ASP.NET Cookies Overview
A cookie is a small bit of text that accompanies requests and pages as they go between the Web server and browser. The cookie contains information the Web application can read whenever the user visits the site.
For example, if a user requests a page from your site and your application sends not just a page, but also a cookie containing the date and time, when the user's browser gets the page, the browser also gets the cookie, which it stores in a folder on the user's hard disk.
Later, if user requests a page from your site again, when the user enters the URL the browser looks on the local hard disk for a cookie associated with the URL. If the cookie exists, the browser sends the cookie to your site along with the page request. Your application can then determine the date and time that the user last visited the site. You might use the information to display a message to the user or check an expiration date.
Cookies are associated with a Web site, not with a specific page, so the browser and server will exchange cookie information no matter what page the user requests from your site. As the user visits different sites, each site might send a cookie to the user's browser as well; the browser stores all the cookies separately.
Cookies help Web sites store information about visitors. More generally, cookies are one way of maintaining continuity in a Web application—that is, of performing state management. Except for the brief time when they are actually exchanging information, the browser and Web server are disconnected. Each request a user makes to a Web server is treated independently of any other request. Many times, however, it's useful for the Web server to recognize users when they request a page. For example, the Web server on a shopping site keeps track of individual shoppers so the site can manage shopping carts and other user-specific information. A cookie therefore acts as a kind of calling card, presenting pertinent identification that helps an application know how to proceed.
Cookies are used for many purposes, all relating to helping the Web site remember users. For example, a site conducting a poll might use a cookie simply as a Boolean value to indicate whether a user's browser has already participated in voting so that the user cannot vote twice. A site that asks a user to log on might use a cookie to record that the user already logged on so that the user does not have to keep entering credentials.
Cookie Limitations
Most browsers support cookies of up to 4096 bytes. Because of this small limit, cookies are best used to store small amounts of data, or better yet, an identifier such as a user ID. The user ID can then be used to identify the user and read user information from a database or other data store. (See the section "Cookies and Security" below for information about security implications of storing user information.)
Browsers also impose limitations on how many cookies your site can store on the user's computer. Most browsers allow only 20 cookies per site; if you try to store more, the oldest cookies are discarded. Some browsers also put an absolute limit, usually 300, on the number of cookies they will accept from all sites combined.
A cookie limitation that you might encounter is that users can set their browser to refuse cookies. If you define a P3P privacy policy and place it in the root of your Web site, more browsers will accept cookies from your site. However, you might have to avoid cookies altogether and use a different mechanism to store user-specific information. A common method for storing user information is session state, but session state depends on cookies, as explained later in the section "Cookies and Session State."
What is a good C# ASP.NET MVC question to ask a prospective employee?
First things first. Do they even know what MVC. Not just the TAL but can they describe it to you. Then what are the benefits. Also it doesn't hurt to ask them their opinion on it. It is good to know if they even like MVC frameworks.
Next, ask them if they have used any other MVC frameworks. Struts, Spring MVC, Zend or anything like that.
Ask them if they know when a session starts, the general state problem on the net etc etc.
Also a little bit of database. Ask them if they have any experience with database persistence layers.
Then just because you can ask a hard technical question, ask them to write a function that compares two binary trees both in value and structure to see if they are identicial.
ASP.NET Interview Questions: ViewState
(1) Does the performance for view state vary according to User controls?
Performance of view state varies depending on the type of server control to which it is applied. Label, Text Box, Check Box, Radio Button, and Hyper Link are server controls that perform well with View State. Drop Down List, List Box, Data Grid, and Data List suffer from poor performance because of their size and the large amounts of data making roundtrips to the server.
(2) What is View State?
View state is a built-in structure for automatically retaining values amongst the multiple requests for the same page. The view state is internally maintained as a hidden field on the page but is hashed, providing greater security than developer-implemented hidden fields do.
(3) What are benefits and Limitation of using View state for state management?
Following are the benefits of using View state:-
. No server resources are required because state is in a structure in the page code.
. Simplicity.
. States are retained automatically.
. The values in view state are hashed, compressed, and encoded, thus representing a higher state of security than hidden fields.
. View state is good for caching data in Web frame configurations because the data is cached on the client.
Following are limitation of using View state:-
. Page loading and posting performance decreases when large values are stored because view state is stored in the page.
. Although view state stores data in a hashed format, it can still be tampered because it is stored in a hidden field on the page. The information in
the hidden field can also be seen if the page output source is viewed directly, creating a potential security risk.
Below is sample of storing values in view state.
this. ViewState ["Enter Time"] = Date Time. Now. To String();
ASP.NET Interview Questions: Different States in ASP.NET
You can see that a browser on the client side requests a page from the web server. After processing the request and returning the page, the server drops the connection. Then. if the browser makes another request the server has no way to associate the browser with the previous request. So HTTP is called as a stateless protocol. But ASP.NET provides several ways to maintain the state.
View State
View state is used to maintain the values of server control properties. AS ASP.NET implements view state by default you need not to write any special code to use it.
Session State
Session state is used to maintain data between execution of an application. For this, ASP.NET creates a session state object that is kept on the server whenever a user starts a new session. The session state object contain unique session ID, and this ID is sent back and forth between the server and browser each time the user request a page. Then when the server receives a new request from the user, it can retrive the right session state object for that user. You can add data items to the session object in your code, so there previous values are available each time a web form is executed.
