You are previewing Programming Microsoft® ASP.NET.
O'Reilly logo
Programming Microsoft® ASP.NET

Book Description

This book uses a task-oriented approach to explain the inner workings of ASP.NET technology—with practical, hands-on examples to help programmers quickly implement ready-made solutions.

Visit the Supplemental Contents page for Programming Microsoft® ASP.NETVisit the errata page for Programming Microsoft® ASP.NETVisit the catalog page for Programming Microsoft® ASP.NET

Table of Contents

  1. Copyright
    1. Dedication
  2. Acknowledgments
  3. Introduction
    1. What Does This Book Cover?
    2. System Requirements
    3. Code Samples
    4. How to Touch Base
    5. Microsoft Press Support
  4. About the Author
    1. Dino Esposito
  5. I. Building an ASP.NET Page
    1. 1. The Web Forms Model
      1. What's ASP.NET, Anyway?
        1. Programming in the Age of Web Forms
        2. Event-Driven Programming over HTTP
        3. The HTTP Protocol
          1. The HTTP Request
          2. The HTTP Response
          3. Building a Server-Side Abstraction Layer
          4. Submitting Forms
      2. The Structure of ASP.NET Pages
        1. A Sample ASP.NET Page
        2. The Processing Directives of a Page
          1. The @Page Directive
          2. The @Assembly Directive
          3. The @Import Directive
          4. The @Implements Directive
          5. The @Reference Directive
        3. The <script> Section
          1. The Language Attribute
          2. The Src Attribute
          3. ASP-Style Code Blocks in ASP.NET
        4. The Layout Section
      3. The ASP.NET Component Model
        1. A Model for Component Interaction
        2. The runat Attribute
          1. Working with Server-Side Controls
          2. Pagewide Tags
          3. Meta Tags
          4. Unknown Tags
        3. ASP.NET Server Controls
      4. Migrating from ASP to ASP.NET
        1. Side-by-Side Execution
        2. Rewriting ASP Pages as ASP.NET Pages
        3. Suggested Migration Plans
          1. Same Application, New Pages
          2. New Application, Same Framework, New Pages
          3. Same Application, New Presentation Layer
      5. Setting Up ASP.NET Applications
        1. Creating a Visual Studio Project
          1. The Project Files
          2. Creating the Web Forms Page
          3. Building and Debugging
          4. Deploying the Application
        2. Multilanguage Projects with Visual Studio .NET
          1. The CodeBehind Attribute in Visual Studio .NET
          2. Visual Studio CodeBehind vs. ASP.NET Src
        3. The Web Matrix Editor
          1. Visual Studio .NET vs. Web Matrix
          2. What Web Matrix Doesn't Provide
          3. What Web Matrix Does Provide
          4. Help and Community
      6. Conclusion
      7. Resources
    2. 2. Web Forms Internals
      1. Executing ASP.NET Pages
        1. The IIS Resource Mappings
        2. The ASP.NET Worker Process
          1. How the ASP.NET Runtime Works
          2. Process Recycling
          3. Process Recycling in IIS 6.0
          4. Configuring the ASP.NET Worker Process
          5. About the Web Garden Model
        3. The ASP.NET HTTP Pipeline
          1. The HttpRuntime Object
          2. The Application Factory
          3. The HttpApplication Object
          4. The Handler Factory
        4. The ASP.NET Page Factory Object
          1. Locating the Assembly for the Page
          2. Detecting Page Changes
          3. How ASP.NET Replaces Page Assemblies
          4. Batch Compilation
          5. How ASP.NET Creates a Class for the Page
          6. Reviewing the Class Source Code
        5. Processing the Page Request
          1. The Page Life Cycle
          2. Page-Related Events
      2. The Event Model
        1. The Single Form Model
          1. Auto-Reentrant Web Pages
          2. The View State of the Page
        2. Postback Events
          1. State Restoration
          2. Handling the Server-Side Event
          3. Rendering Back the Page
      3. The Page Class
        1. Properties of the Page Object
        2. Methods of the Page Object
        3. Events of the Page Object
      4. The Code-Behind Technique
        1. Code and Layout Separation
          1. Code-Behind in Visual Studio .NET
          2. Code-Behind in Action at Run Time
          3. Moving to Code-Behind
        2. Page Inheritance
          1. A Server-Side Abstraction for Client-Side Events
          2. A Better Page Class
          3. Programmatically Set the Input Focus
          4. Changing the Default Page Base Type
        3. Master Pages in ASP.NET
      5. Conclusion
      6. Resources
    3. 3. ASP.NET Core Server Controls
      1. Generalities of ASP.NET Server Controls
        1. Properties of the Control Classss
          1. Identifying a Server Control
          2. Visibility of a Server Control
        2. Methods of the Control Class
        3. Events of the Control Class
      2. HTML Controls
        1. Generalities of HTML Controls
          1. The HtmlControl Base Class
          2. Working with HTML Attributes
          3. Hierarchy of HTML Controls
