SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
Register your product to gain access to bonus material or receive a coupon.
This is the book every Internet application developer needs to quickly get up-to-speed on the new .NET and Visual Studio .NET technology used to build Windows applications. The authors provide authoratative information about the Common Language Runtime and .NET Foundation Classes, which form the building blocks for application development in the .NET universe. The construction of Web Services and how they communicate with each other is demystified by the thorough coverage of ASP.NET, XML, and ADO.NET.
Visual Basic® .NET Developer's Guide to ASP.NET, XML, and ADO.NET provides:
Accessing and Displaying XML Data with .NET
Connected Operations in ADO.NET
Disconnected Operations Part I: DataSet and DataAdapter
Editing XML with .NET (Beta 2)
Programming an ASP.NET Application: Changes from ASP.old
1. Introduction.
Problems with ASP Today.
Separation of Code and Design.
Scripting Language Based.
State Management.
Introducing ASP.NET.
Platform Architecture.
First the Bad News—ASP 3.0 Code Will Not Run Unchanged in ASP.NET.
Now the Good News—The Changes Aren't Rocket Science.
New Filename Extensions.
Changes in ASP.NET.
ASP Object Model.
QueryString and Forms Collections Have Changed.
Semantic Changes.
Single Language Per Page.
Functions Must Reside in Script Blocks.
Render Functions No Longer Supported.
Type Libraries No Longer Supported.
Option Explicit.
Language Changes.
Array Basing.
No Default Properties.
No More Set.
Parentheses Required for Subroutine Calls.
ByVal Versus ByRef.
Block Scoping.
COM Objects.
Late Bound Access.
Create a Runtime Callable Wrapper.
Migration Strategy.
Migration Checklist.
Migration Example.
Migrating global.asa.
Migrating the Login Page.
Migrating the Pages That Do Actual Work.
ASP.NET's Control Model.
ASP.NET Is Event Driven.
Separating Presentation from Code Using Code Behind.
Programming HTML Controls.
HtmlAnchor.
HtmlButton.
HtmlForm.
HtmlImage.
HtmlInputButton.
HtmlInputCheckBox.
HtmlInputFile.
HtmlInputHidden.
HtmlInputImage.
HtmlInputRadioButton.
HtmlInputText.
HtmlSelect.
HtmlTable.
HtmlTableCell.
HtmlTableCellCollection.
HtmlTableRow.
HtmlTableRowCollection.
HtmlTextArea.
Attributes of the Page Object.
Page Directives.
@Control Directives.
@Import Directives.
Implementing External Interfaces with the @Implements Directive.
Registering Controls with the @Register Directive.
@Assembly Directives.
@OutputCache Directives.
Events Raised by the Page Object.
Creating User Interfaces with Web Controls.
Programming Web Forms Controls.
Control Event Model.
Taking Advantage of Postback and View State.
Mobile Controls.
Data Binding.
Determining Browser Capabilities.
Server Controls and Page Object Reference.
AdRotator Class.
Button Class.
Calendar Class.
CheckBox Class.
Control Class.
DataGrid Class.
DataList Class.
DropDownList Class.
HttpApplication Class.
HttpRequest Class.
HttpResponse Class.
HttpServerUtility Class.
HttpSessionState Class.
Hyperlink Class.
Image Class.
ImageButton Class.
Label Class.
LinkButton Class.
ListBox Class.
Page Class.
Panel Class.
RadioButton Class.
Repeater Class.
Table Class.
TableCell Class.
TableRow Class.
TextBox Class.
WebControl Class.
Tracing Your Web Application's Activity.
Equipping a Page for Tracing.
Enabling Tracing for a Page.
Enabling Tracing in an Application.
Using Application Tracing from a Remote Browser Window.
Debugging ASP.NET Applications.
Enabling Debugging at the Page Level.
Enabling Debugging at the Application Level.
Using the Debug Object.
Creating Custom Performance Monitors.
Running the Windows Performance Monitor Utility.
Creating Performance Monitor Categories.
Sending Information to a Performance Monitor from Your Application.
Deleting Performance Monitor Categories.
Writing to the Windows Event Log.
