1. Describe the following with respect to .Net: a. Features of .Net Platform The .

NET Framework is an integral Windows component that supports building and running the next generation of applications and XML Web services. The .NET Framework is designed to fulfill the following objectives: To provide a consistent object-oriented programming environment whether object code is stored and executed locally, executed locally but Internet-distributed, or executed remotely. To provide a code-execution environment that minimizes software deployment and versioning conflicts. To provide a code-execution environment that promotes safe execution of code, including code created by an unknown or semi-trusted third party. To provide a code-execution environment that eliminates the performance problems of scripted or interpreted environments. To make the developer experience consistency across widely varying types of applications, such as Windows-based applications and Web-based applications. To build all communication on industry standards to ensure that code based on the .NET Framework can integrate with any other code. b. Components of .Net Architecture The major components of the .Net framework are shown in the figure below:

At the lowest level, the framework starts with Memory Management and Component Loading and goes all the way up to multiple ways of rendering user and program interfaces. The middle layer provides any system level capability that a developer needs. The base to the Framework is the Common Language Runtime (CLR). The CLR is the heart of the .Net framework, the engine that drives the key functionality. For example the CLR includes a common system of data types. These common types plus a standard interface convention, make cross language inheritance possible. The CLR also does the reference counting for objects and handles garbage collection. The middle layer consists of standard system services such as ADO.NET AND XML. These services are controlled by the framework making them universally available and standardizing their usage across languages. The top layer has the user and program interfaces. Windows Forms: They provide a new way to create standard Win32 desktop applications, based on the Windows Foundation Classes (WFC) produced for J++. Web Forms: They provide a powerful forms based UI for the web. Web Services: They provide a mechanism for programs to communicate over the Internet using SOAP. They provide an analog of COM and DCOM for object brokering and interfacing, but based on Internet technologies so that allowance is made for integration even with non Microsoft platforms. The Web Forms and Web Services comprise the Internet interface portion of the .Net, and are implemented through a section of the .Net Framework referred to as ASP.NET. All the above objects are available to any language based on the .Net platform. For completeness, there is also a console interface that allows creation of character based applications.

c. Assemblies Overview

Assemblies are a fundamental part of programming with the .NET Framework. An assembly performs the following functions: language (MSIL) code in a portable executable (PE) file will not be executed if it does not have an associated assembly manifest. Note that each assembly can have only one entry point (that is, DllMain, WinMain, or Main). quested and granted. resides. A type called MyType loaded in the scope of one assembly is not the same as a type called MyType loaded in the scope of another assembly. that is used for resolving types and satisfying resource requests. It specifies the types and resources that are exposed outside the assembly. The manifest also enumerates other assemblies on which it depends.

language runtime; all types and resources in the same assembly are versioned as a unit. The assembly's manifest describes the version dependencies you specify for any dependent assemblies. For more information about versioning, see Assembly Versioning.

It forms a deployment unit. When an application starts, only the assemblies that the application initially calls must be present. Other assemblies, such as localization resources or assemblies containing utility classes, can be retrieved on demand. This allows applications to be kept simple and thin when first downloaded. For more information about deploying assemblies, see Deploying Applications. -by-side execution is supported. For more information about running multiple versions of an assembly, see Assemblies and Side-by-Side Execution. Assemblies can be static or dynamic. Static assemblies can include .NET Framework types (interfaces and classes), as well as resources for the assembly (bitmaps, JPEG files, resource files, and so on). Static assemblies are stored on disk in portable executable (PE) files. You can also use the .NET Framework to create dynamic assemblies, which are run directly from memory and are not saved to disk before execution. You can save dynamic assemblies to disk after they have executed. There are several ways to create assemblies. You can use development tools, such as Visual Studio 2005, that you have used in the past to create .dll or .exe files. You can use tools provided in the Windows Software Development Kit (SDK) to create assemblies with modules created in other development environments. You can also use common language runtime APIs, such as Reflection.Emit, to create dynamic assemblies. Benefits of Assemblies Assemblies are designed to simplify application deployment and to solve versioning problems that can occur with component-based applications. End users and developers are familiar with versioning and deployment issues that arise from today's component-based systems. Some end users have experienced the frustration of installing a new application on their computer, only to find that an existing application has suddenly stopped working. Many developers have spent countless hours trying to keep all necessary registry entries consistent in order to activate a COM class. Many deployment problems have been solved by the use of assemblies in the .NET Framework. Because they are self-describing components that have no dependencies on registry entries, assemblies enable zero-impact application installation. They also simplify uninstalling and replicating applications.

2. Describe the following with respect to creating Web Forms in .Net environment: a. Web Form Life Cycle Every request for a page made from a web server causes a chain of events at the server. These events, from beginning to end, constitute the life cycle of the page and all its components. The life cycle begins with a request for the page, which causes the server to load it. When the request is complete, the page is unloaded. From one end of the life cycle to the other, the goal is to render appropriate HTML output back to the requesting browser. The life cycle of a page is marked by the following events, each of which you can handle yourself or leave to default handling by the ASP.NET server: Initialize: Initialize is the first phase in the life cycle for any page or control. It is here that any settings needed for the duration of the incoming request are initialized. Load ViewState: The ViewState property of the control is populated. The ViewState information comes from a hidden variable on the control, used to persist the state across round trips to the server. The input string from this hidden variable is parsed by the page framework, and the ViewState property is set. This can be modified via the LoadViewState( ) method: This allows ASP.NET to manage the state of your control across page loads so that each control is not reset to its default state each time the page is posted. Process Postback Data: During this phase, the data sent to the server in the posting is processed. If any of this data results in a requirement to update the ViewState, that update is performed via the LoadPostData( ) method. Load: CreateChildControls( ) is called, if necessary, to create and initialize server controls in the control tree. State is restored, and the form controls show client-side data. You can modify the load phase by handling the Load event with the OnLoad method. Send Postback Change Modifications: If there are any state changes between the current state and the previous state, change events are raised via the RaisePostDataChangedEvent( ) method. Handle Postback Events: The client-side event that caused the postback is handled. PreRender: This is the phase just before the output is rendered to the browser. It is essentially your last chance to modify the output prior to rendering using the OnPreRender( ) method. Save State: Near the beginning of the life cycle, the persisted view state was loaded from the hidden variable. Now it is saved back to the hidden variable, persisting as a string object that will complete the round trip to the client. You can override this using the SaveViewState() method. Render: This is where the output to be sent back to the client browser is generated. You can override it using the Render method. CreateChildControls( ) is called, if necessary, to create and initialize server controls in the control tree. Dispose: This is the last phase of the life cycle. It gives you an opportunity to do any final cleanup and release references to any expensive resources, such as database connections. You can modify it using the Dispose( ) method.

b. Creating a Web Form Write programs with corresponding output screens to demonstrate the above concepts. To create the simple Web Form that will be used in the next example, start up Visual Studio .NET and open a New Project named ProgrammingCSharpWeb. Select the Visual C# Projects folder (because C# is your language of choice), select ASP.NET Web Application as the project type, and type in its name,

ProgrammingCSharpWeb. Visual Studio .NET will display http://localhost/ as the default location, as shown in Figure