        2. HTML Container Controls
          1. Navigating to a URL
          2. Handling Events on the Server
          3. The HtmlSelect Control
          4. HTML Tables
          5. The HtmlTextArea Control
        3. HTML Input Controls
          1. Command Buttons
          2. Controlling Validation
          3. Detecting State Changes of Controls
          4. Uploading Files
        4. The HtmlImage Control
      3. Web Controls
        1. Generalities of Web Controls
          1. Properties of Web Controls
          2. Styling a Web Control
          3. Methods of Web Controls
        2. Core Web Controls
          1. Images and Image Buttons
          2. Check Boxes and Radio Buttons
          3. HyperLinks
        3. Miscellaneous Web Controls
          1. The AdRotator Control
          2. The Calendar Control
          3. The Xml Control
          4. The PlaceHolder Control
      4. Validation Controls
        1. Types of Validation Controls
          1. The BaseValidator Class
          2. Associating Validators with Input Controls
          3. The CompareValidator Control
          4. The CustomValidator Control
          5. The RegularExpressionValidator Control
          6. The RangeValidator Control
          7. The RequiredFieldValidator Control
        2. Setting Up a Data Entry Page
          1. Displaying Error Information
          2. The ValidationSummary Control
          3. Validating for Multiple Conditions
        3. Client-Side Validation
          1. Enabling Client Validation
          2. Implementing Client Validation
      5. Data-Bound Controls
        1. Feasible Data-Binding Sources
          1. ADO.NET Classes
          2. Collection-Based Classes
        2. Simple Data Binding
          1. Simple Data Binding in Action
          2. Implementation of Data-Bound Expressions
        3. Complex Data Binding
          1. The DropDownList Control
          2. The CheckBoxList Control
          3. The RadioButtonList Control
          4. The ListBox Control
      6. Conclusion
      7. Resources
    4. 4. Working with the Page
      1. Programming with Forms
        1. The HtmlForm Class
          1. Properties of the HtmlForm Class
          2. Methods of the HtmlForm Class
        2. Multiple Forms
          1. Toggling the Control's Visibility
          2. Multiple <form> Tags on a Page
        3. Passing Variables Across Pages
          1. Referencing Referrer Pages
          2. Retrieving Values
        4. Pop-Up Forms
          1. Client Modal Dialogs
          2. Using Embedded Forms
      2. Working with Script Code
        1. Supporting Multiple Browsers
        2. Adding Client-Side Scripts
          1. Registering Script Blocks
          2. Registering Startup Script Blocks
          3. Registering Hidden Fields
      3. Page Localization
        1. Culture and Locales
          1. Programming Cultures
          2. Invariant and Neutral Cultures
        2. The ASP.NET Resource Manager
          1. Creating Satellite Assemblies
          2. Retrieving Localized Information
      4. Page Errors and Tracing
        1. Defining Custom Error Pages
          1. Using Custom Error Pages
          2. HTTP Errors
        2. Tracing the Execution Flow in .NET
          1. The Listener Object
          2. Registering and Configuring Listeners
        3. ASP.NET Tracing
          1. Enabling Page Tracing
          2. Emitting Trace Messages
          3. Tracing from External Classes
        4. The Trace Viewer
      5. Conclusion
      6. Resources
  6. II. Adding Data in an ASP.NET Site
    1. 5. The ADO.NET Object Model
      1. The .NET Data Access Layer
        1. Architecture of a .NET Managed Provider
          1. Managed Providers vs. OLE DB Providers
          2. Data Providers Available in the .NET Framework
          3. Alternative Ways of Exposing Data
        2. Data Sources You Access Through ADO.NET
          1. Accessing SQL Server
          2. Accessing Oracle Databases
          3. Using OLE DB Providers
          4. Using ODBC Drivers
          5. Accessing Other Data Sources
      2. Connecting to Data Sources
        1. The SqlConnection Class
          1. Configuring Connection Properties
          2. Secure Connections
        2. Connection Pooling
          1. Configuring Pooling
          2. Getting and Releasing Objects
        3. Generic Database Programming
        4. Other Connection Objects
          1. Oracle Connections
          2. OLE DB Connections
          3. ODBC Connections
      3. Executing Commands
        1. The SqlCommand Class
          1. Using Parameters
          2. Ways to Execute
          3. Setting Up Transactions
        2. Other Command Objects
          1. Oracle Commands
          2. OLE DB Commands
          3. ODBC Commands
        3. ADO.NET Data Readers
          1. Reading Data with the Data Reader
          2. Command Behaviors
          3. Closing the Reader
          4. Accessing Multiple Result Sets
          5. Obtaining Schema Information
        4. Special Features of Data Readers
          1. Oracle Data Readers
          2. OLE DB Data Readers