Using the EventLog Class.
Reference.
Debug Class.
EventLog Class.
PerformanceCounter Class.
TraceContext Class.
State Management: What's the Big Deal?
What Are Cookies?
Using the Session.
Beyond the Default Session Configuration.
Caching.
Output Caching: Caching an Entire Page.
Dealing with Browser Differences.
Dealing with Other Differences.
Caching the Result of a Form.
Caching Part of a Page.
Caching a Database Query.
Expiring Items from the Cache.
Notifying the Next of Kin.
Cache Dependencies.
Class Reference.
HttpSessionState Class.
HttpCachePolicy.
HttpCacheVaryByHeaders.
HttpCacheVaryByParams.
Cache.
CacheDependency.
Understanding Configuration Files.
Global and Local Configuration Files.
Structure of Configuration Files.
Authentication Settings.
Authorization Settings.
Browser Capabilities Settings.
Compilation Settings.
Custom Error Settings.
Execution Timeout Settings.
Globalization Settings.
HTTP Handler Settings.
HTTP Module Settings.
Page Settings.
Process Model Settings.
Session State Settings.
Trace Settings.
Web Services Settings.
Configuring Multiple Locations in Web.Config.
Locking Down Web Configuration Settings.
Accessing Configuration Files Programmatically.
Editing Web Configuration Files in Visual Studio .NET.
Initializing Web Applications Using Global.asax.
Application Directives in Global.asax.
Code Declaration Blocks in Global.asax.
Server-Side Object Tags in Global.asax.
Server-Side Includes in Global.asax.
Using XCOPY for Deployment.
Deploying a Single Directory.
Deploying a Directory Tree.
Excluding Files from Deployment.
Confirmations and Overwriting.
Deploying Only Files with Changes.
XCOPY Switches.
Managing the Global Assembly Cache.
Network Data Representation.
Location.
Advertisement.
What Is a Web Service?
Why Web Services?
ASP.NET Web Services.
WebMethod.
WebMethodAttribute.
Serialization.
Consuming Web Services.
SoapHttpClientProtocol.
Asynchronous Clients.
Cookies and Proxies.
Class Reference.
WebService.
WebMethodAttribute.
SoapHttpClientProtocol.
Overview.
Identity and Principal.
Windows Authentication.
WindowsBuiltInRoleEnumeration.
Forms Authentication.
What's the Big Deal?
Process.
Settings.
Passport Authentication.
PassportIdentity.
File Authorization.
URL Authorization.
<Location>.
Custom Roles with Forms Authentication.
Pulling It All Together.
FormsAuthenitcationTicket.
Impersonation.
Class Reference.
GenericIdentity Class.
WindowsIdentity Class.
GenericPrincipal Class.
WindowsPrincipal Class.
WindowsBuiltInRole Enumeration.
PassportIdentity.
HttpModules.
A Simple BeginRequest and EndRequest Module.
Filtering Output.
Forking the Filter.
An Error Module.
Raising Events from an HttpModule.
Authentication Modules.
Rewriting Paths.
HttpHandlers.
Dynamic Reporting.
Page Counter Handler.
Dynamic Handler Assignment.
Class Reference.
HttpApplication.
IHttpModule.
EventLog.
SmtpMail.
IHttpHandler.
Working with User Controls in Web Forms Applications.
Adding Properties to a User Control.
Programming a User Control in a Page.
Adding Methods to Your User Control.
Handling Events from a User Control.
Creating Server Controls.
Creating a Basic Server Control.
Compiling Your Control as a .NET Component.
Creating Composite Controls.
Subclassing Existing Server Controls.
Events in the Life of a Server Control.
Binding Controls to Data.
Generating Postback in Server Controls.
Persistence Support.
Creating Templated Server Controls.
Building Validation Controls.
Taking Advantage of Rich Clients.
Supporting Designers in Custom Server Controls.
What Is XML?
Advantages of XML.
XML Document Structure and Syntax.
Accessing XML Data Using .NET Framework Classes.
About Simple API for XML (SAX).
Using the XML Document Object Model.
Viewing Document Data Using the XmlNode Object.
Using the XmlDataReader Object.
