FAQ'S ON DOT NET FRAME WORK PART NINE

1• What is the difference between XML Web Services using ASMX and .NET Remoting using SOAP?

ASP.NET Web services and .NET Remoting provide a full suite of design options for cross-process and cross-plaform communication in distributed applications. In general, ASP.NET Web services provide the highest levels of interoperability with full support for WSDL and SOAP over HTTP, while .NET Remoting is designed for common language runtime type-system fidelity and supports additional data format and communication channels. Hence if we looking cross-platform communication than web services is the choice coz for .NET remoting .Net framework is requried which may or may not present for the other platform.

Serialization and Metadata

ASP.NET Web services rely on the System.Xml.Serialization.XmlSerializer class to marshal data to and from SOAP messages at runtime. For metadata, they generate WSDL and XSD definitions that describe what their messages contain. The reliance on pure WSDL and XSD makes ASP.NET Web services metadata portable; it expresses data structures in a way that other Web service toolkits on different platforms and with different programming models can understand. In some cases, this imposes constraints on the types you can expose from a Web service—XmlSerializer will only marshal things that can be expressed in XSD. Specifically, XmlSerializer will not marshal object graphs and it has limited support for container types.

.NET Remoting relies on the pluggable implementations of the IFormatter interface used by the System.Runtime.Serialization engine to marshal data to and from messages. There are two standard formatters.

1. System.Runtime.Serialization.Formatters.Binary.BinaryFormatter and
2. System.Runtime.Serialization.Formatters.Soap.SoapFormatter.

The BinaryFormatter and SoapFormatter, as the names suggest, marshal types in binary and SOAP format respectively. For metadata, .NET Remoting relies on the common language runtime assemblies, which contain all the relevant information about the data types they implement, and expose it via reflection. The reliance on the assemblies for metadata makes it easy to preserve the full runtime type-system fidelity. As a result, when the .NET Remoting plumbing marshals data, it includes all of a class's public and private members; handles object graphs correctly; and supports all container types (e.g., System.Collections.Hashtable).

However, the reliance on runtime metadata also limits the reach of a .NET Remoting system—a client has to understand .NET constructs in order to communicate with a .NET Remoting endpoint. In addition to pluggable formatters, the .NET Remoting layer supports pluggable channels, which abstract away the details of how messages are sent. There are two standard channels, one for raw TCP and one for HTTP. Messages can be sent over either channel independent of format.

Distributed Application Design: ASP.NET Web Services vs. .NET Remoting

ASP.NET Web services favor the XML Schema type system, and provide a simple programming model with broad cross-platform reach. .NET Remoting favors the runtime type system, and provides a more complex programming model with much more limited reach. This essential difference is the primary factor in determining which technology to use. However, there are a wide range of other design factors, including transport protocols, host processes, security, performance, state management, and support for transactions to consider as well.

Security

Since ASP.NET Web services rely on HTTP, they integrate with the standard Internet security infrastructure. ASP.NET leverages the security features available with IIS to provide strong support for standard HTTP authentication schemes including Basic, Digest, digital certificates, and even Microsoft® .NET Passport.

(You can also use Windows Integrated authentication, but only for clients in a trusted domain.) One advantage of using the available HTTP authentication schemes is that no code change is required in a Web service; IIS performs authentication before the ASP.NET Web services are called. ASP.NET also provides support for .NET Passport-based authentication and other custom authentication schemes. ASP.NET supports access control based on target URLs, and by integrating with the .NET code access security (CAS) infrastructure. SSL can be used to ensure private communication over the wire.

Although these standard transport-level techniques to secure Web services are quite effective, they only go so far. In complex scenarios involving multiple Web services in different trust domains, you have to build custom ad hoc solutions. Microsoft and others are working on a set of security specifications that build on the extensibility of SOAP messages to offer message-level security capabilities. One of these is the XML Web Services Security Language (WS-Security), which defines a framework for message-level credential transfer, message integrity, and message confidentiality.

As noted in the previous section, the .NET Remoting plumbing does not secure cross-process invocations in the general case. A .NET Remoting endpoint hosted in IIS with ASP.NET can leverage all the same security features available to ASP.NET Web services, including support for secure communication over the wire using SSL. If you are using the TCP channel or the HTTP channel hosted in processes other than aspnet_wp.exe, you have to implement authentication, authorization and privacy mechanisms yourself.

One additional security concern is the ability to execute code from a semi-trusted environment without having to change the default security policy. ASP.NET Web Services client proxies work in these environments, but .NET Remoting proxies do not. In order to use a .NET Remoting proxy from a semi-trusted environment, you need a special serialization permission that is not given to code loaded from your intranet or the Internet by default.

If you want to use a .NET Remoting client from within a semi-trusted environment, you have to alter the default security policy for code loaded from those zones. In situations where you are connecting to systems from clients running in a sandbox—like a downloaded Windows Forms application, for instance—ASP.NET Web Services are a simpler choice because security policy changes are not required.

2. What is the difference between early-binding and late-binding?

Early binding – Binding at Compile Time
Late Binding – Binding at Run Time

Early binding implies that the class of the called object is known at compile-time; late-binding implies that the class is not known until run-time, such as a call through an interface or via Reflection.

Early binding is the preferred method. It is the best performer because your application binds directly to the address of the function being called and there is no extra overhead in doing a run-time lookup. In terms of overall execution speed, it is at least twice as fast as late binding.

