Why ASP.NET?

The question, "Why XML?" was answered with a brief history lesson, so I'll do the same with ASP.NET.

The first web pages were HTML documents that displayed HTML. There was nothing else to web pages; they simply displayed formatted text and images while allowing you to link to other HTML documents. Capabilities were soon added to handle user input by using forms. These forms were submitted to an external CGI program for processing data.

As simple CGI programs advanced, users quickly saw HTML's potential and began coding their own web applications. The limitations of CGI were apparent in how it managed memory.

Developers at Microsoft saw the potential in the web and began developing a solution. The result of this effort was Internet Information Services (IIS). IIS really hit the mainstream when IIS 3.0 was released as part of the NT Option Pack for Windows NT 4.0. Part of the IIS installation was Active Server Pages, an environment that facilitated web development using VBScript and ADO.

Almost overnight, data-driven web pages became the rage and developers quickly became familiar with bugs , workarounds, and limitations. For example, in IIS 3.0, it was suggested that procedures (subs and functions) not be used to reduce stack space usage. IIS 3.0 also suffered significant performance loss at high volumes , but its popularity continued to rise. It didn't take long for the next release: the NT 4.0 Option Pack included IIS 4.0.

IIS 4.0 greatly stabilized the web server, making web development more reliable and, as a direct result, more popular. Suddenly, complex systems were being developed that needed to take advantage of Microsoft Transaction Server (MTS) and its transactional integration with MSMQ and ADO. As systems became more complex, IIS became even more popular. With the advent of Windows 2000 and COM+ Component Services, IIS was now a stable environment that could host extremely complex systems with significantly high user loads.

The environment was stable, but only if it was used "just right." Countless articles appeared that discussed thread affinity and stored apartment-threaded objects in session state. It is simple to create a COM component and call it from an ASP page, but it can be difficult to do this effectively. Server crashes continued and security exploits popped up on the web, making IIS servers one of the most frequent targets for hacker attacks.

ASP.NET was developed with both security and performance in mind. ASP.NET is built on the Common Language Runtime (CLR). CLR manages memory for the developer and eliminates security vulnerabilities, such as buffer underruns that can lead to most common IIS vulnerabilities. ASP.NET code is compiled and managed by CLR, which means that it is secure and fast.