Writing XML Data Using the XmlTextWriter Object.
Navigating and Updating Documents Using the XmlNodeReader Object.
Querying XML Documents Using XPath Expressions.
Defining and Validating XML with Schemas.
About Document Type Definitions (DTDs).
About XML Data-Reduced Schemas.
Creating W3C XML Schemas.
Validating Documents Using W3C Schemas.
Creating XSD Schemas in Visual Studio .NET.
Processing XML Documents Using Style Sheets.
Transforming XML Documents Using Style Sheets.
Class Reference.
Inheritance Relationships.
ValidationEventArgs Class.
XmlDocument Class.
XmlNamedNodeMap Class.
XmlNavigator Class.
XmlNode Class.
XmlNodeList Class.
XmlReader Class.
XmlNodeReader Class.
XmlTextReader Class.
XmlTextWriter Class.
XmlValidatingReader Class.
XmlWriter Class.
Why a New Object Library for Data Access?
New Features in ADO.NET.
Support for Disconnected Access and Remoting.
XML Support.
Factored Data Access API.
No Support for Server-Side Cursors.
Scenarios for Using ADO.NET.
Connecting to a Database.
Running Queries.
About the SqlDataReader Object.
Executing Commands Using Command Objects.
Executing Text-Based Select Commands Using a Data Reader Object.
Executing Stored Procedures That Return Data.
Passing Parameters to Stored Procedures.
Executing Commands That Do Not Return Data.
Executing Stored Procedures That Return Scalar Values.
Using Data Adapters to Retrieve and Manipulate Data.
Displaying Query Data in the Browser.
Creating a DataSet Object Using a Data Adapter.
Binding a DataView Object to Web Forms Controls.
Binding Other Objects to Web Forms Controls.
Expressing a DataSet as XML.
Implementing Strongly Typed Data Objects Using Inheritance.
Creating Web Forms for Data Entry.
Performing Validation.
Handling Errors.
ADO.NET Framework Reference.
Component Class.
DataAdapter Class.
DataSet Class.
DataColumn Class.
DataRelation Class.
DataTable Class.
MarshalByRefObject Class.
MarshalByValueComponent Class.
OleDbCommand Class.
SqlDataAdapter Class.
SqlDataReader Class.
SqlConnection Class.
SqlError Class.
SqlException Class.
When Active Server Pages (ASP) was first introduced almost five years ago, it was seen as an answer to the awkward techniques used at that time for creating dynamic content on the Web. At the time, Common Gateway Interface programs or proprietary server plug-ins were the way that most of the Web's dynamic content was created. With the release of ASP 1.0, Microsoft changed all that. ASP 1.0 provided a flexible, robust scripting architecture that enabled developers to rapidly create dynamic Web applications. Developers could write in VBScript or JScript, and Microsoft provided a number of services to make development easy. At the time, it was just what developers needed. As Web development matured, several shortcomings of the platform became evident and persist until today.
As the Web grew in popularity in the early '90s, developers experienced three distinct waves of development paradigms. In the first wave, Web developers created static HTML documents and linked them. This was the era of the "brochure" Web site and was more about looks than anything else. The second wave brought the concept of dynamic content to the fore. Developers started creating registration forms and various small pieces of functionality and adding them to existing Web sites. The third wave was when the first and second waves came together. Web sites were being designed from the ground up to be interactive; they were treated more like an application and less like a magazine with a subscription card in it. In most instances, this type of interactive page design created a development paradigm that went like so:
The severity of this problem typically depended on the size of the site, the smarts of the designers, and the techniques that developers used to guard against this mangling.
With the release of Visual Studio 6 in September of 1998, it was clear that Microsoft recognized this burgeoning problem and attempted to resolve it with a new feature in Visual Basic 6--Web Classes. Web Classes made an attempt to separate the design of a page from the code that interacted with it. It enabled this separation by using an HTML template and providing a facility for doing tag replacement in the template. However, a number of problems occurred with Web Classes. Although a great idea, they suffered from two main issues. First, the Web Classes were implemented entirely in Visual Basic, which required traditional ASP developers to shift their thinking patterns for creating applications. Second, Microsoft had scalability issues related to the threading models of ASP and Visual Basic. Because of the previously stated reasons and many other smaller ones, Web Classes never really gained any traction among developers.