Early binding also provides type safety. When you have a reference set to the component's type library, Visual Basic provides IntelliSense support to help you code each function correctly. Visual Basic also warns you if the data type of a parameter or return value is incorrect, saving a lot of time when writing and debugging code.
Late binding is still useful in situations where the exact interface of an object is not known at design-time.

If your application seeks to talk with multiple unknown servers or needs to invoke functions by name (using the Visual Basic 6.0 CallByName function for example) then you need to use late binding. Late binding is also useful to work around compatibility problems between multiple versions of a component that has improperly modified or adapted its interface between versions.

3• What is an Assembly Qualified Name? Is it a filename? How is it different?

An assembly qualified name isn't the filename of the assembly; it's the internal name of the assembly combined with the assembly version, culture, and public key, thus making it unique.

e.g. (""System.Xml.XmlDocument, System.Xml, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"")

• How is a strongly-named assembly different from one that isn’t strongly-named?

Strong names are used to enable the stricter naming requirements associated with shared assemblies. These strong names are created by a .NET utility – sn.exe
Strong names have three goals:

• Name uniqueness. Shared assemblies must have names that are globally unique.

• Prevent name spoofing. Developers don't want someone else releasing a subsequent version of one of your assemblies and falsely claim it came from you, either by accident or intentionally.

• Provide identity on reference. When resolving a reference to an assembly, strong names are used to guarantee the assembly that is loaded came from the expected publisher.

Strong names are implemented using standard public key cryptography. In general, the process works as follows: The author of an assembly generates a key pair (or uses an existing one), signs the file containing the manifest with the private key, and makes the public key available to callers. When references are made to the assembly, the caller records the public key corresponding to the private key used to generate the strong name.

Weak named assemblies are not suitable to be added in GAC and shared. It is essential for an assembly to be strong named.

Strong naming prevents tampering and enables assemblies to be placed in the GAC alongside other assemblies of the same name.

4• How does the generational garbage collector in the .NET CLR manage object lifetime? What is non-deterministic finalization?

The hugely simplistic version is that every time it garbage-collects, it starts by assuming everything to be garbage, then goes through and builds a list of everything reachable. Those become not-garbage, everything else doesn't, and gets thrown away. What makes it generational is that every time an object goes through this process and survives, it is noted as being a member of an older generation (up to 2, right now). When the garbage-collector is trying to free memory, it starts with the lowest generation (0) and only works up to higher ones if it can't free up enough space, on the grounds that shorter-lived objects are more likely to have been freed than longer-lived ones.

Non-deterministic finalization implies that the destructor (if any) of an object will not necessarily be run (nor its memory cleaned up, but that's a relatively minor issue) immediately upon its going out of scope. Instead, it will wait until first the garbage collector gets around to finding it, and then the finalisation queue empties down to it; and if the process ends before this happens, it may not be finalised at all. (Although the operating system will usually clean up any process-external resources left open - note the usually there, especially as the exceptions tend to hurt a lot.)

5• What is the difference between Finalize() and Dispose()?

Dispose() is called by the user of an object to indicate that he is finished with it, enabling that object to release any unmanaged resources it holds. Finalize() is called by the run-time to allow an object which has not had Dispose() called on it to do the same. However, Dispose() operates determinalistically, whereas there is no guarantee that Finalize() will be called immediately when an object goes out of scope - or indeed at all, if the program ends before that object is GCed - and as such Dispose() is generally preferred.

6• How is the using() pattern useful? What is IDisposable? How does it support deterministic finalization?

The using() pattern is useful because it ensures that Dispose() will always be called when a disposable object (defined as one that implements IDisposable, and thus the Dispose() method) goes out of scope, even if it does so by an exception being thrown, and thus that resources are always released.

7• What does this useful command line do? tasklist /m "mscor*"

Lists all the applications and associated tasks/process currently running on the system with a module whose name begins "mscor" loaded into them; which in nearly all cases means "all the .NET processes".

RELATED POST

ASP.NET INTERVIEW QUESTIONS AND ANSWERS PART ONE

ASP.NET INTERVIEW QUESTIONS AND ANSWERS PART TWO

ASP.NET INTERVIEW QUESTIONS AND ANSWERS PART THREE

ASP.NET INTERVIEW QUESTIONS AND ANSWERS PART FOUR

ASP.NET INTERVIEW QUESTIONS AND ANSWERS PART FIVE

ADO.NET INTERVIEW QUESTIONS AND ANSWERS PART ONE

ADO.NET INTERVIEW QUESTIONS AND ANSWERS PART TWO

You can also learn the concept of frame work concept in detail with questions and answers in the following place.

MICROSOFT DOT NET FRAME WORK QUESTIONS AND ANSWERS PART ONE

MICROSOFT DOT NET FRAME WORK QUESTIONS AND ANSWERS PART TWO

MICROSOFT DOT NET FRAME WORK QUESTIONS AND ANSWERS PART THREE

MICROSOFT DOT NET FRAME WORK QUESTIONS AND ANSWERS PART FOUR

MICROSOFT DOT NET FRAME WORK QUESTIONS AND ANSWERS PART FIVE

MICROSOFT DOT NET FRAME WORK QUESTIONS AND ANSWERS PART SIX

MICROSOFT DOT NET FRAME WORK QUESTIONS AND ANSWERS PART SEVEN

MICROSOFT DOT NET FRAME WORK QUESTIONS AND ANSWERS PART EIGHT

MICROSOFT DOT NET FRAME WORK QUESTIONS AND ANSWERS PART NINE

MICROSOFT DOT NET FRAME WORK QUESTIONS AND ANSWERS PART TEN

No comments:

Post a Comment