Creating a project in the New Project window of Visual Studio .NET

Visual Studio places nearly all the files it creates for the project in a folder within your local machine's default web site for example, c:\Inetpub\wwwroot\ProgrammingCSharpWeb. The solution files and other Visual Studio-specific files are stored in <drive>\Documents and Settings\<user name>\My Documents\Visual Studio Projects (where <drive>andappear in the Solution Explorer. To see the code behind (.cs) file, you must place the cursor within Visual Studio .NET, right-click the form, and choose "View Code" in the pop-up menu. You can now tab back and forth between the form itself, WebForm1.aspx, and the C# code-behind file, WebForm1.aspx.cs. When viewing the form, WebForm1.aspx, you can choose between Design mode and HTML mode by clicking the tabs at the bottom of the Editor window. Design mode lets you drag controls onto your form; HTML mode allows you to view and edit the HTML code directly. Let's take a closer look at the .aspx and code-behind files that Visual Studio creates. Start by renaming WebForm1.aspx to HelloWeb.aspx. To do this, close WebForm1.aspx, and then right-click its name in the Solution Explorer. Choose Rename and enter the name HelloWeb.aspx. After you rename it, open HelloWeb.aspx and view the code; you will find that the code-behind file has been renamed as well to HelloWeb.aspx.cs.When you create a new Web Form application, Visual Studio .NET will generate a bit of boilerplate code to get you started, as shown in Example below: <%@ Page language="c#" Codebehind="HelloWeb.aspx.cs"

AutoEventWireup="false" Inherits="ProgrammingCSharpWeb.WebForm1" %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <html> <head> <title>WebForm1</title> <meta name="GENERATOR" Content="Microsoft Visual Studio 7.0"> <meta name="CODE_LANGUAGE" Content="C#"> <meta name="vs_defaultClientScript" content="JavaScript"> <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5"> </head> <body MS_POSITIONING="GridLayout"> <form id="Form1" method="post" runat="server"> </form> </body> </html>

What you see is typical boilerplate HTML except for the first line, which contains the following ASP.NET code: <%@ Page language="c#" Codebehind="HelloWeb.aspx.cs" AutoEventWireup="false" Inherits="ProgrammingCSharpWeb.WebForm1" %> The language attribute indicates that the language used on the code-behind page is C#. The Codebehind attribute designates that the filename of that page is HelloWeb.cs, and the Inherits attribute indicates that this page derives from WebForm1. WebForm1 is a class declared in HelloWeb.cs. public class WebForm1 : System.Web.UI.Page As the C# code makes clear, WebForm1 inherits from System.Web.UI.Page, which is the class that defines the properties, methods, and events common to all server-side pages. Returning to the HTML view of HelloWeb.aspx, you see that a form has been specified in the body of the page using the standard HTML form tag: <form id="Form1" method="post" runat="server"> Web Forms assumes that you need at least one form to manage the user interaction, and creates one when you open a project. The attribute runat="server" is the key to the serverside magic. Any tag that includes this attribute is considered a server-side control to be executed by the ASP.NET framework on the server. Having created an empty Web Form, the first thing you might want to do is add some text to the page. By switching to HTML view, you can add script and HTML directly to the file just as you could with classic ASP. Adding the following line to the body segment of the HTML page will cause it to display a greeting and the current local time: Hello World! It is now <% = DateTime.Now.ToString( ) %> The <% and %> marks work just as they did in classic ASP, indicating that code falls between them (in this case, C#). The = sign immediately following the opening tag causes ASP.NET to display the value, just like a call to Response.Write( ). You could just as easily write the line as: Hello World! It is now

<% Response.Write(DateTime.Now.ToString( )); %> Run the page by pressing Ctrl-F5 (or save it and navigate to it in your browser). You should see the string printed to the browser, as in Figure

Output generated by the HelloWorld.aspx file

3. Describe the following with respect to State Management in ASP.Net: a. Cookies in ASP.NET A cookie is a small amount of data that is stored either in a text file on the client file system or in-memory in the client browser session. It contains site-specific information that the server sends to the client along with page output. Cookies can be temporary (with specific expiration times and dates) or persistent. You can use cookies to store information about a particular client, session, or application. The cookies are saved on the client device, and when the browser requests a page, the client sends the information in the cookie along with the request information. The server can read the cookie and extract its value. A typical use is to store a token (perhaps encrypted) indicating that the user has already been authenticated in your application. Note: The browser can only send the data back to the server that originally created the cookie. However, malicious users have ways to access cookies and read their contents. It is recommended that you do not store sensitive information, such as a user name or password, in a cookie. Instead, store a token in the cookie that identifies the user, and then use the token to look up the sensitive information on the server. b. Session State ASP.NET allows you to save values by using session state which is an instance of the HttpSessionState class for each active Web-application session. Session state is similar to application state, except that it is scoped to the current browser session. If different users are using your application, each user session will have a different session state. In addition, if a user leaves your application and then returns later, the second user session will have a different session state from the first. Session state is structured as a key/value dictionary for storing session-specific information that needs to be maintained between server round trips and between requests for pages. You can use session state to accomplish the following tasks: ntify browser or client-device requests and map them to an individual session instance on the server. -specific data on the server for use across multiple browser or client-device requests within the same session.

on management events. In addition, you can write application code leveraging these events. Once you add your application-specific information to session state, the server manages this object. Depending on which options you specify, session information can be stored in cookies, on an out-ofprocess server, or on a computer running Microsoft SQL Server. c. Application State ASP.NET allows you to save values using application state which is an instance of the HttpApplicationState class for each active Web application. Application state is a global storage mechanism that is accessible from all pages in the Web application. Thus, application state is useful for storing information that needs to be maintained between server round trips and between requests for pages. Application state is stored in a key/value dictionary that is created during each request to a specific URL. You can add your application-specific information to this structure to store it between page requests. Once you add your application-specific information to application state, the server manages it.

4. Describe the following with respect to Web Services in .Net: a. Writing and Testing a Web Service b. Implementing a Web Service Client

The ASMX file shown in Figure 8.5 is a complete Web service. It implements two Web methods: Add and Subtract. Both take two integers as input and return an integer as well. Deploying the Web service is as simple as copying it to a directory on your Web server that is URLaddressable. If you put Calc.asmx in wwwroot, the Web services local URL is http://localhost/calc.asmx. Calc.asmx demonstrates several important principles of Web service programming using the .NET Framework: Web services are implemented in ASMX files. ASMX is a special file name extension registered to ASP.NET (specifically, to an ASP.NET HTTP handler) in Machine.config. ASMX files begin with @ WebService directives. At a minimum, the directive must contain a Class attribute identifying the class that makes up the Web service. Web service classes can be attributed with optional WebService attributes. The one in this example assigns the Web service a name and a description that show up in the HTML page generated when a user calls up Calc.asmx in his or her browser. The WebService attribute also supports a Namespace parameter that can be used to change the name of the XML namespace that scopes the Web services members. Web methods are declared by tagging public methods in the Web service class with WebMethod attributes. You can build helper methods into a Web service methods that are used internally by Web methods but that are not exposed as Web methods themselves by omitting the attribute. The WebMethod attributes in Figure 8.5 also assign descriptive text to their Web methods. Youll learn more about Description and other WebMethod parameters in the section entitled The WebMethod Attribute.

HTTP, XML, and SOAP are hidden under the hood. You dont have to deal with raw XML data or SOAP messages because the .NET Framework deals with them for you.

Calc Web service

Despite its brevity, Calc.asmx is a full-blown Web service when installed on a Web server outfitted with ASP.NET. Its Web methods can be invoked with SOAP, HTTP GET, and HTTP POST, and its capable of returning output in SOAP responses or simple XML wrappers. All we need now is a way to test it out. The .NET Framework lends a hand there too.

