Security, Certifications, Custom Controls and Session State

ASP.NET Security?

I am building a ASP.NET application. I want to understand which areas of the solutions would needs security and how can we accomplish this with inbuilt security features in ASP.NET.

ASP.Net provides a number of ways of securing applications as part of its inbuilt membership and personalisation system. These allow you to restrict access to pages & folders in the application to certain users or roles.

You really just have a choice between Forms or Windows authentication. Forms authentication is best used for internet application and Windows for intranets.  Forms authentication allows you to create your own roles & users, then store them in a security database. Windows authentication borrows the existing Windows accounts.

To configure ASP.Net security.
1.    Edit the < authentication> & <authorization> elements in the web.config file
2.    Create the login pages with the inbuilt login server control
3.    For Forms authentication install the ASP.Net security database – aspnetdb

Take a look at Lab 4 in our tutorial on web development with ASP.Net in C#.

Hope this helps.

Do Microsoft Certifications really matters to show your proficiency in .Net/C# technologies?
If so, what are those certifications and their value in market?
How to get training, materials and certified?

Certifications definitely can demonstrate your proficiency. The exams require that you get to know the technologies in depth. They will force you to learn topics you normally would not focus on.

There is a wide and sometimes confusing range of certifications.

You could start with a MTA– Microsoft Technical Associate, say in Visual Studio. Then upgrade the to a MCSD– Microsoft Certified Solution Developer.

Including certifications on your CV or mentioning them at an interview will give you an advantage. Employers take this, combined with your job experience, as concrete evidence of your skill.

You can study by yourself using books or elearning. Or attend a course at a training centre. Microsoft have there own official courses that prepare you for an exam.

You can also do practice exams to prepare. These have questions similar to a real exam. Practice exams can really help you get ready for the real thing.

TalkIT deliver courses in the UK that prepare you for exams. There are also online tutorials on this website. You can you use these to learn coding at beginner to intermediate level. We provide courses in C#, C++, Java, Python, HTML5 and ASP.Net MVC. The courses include video instructions, model application downloads and code snippets. They make it easy to learn to code to a professional level.

To find out more about using TalkIT’s e-learning courses to prepare for exams see our FAQs.

Hope this helps.

How to create the custom control in C# windows form…

There are three methods of creating a Windows custom control. Choosing a method depends on how specialized you want your control to be.

Inherit from an existing control. For example, create a TextBox that only displays 0s and 1s. The custom control will inherit all the functionality of existing control’s class – that is the TextBox class. You can then add the functionality you require.

Create a composite control. For example, a control with buttons to Add, Update, Insert or Delete, to be used on a maintenance form. The composite control will inherit from the UserControl class. This UserControl class contains the base functionality for a control.

To build a composite control first create a new Windows Control Library project in Visual Studio.

Build a control from scratch. Use this approach if you want your control to be completely customised. Your control inherits from the Control class. This Control class contains only the core functionality for a control. You add the rest. You can use the graphics classes in GDI+ to draw the surface of the control.

Take a look at our tutorial on Windows Forms in C#. Labs 1 & 2 cover custom controls.

Hope this helps.

Can we store a dataset in session state using the outproc model?

You can store a dataset, or any valid .NET Framework type, in session state. It is as simple as:

Session[“Customers”] = myDataset

There are two ways to configure out of process session state:

  1. State Server – Store data on another server
  2. SQL Server – Store data on a database server

To set this up, modify the Session State element in the web.config file:


Storing session data out of process is more robust. If the web server fails or is restarted, the data is not lost. Also the web server’s memory is not consumed. The application’s performance may suffer as data is accessed from a remote server.

ASP.Net provides a number of ways of managing state. Holding a dataset in a in session state may not be the best method. Have you looked at application state or ViewState? How about storing only a data table & not a the whole dataset?

Take a look at our tutorial on web development with ASP.Net in C#.

Hope this helps.

Web App vs Windows App

At my company even though we have a few windows applications, all of our new development has to be web applications. Is this the prevailing directon in other companies?

As a Microsoft trainer and consultant my clients more often request that I work with Web Apps. In most cases companies are using Web Forms but more people are moving to MVC.

The decision to use web applications is partly I think the due to the web being more trendy. And partly due to sound design decisions. Web apps provide more reach across the internet or intranets. They avoid the installations issues of windows applications.

Developing web applications involves embracing a different programming paradigm. This introduces new issues like managing state and Postbacks to the server. Web technologies are evolving fast e.g. MVC, AJAX, Silverlight, JQuery.

I hope this helps.

Take a look at our tutorials on web and windows development with ASP.Net in C#.

Scroll to Top
Share via
Copy link