      4. ADO.NET Data Adapters
        1. The SqlDataAdapter Class
          1. Programming the SQL Server Data Adapter
          2. Filling a DataSet Using a Data Adapter
        2. The Table-Mapping Mechanism
          1. The Column-Mapping Mechanism
          2. Missing Mapping Action
          3. Missing Schema Action
          4. Prefilling the Schema
        3. How Batch Update Works
          1. Data Conflicts and Optimistic Lock
          2. Command Builders
      5. ADO.NET Container Objects
        1. The DataSet Object
          1. Merging DataSet Objects
          2. The DataSet Commit Model
          3. Serializing Contents to XML
        2. The DataTable Object
          1. Performing Computations
          2. Columns of a Table
          3. Rows of a Table
          4. Table Constraints
        3. Data Relations
          1. Creating a Data Relation
          2. Performing Calculations on Relations
          3. Serializing a Data Relation
        4. The DataView Object
          1. Navigating the View
          2. Finding Rows
      6. Conclusion
      7. Resources
    2. 6. Creating Bindable Grids of Data
      1. The DataGrid Control
        1. Properties of the DataGrid Control
          1. Constituent Elements of a DataGrid
          2. Data Source Rows and Displayed Rows
        2. Events of the DataGrid Control
        3. The DataGridItem Object
          1. The Data-Binding Process for the DataGrid Control
          2. ItemCreated and ItemDataBound Events
          3. Why Is ItemCreated Raised Twice?
      2. Binding Data to the Grid
        1. Data-Bound Columns
          1. Configuring the Column Footer
          2. Using Cascading Style Sheets Styles
        2. HyperLink Columns
          1. Formatting URLs and Column Names
          2. Using Frames
          3. Bindable ToolTips
        3. Command Columns
          1. Handling a User's Clicking
          2. Implementing a Simple Shopping Cart
          3. The Select Button Column
      3. Enhancing the DataGrid
        1. Paging the Grid Content
          1. Caching the Data Source
          2. Built-In Paging Support
          3. Customizing the Pager Component
        2. Sorting the Data
          1. Auto-Reverse Sorting
          2. Providing Feedback About Sorting
        3. Templated Columns
          1. Available Templates
          2. Combining Multiple-Source Columns
          3. Using Multiple Arguments with HyperLink Columns
          4. Enhancing the Shopping Cart Application
      4. DataGrid In-Place Editing
        1. Configuring the Built-In Edit Engine
          1. Setting Up the Template of the Row
          2. Validation and Edit Templates
        2. Persisting Changes
          1. Retrieving Input Values
          2. Updating the Data Source
      5. Conclusion
      6. Resources
    3. 7. Paging Through Data Sources
      1. Custom Paging with DataGrid Controls
        1. Enabling Custom Pagination
          1. Setting the Virtual Item Count
          2. Paging Using Key Values
          3. Shortcomings of the Key-Based Approach
      2. Next/Previous Navigation
        1. Defining the SQL Code
          1. Moving to the Previous Record
          2. Moving to the Next Record
          3. Setting Up the Next/Previous Navigation
          4. Selecting Records in Oracle
        2. Adding First and Last Buttons
          1. Creating Link Buttons Dynamically
          2. Setting the Click Handler
          3. Adding ToolTips to the Pager
      3. Random Page Navigation
        1. Selecting a Specified Page of Records
        2. Customizing the Structure of the Pager
        3. Building a Completely Customized Personal Pager
      4. Logical Navigation
        1. Changing the Pager's Perspective
          1. Is the DataGrid Appropriate for the Task?
          2. Configuring the DataGrid
        2. Binding the Data Source
          1. Modifying the Pager Bar
          2. Selecting the Page's Rows
      5. Conclusion
      6. Resources
    4. 8. Real-World Data Access
      1. Compound Commands
        1. Conducting Multiple Queries
          1. Using Joined Queries
          2. Using Distinct Queries
          3. Respecting Data Integrity
        2. Conducting Cross-Table Updates
          1. Cascading Changes
          2. The Batch Update
          3. Detecting and Resolving Update Conflicts
          4. Stored Procedures in Batch Updates
          5. Using Transactions in Batch Updates
          6. Retrieving Server-Generated Values
      2. Data Reporting and Subtotals
        1. Summarizing or Aggregating Values
          1. The WITH ROLLUP Operator
          2. A Pure ADO.NET Approach
        2. Setting Up the DataGrid
          1. Formatting the Summary Row
          2. Setting Up the Footer
          3. Adding Statistical Information
      3. Master/Detail Views
        1. Listing the Customers
          1. Custom Paging and Sorting
          2. The Selection Mechanism
          3. Using Inline Frames
        2. Listing the Orders
          1. Smart Caching
          2. Adding Templated Columns
          3. Listing the Order Details
      4. Conclusion