Testing a Web Service How do you test an ASMX Web service? Simple: just call it in your browser. To demonstrate, copy Calc.asmx to wwwroot and type http://localhost/calc.asmx in your browsers address bar. Youll be greeted with the screen shown in Figure 8.6. What happened? ASP.NET responded to the HTTP request for Calc.asmx by generating an HTML page that describes the Web service. The name and description in the ASMX files WebService attribute appear at the top of the page. Underneath is a list of Web methods that the service exposes, complete with the descriptions spelled out in the WebMethod attributes.

Calc.asmx as seen in Internet Explorer

Click Add near the top of the page, and ASP.NET displays a page that you can use to test the Add method (Figure 8.7). ASP.NET knows the method name and signature because it reads them from the metadata in the DLL it compiled from Calc.asmx. It even generates an HTML form that you can use to call the Add method with your choice of inputs. Type 2 and 2 into the a and b boxes and click Invoke. The XML returned by the Web method appears in a separate browser window

Test page for the Add method

XML returned by the Add method

The forms that ASP.NET generates on the fly from ASMX files enable you to test the Web services that you write without writing special clients to test them with. They also let you explore a Web service built with the .NET Framework simply by pointing your browser to it. For kicks, type the following URL into your browsers address bar: http://terraservice.net/terraservice.asmx Thats the URL of the Microsoft TerraService, an ultra-cool Web service that provides a programmatic interface to a massive database of geographic data known as the Microsoft TerraServer. Dont worry about the details just yet; youll be using TerraService to build a Web service client later in this chapter. But do notice how much you can learn about TerraService simply by viewing the page that ASP.NET generated for it.

Web Service Clients Now that youve seen Web services up close and personal, its time to learn about Web service clients that is, applications that use, or consume, Web methods. Its easy to write Web services. Writing Web service clients is even easier, thanks to some high-level support lent by the .NET Framework class library (FCL) and a code-generator named Wsdl.exe. If you have a WSDL contract describing a Web service (or the URL of a DISCO file that

SET-2 1. Write a program in C# language to perform the following operations: a. Basic arithmetic operations b. Finding greatest of n numbers Write separate programs for each of the above points.

2. Explain the following with respect to ASP.Net: a. Master Pages b. Themes & Skins Write code snippets to demonstrate the above concepts. Master Pages The Master Pages feature provides the ability to define common structure and interface elements for your site, such as a page header, footer, or navigation bar, in a common location called a "master page", to be shared by many pages in your site. This improves the maintainability of your site and avoids unnecessary duplication of code for shared site structure or behavior. Just as Themes and Skins allow you to factor out style definitions from your page code and maintain them in a common file, Master Pages do the same for page layout. A Master Page is a page that contains markup and controls that should be shared across multiple pages in your site. For example, if all of your pages should have the same header and footer banners or the same navigation menu, you could define this in a Master Page once, and then all pages associated to this Master Page would inherit those common elements. The advantage of defining the header, footer, and navigation in a Master Page is that these elements need only be defined once, instead of multiple times in duplicate code across the pages in your site. The Master Pages are an easy way to provide a template that can be used by any number of ASP.NET pages in your application. In working with Master Pages, the developer creates a Master File that is the template referenced by a subpage or Content Page. Master Pages use a .master file extension, whereas content pages use the .aspx file extension you are used to; but content pages are declared as such within the files page directive. Master and Content Pages Defining a Master Page is just like defining a normal page. Master Pages can contain markup, controls, or code, or any combination of these elements. However, a Master Page can contain a special type of control, called a ContentPlaceHolder control. A ContentPlaceHolder defines a region of the master page rendering that can be substituted with content from a page associated to the master. A ContentPlaceHolder can also contain default content, just in case the derive page does not need to override this content. The syntax of a ContentPlaceHolder control is given below:
<%--

To differentiate a Master Page from a normal page, a Master Page is saved under the .master file extension. A page can derive from a Master Page by defining a MasterPageFile attribute on its Page directive, as demonstrated below. A page that is associated to a Master Page is called a Content Page. A Content Page can declare Content controls that specifically override content placeholder sections in the Master Page. A Content control is associated to a particular ContentPlaceHolder control through its ContentPlaceHolderID property. A Content Page may only contain markup and controls inside Content controls; it cannot have any top-level content of its own. It can, however, have directives or server-side code.

<%-- ContentPlaceHolder control --%> <asp:contentplaceholder id="FlowerText" runat="server"/> <%-- ContentPlaceHolder with default content --%> <asp:contentplaceholder id="FlowerText" runat="server"> <h3>Welcome to my florist website!</h3> </asp:contentplaceholder>

To differentiate a Master Page from a normal page, a Master Page is saved under the .master file extension. A page can derive from a Master Page by defining a MasterPageFile attribute on its Page directive, as demonstrated below. A page that is associated to a Master Page is called a Content Page.
<%@ Page MasterPageFile="Site.master" %>

A Content Page can declare Content controls that specifically override content placeholder sections in the Master Page. A Content control is associated to a particular ContentPlaceHolder control through its ContentPlaceHolderID property. A Content Page may only contain markup and controls inside Content controls; it cannot have any top-level content of its own. It can, however, have directives or server-side code.
<%@ Page MasterPageFile="Site.master" %> <asp:content id="Content1" contentplaceholderid="FlowerText" runat="server"> With sunshine, water, and careful tending, roses will bloom several times in a season. </asp:content> <asp:content id="Content2" contentplaceholderid="FlowerPicture" runat="server"> <asp:Image id="image1" imageurl="~/images/rose.jpg" runat="server"/> </asp:content>

The following example demonstrates the relationship between Master and Content pages. The Master Page in this case defines two ContentPlaceHolder regions, named FlowerPicture and FlowerText, along with some default content for those regions. Individual content pages in the site inherit the common site layout and look-and-feel from the Master Page, but override the default content for the named ContentPlaceHolder regions with their own content. Note that the Default.aspx page in this site does not define any Content controls, and so it just inherits the default content from the Master Page.

A Sample Web Page

The source code for the above web page using C# is given below:

<%@ master language="C#" %> <html> <head> <link rel="stylesheet" href="StyleSheet.css" type="text/css" /> </head> <body>

<form id="Form1" runat="server"> <div> <table class="main" cellspacing="0" cellpadding="2"> <tr class="header"> <td colspan="2" class="header"/> </tr> <tr valign="top"> <td class="sidebar" rowspan="2"> <a href="daffodil.aspx">Daffodil</a><br/> <a href="rose.aspx">Rose</a><br/> <a href="dahlia.aspx">Dahlia</a><br/> <a href="hydrangea.aspx">Hydrangea</a><br/> <a href="daisy.aspx">Daisy</a><br /> </td> <td class="body"> <asp:contentplaceholder id="FlowerText" runat="server"> <h3>Welcome to my florist website!</h3> We have an enormous selection of quality flowers and seeds, available for shipping to any location worldwide. Let us handle all you gardening needs! </asp:contentplaceholder> <br /><br /> <asp:contentplaceholder id="FlowerPicture" runat="server"> <img alt="water lilies" src="Images/waterlilies.jpg"/> </asp:contentplaceholder> <br /><br /> <asp:adrotator id="MyAdRotator" advertisementfile="Ads.xml" runat="server"/> </td> </tr> <tr> <td class="footer"> <asp:label id="Footer" font-italic="true" text="Copyright Microsoft 2003" runat="server" /> </td> </tr> </table> </div> </form> </body> </html>

The code for the internal web pages is given below:

Default.aspx <%@ page language="C#" masterpagefile="~/Site.master" %> Rose.aspx <%@ page language="C#" masterpagefile="~/Site.master" %> <asp:content id="Content1" contentplaceholderid="FlowerText" runat="server">

