If you’ve done Web development using IIS, you’ve probably worked with the predecessor to ASP.NET—namely, Active Server Pages (ASP). Like ASP, ASP.NET provides a means to program Web pages on an IIS server (rather than in the browser or on the client). But ASP had a number of limitations—for example, it was constructed with interpreted code and didn’t scale well—so when the Web development group began designing an update to ASP, they started from scratch.
The result, ASP.NET, isn’t just an evolution of ASP; it’s effectively an entirely new technology that improves on its predecessor in many ways, both small and large. The major features of ASP.NET are listed in the following subsections, with notes about why these features are important in making you a more effective Web developer and, for those familiar with ASP, a few notes about how these features are enhancements.
An ASP page is an HTML page in which you embed your server-side code using special delimiters (<% %>). The result, while functional, is somewhat messy, and sophisticated pages could involve extremely complex combinations of code and HTML. ASP.NET offers a much cleaner model in which the user interface—the page’s static HTML text and its controls—is completely separate from the page’s logic. Developing a Web Forms page is now much more like developing a form in Visual Basic or Visual C++, especially if you’re working in Microsoft Visual Studio .NET. The result is a dramatic improvement in ease of programming and maintainability.
When a user requests a Web Forms page as part of your application, the page runs as compiled code. In ASP, code is in Microsoft VBScript or Microsoft JScript, which both run as interpreted languages. The result of compiling is that your Web Forms pages are much more reliable code because compile-time errors are caught and type checking is enforced. In most cases, compiled pages also perform better.
You can write the code for Web Forms pages in any common language runtime language you want. In this chapter, we’ll concentrate on writing pages in C#, but if you work in an environment where different programmers have reasons to use different languages, that’s no impediment to creating Web Forms. In fact, different components of your Web application can be written in different languages, but because they all share the same runtime environment, they interoperate perfectly.
In any Web application, the client (the browser) and the server are almost completely separate and they communicate only the most rudimentary information back and forth. The server sends an HTML stream to the browser; the browser sends information back to the server when the user submits a form. Traditional Web programming is very linear: receive a request and construct an output stream, top to bottom, to send back to the browser. Compared to programming in the extremely rich message and event model of something like Windows, programming Web applications seems primitive. However, with ASP.NET, the page architecture of Web Forms emulates true events, so you can, in effect, create event handlers for a button click, a selection in a list box, and so on. This model brings the productivity of a tool such as Visual Basic to Web programming.
Web pages have traditionally had notoriously simplistic object models. Basically, on the server, you could read only the values of controls. By controlling the output stream, you could insert text or controls as needed. ASP.NET changes all that. A Web Forms page, all its controls, and related objects are full-featured .NET classes, and you can program them as you would any other .NET classes. The Web Forms classes also incorporate much of the base functionality of a Web page that you would otherwise have to tediously code by hand, such as reading and writing HTTP responses, maintaining control state during trips between the client and the server, and so on. The result is a supremely rich object model that allows you to manipulate objects for Web applications with the same sophistication you would use for Windows Forms or other components.
In contrast to ASP, which doesn’t scale easily, ASP.NET was specifically designed to allow you to create applications that would run as effectively on a small intranet as on a large commercial site. These features include compiled pages, a caching system for pages already served, and inherent support for multiple-processor machines and multiple-machine Web farms.
ASP.NET provides two types of security. One is the authentication/authorization security that identifies users and grants them permission to use application resources. ASP.NET can rely on IIS, or you can implement your own such security, including interfacing with Microsoft .NET Passport and other models. As a part of the .NET Framework, ASP.NET also provides you with code-level security that allows you to control the context in which code runs.
To help you iron out problems in developing your Web Forms pages, you can specify trace features that allow you to follow the flow as a page is constructed and rendered and to insert custom trace messages for your own code. In addition, if you’re using Visual Studio, you can use the standard debugger when developing your Web Forms pages to set breakpoints, watch variables, and so on.