Saturday, 1 October 2011

What is the difference between Datagrid, Datalist and Repeater?


            A Datagrid, Datalist and Repeater are all ASP.NET data Web controls. They have many things in common like DataSource Property, DataBind Method, ItemDataBound and ItemCreated events.
            When you assign the DataSource Property of a DataGrid to a DataSet then each DataRow present in the DataRow Collection of DataTable is assigned to a corresponding DataGridItem and this is same for the rest of the two controls also. But The HTML code generated for a DataGrid has an HTML TABLE ROW (TR) element created for the particular DataRow and its a Table form representation with Columns and Rows.
For a Datalist it’s an Array of Rows and based on the Template Selected and the RepeatColumn Property value We can specify how many DataSource records should appear per HTML <table> row. In short in DataGrid we have one record per row, but in DataList we can have five or six rows per row.
            For a Repeater Control, the DataRecords to be displayed depends upon the Templates specified and the only HTML generated is the due to the Templates.
In addition to these, DataGrid has a pin-built support for Sort, Filter and paging the data, which is not possible when using a DataList and for a Repeater Control we would require to write an explicit code to do paging.

What are the various ways of authentication techniques in ASP.NET?


Selecting an authentication provider is as simple as making an entry in the web.config file for the application. You can use one of these entries to select the corresponding built in authentication provider:
  <authentication mode="windows">
  <authentication mode="passport">
  <authentication mode="forms">
  Custom authentication where you might install an ISAPI filter in IIS that compares incoming requests to list of source IP addresses, and considers requests to be authenticated if they come from an acceptable address. In that case, you would set the authentication mode to none to prevent any of the .Net authentication providers from being triggered.

Windows authentication and IIS
If you select windows authentication for your ASP.NET application, you also have to configure authentication within IIS. This is because IIS provides Windows authentication. IIS gives you a choice for four different authentication methods: anonymous,basic,digest and windows integrated.
If you select anonymous authentication, IIS doesn’t perform any authentication, Any one is allowed to access the ASP.NET application.
If you select basic authentication, users must provide a windows username and password to connect. However this information is sent over the network in clear text, which makes basic authentication very much insecure over the internet.
If you select digest authentication, users must still provide a windows user name and password to connect. However the password is hashed before it is sent across the network. Digest authentication requires that all users be running Internet Explorer 5 or later and that windows accounts to stored in active directory.
If you select windows integrated authentication, passwords never cross the network.Users must still have a username and password, but the application uses either the Kerberos or challenge/response protocols authenticate the user. Windows-integrated authentication requires that all users be running Internet Explorer 3.01 or later Kerberos is a network
authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Kerberos is a solution to network security problems. It provides the tools of authentication and strong cryptography over the network to help to secure information in systems across entire enterprise.

Passport authentication
Passport authentication lets you to use Microsoft’s passport service to authenticate users of your application. If your users have signed up with passport, and you configure the authentication mode of the application to the passport authentication, all authentication duties are off-loaded to the passport servers.
Passport uses an encrypted cookie mechanism to indicate authenticated users. If users have already signed into passport when they visit your site, they’ll be considered authenticated by ASP.NET. Otherwise they’ll be redirected to the passport servers to log in. When they are successfully log in, they’ll be redirected back to your site
To use passport authentication you have to download the Passport Software Development Kit (SDK) and install it on your server. The SDK can be found at Microsoft website. It includes full details of implementing passport authentication in your own applications.
Forms authentication
Forms authentication provides you with a way to handle authentication using your own custom logic with in an ASP.NET application. The following applies if you choose forms authentication.
When a user requests a page for the application, ASP.NET checks for the presence of a special session cookie. If the cookie is present, ASP.NET assumes the user is authenticated and processes the request.
If the cookie isn’t present, ASP.NET redirects the user to a web form you provide.
You can carry out whatever authentication, it check’s you like it checks your form. When the user is authenticated, you indicate this to ASP.NET by setting a property, which creates the special cookie to handle subsequent requests.

What is the difference between authentication and authorization?

               Authentication is verifying the identity of a user and authorization is process where we check does this identity have access rights to the system. In short we can say the following authentication is the process of obtaining some sort of credentials.from the users and using those credentials to verify the user’s identity. Authorization is the process of allowing an authenticated user access to resources. Authentication always proceed to Authorization; even if your application lets anonymous users connect and use the application, it still authenticates them as being anonymous

20. What is the difference between Server.Transfer and Response.Redirect ?


Following are the major differences between them:
  Response.Redirect sends message to the browser saying it to move to some different page, while Server.Transfer does not send any message to the browser but rather redirects the user directly from the server itself. So in Server.Transfer
there is no round trip while Response.Redirect has a round trip and hence puts a load on server.
  Using Server.Transfer you cannot redirect to a different from the server itself. This cross server redirect is possible only using Response.Redirect.
  With Server.Transfer you can preserve your information. It has a parameter called as "preserveForm". So the existing query string etc. will be able in the calling page.

What is the difference between "Web.config" and "Machine.Config" ?


"Web.config" files apply settings to each web application, while "Machine.config" file apply settings to all ASP.NET applications.