      5. Resources
  7. III. ASP.NET Controls
    1. 9. ASP.NET Iterative Controls
      1. What's an Iterative Control, Anyway?
        1. Iterative Controls vs. List Controls
        2. Iterative Controls vs. the DataGrid Control
      2. The Repeater Control
        1. Programming Interface of the Repeater Control
          1. Binding a Repeater to Data
          2. How the Repeater Builds the Output
        2. Templates of the Repeater Control
          1. The ITemplate Interface
          2. Creating Templates Programmatically
      3. Working with the Repeater Control
        1. Designing the Templates
          1. Building the Page
          2. The Initialization Step
          3. Retrieving Child Controls
          4. Handling Postbacks
        2. A Scrollable List of Data Items
          1. Handling the Click Event
          2. Making the Control Scroll
        3. Repeating with Custom Classes
      4. The DataList Control
        1. Programming Interface of the DataList Control
          1. Properties of the DataList Control
          2. Events of the DataList Control
        2. Formatting Capabilities
          1. Table and Flow Layout
          2. Extracting Template Rows
          3. Multicolumn Rendering
        3. Templates of the DataList Control
          1. The SelectedItemTemplate Template
          2. The EditItemTemplate Template
      5. Working with the DataList Control
        1. Adding Support for Selection
          1. Making an Item Selectable
          2. Keeping the Selected Item in View
        2. Adding Support for Paging
          1. Rendering Pages of Data
          2. Tracking the Page Index
      6. Conclusion
      7. Resources
    2. 10. Web Forms User Controls
      1. What's a User Control, Anyway?
        1. The UserControl Class
          1. Base Properties of User Controls
          2. Base Methods of User Controls
        2. Converting Pages into User Controls
          1. The @Control Directive
          2. Fragment Output Caching
      2. Developing User Controls
        1. Building a TabStrip User Control
          1. Including a User Control in a Page
          2. The @Register Directive
          3. Setting Up a User Control
        2. Building a User-Control Object Model
          1. Adding Properties
          2. Initializing the User Control
          3. Adding Methods
        3. Handling User-Control Events
          1. Adding the SelectionChanged Event
          2. Firing a Custom Event
          3. Handling a Custom Event
      3. Getting Serious About User Controls
        1. Building Data-Bound User Controls
          1. The ButtonList User Control
          2. The Programming Interface of the ButtonList Control
          3. Generating the Output
          4. Setting Up a Client Page
        2. Loading Controls Dynamically
          1. The @Reference Directive
          2. Adding Dynamically Created Controls to the Page
          3. Referencing User Controls from Code-Behind Pages
      4. Conclusion
      5. Resources
    3. 11. ASP.NET Mobile Controls
      1. Architecture of Mobile Controls
        1. Multiple Markup Languages
          1. Compact HTML
          2. HTML 3.2
          3. Wireless Markup Language
        2. The Wireless Application Protocol
      2. Overview of Mobile Controls
        1. Mobile Controls Hierarchy
        2. ASP.NET Mobile Pages
          1. Pagination in Mobile Pages
          2. The Life Cycle of a Mobile Page
          3. Device Adapters
        3. Container Controls
          1. The Panel Control
          2. The Form Control
        4. List Controls
          1. The List Control
          2. The ObjectList Control
          3. The SelectionList Control
        5. Text Controls
          1. The TextBox Control
          2. The Command Control
          3. The PhoneCall Control
        6. Validation Controls
      3. Developing Mobile Applications
        1. The CustomerFinder Application
          1. Devising the Application for Usability
          2. The Mobile Designer in Visual Studio .NET
          3. Working with Emulators
        2. The Navigation Model of the Application
          1. The Main Form
          2. The Second Menu Form
          3. The Customer Form
        3. Adaptive Rendering
          1. Understanding Device Filters
          2. Creating Control Templates
        4. State Management
          1. The View State
          2. The Private View State
          3. The Session State
      4. Conclusion
      5. Resources
  8. IV. ASP.NET Application Essentials
    1. 12. Configuration and Deployment
      1. Configuration in the .NET Framework
        1. The XML Schema of Configuration Files
          1. The Machine Configuration File
          2. Security Configuration Files
          3. Application Configuration Files
        2. Managing Configuration Settings
          1. The ConfigurationSettings Class
          2. Section Handlers
      2. ASP.NET Applications Configuration
        1. The ASP.NET Configuration Hierarchy
        2. The <location> Section
          1. Centralized Configuration
          2. Unmodifiable Settings
