This post is Part 3 in a series of ASP.NET Interview Questions with detailed answers including necessary code examples. Previous parts of this ASP.NET tutorial series are as follows:
Here in this post, we will cover ASP.NET Interview Questions related to Security, Cache management, etc.
What is Caching and What Are the Benefits of Using It?
Performance has always been a concern for web based applications. So, Caching is a mechanism that improves performance for an application by storing data in memory for fast access. When the application will access data from Cache (i.e. in-memory) instead of fetching it from original data store (maybe a database), it will definitely improve performance.
But Caching benefits are not limited to performance only, it also improves application Scalability as well as Availability.
- Load on server is reduced when data is fetched from Cache instead of original source, thus improving scalability of an application.
- Caching normally keeps serving application data even if the original source is temporarily down, thus improving availability of an application.
Cache Management in ASP.NET?
ASP.NET provided support for Cache Management in almost all versions. In .NET Framework 3.5 and older, the support for caching was provided through classes available in
System.Web.Caching. But this support was limited to
System.Web meaning for ASP.NET Web Applications only. Now, with .NET Framework 4.0 and later, this support is enhanced to non-Web Applications also by providing APIs in
ASP.NET supports three types of Caching:
- Page Output Caching
- Partial Page Caching
- Data Caching
Page Output Cache Vs Partial Page Cache Vs Application Data Cache in ASP.NET?
Page Output Cache
In case of Page Output Cache, the output of a complete web page is stored in a cache. So, when that web page is accessed again, it will be loaded from cache instead of fetching page data again from data source.
Partial Page Cache
For Partial Page Cache (also known as Page Fragment Cache), a part or fragment of a web page is stored in Cache as opposed to complete page caching for Page Output Cache. For example, caching a user control on a web page that displays product categories using Page Fragment Cache.
In some scenarios, we may store frequently used objects into cache using ASP.NET Cache API. So, later on, that object will be loaded from cache instead of instantiating object again and fetching data from original source for it.
How to Use Page Output Cache in ASP.NET?
Implementing Page Output Cache in ASP.NET is simple. For Page Output Caching,
@ OutputCache directive is used on an ASP.NET page as follows:
<%@ OutputCache Duration="50" VaryByParam="None" %>
Duration value is in seconds and it tells the page how long to cache the contents? Now, when we will access the page, it will verify whether it exists in Cache? If yes, then verify whether it is expired? If not, then fetch it from Cache and render, otherwise create a new instance of the page and put it back to Cache.
The other parameter of this directive is "
VaryByParam". If its value is specified to something as follows:
<%@ OutputCache Duration="50" VaryByParam="ProductId" %>
Now, Cache is dependent on the value of this parameter. If the value of parameter remains the same, page will be fetched from Cache, otherwise it will be refreshed again.
For in-depth details on Page Output Cache, follow this link.
How to Use Page Fragment or Partial Page Cache in ASP.NET?
Page Fragment Caching uses the same
@ OutputCache directive with
VaryByControl parameter as follows:
<%@ OutputCache Duration="50" VaryByParam="None" VaryByControl="ControlName" %>
In this case,
Cache is dependent on the value of
Control specified in
VaryByControl parameter. For example, content on a page is dependent on the selected values of a
VaryByControl will have the
dropdownlist control name as
How to use Data Cache in ASP.NET?
We have already explained the usage of Data Cache above in this series of ASP.NET Interview Questions that in particular situations, we need to store objects into cache. Adding an object to Cache and accessing it from Cache is simple.
We can use "
Add" method to add an object to
Cache.Add(key, value, dependencies, absoluteExpiration, slidingExpiration, priority, onRemoveCallback);
if (Cache["ProductKey"] == null)
Further, in this post and in the next post, we will be discussing about ASP.NET Security Interview Questions.
Authentication Vs Authorization?
Authentication and Authorization are two key security related concepts that are independent but normally go together. Authentication is a process that verifies the identity of a user. On the other hand, Authorization is the process of assigning rights/privileges to already authenticated user.
For example, when a user tries to login a web application. First of all, user identity is verified that either he/she is a valid registered user of application. If his/her identity validated successfully, then appropriate privileges are assigned accordingly. Different users may have different privileges on the same application, for example,
user1 can only view/read some records while
user2 may have privileges for all CRUD (Create, Read, Update, Delete) operations on the same data.
What are the Available Authentication Modes in ASP.NET?
We have already explained this question in the previous ASP.NET Interview Questions and Answers post, don't skip the details of these important questions.
What is the Difference between Windows Authentication and Forms Authentication in ASP.NET?
Windows Authentication is a way to authenticate a user against Windows accounts. Windows authentication mode is suitable for corporate users in Windows environment.
In case of Forms Authentication, a separate list of users is maintained for authentication. For example, we can maintain the list in database and authenticate user against it.
We can set authentication mode in web.config as follows:
What is Protected Configuration in ASP.NET?
While developing an ASP.NET application, we normally store a number of important sensitive information in our config files like encryption keys, connection strings, etc. Application vulnerability increases if this sensitive information is stored as plain text. So Protected Configuration is an ASP.NET feature that enables to encrypt such sensitive information in configuration files.
Previous <<< ASP.NET Interview Questions - Part 2
Other Recommended Articles