With sunshine, water, and careful tending, roses will bloom several times in a season. </asp:content> <asp:content id="Content2" contentplaceholderid="FlowerPicture" runat="server"> <img alt="rose" src="images/rose.jpg" /> </asp:content>

URL Rebasing in a Master Page One thing to notice about the preceding example is that there are several places in the Master Page that refer to URL resources like images or stylesheet or page references using a relative-path syntax, for example:
<head> <link rel="stylesheet" href="StyleSheet.css" type="text/css" /> </head> ... <a href="daffodil.aspx">Daffodil</a> ... <img alt="water lilies" src="Images/waterlilies.jpg"/>

This works fine when the Master Page and Content Page are in the same directory, but when the Content Page is in a physically separate location, the relative path will not be correct. To solve this problem, you may take one of the following approaches: te URL paths in the Master Page, for example <img src="/myapplication/images/banner.gif" />

Use relative or application-relative URLs in server controls instead of static markup, for example <asp:Image ImageUrl="~/images/banner.gif" runat="server" /> The following example demonstrates this technique. The Content Pages have been moved to a subdirectory "Pages" under the directory that contains the Master Page. The Master Page has been updated to use server controls in place of HTML:
<head runat="server"> <link rel="stylesheet" href="StyleSheet.css" type="text/css" /> </head> ... <a id="A1" href="pages/daffodil.aspx" runat="server">Daffodil</a/> ... <asp:Image ID="Image1" AlternateText="Water Lillies" ImageUrl="~/Images/Waterlilies.jpg" runat="server"/>

Accessing a Master Page from Code In addition to overriding content, it is possible for a Content Page to programmatically access its Master Page. A Content Page creates a strongly-typed reference to the Master Page using the <%@ MasterType %> directive, specifying the virtual path to the master page:
<%@ MasterType VirtualPath="Site.master" %>

The Content Page can then reference the Master Page using the Master property of the Page class:

C# Code Master.FooterText = "This is a custom footer"; AdRotator ad = (AdRotator)Master.FindControl("MyAdRotator"); Master.FooterText = "This is a custom footer" Dim ad As AdRotator = Master.FindControl("MyAdRotator");

In the code example above, FooterText is a public property exposed on the Master Page, while MyAdRotator is a control on the Master Page. Nesting Master Pages Content Pages can also be Master Pages. That is, it is possible to derive a Master page from another Master Page. For example, you might have a top-level Master Page that represents the overall site header/footer and navigation of your site, and then separate Master Pages that derive from this Master in order to define different looks for the various sub-sections within your site. Content Pages would then derive from the appropriate section master for the section the Content Page belongs to. The following example demonstrates this idea, dividing the Florist example site into two sections, Annuals and Perrennials.

Nesting Master Pages

The following is the code for the Home Page of the Nested Pages:
<%@ page language="C#" MasterPageFile="~/Site4.master" %>

Themes & Control Skins Creating Themes Themes and Skins: The Themes and Skins feature of ASP.NET allows you to factor style and layout information into a separate group of files, collectively called a Theme. A Theme can then be applied to any site to affect the look and feel of pages and controls within the site. Style changes to a site can then be easily maintained by making changes to the Theme, without having to edit the individual pages in your site. Themes can also be shared with other developers. When you build a web application, it usually has a similar look-and-feel across all its pages. Not too many applications are designed with each page dramatically different from each other. In general, your applications use similar fonts, colors, and server control styles across all the pages within the application. You can apply these common styles individually to each and every server control or objects on each page, or you can use a capability provided by ASP.NET to centrally specify these styles. All pages or parts of pages in the application can then access them. Themes are the text-based style definitions in ASP.NET. You create .skin files in the Theme folder. A .skin file can contain one or more control skins for one or more control types. You can define skins in a separate file for each control or define all the skins for a theme in a single file.
There are two types of control skins, default skins and named skins: A Default Skin automatically applies to all controls of the same type when a theme is applied to a page. A Control Skin is a default skin if it does not have a SkinID attribute. For example, if you create a default skin for a Calendar control, the control skin applies to all Calendar controls on pages that use the theme. (Default skins are matched exactly by control type, so that a Button control skin applies to all Button controls, but not to LinkButton controls or to controls that derive from the Button object.) A Named Skin is a control skin with a SkinID property set. Named skins do not automatically apply to controls by type. Instead, you explicitly apply a named skin to a control by setting the control's SkinID property. Creating named skins allows you to set different skins for different instances of the same control in an application. Cascading Style Sheets A theme can also include a cascading style sheet (.css file). When you put a .css file in the theme folder, the style sheet is applied automatically as part of the theme. You define a style sheet using the file name extension .css in the theme folder. The following are the uses of ASP.NET Themes:

pplied at the application, page, or server control level. Example: This example demonstrates the application of themes to a sample ASP.NET web page:
An ASP Page that does not use themes <% Page Language = VB %> <html xmlns = http://www.w3.org/1999/xhtml> <head runat = server> <title>STLNET</title>

</head> <body>

<form id = form1 runat = server> <h1> St. Louis .NET User Group</h1><br /> <asp:Textbox ID = Textbox1 runat = server/> <br /> <br /> <asp:Calendar ID = Calendar1 runat = server/> <br /> <asp:Button ID = Button1 runat = server Text = Button /> </form> </body> </html>

This simple page shows some default server controls, but which you can change with one of these new ASP.NET themes. You can instantly change the appearance of this page without changing the style of each server control on the page. From within the Page directive, you simply apply an ASP.NET theme that you have either built or downloaded from the Internet: <%@ Page Language = VB Theme = SmokeAndGlass %> Adding the Them attribute changes the appearance of everything on the page that is defined in an example SmokeAndGlass theme file. If you have multiple pages, you do not have to think about applying styles to everything you do as you build because the styles are already defined centrally for you. Applying a Theme to an Entire Application You can apply a Theme to your entire application using the web.config file. Example: Applying a Theme to an Entire Application
<?xml Version = 1.0> <configuration> <system.web> <pages theme = SmokeAndGlass> </ system.web> </configuration>

By specifying the Theme in your web.config file, you need not define the theme again in the Page directive of your ASP.NET pages. This theme is applied automatically to each and every page within your application. In order to apply the theme to only a specific part of an application, make use of the <location/> element to specify the areas of the application for which the theme should be applied. Removing Themes from the Server Controls Some times you want an alternative to the theme that has already been defined. As an example, to change the text box server control that you have been already working with by making its background black and using white text: <asp:Textbox ID = TextBox1 runat = server

BackColor = #000000 ForeColor = #ffffff /> To apply a theme to your ASP.NET page but not to the Textbox control, use the EnableTheming property of the Textbox Server Control: <asp:Textbox ID = TextBox1 runat = server BackColor = #000000 ForeColor = #ffffff EnableTheming = false /> To turn off the theming property for multiple controls within a page, consider using the Panel Control (or any Container Control) to encapsulate a collection of controls and then set the EnableTheming attribute of the Control Panel to false. This disables the theming for each and every control within the panel. Removing Themes from Web pages Suppose that you have set the theme for the entire application using web.config file, and you want to exclude a single ASP.NET page; which could be made possible by removing a theme setting at the page level. The Page directive for every ASP.NET web page includes an EnableTheming Attribute that can be used to remove theming from your ASP.NET pages. To remove the theme that would be applied by the theme setting in the web.config file, you simply construct your corresponding Page directive as follows: <%@ Page Language =VB EnableTheming = False %> This statement constructs the theme setting to nothing and removes any settings specified in the web.config file for that particular page.
Note: The .skin files are used to define styles for ASP.NET server controls