When ASP 1.0 was first released, the fact that all development was done using scripting languages was a big plus. It meant that developers didn't have to go through a painful restart/compile process that they might have been accustomed to with CGI or ISAPI style applications. As applications grew larger, numbers of users increased, and developers were using ASP for increasingly difficult problems. The fact that all code was interpreted became a potential performance bottleneck. With VBScript, limited support existed for error handling.
Many developers sidestepped this issue by moving code into compiled COM objects. Although this move solved some of the performance problems, it created new ones in deployment and scalability.
One of the most frustrating aspects that new Web developers faced early was dealing with the stateless nature of Web development. With ASP 1.0, Microsoft introduced the concept of a Session object, which was designed to make associating state with a particular user easy. This addition was arguably one of the most compelling features of ASP 1.0. Scalability and reliability started to become important as developers began creating larger applications. To address this need, developers started deploying their applications to Web farms. Web farms use multiple servers and spread the request for pages across the servers somewhat equally. This makes for a great scalability story... unless the developer is using that cool Session object. This object is specific to a particular machine in a Web farm and will not work if a user gets bounced to another server. Therefore, an application that was deployed to a Web farm could not use the Session object.
ASP.NET is Microsoft's answer to the aforementioned problems and many others that were not explicitly stated. It is a fundamental rewrite of ASP that has been in process for more than two years. The ASP team took a close look at the problems facing Web developers and created a brand-new platform in the spirit of traditional ASP to solve those problems. Having used ASP.NET for a considerable amount of time, we can conclusively say they hit a home run with this release.
ASP.OLD was an Internet Server Application Programming Interface (ISAPI) filter that was written specifically to interact with Internet Information Server (IIS). It was monolithic in nature and relied very little on external services.
Note:In the IIS 5.0 time frame, ASP did use Microsoft Transaction Server (MTS) as an external service.
ASP.NET is still an ISAPI filter. However, unlike ASP.old, ASP.NET relies on a large number of "external" services--the .NET framework. ASP.NET and the .NET framework are so tightly coupled that it is difficult to consider the .NET framework as an external service. However, because it is accessible from applications outside the scope of ASP.NET, it should be considered an external service. As it turns out, this is a huge win for the ASP.NET developer. No longer must the developer write everything from scratch. Instead the .NET framework provides a large library of prewritten functionality.
The .NET framework redistributable consists of three main parts: the Common Language Runtime, the .NET framework base classes, and ASP.NET.
The Common Language Runtime (CLR) is the execution engine for .NET framework applications. However, despite the common misconception, it is not an interpreter. The .NET applications are fully compiled applications that use the CLR to provide a number of services at execution. These services include the following:
The CLR is a platform that abstracts functionality from the operating system. In this sense, code written to target the CLR is "platform independent," provided that an implementation of the CLR is on the destination platform.
The CLR isn't just a library or framework of functions that an executing program can call on. It interacts with running code on a number of levels. The loader provided by the CLR performs validation, security checks, and a number of other tasks each time a piece of code is loaded. Memory allocation and access are also controlled by the CLR. When you hear about "managed execution," this is what folks are speaking about--the interaction between the CLR and the executing code to produce reliable applications.
One of the most frustrating things with current COM or API-based development practices is that interfaces are usually written with a particular language consumer in mind. When writing a component to be consumed by a Visual Basic program, a developer will typically create the interfaces in a different fashion than if the component is intended to be consumed by a C++ program. This means that to reach both audiences, the developer must either use a least-common-denominator approach to developing the interface or must develop an interface for each consumer. This is clearly not the most productive way to write components. A second problem that most developers merely accept as normal today is that most components need to be written in a single language. If you create a component in C++ that exposes an employee object, you can't then inherit from that object in Visual Basic to create a Developer object. This means that typically a single language is chosen for most development projects to enable reuse.