        3. The <system.web> Section
          1. The <authentication> Section
          2. The <authorization> Section
          3. The <browserCaps> Section
          4. The <clientTarget> Section
          5. The <compilation> Section
          6. The <customErrors> Section
          7. The <deviceFilters> Section
          8. The <globalization> Section
          9. The <httpHandlers> Section
          10. The <httpModules> Section
          11. The <httpRuntime> Section
          12. The <identity> Section
          13. The <machineKey> Section
          14. The <mobileControls> Section
          15. The <pages> Section
          16. The <processModel> Section
          17. The <securityPolicy> Section
          18. The <sessionState> Section
          19. The <trace> Section
          20. The <trust> Section
          21. The <webControls> Section
          22. The <webServices> Section
        4. Reading User Configuration Data
          1. Using the ConfigurationSettings Class
          2. The NameValueFileSectionHandler Class
        5. Creating New Configuration Sections
          1. A Custom DataSet Section Handler
        6. Persisting Application Settings
          1. Writing to web.config
          2. Writing to Custom Files
          3. Writing to Databases
      3. ASP.NET Applications Deployment
        1. Creating a Setup
          1. A Web Setup Project
          2. Custom Actions
          3. Programmatically Configuring the ACL of a File
        2. Updating Configuration Options
          1. Configuring the Machine
          2. Deploying on a Web Farm
      4. Conclusion
      5. Resources
    2. 13. The HTTP Request Context
      1. Initialization of the Application
        1. Properties of the HttpApplication Class
        2. Application Modules
        3. Methods of the HttpApplication Class
        4. Events of the HttpApplication Class
      2. The global.asax File
        1. Compiling global.asax
        2. Syntax of global.asax
          1. Application Directives
          2. Code Declaration Blocks
          3. Server-Side <object> Tags
          4. Server-Side Includes
          5. Static Properties
        3. Tracking Errors and Anomalies
      3. The HttpContext Class
        1. Static Members
        2. Properties of the HttpContext Class
        3. Methods of the HttpContext Class
      4. The Server Object
        1. Intrinsic Objects? No, Intrinsic Properties
        2. Properties of the HttpServerUtility Class
        3. Methods of the HttpServerUtility Class
          1. Embedding Another Page's Results
          2. Server-Side Redirection
          3. Late-Bound COM Objects
          4. The Importance of AspCompat
      5. The Response Object
        1. Properties of the HttpResponse Class
          1. Setting the Response Cache Policy
          2. Setting an Output Filter
        2. Methods of the HttpResponse Class
      6. The Request Object
        1. Properties of the HttpRequest Class
        2. Methods of the HttpRequest Class
      7. Conclusion
      8. Resources
    3. 14. ASP.NET State Management
      1. The Application State
        1. Properties of the HttpApplicationState Class
        2. Methods of the HttpApplicationState Class
        3. State Synchronization
        4. Tradeoffs of Application State
      2. The Session State
        1. The Session-State HTTP Module
          1. State Client Managers
          2. Creating the HttpSessionState Object
          3. Synchronizing Access to the Session State
        2. Properties of the HttpSessionState Class
        3. Methods of the HttpSessionState Class
        4. Identifying a Session
          1. Cookieless Sessions
          2. Generating the Session ID
        5. Lifetime of a Session
          1. The Session_OnStart Event
          2. The Session_OnEnd Event
          3. Why Does My Session State Sometimes Get Lost?
          4. Detecting Expired Sessions
        6. Persist Session Data to Remote Servers
          1. State Serialization and Deserialization
          2. Storing Session Data
          3. Configuring the StateServer Provider
        7. Persist Session Data to SQL Server
          1. Performance and Robustness
          2. Creating and Configuring the Database
        8. Working in a Web Farm Scenario
      3. The View State of a Page
        1. The StateBag Class
          1. View State Properties
          2. View State Methods
        2. Common Issues with View State
          1. Encrypting and Securing
          2. Machine Authentication Check
          3. Size Thresholds and Page Throughput
          4. Programming Web Forms Without View State
        3. Keeping the View State on the Server
          1. The LosFormatter Class
          2. Creating a View-State-Less Page
          3. Saving the View State to a Web Server File
          4. Loading the View State from a Web Server File
      4. The ASP.NET Caching System
        1. The Cache Class
          1. Cache and Other State Objects
          2. Properties of the Cache Class
          3. Methods of the Cache Class
        2. Working with the ASP.NET Cache
          1. Inserting New Items in the Cache