If the themes are disabled by setting the EnableTheming attribute is set to False at the page level, we can still enable theming for specific controls on that page by setting EnableTheming for those specific controls to true and applying a specific theme at the same time as shown in the example given below:
<asp:Textbox ID = TextBox1 runat = server BackColor = #000000 ForeColor = #ffffff EnableTheming = true SkinID = mySkin/>

Usage of Themes with Master Pages The ASP.NET applications that use Master pages have both the Page and Master page directives that contain an EnableTheming attribute. If this is the case, what is the behavior of any content pages using the master page? If the content page that is using this master page does not make any specification on theming (it does not use the EnableTheming attribute), what is specified in the master page naturally takes precedence and no theme is utilized as required by the false setting. Even if you have set the EnableTheming attributes value in the content page, any value specified in the master page takes precedence. That is, if the theming is set to false in the master page and set to true in the content page, the page is constructed with the value provided from the master page, which in this case is false. Even if the value is set to false in the master page, you can override this setting at the control level rather than doing it in the Page directive of the content page. Creation of User-Defined Themes Users can define their own themes to the pages they would create within an application. These themes created can be applied at the following levels within an application:

Themes are a way of applying a consistent look and feel across entire application. To create your own themes at first, you have to create a proper folder structure in your application. Step1: Right click the project and add a new folder Step 2: Name the folder appropriately (for example: App_Themes) Step 3: You can also create this folder by right clicking on your project in Visual Studio and selecting Add ASP.NET Folder Theme. Note: When you execute step3 of above, the theme folder within the App_Themes folder does not have the typical folder icon next to it, instead it has a folder icon that includes a paint brush as shown below: Within the existing (or newly created) themes folder, we can create an additional theme folder for each and every theme that you can use in your application. For Example: If you are going to have four themes Summer, Fall, Winter, and Spring then you create four folders that are named appropriately. Each theme folder must contain the elements of the theme, that can include the following: A single skin file CSS Files Images Adding a CSS to your Themes In addition to the server control definitions that can be created from within a .skin file, we can make further definitions using Cascading Style Sheets (CSS). With a .skin file, we could define only the styles associated with server controls and nothing else. For a theme that goes beyond the server controls, we must further define the theme style so that HTML server controls, HTML, and raw text are all changed in accordance with the theme. This can be done by including a CSS file within your theme folder. It is an easy task to create CSS files for your themes with Visual Studio 2008. Example: Right click the Summer theme folder and select Add New Item. In the list of options, select the option Style Sheet and name it Summer.css. The Summer.css file should be sitting right next to your Summer.skin file. This creates an empty .css file for your theme. To create comprehensive theme with this dialog, you define each HTML element that might appear in the ASP.NET page or you make use of class names or element IDs. Example: Creation of a simple CSS file that changes some of the non-server control items on a ASP.NET page. The sample code for this file creation is shown below:

body { font size: x-small; font family: Verdana; color: #004000; } a: link {

color: Blue; text-decoration: none; } a: visited { color: Blue; text-decoration: none; } a: hover { color: Red; text-decoration: underline overline; }

In this CSS file four things are defined: general, plenty of text can appear in a typical ASP.NET page that is not placed inside an <asp:Label> or <asp:Literal> tag. Therefore you can define how your text should appear in the CSS file; otherwise your web page may appear quite odd at times. In this case, a definition is in place for the size, the font family, and the color of the text. The next three definitions in the CSS file revolve around the <a> (anchor tag element used for hyperlinks). A: link definition defines the look of a hyperlink on a web page. A: visited definition defines the look of the link of a web page already visited by the user previously. The A: hover definition defines the appearance of the hyperlink when the end user hovers on a hyper-link. Skin Creation: A skin is a definition of styles applied to the server controls in your ASP.NET page. Skins can work in conjunction with CSS files or images. To create a theme to use in your ASP.NET application, you use a single skin file in the theme folder. The skin file can have any name, but it must have a .skin file extension. Example: Creation of the Summer theme Right click the Summer folder, select Add New Item, and select Skin. Name the file Summer.skin. The listing for the Summer.skin file is shown below:
The Summer.skin file <asp:Label runat = server Forecolor = #004000 Font-Names = Verdana Font-Size = XSmall /> <asp:Textbox runat = server Forecolor = #004000 Font-Names = Verdana Font-Size = XSmall BorderStyle=Solid BorderWidth = 1px BorderColor = #004000 Font-Bold = True /> <asp:Button runat = server Forecolor = #004000 Font-Names = Verdana Font-Size = XSmall BorderStyle=Solid BorderWidth = 1px BorderColor = #004000 Font-Bold = True BackColor = #FFE0C0 />

To use the above listing in a real application, you should actually make a definition for each and every server control option. If you specify the runat = server attribute in the skinned version of the control, you also include it in the server control you put on an .aspx page that uses this theme.
Using the Summer theme in an ASP.NET page

Using C# Language <%@ Page Language = C# Theme = Summer %> <script runat = server> protected void Button1_Click(object sender, System.EventArgs e) { Label1.Text = Hello + TextBox1.Text.ToString(); } </script>

Page with No Theme Applied

Page with theme applied:

The App_Themes Folder Themes reside in the App_Themes folder directly under the application root directory. A Theme consists of a named subdirectory under this folder that contains a collection of one or more Skin files, named with the .skin extension. A Theme can also contain a CSS file and/or subdirectories for static files like images. The figure below shows an App_Themes directory with two Themes defined, named "Default" and "White", each of which has a single skin file and CSS file.

App_Themes Folder

Observe in the previous example that the contents of a skin file are simply control definitions as they might appear in a page. A skin file can contain multiple control definitions, for example one definition for each control type. The properties of controls defined in the theme automatically override the local property value for a control of the same type in the target page with the Theme applied. For example, a <asp:Calendar Font-Name="Verdana" runat="server"/> control definition in a skin file will cause all Calendar controls in pages with the Theme applied to use the Verdana font. A local value for this

property on the control will be overridden by the Theme. Note that it is an error to specify an ID property value for a control definition in a skin file. Global and Application Themes A Theme can reside at the application-level or machine-level (globally available to all applications). Application-level Themes are placed in the App_Themes directory under the application root directory, as described above. Global Themes are placed in a "Themes" directory under an ASP.NETClientFiles folder under the ASP.NET installation directory, for example %WINDIR%\Microsoft.NET\Framework\<version>\ASP.NETClientFiles\Themes. The location of global themes is Inetpub\ wwwroot\aspnet_ client\system_web\<version>\Themes for IIS web sites. Assigning a Theme to a Page An individual page can be assigned a Theme by setting the <%@ Page Theme="..." %> directive to the name of a global or application-level Theme (the name of a folder under the Themes or App_Themes directory). A page can only have one Theme applied, but there may be multiple skin files in the theme that apply style settings to controls in the page.