.NET changes all this. Cross-language interoperability was built in from the start. All .NET languages must adhere to the Common Language Specification (CLS) that specifies the base level of functionality that each language must implement to play well with others. The CLS is written in such a way that each language can keep its unique flavor but still operate correctly with other languages within the CLR. The CLS includes a number of data types that all conforming languages must support. This restriction works to eliminate a common problem for developers: creating an interface that utilizes data types that another language doesn't support. It also supports both Binary as well as Source code inheritance, enabling the developer to create an Employee object in C# and inherit from it in Visual Basic.
What this means to you as a developer is that code reuse has become much simpler. As long as the code was written for .NET, you don't need to worry what language it was written in. In fact, the choice of language becomes more of a lifestyle choice than a capability choice. All languages in .NET are theoretically created equal, so you gain no performance or functionality benefit by using C# instead of VB. Use the language in which you are the most productive.
Up to this point, all the features mentioned are gained because of the hosting of ASP.NET on top of the .NET framework. However, these features are just the tip of the iceberg. As mentioned previously, ASP.NET is a total rewrite, with significant features aside from the intrinsic .NET ones. We are going to give you an overview of the new features in ASP.NET and show how these features address the problems of separation of code and design, scripting languages, and state management.
Web Forms are Microsoft's attempt to solve the problem of the separation of code and design. ASP.NET now offers a code-behind model reminiscent of the forms designer in Visual Basic. This means that you can now place your code in a separate file and still interact with the page. This separation is done by providing a new event-driven model on top of page execution, as well as providing an object model on top of the HTML in the page. Instead of a top-to-bottom linear execution model, events are raised during the execution of a page. Your code sinks those events and responds to them by interacting with the object model that sits on top of the HTML. This quite neatly solves the issue of designers modifying the HTML and breaking code.
In addition to the new execution model, Microsoft has also created a new server-side control model. Unlike the lame Design Time Controls in Visual Interdev, these new models are incredibly useful encapsulations of common display paradigms. They do not introduce any browser dependencies and they run on the server, not the client. In the few cases where they emit browser-dependent code, they sniff the browser and degrade gracefully. More information on Web Forms can be found in Chapter 3, "Page Framework."
As we move beyond the first and second generations of Web applications, it has become apparent that the paradigm of the Web can be extended to solve problems that predate it. In the past, businesses exchanged information using Electronic Data Interchange (EDI) over Value Added Networks (VANs). This worked well enough, but the cost of gaining access to a VAN as well as the complexity of implementing various industry specific EDI protocols excluded all but the largest companies from participating in the exchange of information.
Web services are a way to transfer the same types of information over the Internet (instead of expensive VANs) using industry standard protocols such as HTTP, XML, and TCP/IP. Web services are now so easy to create in .NET that individuals or businesses of any size should be able to play in this space. Web services aren't limited to replacing traditional EDI protocols. They open up many opportunities that EDI has never made inroads into. Jump ahead to Chapter 7, "Web Services," for more information.
When ASP 1.0 first shipped, the data access story at Microsoft was in a state of flux. At the time, Remote Data Objects (RDO) was the technology of choice for Visual Basic developers. ActiveX Data Objects (ADO) was introduced with the shipment of Visual Basic 5.0 in February of 1997. It was intended to be a new data access model for all types of data and was paired with another new technology--OLE DB.
Although ADO was great for what it was designed for--connected data access--it fell short in the disconnected arena. Features were added in successive versions to allow it to work in a disconnected fashion. ADO 1.0 had no support for XML. ADO 1.0 could not predict the success of XML as a data description language when it was shipped, and XML support was cobbled onto later versions. Neither of these features were designed in from the beginning.
ADO.NET is a new data access technology taking advantage of all the things Microsoft learned with ADO, RDO, OLEDB, ODBC, and other preceding data-access implementations. It was designed from the beginning to be coupled very tightly to XML and work effectively in a disconnected fashion. For more information, see Chapter 12, "Creating Database Applications with ADO.NET."
