260 likes | 275 Views
Learn the principles of three-tier architecture and the advantages and disadvantages of client-side and server-side state management techniques. Develop an advanced web forms database application.
E N D
13 AdvancedWeb Formswith Databases Programming Right from the Start with Visual Basic .NET 1/e
Objectives • Understand the principles behind a three-tier architecture • Know the advantages and disadvantages of client-side state management techniques • Know the advantages and disadvantages of server-side state management techniques • Develop an advanced Web Forms database application
13-1 Three-Tier Architecture • Business applications involving databases are often divided into three layers: • The presentation layer – web browser • The application layer – IIS Web server • The data layer – database server
Presentation Layer • The presentation layer runs on the user’s computer (the client) and provides the application interface. • A fat client performs relatively significant processing, with less load on the middle tier. • A thin client typically involves a web browser for displaying HTML with minimal processing.
Application Layer • The application layer provides various modules and services that are essential for the solution, including the processing of the business-based computing rules. • The application layer provides a mediator between the presentation layer and the database layer.
Data Layer • The database layer is responsible for all database access required by the solution. • This layer usually provides support for adding, deleting, updating, and retrieving information from the database. • Connections to the database server eases database account maintenance and improves data security.
13-2 State Management • The HTTP protocol is stateless, which means that each request for a new web page is processed without any knowledge of previous pages requested. • State management refers to techniques by which developers maintain the state of a web application across multiple page requests.
13-3 Client-Side State Management Techniques • The following are client-side state management options available to ASP.NET developers: • View state • Cookies • Query strings
View State • A web page is re-created each round trip. • ASP.NET provides view state which represents the state of the page when it was last processed on the server. • The view state is visible in the HTML source and is a potential security issue.
Query String • A query string is information appended to the end of a page’s URL. • Query strings typically begin with a “?”. • Query strings are not secure because the query information is visible in the browser.
Cookies • A cookie is a small text file stored on the client machine. • The browser attaches the cookie with each new HTTP request before sending it to the server, which can read the data and respond appropriately. • The information stored in a cookie can be exposed so they are not the best means of handling sensitive information.
13-4 Server-Side State Management Techniques • The following are server-side state management options available to ASP.NET developers: • Application state • Session state • Database support
Application State • An ASP.NET application is the sum of all files, pages, and code that resides on a server. • When a web application runs, ASP.NET maintains information about the application in the application state.
Application State (cont.) • The application state allows developers to create application variables that can be set and read throughout the lifetime of the application. • Application variables are global variables • Application(“AppVariableName”)
Session State • A session is the period of time that a unique browser interacts with a web application. • When a new session is created, ASP.NET maintains information about the session in the session state.
Session State (cont.) • The session state allows developers to create session variables that can be set and read throughout the lifetime of the session. • Sessions and their variables expire after twenty minutes of inactivity. • Session(“SessionVariableName”)
Database Support • Data stored in application variables and session variables will be lost if the application is interrupted; therefore, state information should be stored in a database. • State information should be maintained for: • Security • Queries • Capacity • Data mining
Security • Customer information stored in a database is an extra level removed from the presentation layer, making the data less available for malicious use.
Queries • Storing data in a database gives the application all the power and functionality of databases in general, including the ability to query for specific information.
Capacity • Databases are especially good at handling large amounts of information, and the data services can be split off to a data layer that resides on one or more data servers, allowing the web application to avoid a performance decrease.
Data Mining • An application could maintain information about times and dates of customer visits, pages visited, time per page, items ordered, and so on. • This information could be mined for interesting relationships – information that could provide a strategic business advantage.
Chapter Summary • The presentation layer provides the client interface, the application layer usually implements the business logic of a solution, and the data storage layer maintains the database and tools for data access. • Client-side state management is less secure than server-side state management.
Chapter Summary (cont.) • When a web application runs, ASP.NET maintains information about the application in the application state. • Application variables are helpful for storing small amounts of infrequently changed global information that is used by many users.
Chapter Summary (cont.) • Session state variables are helpful for storing small amounts of short-lived information that is specific to an individual session. • Database support is good for storing large amounts of information or information that must survive application and session restarts.
13 AdvancedWeb Formswith Databases Programming Right from the Start with Visual Basic .NET 1/e