Who Really Runs My ASP.NET Application?
IIS Thread Security Context
Worker Process Security Context
ASP.NET Pipeline Security Context
Changing the Identity of the ASP.NET Process
Setting the Process Account
Impersonating a Fixed Identity
Impersonating Through the Anonymous Account
Privileges of the ASP.NET Default Account
The Trust Level of ASP.NET Applications
The <trust> Section
ASP.NET Permissions
Granting Privileges Beyond the Trust Level
ASP.NET Authentication Methods
Windows Authentication
Using ACLs to Authorize Access
Windows CardSpace
Using Forms Authentication
Forms Authentication Control Flow
Collecting Credentials Through Login
Authenticating the User
Signing Out
The FormsAuthentication Class
Properties of the FormsAuthentication Class
Methods of the FormsAuthentication Class
Configuration of Forms Authentication
The <forms> Section
Cookie-Based Forms Authentication
Cookieless Forms Authentication
Options for Cookieless Authentication
Advanced Forms Authentication Features
Applications to Share Authentication Cookies
External Applications to Authenticate Users
Forms Authentication and Secured Sockets
General Security Issues
Creating a Custom Principal
The Membership and Role Management API
The Membership Class
The Programming Interface of the Membership Class
Setting Up Membership Support
Validating Users
Managing Users and Passwords
The Membership Provider
The ProviderBase Class
The MembershipProvider Class
Extending the Provider’s Interface
A Custom Provider for Legacy Code
Configuring a Membership Provider
Managing Roles
The Role Management API
The Roles Class
The Role Provider
Quick Tour of Claims-Based Identity
Claims-Based Identity
Claims and Identity Providers
The Authentication Workflow
Claims and Policies
Using Claims in ASP.NET Applications
Picking Up the STS
Configuring the ASP.NET Application
Security-Related Controls
The Login Control
Setting Up the Login Control
The Programming Interface of the Control
Events of the Control
The LoginName Control
The LoginStatus Control
Setting Up the LoginStatus Control
The Programming Interface of the Control
The LoginView Control
The Programming Interface of the Control
Creating a Login Template
Creating Role-Based Templates
The PasswordRecovery Control
Requirements for Password Retrieval
Retrieving a Password
The ChangePassword Control
User Authentication
Password Change
The CreateUserWizard Control
Summary
V. The Client Side
20. Ajax Programming
The Ajax Infrastructure
The Hidden Engine of Ajax
The Classic Browser-Led Model
The New Out-of-Band Model
From Dynamic HTML to the Standard DOM
The XMLHttpRequest Object
Using the XMLHttpRequest Object
JavaScript and Ajax
Functional Programming in JavaScript
Objects in JavaScript
Using Closures
Using Prototypes
Cross-Domain Ajax
Partial Rendering in ASP.NET
The ScriptManager Control
Properties of the ScriptManager Control
Methods of the ScriptManager Control
Events of the ScriptManager Control
The ScriptManagerProxy Control
Script Binding and Loading
Handling Debug and Release Script Files
Script Globalization
The UpdatePanel Control
The UpdatePanel Control at a Glance
The Programming Interface of the Control
Populating the Panel Programmatically
Master Pages and Updatable Regions
Considerations Regarding Partial Rendering
Configuring for Conditional Refresh
Detecting Postbacks from Child Controls
Programmatic Updates
Using Triggers
Full Postbacks from Inside Updatable Panels
Giving Feedback to the User
The UpdateProgress Control
Composing the Progress Screen
Client-Side Events for Richer Feedback
Disabling Visual Elements During Updates
Aborting a Pending Update
The Ins and Outs of Partial Rendering
Issues with Concurrent Calls
Issues with Polling
REST and Ajax
Scriptable Services
The HTTP Façade
WCF Services
ASP.NET Web Services
Discriminate Against Outsiders
Trusting the HTTP Façade
JSON Payloads
JSON at a Glance
Data Contracts
Why JSON Is Preferable to XML
JavaScript Client Code
Getting a Proxy for the HTTP Façade
Using the Proxy
Remote Calls via Page Methods
Summary
21. jQuery Programming
Power to the Client
Programming within the Browser
Original Goals of the Language
The Scripting Engine
Flaws and Workarounds
What You Write JavaScript Code For
The Gist of jQuery
Details of the Library
The Root Object
jQuery and Functional Programming
Working with jQuery
Detecting DOM Readiness
The DOM ReadyState Property
The jQuery’s Ready Function
Onload vs. Ready
Wrapped Sets
Enumerating the Content
Basic Selectors
Compound Selectors
Predefined Filters
Form Filters
Filter vs. Find
Operating on a Wrapped Set
Controlling Visibility
Styling
Binding and Unbinding Events
Live Event Binding
Manipulating the DOM
Creating a DOM Tree
Adding Elements to the DOM
Removing DOM Elements
Modifying DOM Elements
The jQuery Cache
Cached Data and DOM Elements
Working with Data in the In-Memory Cache
Ajax Capabilities
Plain Ajax Caller
Global Ajax Event Handlers
Getting Scripts
Getting JSON
Getting HTML
Cross-Domain Calls
Cross-Domain HTML Tags
Basics of JSONP
JSONP in jQuery
Summary
Index
About the Author
Copyright
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Programming Microsoft® ASP.NET 4
Next
Next Chapter
A Note Regarding Supplemental Files
To Silvia, with love
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset