Chapter 3: Migrating from ASP to ASP.NET

You can migrate from Active Server Pages (ASP) to ASP.NET to utilize enhanced features of ASP.NET using Migration Assistant tool. The conversion procedure is not completely automatic and converts only some basic code that increases the speed of conversion. A few components, such as Component Object Model (COM) and database components, may not convert at all. To take advantage of the features of .NET Framework, such as built-in security, you need to optimize the converted code.

This chapter describes the advantages of migrating from ASP to ASP.NET. It also explains how to create an ASP application, upgrade the ASP application to ASP.NET, and optimize the ASP.NET application.

Advantages of Migrating from ASP to ASP.NET

You can migrate ASP applications to ASP.NET because of the improved capabilities that ASP.NET offers, such as increased performance, higher scalability, improved stability and security, ease of configuration and development, and an enhanced set of controls.

Performance

ASP.NET performs better than ASP because the .NET runtime compiles ASP.NET code, while the server interprets ASP code. The .NET runtime compiles ASP.NET code into an Intermediate Language (IL), and uses the Just-In-Time (JIT) compiler to compile the IL to native machine code. The benefits of compiling are that it decreases processor load and the server’s response time, which increases the number of requests it can handle. After you compile an ASP.NET page, ASP.NET automatically identifies and compiles any changes made to the page after the initial compilation and stores the compiled pages in a cache for further requests and changes. You can also configure caching in a way that you cache parts of the page or the entire page.

Language compilers, such as vbc.exe for Visual Basic (VB).NET or csc.exe for C#, compile the ASP.NET page into a project.dll file. For example, an application called OnlineBookStore includes a login.aspx page. Compiling the Web application generates the OnlineBookStore.dll file and caches the ASP.NET pages in that application on the Web server. As a result, when an end user requests a Web page, such as login.aspx, the Web server executes the OnlineBookStore.dll file.

As compared to ASP, ASP.NET performance also increases when dealing with session information. For example, ASP stores session information, such as session ID, in cookies, while ASP.NET stores session information in cookies, memory, databases, or Windows services. As a result, when the application requires session information about an end user, the Web server need not communicate with the client computer to retrieve the information. The Web server can retrieve information from the database server, the windows service, or the server memory.

Stability

ASP.NET provides automatic error detection and recovery procedures for errors such as deadlocks and memory leaks, which ensures continuous availability of an application. Consider a scenario where an application encounters a memory leak. Memory leak is an error in an application’s dynamic-store allocation logic that does not allow the application to recover released memory. As a result of memory exhaustion, the application fails. ASP.NET automatically identifies the memory leak, starts a new copy of the ASP.NET worker process, and transfers all the incoming requests to the new process. When the previous process finishes processing its pending requests, ASP.NET disposes the process and frees the memory area that has leaked. ASP.NET provides automatic memory management, while in ASP, you need to explicitly de-allocate the memory that the objects occupy to free memory.

Productivity

ASP.NET allows an easy development of applications. When compared to ASP, you need to write fewer lines of code in ASP.NET and expend less effort to develop an application. In ASP.NET applications, it is easy to create user interfaces and validate end user input due to the availability of drag-and-drop controls and built-in validation controls. In addition, you can opt for a large number of programming languages with built-in support in .NET Framework, such as C#, C++, VB.NET, and JScript.NET, to develop ASP.NET Web applications. Cross-language interoperability is also possible in ASP.NET. You can develop Web pages using VB.NET and use components developed in C# on the pages. To develop code in ASP, you can only use a limited set of languages, such as VBScript and JScript.

Security

In ASP, you need to configure Internet Information Services (IIS) settings to implement application security. ASP.NET provides configuration files, such as Web.Config and Machine.config, to specify authentication and authorization settings for your applications without explicitly configuring IIS. You can use the following authentication modes to implement security in ASP.NET applications:

• Windows authentication: Uses Windows account information to verify end users and performs authentication in combination with IIS authentication. IIS authenticates in any of the following three ways:
  
  

  • Basic authentication: Requires end users to supply credentials in the form of user names and passwords to prove their identity.

  • Digest authentication: Transfers the cryptographic hash of the end user's credentials from the Web browser to the Web server, where a Web server, such as IIS, validates the end user’s credentials.

  • Integrated authentication: Uses cryptographic exchange of end-user credentials. Works only with Internet Explorer and is restricted to intranet scenarios.

  
  

• Microsoft Passport authentication: Offers a centralized authentication service. The end user need not log on again to access other protected sites. To execute Microsoft Passport authentication on the server, you need to download the Passport SDK and install IIS.

• Forms authentication: Uses different validation methods, per the application requirements, to authenticate and authorize requests. This type of authentication redirects unauthenticated requests to an HTML form using HTTP client-side redirection.

• Client Certificate authentication: Authenticates by requesting the client application or the browser to show a valid certificate before granting access. This precludes the need for clients to provide user names and passwords before accessing protected sites.

.NET Framework also provides a built-in security feature, Code Access Security (CAS), which protects computers from malicious, distrusted code. It also prevents trusted code from accidentally jeopardizing security. You can identify the set of operations, such as file access, which your code can or cannot perform. ASP.NET manages site security by checking authenticated records against a list of authorized end users. ASP does not provide a built-in security feature.

COM Compatibility

You can use COM components in ASP.NET, which makes migration simpler because you need not rewrite the entire code for the COM component with .NET Framework assemblies. .NET Framework provides a tool called Type Library Importer (TLbImp.exe), which builds managed wrappers around the COM components that allows the .NET applications to access the COM components. TlbImp.exe generates an assembly file, which should be stored in the ASP.NET application’s \bin directory. For example, in an ASP application, you use Active Data Objects DataBase (ADODB) objects, such as recordsets for storing data. The recordsets are usable after migration to ASP.NET.

ASP.NET Web Controls

ASP.NET provides a built-in, programmable, and object-oriented set of controls called Web controls. You can categorize ASP.NET Web controls into:

• HTML server controls

• Web server controls

• User Controls

HTML Server Controls

HTML server controls are HTML controls with the "runat=server" attribute-value pair specified explicitly. HTML controls on a Web page are not available to the Web server. By converting HTML controls to HTML server controls, you can make the controls server-aware. HTML server controls have the built-in ability to maintain state. If a Web page returns to the server, the values that the end user enters into the HTML server controls are automatically maintained when the page is sent back to the browser. You can identify an HTML server control by its ID and use the ID to access the control’s properties, methods, and events. The System.Web.UI.HTMLControls namespace provides HTML server controls. A HTML control, such as a button, can be controlled through the server using the runat = "server" attribute. For example,

 <input type = "button"  runat="server"/>      

Web Server Controls

Web controls are server-aware and can be linked with the server, which enables the Web server to process your requests easily. This type of built-in, server-side control does not exist in ASP. Server-side controls allow you to perform form validations on the server. This increases security as compared to ASP, where you use client-side scripts, such as JavaScript, to perform validations. Using server-side controls on an ASP.NET page enables the page to display controls on any browser, such as Internet Explorer, Netscape, Opera, or America Online (AOL), because the server-side controls are aware of browser compatibilities and render themselves according to the browsers. The prefix of a Web server control is asp. For example,

 <asp:textbox  style="Z-INDEX: 60; LEFT: 175px;_  POSITION: absolute; TOP: 220px" runat="server" _  Text="textbox1"></asp:textbox> 

The asp:textbox control is a Web server control. The System.Web.UI.WebControls namespace defines Web server controls. The categories of Web server controls are List controls, Validation controls, and Rich controls.

List Controls

You use List controls in combination with ActiveX Data Objects (ADO).NET. They offer data-binding facilities and allow data display from a data store. Using these controls, you can generate grids. To display data in different ways, such as lists, tables, and grids, you can set the properties of List controls. The different types of List controls are:

• DataList: Controls the layout of a list. You can edit a list using this control, and mention the direction of the list, such as horizontal or vertical.

• Repeater: Displays a repeated list of items bound to the control.

• DataGrid: Shows data in tabular format. You can edit and sort data using the DataGrid control.

Rich Controls

Rich controls offer a wide range of user interfaces. Rich controls contain several components and HTML tags that render the control on the browser. ASP.NET provides Rich controls, such as the AdRotator and Calendar controls. The AdRotator control allows you to display and change the images automatically, for example in an advertisement.

The following code shows how to use the AdRotator control:

 <asp:adRotator AdvertisementFile="Advertisement.xml" runat="server" BorderColor="#0000ff" Border Width="2"></asp:adRotator"> 

In the above code, the AdRotator control displays the different images referred to in the Advertisement.xml file.

Validation Controls

Validation controls perform Web form data validation through a set of invisible controls. They perform both client and server-side validations. When you submit a form, the ASP.NET page sends the value of the input control to the validation control for validation. The validation control sets a property to specify whether each of the input values is valid or not. If any input is invalid, the property is set to invalid. The syntax to create a validation control is:

 <asp:controlname  runat="server"/> 

User Controls

ASP.NET Web user controls provide the facility to create controls, such as menus and toolbars that you can use on multiple pages or in applications. You can embed a user control on any Web forms page. The extension of a user control is .ascx. The process to design a user control is the same as the process to design a Web forms page. For example, if you are creating a user control to be used as a toolbar in an application, add a series of Button Web server controls to the user control and then create event handlers for the buttons.

• Introducing ASP.NET Server Controls

• Introducing ASP.NET Validation Controls

• Creating ASP.NET Custom Controls

Developing Mobile Applications

Using mobile applications, you can provide Web content to the large number of people who use mobiles and the Internet. .NET Framework and Microsoft Mobile Internet Toolkit (MMIT) provide mobile tools and controls to create mobile applications for handheld devices, such as mobile phones and Personal Digital Assistance (PDAs). Different mobile devices understand different programming languages. For example, cell phones understand Wireless Markup Language (WML) and pocket computers understand HTML. As a result, you need to create mobile applications specific to a mobile device. Using MMIT or .NET Mobile, you can create a mobile application without worrying about its device-specific implementation.