3. Describe the following example Web services: a. Web Service Discovery DISCO b. Web Service Discovery UDDI

Web Service Discovery DISCO Once a client has a WSDL contract describing a Web service, it has all the information it needs to make calls to that Web service. But when you publish a Web service by making it available on a Web server, how do clients find out where to get a WSDL contract? For that matter, how do clients know that your Web service exists in the first place? The answer comes in two parts: DISCO and Universal Description, Discovery, and Integration, better known as UDDI. The former is a file-based mechanism for local Web service discovery that is, for getting a list of available Web services from DISCO files deployed on Web servers. The latter is a global Web service directory that is itself implemented as a Web service. UDDI is discussed in the next section. The DISCO (short for discovery) protocol is a simple one that revolves around XML-based DISCO files. The basic idea is that you publish a DISCO file on your Web server that describes the Web services available on it and perhaps on other servers as well. Clients can interrogate the DISCO file to find out what Web services are available and where the services WSDL contracts can be found. As an example, suppose you publish two Web services and their URLs are as follows: http://www.wintellect.com/calc.asmx
http://www.wintellect.com/locator.asmx To advertise these Web services, you can deploy the following DISCO file at a well-known URL on your server. The contractRef elements identify the URLs of the Web services WSDL contracts. URLs can be absolute or relative (relative to the directory in which the DISCO file resides). The optional docRef attributes identify the locations of documents describing the Web services, which, because of the selfdocumenting nature of Web services built with the .NET Framework, are typically the ASMX files themselves:

<?xml version="1.0" ?> <discovery xmlns="http://schemas.xmlsoap.org/disco/" xmlns:scl="http://schemas.xmlsoap.org/disco/scl/"> <scl:contractRef ref="http://www.wintellect.com/calc.asmx?wsdl" docRef="http://www.wintellect.com/Calc.asmx" /> <scl:contractRef ref="http://www.wintellect.com/locator.asmx?wsdl" docRef="http://www.wintellect.com/Locator.asmx" /> </discovery>

If youd prefer, you can write DISCO files for individual Web services and reference them in a master DISCO file using discoveryRef elements. Heres a DISCO file that points to other DISCO files. Once more, URLs can be absolute or relative:
<?xml version="1.0" ?> <discovery xmlns="http://schemas.xmlsoap.org/disco/"> <discoveryRef ref="http://www.wintellect.com/calc.disco" /> <discoveryRef ref="http://www.wintellect.com/locator.disco" /> </discovery>

A third option is to deploy a VSDISCO file to enable dynamic discovery. The following VSDISCO file automatically exposes all ASMX and DISCO files in a host directory and its subdirectories, with the exception of those subdirectories noted with exclude elements:
<?xml version="1.0" ?> <dynamicDiscovery xmlns="urn:schemas-dynamicdiscovery:disco.2000-03-17"> <exclude path="_vti_cnf" /> <exclude path="_vti_pvt" /> <exclude path="_vti_log" /> <exclude path="_vti_script" /> <exclude path="_vti_txt" /> </dynamicDiscovery>

How does dynamic discovery work? ASP.NET maps the file name extension .vsdisco to an HTTP handler that scans the host directory and subdirectories for ASMX and DISCO files and returns a dynamically generated DISCO document. A client that requests a VSDISCO file gets back what appears to be a static DISCO document. For security reasons, Microsoft disabled dynamic discovery just before version 1.0 of the .NET Framework shipped. You can re-enable it by un-commenting the line in the httpHandlers section of Machine.config that maps *.vsdisco to System.Web.Services.Discovery.DiscoveryRequestHandler and granting the ASPNET account permission to access the IIS metabase. Microsoft highly discourages dynamic discovery for fear of compromising your Web server, and a bug in version 1.0 of the .NET Framework SDK prevents most DISCO-aware tools from working with VSDISCO anyway. My advice is to forget that VSDISCO files even exist and use static DISCO files instead. To further simplify Web service discovery, you can link to a master DISCO file from your sites default HTML document. For example, suppose the default HTML document at www.wintellect.com is Default.html and that the same directory also holds a discovery document named Default.disco. Including the following HTML in Default.html enables most tools that read DISCO files to accept the URL www.wintellect.com (as opposed to www.wintellect.com/default.disco): <html> <head> <link type="text/html" rel="alternate" href="Default.disco"> </head> </html>

Visual Studio .NET (specifically, its Add Web Reference command) reads DISCO files; so does the Disco.exe utility that comes with the .NET Framework SDK. Discos chief disadvantage is that you cant read a DISCO file if you dont have its URL. So how do you find a Web service if you dont even have a URL to start with? Can you spell U-D-D-I?

8.8 Web Service Discovery UDDI UDDI is an abbreviation for Universal Description, Discovery, and Integration. Jointly developed by IBM, Microsoft, and Ariba and supported by hundreds of other companies, UDDI is a specification for building distributed databases that enable interested parties to discover each others Web services. No one company owns the databases; anyone is free to publish a UDDI-based business registry. Operator sites have already been established by IBM and Microsoft and are likely to be the first of many such sites that will come on line in the future. UDDI sites are themselves Web services. They publish a pair of SOAP-based APIs: an inquiry API for inquiring about companies and their Web services and a publisher API for advertising a companys Web services. Anyone can call the inquiry API, but operator sites typically limit the publisher API to registered members. At the time of this writing, Microsoft was beta testing a UDDI .NET SDK featuring managed wrapper classes that simplify interactions with UDDI business registries. Most developers will never deal with UDDI APIs directly. Instead, theyll use high-level tools such as Visual Studio .NET to query UDDI business registries and generate wrapper classes that allow them to place calls to the Web services that they find there. The actual placing of UDDI calls will be limited primarily to tools vendors and to clients that wish to locate and bind to Web services dynamically.

4. Describe the following with respect to Web site deployment in ASP.Net: a. Creating Application Pools (IIS 6.0) b. Deploying ASP.NET Applications

Creating Application Pools (IIS 6.0) When you run IIS 6.0 in worker process isolation mode, you can isolate different Web applications or Web sites in pools, which are called Application Pools. An application pool is a group of URLs that are routed to one or more worker processes that share the same configuration. The URLs that you assign to an application pool can be for an application, a Web site, a Web directory, or a virtual directory. In an application pool, process boundaries separate each worker process from other worker processes so that when an application is routed to one application pool, applications in other application pools do not affect that application. By using an application pool, you can assign specific configuration settings to a worker process (or, in the case of a Web garden, to a set of worker processes) that services a group of applications. For example, you can configure worker process recycling, which offers several configuration options to match the needs of each application. If, for example, you suspect that an application has a memory leak, you might configure the application pools worker process to recycle when its memory use reaches a certain threshold. If another application fails because of the volume of requests that it receives, you can set the application pools worker process to recycle when the application exceeds a specified number of requests. By creating new application pools and assigning Web sites and applications to them, you can make your server more efficient, reliable, and secure, and ensure that your applications remain

available even when a worker process serving an application pool is recycled because of a faulty application. Configuring Application Pools in IIS 6.0 (IIS 6.0) Note: This feature of IIS 6.0 is available only when running in worker process isolation mode. An application pool is a configuration that links one or more applications to a set of one or more worker processes. Because applications in an application pool are separated from other applications by worker process boundaries, an application in one application pool is not affected by problems caused by applications in other application pools. By creating new application pools and assigning Web sites and applications to them, you can make your server more efficient and reliable, as well as making your other applications always available, even when the worker process serving the new application pool has problems. Guidelines for Creating Application Pools the same computer, create an individual application pool for each Web site. application pool. Use an account with the least user rights possible, such as Network Service in the IIS_WPG group. n on the same server with the production version of the application, separate the two versions into different application pools. This isolates the test version of the application. set of properties, create a unique application pool for that application. Note: You must be a member of the Administrators group on the local computer to perform the following procedure or procedures. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run IIS Manager as an administrator. At a command prompt, type runas /user:Administrative_AccountName "mmc %systemroot%\system32\inetsrv\iis.msc". Steps to create a new Application Pool: 1. In IIS Manager, expand the local computer, right-click Application Pools, point to New, and then click Application Pool. 2. In the Application pool name box, type the name of the new application pool. 3. If the ID that appears in Application pool ID box is not the ID that you want, type a new ID. 4. Under Application pool settings, click the appropriate setting. If you click Use existing application pool as template, in Application pool name box, right-click the application pool that you want to use as a template. 5. Click OK. Application pools allow you to apply configuration settings to groups of applications and the worker processes that service those applications. Any Web site, Web directory, or virtual directory can be assigned to an application pool. Assigning an application to an application pool: IIS Manager, right-click the application that you want to assign to an application pool, and then click Properties. Virtual Directory, Directory, or Home Directory tab.