          2. Removing Items from the Cache
          3. Tracking Item Dependencies
          4. Defining a Removal Callback
          5. Setting the Item Priority
          6. Controlling Data Expiration
        3. Building a Cache Viewer
          1. Enumerating Items in the Cache
          2. Clearing the Cache
      5. Caching ASP.NET Pages
        1. The @OutputCache Directive
          1. Choosing a Duration for the Output Cache
          2. Choosing a Location for the Output Cache
        2. The HttpCachePolicy Class
          1. Properties of the HttpCachePolicy Class
          2. Methods of the HttpCachePolicy Class
          3. Server Cache-Validation Callback
        3. Caching Multiple Versions of a Page
          1. Vary by Parameters
          2. Vary by Headers
          3. Vary by Custom Strings
        4. Caching Portions of ASP.NET Pages
          1. Caching the Output of User Controls
          2. Vary by Controls
          3. Implementing Partial Caching
          4. The PartialCachingControl Class
      6. Conclusion
      7. Resources
    4. 15. ASP.NET Security
      1. Writing Secure Code
        1. Types of Web Attacks
          1. Passive Attacks
          2. Active Attacks
        2. Golden Rules for Secure Coding
          1. Don't Trust
          2. Buffer Overruns
          3. SQL Injections
          4. Keep a Low Profile
          5. Cross-Site Scripting
      2. Configuring ASP.NET Applications for Security
        1. Choosing Strong Passwords
          1. Storing Passwords
          2. Passwords and Encryption
        2. The ASPNET Account
          1. Privileges of the ASPNET Account
          2. Who Really Runs ASP.NET Applications?
          3. Secure Storage of Passwords
          4. Enabling ASP.NET to Manage Local Files
        3. Changing the Identity of the ASP.NET Process
          1. Setting the Process Account
          2. Impersonating an Identity
          3. Impersonating Through the Anonymous Account
          4. Impersonation and Web Application Isolation
        4. Code Access Security and the CLR
          1. Implementing the <trust> Section
          2. ASP.NET Permissions
          3. Alternative Strategies for Isolating Applications
        5. User Authentication and Authorization
          1. IIS Authentication
          2. ASP.NET Authentication Types
          3. ASP.NET Authorization Rules
        6. ASP.NET and SQL Server
          1. Setting Up Trusted Connections
          2. Working with Untrusted Connections
      3. Windows Authentication
        1. Authenticating Users Through IIS
          1. Basic Authentication
          2. Digest Authentication
          3. Integrated Windows Authentication
        2. The Windows Authentication Provider
          1. How to Verify the Identity of the User
          2. Using ACLs to Authorize Access
          3. Enabling Impersonation
          4. URL Authorization and User-Based Security
      4. Passport Authentication
        1. Understanding the Passport Initiative
        2. The Passport Authentication Provider
      5. Forms Authentication
        1. The Forms Authentication Provider
          1. Accessing Protected ASP.NET Resources
          2. Validating User Credentials
          3. Attributes of the <authentication> Section
          4. Managing the Authentication Cookie
          5. The <credentials> Section
        2. The Login Process
          1. Collecting Credentials Through Login
          2. Authenticating the User
          3. Accessing the Authentication Cookie Programmatically
          4. Signing Out
        3. Role-Based Authentication
          1. Defining Roles
          2. Serving Personalized Pages
        4. URL Authorization
          1. The <authorization> Section
          2. Binding Roles and Identity Objects
      6. Conclusion
      7. Resources
    5. 16. Working with the File System
      1. File I/O in the .NET Framework
        1. Working with Files
          1. The FileInfo Class
          2. Keeping File Information In Sync
          3. Copying and Deleting Files
          4. Attributes of a File
        2. Working with Directories
          1. The DirectoryInfo Class
          2. Listing the Contents of a Directory
          3. Filtering the Contents of a Directory
        3. Working with Path Names
          1. The Programming Interface of the Path Class
          2. Combining Paths
        4. Readers and Writers
          1. Working with Streams
          2. Working with Readers and Writers
          3. Specialized Readers and Writers
      2. Reading Local Files
        1. The StreamReader Class
          1. Accessing the Underlying Stream
          2. Character Encoding
          3. Methods of the StreamReader Class
          4. Reading a Text File
          5. Binding the Contents of a File to a DataGrid
        2. The BinaryReader Class
          1. Reading Binary Information
          2. Skipping Bytes While Reading
      3. Writing Local Files
        1. The StreamWriter Class
          1. The Programming Interface of the StreamWriter Class
          2. Persisting a Collection of Data