One of the perennial arguments among ASP developers was how much code to migrate into COM objects. Some writers advocated that all code living in COM objects and ASP should contain only a single-method call to invoke the COM object. Although this might have been great in theory, it eliminated one of the biggest strengths of ASP: the capability to rapidly create an application and make changes on-the-fly. With all the logic and HTML tied up in COM objects, a simple HTML tag change meant recompiling and redeploying the COM objects. The biggest problem in our minds lies with using this approach. COM objects are Dynamic Link Libraries (DLL) that are dynamically loaded by IIS. While loaded they cannot be replaced. To deploy a COM object, the developer needed to shut down IIS, shut down the MTS packages the COM object lived in, replace it, and then restart IIS. This summary is actually a simplification of the process, but you can see the problems that this technique brings to the fore. Each time a new version is deployed, the Web server must go down! The downtime this technique causes can be handled by creating Web farms and doing rolling upgrades; however, in a large Web farm this means a simple change can take literally hours to deploy as the new objects are rolled out.
With the code-behind model inherent in ASP.NET, this situation could have been exacerbated. Instead, Microsoft vastly simplified the deployment model. Components, now called assemblies, no longer require registration on a machine for deployment. Assemblies are the .NET equivalent of a COM object. They are self describing and contain a manifest that contains metadata about the assembly. The metadata includes the version, the assemblies it depends on, and potentially its security identity.
Deployment is as easy as copying the assemblies into a /bin directory in the application root. ASP.NET will notice that a new version has been copied over, and it will unload the old version and load the new version! Deployment becomes as simple as an XCOPY /S or a recursive FTP to upload the new files to the Web server. For more information, see Chapter 6, "Configuration and Deployment."
In the past, all configuration information for ASP was stored as part of the IIS metabase. This was a binary file analogous to the registry that held all settings for IIS and ASP. The only ways to affect changes were to use the Internet Services Manager or to write scripts that utilized the Active Directory Services Interfaces (ADSI) to automate the changes. This process made it very difficult to synchronize the settings of multiple servers in a Web farm. ASP.NET introduces a new paradigm for all settings. Instead of being stored in the opaque metabase, they are now stored as a hierarchical set of XML configuration files. These files live in the application root and subdirectories. Therefore, now as a developer uses XCOPY to deploy source files, the settings are also deployed! Developers no longer need to write a bunch of configuration scripts. For more information, see Chapter 6.
State management has been vastly improved in ASP.NET. Now three options exist for maintaining state on the server. The classic ASP 3.0 method of in-memory state on a single server still exists. In addition, an out-of-process state server and a durable state option is stored in SQL Server. The other limitation of state services in ASP.old was the reliance on cookies for connecting users back to their state. ASP.NET introduces a new option for a cookieless state that performs URL munging to connect a user to state information. For more information, see Chapter 5, "State Management and Caching."
The reason most developers use ASP is to lend a dynamic nature to the Web. This could mean accessing back-end databases for data or perhaps pulling it in from nontraditional back ends. The problem with this dynamic content is that although developers can easily scale the Web tier using a scale-out methodology of multiple Web servers, this scaling is not as easily done in the data tier. Scale-out approaches for databases are just beginning to appear. Until these approaches are perfected, how can Web developers scale applications?
For data that changes infrequently, caching is a great solution. ASP.NET offers two forms of caching. Output caching takes an entire page and stores the executed results in memory for later delivery. Data caching takes items that were expensive to create, such as DataSets, and caches them on the server side. For more information see Chapter 5.
Debugging ASP applications has always been difficult. Although remote debugging solutions were offered in previous versions of Visual Studio, precious few developers were able to get them to work consistently. Consequently, most debugging consisted of Response.Write statements littered throughout code or some type of logging mechanism that the developer created.
ASP.NET not only improves remote debugging and makes it consistent, it also offers a new Trace facility that is great for handling the types of things that logging or Response.Write were used for in the past. For more information see Chapter 4, "Debugging ASP.NET Applications."
Anybody that currently has a site on the Web knows that availability is key. If your site is down, a visitor can turn to a million others. Problem is--they might not come back!
ASP.NET has introduced a number of process controls that are aimed directly at improving availability. Now the ASP.NET process can restart automatically based on things such as memory utilization, time up, or even the number of requests handled, which helps cope with situations where ASP used to get jammed up. For more information see Chapter 6.