e is filled in. If the Applicationname box is not filled in, click Create, and then type a name. Application pool list box, click the name of the application pool to which you want to assign the Web site. About Configuring Servers for Applications (IIS 6.0) Internet Information Services (IIS) 6.0 delivers Web hosting services through an adjustable architecture that you can use to manage server resources with improved stability, efficiency, and performance. IIS separates applications into isolated pools and automatically detects memory leaks, defective processes, and over-utilized resources. When problems occur, IIS manages them by shutting down and redeploying faulty resources and connecting faulty processes to analytical tools. IIS can run in either of two mutually exclusive modes of operation: of the World Wide Web Publishing Service (WWW service) from the effects of errant applications, and it protects applications from each other by using the worker process component. Use worker process isolation mode unless you have a specific compatibility issue that makes the use of IIS 5.0 isolation mode necessary. Web sites that serve static content or simple ASP applications should be able to move to IIS 6.0 running in worker process isolation mode with little or no modification.

IIS 5.0 isolation mode. With this mode, you can run applications that are incompatible with worker process isolation mode because they were developed for earlier versions of IIS. Applications that run correctly on IIS 5.0 should run correctly on IIS 6.0 in IIS 5.0 isolation mode. Worker process isolation mode provides better default security for running Web applications than IIS 5.0 isolation mode. By default, worker processes run with the Network Service identity. The Network Service account has lower access rights than the default account for IIS 5.0 isolation mode. Web applications that run in-process in IIS 5.0 application mode run as LocalSystem. The LocalSystem account can read, execute, and change most of the resources on the computer. The default isolation mode upon installing IIS 6.0 depends on whether you perform a clean installation or an upgrade. ode is the same as configured on the previously-installed version of IIS 6.0. maintain compatibility with your existing applications. Worker Process Isolation Mode IIS 6.0 introduces worker process isolation mode, which runs all Web applications in an isolated environment. When you run IIS in worker process isolation mode, applications can be configured to run in separate application pools. Each application pool is a logical representation of a configurable worker process and links to the applications in the pool. Worker processes operate independently of each other; they can fail without affecting other worker processes. The pooling of applications protects applications from the effects of worker processes that support other application pools. In this way, applications are protected from each other.

In worker process isolation mode, Hypertext Transfer Protocol (HTTP) requests are routed directly to an in-kernel application pool queue serving the configured application. Worker processes that serve an application pool pull the requests directly from the queue, avoiding process-switching overhead. To further protect your WWW service, IIS 6.0 isolates critical World Wide Web Publishing Service (WWW service) components, such as the HTTP protocol stack (HTTP.sys) and WWW Service Administration and Monitoring, from the effects of third-party code running in worker processes. HTTP.sys receives and queues requests for WWW services. When a worker process enters an unhealthy state, and thus stops processing requests, HTTP.sys continues to process requests. Meanwhile, the WWW service detects that the worker process is unhealthy and shuts it down. If there is demand for a new worker process to serve requests (HTTP.sys has requests queued), the WWW service starts a new worker process to pick up the queued requests from HTTP.sys. Even though a worker process has failed, the WWW service continues to process requests and shields the user from experiencing a loss of service. IIS 6.0 worker process isolation mode delivers the following specific improvements over earlier versions of IIS: Robust Performance Isolation prevents Web applications and Web sites from affecting each other or the WWW service. Reboots of the operating system and restarting of the WWW service are avoided. Self - Healing Automated management provides auto-restart of failed worker processes and periodic restart of deteriorating worker processes. Scalability Web gardens allow more than one worker process to serve the same application pool. Process Affinity enables the connection of worker processes to specific processors on multiCPU servers.

Automated Debugging The debugging feature enables the automatic assignment of failing worker processes to debugging tools. CPU Limiting This monitoring feature enables controlling the amount of CPU resources that an application pool consumes in a configured amount of time.

Deploying Your ASP.NET Applications

Deploying ASP.NET Applications in IIS 6.0 (IIS 6.0)

Microsoft Windows Server 2003 includes support for ASP.NET applications and the Microsoft .NET Framework version 1.1 with the operating system installation. This chapter describes how to deploy ASP.NET applications on a newly installed server running Internet Information Services (IIS) 6.0. Version 1.1 of the .NET Framework is installed with Windows Server 2003. Most ASP.NET applications run without modification on version 1.1 of the .NET Framework. Overview of Deployment process using IIS 6.0 ASP.NET is a unified Web application platform that provides services to help you build and deploy enterprise-class Web applications and XML-based Web services. ASP.NET is supported

on the Microsoft Windows Server 2003, Standard Edition; Windows Server2003, Enterprise Edition; Windows Server2003, Datacenter Edition; and Windows Server2003, Web Edition operating systems. ASP.NET is installed with the Microsoft .NET Framework version 1.1 as a part of Windows Server 2003. However, to run ASP.NET applications, you must also install IIS 6.0. ASP.NET is not available on the following operating systems: Microsoft Windows XP 64-Bit Edition; the 64-bit version of Windows Server 2003, Enterprise Edition; and the 64-bit version of Windows Server 2003, Datacenter Edition. The deployment process presented in this section describes how to deploy ASP.NET applications on a newly installed IIS 6.0 Web server. Before you begin this process, complete the following steps: ork, with the default options. Add or Remove Programs in Control Panel. When you configure IIS 6.0 to run in IIS 5.0 isolation mode, the settings in the <processModel> section of the Machine.config file are configured in the same way as they were in IIS 5.0 in the Machine.config or Web.config files. Upon completing the process described in this section, you will have a Web server running IIS 6.0 and hosting your ASP.NET applications. However, you can further configure the Web server to improve the security and availability of your ASP.NET applications. Deployment Process using IIS 6.0 The process for deploying new ASP.NET applications on a newly installed Web server requires no understanding of earlier versions of IIS or the .NET Framework. All the ASP.NET configuration sections in the Machine.config and Web.config files are configured the same way in IIS 6.0, except for the <processModel> section of the Machine.config file. When IIS 6.0 is configured to run in worker process isolation mode, some of the attributes in the <processModel> section of the Machine.config file are now in equivalent IIS 6.0 metabase properties. In addition, if your ASP.NET applications need to retain session state, you must configure IIS 6.0 to use the appropriate ASP.NET application session state method. Depending on the method you select, you might need to configure the ASP.NET state service or Microsoft SQL Server to act as the repository for centralized state storage. The process for deploying ASP.NET applications in IIS 6.0 is shown in Figure

Deploying ASP.NET Applications in IIS 6.0

Note: Before deploying your ASP.NET applications on a production server, perform the process outlined in this section on a test server that is configured identically to your production server. Deploy the Web Server 1. Install Windows Server 2003. 2. Install and configure IIS 6.0. 3. Enable ASP.NET in the Web service extensions list. Install ASP.NET Applications 1. Create Web sites and virtual directories for each ASP.NET application by doing the following: e virtual directories. 2. Copy ASP.NET application content to the Web server. 3. Enable common storage for ASP.NET session state by completing the following steps: Step-1: Select the method for maintaining and storing ASP.NET session state. Step - 2: If you have decided to maintain session state with the ASP.NET state service, configure out-of-process session state with the ASP.NET state service. Step - 3: If you have decided to maintain session state with SQL Server, configure out-ofprocess session state with SQL Server. Step - 4: Configure encryption and validation keys. Step - 5: Configure ASP.NET to use the appropriate session state. Step - 6: Secure the ASP.NET session state connection string. Complete the ASP.NET Application Deployment

Deploying the Web Server (IIS 6.0) You must install the Web server before you can install your ASP.NET applications. In addition to installing Windows Server 2003, you must install and configure IIS 6.0 on the Web server. You must also enable ASP.NET so that the Web server can run ASP.NET applications. below illustrates the process for deploying the Web server.