Application State
ASP.NET provides an application state object to save application state data, which applies to all the users of an application. You can use application state object to manage global counters to maintain a list of users who are currently logged on to an application.
Profile
ASP.NET also provides profile feature to keep track of user data. Although a profile is similar to session state object, it persists between user session as it is stored in a database. For example we can use profiles we can keep track of the products ordered by an user in an shopping application and when the user starts a new session, you can display those products in a "ordered items" listbox.
asp.net interview questions: state management
- What is the lifespan for items stored in ViewState?
Item stored in ViewState exist for the life of the current page. This includes postbacks (to the same page). - What is ViewState?
ViewState allows the state of objects (serializable) to be stored in a hidden field on the page. ViewState is transported to the client and back to the server, and is not stored on the server or any other external source. ViewState is used the retain the state of server-side objects between postabacks. - What are the different types of Session state management options available with ASP.NET?
ASP.NET provides In-Process and Out-of-Process state management. In-Process stores the session in memory on the web server. This requires the a "sticky-server" (or no load-balancing) so that the user is always reconnected to the same web server. Out-of-Process Session state management stores data in an external data source. The external data source may be either a SQL Server or a State Server service. Out-of-Process state management requires that all objects stored in session are serializable. - What does the "EnableViewState" property do? Why would I want it on or off?
It allows the page to save the users input on a form across postbacks. It saves the server-side values for a given control into ViewState, which is stored as a hidden value on the page before sending the page to the clients browser. When the page is posted back to the server the server control is recreated with the state stored in viewstate.
What are benefits and Limitation of using View state for state management in asp.net?
Following are the benefits of using View state:-
. No server resources are required because state is in a structure in the page code.
. Simplicity.
. States are retained automatically.
. The values in view state are hashed, compressed, and encoded, thus representing a higher state of security than hidden fields.
. View state is good for caching data in Web frame configurations because the data is cached on the client.
Following are limitation of using View state:-
. Page loading and posting performance decreases when large values are stored because view state is stored in the page.
. Although view state stores data in a hashed format, it can still be tampered because it is stored in a hidden field on the page. The information in the hidden field can also be seen if the page output source is viewed directly, creating a potential security risk.
Below is sample of storing values in view state.
How will ASP.NET handle session management?
"ASP.NET does not rely on SQL Server or LDAP for session management. Basically we provide two new additional features: 
1.) Cookieless Session: This is where we "munge" the sessionid into URLs as opposed to client-side cookies to keep track of SessionIDs (enabling you to now use session state even with browsers that have cookie support disabled). We automatically do the munging for you (no code changes required) to make this happen for both static and dynamic content (so you can link off to a static html page which then in turn links off to another dynamic page -- and the session is maintained).
2.) External Session State Support. This is where we store session values into an external state store instead of the ASP.NET worker process. This guaretees that state is stored accross worker process restarts (providing great reliability) as well as accross multiple machines (providing built-in web farm support). We ship support for two session stores out of the box: 1) the "ASP.NET state store" which is a dedicated NT Service that can run on any box -- and which ships with the ASP.NET bits. 2) support for storing session data directly into SQL Server. This later option is more scalable -- but does require you to buy SQL Server in order to make it work.
"Note that the above two state options are completely orthoganal from each other -- ie: you can use them together or separately. Also, our external state store support is pluggable -- meaning that we expect other third parties (as well as people like MS Commerce Server) to plug in their own store support into the model.
"With regard to performance, we are *much* faster than than existing pre-ASP.NET state solutions when doing out of proc state. We are leveraging ASP.NET's new MTA based thread pool to do async read/write operations that enable us to avoid blocking worker threads when retrieving and updating the state (instead using iocompletions to reuse threads). This should improve system throughput significantly and was not possible before with ASP (since it used an STA thread pool and as such couldn't do async operations)."
Interview Questions: Which are the three main categories of design patterns?
Creational Patterns
• Abstract Factory:- Creates an instance of several families of classes
• Builder: - Separates object construction from its representation
• Factory Method:- Creates an instance of several derived classes
• Prototype:- A fully initialized instance to be copied or cloned
• Singleton:- A class in which only a single instance can exist
Note: - The best way to remember Creational pattern is by remembering ABFPS (Abraham Became First President of States).
Structural Patterns
• Adapter:-Match interfaces of different classes .
• Bridge:-Separates an object’s abstraction from its implementation.
• Composite:-A tree structure of simple and composite objects.
• Decorator:-Add responsibilities to objects dynamically.
• Façade:-A single class that represents an entire subsystem.
• Flyweight:-A fine-grained instance used for efficient sharing.
• Proxy:-An object representing another object.
Note : To remember structural pattern best is (ABCDFFP)
Behavioral Patterns
• Mediator 
efines simplified communication between classes.
• Memento:-Capture and restore an object's internal state.
• Interpreter:- A way to include language elements in a program.
• Iterator:-Sequentially access the elements of a collection.
• Chain of Resp: - A way of passing a request between a chain of objects.
• Command:-Encapsulate a command request as an object.
• State:-Alter an object's behavior when its state changes.
• Strategy:-Encapsulates an algorithm inside a class.
• Observer: - A way of notifying change to a number of classes.
• Template Method efer the exact steps of an algorithm to a subclass.
• Visitor efines a new operation to a class without change.