        2. Writing Binary Files
          1. Creating Images Dynamically
          2. The BinaryWriter Class
        3. Serializing Data Structures
        4. The BinaryFormatter Class
          1. Serializing Data Through Classes
        5. Watching for File Changes
          1. The FileSystemWatcher Class
          2. Hooking Up Events
      4. Loading XML Documents
        1. Reading XML Files
          1. The Programming Interface of XML Readers
          2. Reading Attributes
          3. Validating Readers
        2. The XML DOM Parser
          1. Loading and Caching XML Documents
          2. Walking Your Way Through Documents
          3. Validating Documents Through XML DOM
      5. Creating XML Documents
        1. Using XML Writers
        2. Using the XML DOM Writer
        3. XML Documents in ASP.NET
      6. Server-Side XML Transformations
        1. Programming the Xml Server Control
        2. Working with the Xml Server Control
      7. Conclusion
      8. Resources
    6. 17. Working with Web Services
      1. The Infrastructure for Web Services
        1. The SOAP Protocol
          1. The SOAP Payload
          2. Architectural Issues
        2. The WSDL Language
          1. Elements of the WSDL Syntax
          2. A Sample WSDL Document
        3. The .NET Infrastructure for Web Services
          1. IIS Support
          2. The WebService Class
      2. Building an ASP.NET Web Service
        1. Writing a Web Service Class
          1. The WebService Attribute
          2. Changing the Default Namespace
          3. Precompiled Web Services
        2. Exposing Web Methods
          1. Defining a Web Method
          2. Type Marshaling
          3. Under the Hood of a Web Method Call
        3. Referencing Web Services from ASP.NET
          1. Building a Proxy Class
          2. Setting the URL of a Web Service
          3. Disabling HTTP-POST and HTTP-GET
          4. Invoking Methods on a Web Service
        4. Web Methods Best Practices
          1. Attributes of Web Methods
          2. Caching the Output of a Web Method
          3. Minimizing the Data Transferred
          4. Throwing Exceptions
          5. Transactional Methods
          6. Asynchronous Methods
      3. Securing Web Services
        1. HTTP User Authentication
          1. Making a Secure Call
          2. Detecting the Connected User
        2. Custom User Authentication
          1. Embedding Credentials in the SOAP Payload
          2. Authenticating the User
          3. Managing Roles
        3. Using Application-Specific Tokens
          1. Getting the Token
          2. The Amazon Case
      4. Managing the State of Web Services
        1. Enabling Session State
        2. Using Cookie Containers
          1. The Importance of a Cookie Container
          2. Building a Persistent Cookie Container
      5. Conclusion
      6. Resources
  9. V. Custom ASP.NET Controls
    1. 18. Extending Existing ASP.NET Controls
      1. A Better Label Control
        1. The LinkLabel Server Control
          1. Setting Up the New LinkLabel Class
          2. How Controls Render Their Output
          3. Finding Web-Sensitive Elements
        2. Using the LinkLabel Control
          1. Configuring the Control at Design-Time
          2. Want to Be Spammed?
          3. Modifying the Opening Tag
      2. A Better DataGrid Control>
        1. Improving the Pager Bar
          1. Refining the NextPrevMode
          2. A Tab-Style Pager
        2. Improving the Footer
          1. Computing Expressions Dynamically
          2. The Programming Interface of the Footer
          3. A DataGridwith Summary Information
      3. A Better Server-Side Form Control
        1. Supporting Multiple Server Forms
          1. Devising Logical Forms
          2. A Control Representing a Logical Form
          3. Packing the Form's Contents
        2. Creating Multiple Form-Like Controls
          1. Pages with Multiple Forms
          2. Retrieving Form Values
      4. Conclusion
      5. Resources
    2. 19. Creating New ASP.NET Controls
      1. Base Control Classes and Interfaces
        1. Control vs. WebControl
        2. Related Interfaces
        3. The HTML Text Writer
          1. Writing Attributes
          2. Working with Styles
      2. Building a Gauge Control
        1. Defining the Object Model
          1. Implementing the Object Model
          2. Setting Up the Ruler
          3. Setting Up the Control's Site
        2. Rendering the Control
          1. Generating the HTML for a Custom Control
          2. Using Child Controls For Rendering
        3. The Gauge in Action
      3. Building a Chart Generator Control
        1. Defining the Object Model
          1. Binding Data
          2. The Bar Chart Item
          3. The View State from the Control's Perspective
        2. Rendering the Control
          1. The Title Area
          2. Building the Chart
          3. The Background of the Table
        3. The BarChart Control in Action
      4. Building Composite Controls
        1. Structure of Composite Controls
        2. Designing a Composite Control