Deploying the Web Server

Installing Windows Server 2003 (IIS 6.0) The deployment process presented here assumes that you install Windows Server 2003 with the default options. If you use other methods for installing and configuring Windows Server 2003, such as unattended setup, your configuration settings might be different. Note: When you complete the installation of Windows Server 2003, Manage Your Server automatically starts. The deployment process assumes that you quit Manage Your Server, and then further configure the Web server in Add or Remove Programsin Control Panel. Installing and Configuring IIS 6.0 (IIS 6.0) Because IIS 6.0 is not installed during the default installation of Windows Server 2003, the next step in deploying the Web server is to install and configure IIS 6.0. The deployment process presented here assumes that you install IIS 6.0 with the default options in Add or Remove Programs in Control Panel. If you use other methods for installing and configuring Windows Server 2003, such as Manage Your Server, the default configuration settings might be different. Install and configure IIS 6.0 by completing the following steps: Step 1: Install IIS 6.0 with only the essential components and services. As with installing Windows Server 2003, the primary concern when installing and configuring IIS 6.0 is to ensure that the security of the Web server is maintained. Enabling unnecessary components and services increases the attack surface of the Web server. You can help ensure that the Web server is secure by enabling only the essential components and services in IIS 6.0. Step 2: If you want to manage the Web site content by using Microsoft FrontPage, install FrontPage 2002 Server Extensions from Microsoft on the Web server. Enabling ASP.NET in the Web Service Extensions List (IIS 6.0) After you install IIS 6.0, you need to enable ASP.NET. You can enable ASP.NET in Add or Remove Windows Components, which is accessible from Add or Remove Programs in Control Panel. When you enable ASP.NET by using this method, ASP.NET is also enabled in the Web service extensions list. If you enabled ASP.NET in this way, then you can continue to the next step in the deployment process. ASP.NET is not Enabled ASP.NET might not be enabled in the Web service extensions list if either of the following is true: Web download or as part of an application such as the Microsoft Visual Studio .NET development tool. ASP.NET applications on an existing Web server. If ASP.NET is not already enabled, view the Web service extensions list in IIS Manager and configure the status of the ASP.NET v1.1.4322 Web service extension to Allowed. Installing ASP.NET Applications (IIS 6.0) After the Web server is deployed, you can install your ASP.NET applications. First, you must create a Web site and virtual directories for each ASP.NET application. Then you need to install each ASP.NET application in the corresponding Web site and virtual directory. When there are provisioning or setup scripts for your ASP.NET applications, use these scripts to install the ASP.NET applications on the Web server. Because the provisioning and setup scripts create the Web sites and virtual directories while installing ASP.NET applications, you do not need to perform any manual steps to install the ASP.NET applications. In this case, run the provisioning or setup scripts to install and configure the Web sites and applications, and then continue to the next step in the

application deployment process. Figure 9.4 below illustrates the process for installing your ASP.NET applications.

Installation Process for ASP.NET Applications

Creating Web Sites and Virtual Directories for each ASP.NET Application (IIS 6.0) For each ASP.NET application, you must create a virtual directory in a new or existing Web site. Later in the installation process, you will install your ASP.NET applications into their corresponding Web sites and virtual directories. Create the Web sites and virtual directories for your ASP.NET applications by completing the following steps: tories.

Creating Web Sites and Home Directories Using IIS 6.0 Each Web site must have one home directory. The home directory is the central location for your published Web pages. It contains a home page or index file that serves as a portal to other pages in your Web site. The home directory is mapped to the domain name of the Web site or to the name of the Web server. Create a Web site and home directory for an ASP.NET application by completing the following steps: Step 1: Create the folder that will be the home directory for the Web site on the Web server. The folder that is the home directory of the Web site contains all of the content and subdirectories for the Web site. The folder can be created on the same computer as the Web server or on a Universal Naming Convention (UNC)shared folder on a separate server. At a minimum, create the folder on the following: volume, which reduces the potential of an attack on a Web site bringing down the entire Web server and improves performance. URL. As a security measure, ASP.NET returns a 404 error for all requests containing /bin in the requested URL. Step 2: Create the Web site on the server.

Step 3: If the Web site is FrontPage extended, then configure the Web site on the Web server to be FrontPage extended. Creating Virtual Directories (IIS 6.0) A virtual directory is a folder name, used in an address, which corresponds to a physical directory on the Web server or a Universal Naming Convention (UNC) location. This is also sometimes referred to as URL mapping. Virtual directories are used to publish Web content from any folder that is not contained in the home directory of the Web site. When clients access content in a virtual directory, the content appears to be in a subdirectory of the home directory, even though it is not. For security reasons, you might want to move the Web site content to a different disk volume during the application deployment process. You can move the content to another disk volume on the Web server or to a shared folder on a separate server. You can use virtual directories to specify the UNC name for the location where the content is placed, and provide a user name and password for access rights. For each virtual directory required by the ASP.NET application, create a corresponding virtual directory on the Web server by completing the following steps: Create the folder on the Web server to contain the virtual directory content. 1. Ensure that you create the folder in a secure manner that does not compromise the security of the Web server. 2. Create the virtual directory under the appropriate Web site on the server. Copying ASP.NET Application Content (IIS 6.0) When no installation program or provisioning scripts exist for your ASP.NET application, you can copy the content of the ASP.NET application to the corresponding Web site and virtual directories that you created on the Web server. You can copy the ASP.NET application content to the Web server by using one of the following methods: Xcopy command to copy ASP.NET application content to the Web server on an intranet or internal network. an intranet or internal network. Copy Project command in Visual Studio .NET to copy ASP.NET application content to the Web server on an intranet or internal network, if the application has been developed by using Visual Studio .NET. Note: FrontPage Server Extensions must be installed on the Web server to use the Copy Project command. Publish Web command in FrontPage to copy ASP.NET application content to the Web server on an intranet or over the Internet, if the Web site that contains the application has been developed using FrontPage. Enabling Common Storage for ASP.NET Session State (IIS 6.0) ASP.NET session state lets you share client session data across all of the Web servers in a Web farm or across different worker processes or worker process instances on a single Web server. Clients can access different servers in the Web farm across multiple requests and still have full access to session data. You can enable common storage for ASP.NET session state by performing the following steps:

1. Select the method for maintaining and storing ASP.NET session state. 2. If you have decided to maintain session state with the ASP.NET state service, configure outof-process session state with the ASP.NET state service.

3. If you have decided to maintain session state with SQL Server, configure out-of-process session state with SQL Server. 4. Configure the encryption and validation keys. 5. Configure ASP.NET to use the session state method that you selected in Step 1. 6. Secure the ASP.NET session state connection string in the registry