Chapter 17. The Asp.Net Application Environment

Topics in This Chapter

• HTTP Request and Response Objects: These ASP.NET classes correspond closely to the HTTP request and response specifications, and expose information about a request or response through class properties.

• Configuration Files: Configuration files provide an easy way to specify the behavior and performance of a Web application. Focus is on the web.config file.

• ASP.NET Security: Forms Authentication is a platform-neutral technique that can be used to control who can access a Web page. An example demonstrates the use of Forms Authentication to manage authentication and authorization.

• State Management: Both the Application and Session classes can be used to maintain information during a Web session or during the life of a Web application.

• Caching: Data caching and output caching can be used to improve Web application performance.

• Accessing Web Resources: The WebRequest and WebResponse classes provide a simple way to request and process Web pages for the purpose of extracting page content.

• HTTP Pipeline: The HTTP pipeline is the combination of events, HTTP modules, and HTTP handlers that affect how requests and responses are handled as they pass between a client and server.

Chapter 16, "ASP.NET Web Forms and Controls," dealt with the most visible aspect of ASP.NET—the Web page. It described a Web application in terms of the controls, HTML, and compilable C# code that comprise it. Much of the emphasis was on how to construct the interface presented to a client. This chapter shifts the focus to the underlying details of ASP.NET support for the Hypertext Transfer Protocol (HTTP), which defines how Web requests and responses are transported between client and host.

You'll find that a discussion of the ASP.NET environment is heavily tilted toward those issues that fall under the responsibility of the Web server—as opposed to a Web client. This is only natural because one of the purposes of ASP.NET is to enable developers and architects to manage the difficult side of Web performance, while allowing Web clients to remain blissfully thin and unaffected.

The chapter begins with a little background information on the structure of a response and request—as defined by the HTTP standard. It shows how the HttpRequest and HttpResponse objects serve as proxies that expose and extend the information you'll find in the standard HTTP message structure. Next, the role of configuration files is discussed—a significant role that allows XML elements to be used to manage the behavior and performance of Web applications at an application, domain, and machine level. Controlling who can gain access to a Web page or resource is the next topic. Included is an overview of the .NET options for user authentication and authorization, as well as a detailed example of forms authentication.

One of the challenges of designing a Web application is determining how to maintain and manage state information. A discussion of how to persist data between Web requests includes examples of using both Session and Application objects to store information. ASP.NET also offers data and output caching as a way to store state information or to buffer frequently used data or Web pages. When used correctly, caching can greatly improve Web performance. Its advantages and disadvantages are considered.

The client side is not totally abandoned. The penultimate section demonstrates how to access Web resources using the WebRequest and WebResponse classes. An example uses an HttpWebRequest object to retrieve a Web page and glean information about the server.

The final section discusses the HTTP pipeline—a metaphor for the series of internal events that occur along the roundtrip journey that a request and response travel.