          1. Creating Child Controls
          2. The Importance of Being a Naming Container
          3. Handling PostBacks
        3. Using the LabelTextBox Control
      5. Conclusion
      6. Resources
    3. 20. Data-Bound and Templated Controls
      1. Designing a Data-Bound Control
        1. Making the BarChart Control Data Bound
          1. Defining Data-Bound Properties
          2. Overriding the DataBind Method
          3. Resolving Data Sources
        2. Using the Data-Bound BarChart Control
      2. Designing a Templated Control
        1. A Templated BarChart Control
          1. General Rules for Templated Controls
          2. Parsing Nested Tags
          3. The <CaptionTemplate> Section
          4. The <FooterTemplate> Section
          5. The Template Container Class
        2. Using the Templated BarChart Control
      3. The Control Builder Class
        1. Designing the TextBoxList Control
        2. Implementing the TextBoxList Control
          1. The Custom Control Builder Class
          2. The TextBoxList Class
          3. The FormField Class
          4. Rendering the Control
        3. Using the TextBoxList Control
      4. Conclusion
      5. Resources
    4. 21. Design-Time Support for Custom Controls
      1. The Design-Time Architecture in .NET
        1. Components, Sites, Containers, and Controls
        2. Controls and Designers
      2. The GraphicPanel Control
      3. Design-Time Attributes
        1. Using Design-Time Attributes
          1. A Commonly Used Set of Attributes
          2. Enumeration and Color Types
          3. Attributes that Affect Run-Time Behavior
        2. Extending IntelliSense Support
          1. Writing the Schema of a Control
          2. Registering a Custom Schema with Visual Studio .NET
      4. Rendering Types
        1. Implementing a Type Converter
          1. Deriving from TypeConverter
          2. Serialization Attributes
          3. Deriving from ExpandableObjectConverter
        2. Creating a Type Editor
          1. The About Property Editor
          2. Designing a Custom Type Editor
        3. Writing Custom Designers
          1. HTML Control Designers
          2. Creating a Control Designer
          3. Generating Design-Time HTML
      5. Conclusion
      6. Resources
  10. VI. Advanced Topics
    1. 22. Working with Images in ASP.NET
      1. Accessing Images from Web Pages
        1. The <img> Element
        2. Referencing Nonfile Images
          1. Setting the Content Type
          2. Flushing to the Output Stream
      2. Accessing Database Images
        1. Working with Binary Fields
          1. Reading Images from BLOB Fields
          2. Uploading Images to BLOB Fields
        2. Real-World Scenarios
          1. Optimizing the Database Query
          2. Optimizing Memory Usage
          3. Should You Really Store Images in the Database?
      3. Generating Images Dynamically
        1. A Quick Tour of GDI+ Classes
          1. The Graphics Class
          2. The Bitmap Class
          3. Filling Rectangles
          4. Drawing Text
        2. Writing Images to Memory
          1. Supported Image Formats
          2. Writing Copyright Notes on Images
          3. Generating Thumbnails
          4. Controlling the Compression Ratio of JPEG Images
          5. Saving to Larger Formats
          6. The MemoryStream Class
        3. Building Chart Generator Pages
          1. Drawing a Pie Chart
          2. Drawing a Bar Chart
      4. Conclusion
      5. Resources
    2. 23. HTTP Handlers and Modules
      1. Quick Overview of the IIS Extensibility API
        1. The ISAPI Model
          1. Illustrious Children of the ISAPI Model
          2. Structure of ISAPI Components
        2. ISAPI Extensions
        3. ISAPI Filters
      2. Writing HTTP Handlers
        1. The IHttpHandler Interface
          1. Members of the IHttpHandler Interface
          2. ASP.NET Request Processing
          3. A Very Simple HTTP Handler
        2. A Synchronous HTTP Handler for Quick Data Reports
          1. Building a Query Manager Tool
          2. Registering the Handler
          3. Deploying as an ASHX Resource
        3. Advanced HTTP Handler Programming
          1. HTTP Handler Factories
          2. Asynchronous Handlers
      3. Writing HTTP Modules
        1. The IHttpModule Interface
        2. A Custom HTTP Module
          1. Wiring Up Events
          2. Accessing Other HTTP Modules
          3. Registering with the Configuration File
      4. Conclusion
      5. Resources
    3. 24. Hosting ASP.NET Outside IIS
      1. Hosting the ASP.NET Runtime
        1. The ApplicationHost Class
          1. The Role of the Host Type
        2. The SimpleWorkerRequest Class
        3. A Sample ASP.NET Host
          1. Compiling ASPX Pages to HTML
          2. Locating the Host Type
      2. The Cassini Personal Web Server
        1. Cassini in Person
        2. The Architecture of Cassini
      3. Put Your Web Site on a CD
        1. Step-by-Step Operations
          1. Installing ASP.NET Without IIS
      4. Conclusion
      5. Resources
  11. Final Thoughts