ASP.NET MVC Framework
– is a lightweight, highly testable presentation framework
– MVC Framework is defined in the System.Web.Mvc assembly
– It makes it easier to manage complexity by dividing an application into the model, the view, and the controller.
– It does not use view state or server-based forms. This makes the MVC framework ideal for developers who want full control over the behavior of an application.
– It uses a Front Controller pattern that processes Web application requests through a single controller. This enables you to design an application that supports a rich routing infrastructure. For more information, see Front Controller.
– It provides better support for test-driven development (TDD).
– It works well for Web applications that are supported by large teams of developers and for Web designers who need a high degree of control over the application behavior.
ASP.NET web Forms
– application pattern is based on Web Forms and postbacks
– a single class is used both to display output and to respond to user input
– It supports an event model that preserves state over HTTP, which benefits line-of-business Web application development.
– It uses a Page Controller pattern that adds functionality to individual pages.
– It uses view state on server-based forms, which can make managing state information easier.
– It works well for small teams of Web developers and designers who want to take advantage of the large number of components available for rapid application development.
– In general, it is less complex for application development, because the components (the Page class, controls, and so on) are tightly integrated and usually require less code than the MVC model.
Topics Covered:
Design the Application Architecture (15-20%)
- Plan the application layers
- Plan data access;
– how it connects users to data: new database or existing database- Object relational mapper (O/RM) – is a technique that lets you query and manipulate data from a database using an object-oriented paradigm. The O/RM hydrates the object with the data from the database, or creates the SQL statements that will save the object data into the database.
1. Entity Framework
2. ADO.NET - Writing your own component to manage interactions with the database
- Object relational mapper (O/RM) – is a technique that lets you query and manipulate data from a database using an object-oriented paradigm. The O/RM hydrates the object with the data from the database, or creates the SQL statements that will save the object data into the database.
- Plan for separation of concerns;
- Appropriate use of models,
- Views and controllers;
- Choose between client-side and server side processing;
- Design for scalability
- Plan data access;
- Design a distributed application
- Design a hybrid application (on-premises versus off-premises, including Azure),
- Plan for session management in a distributed environment,
- Plan web farms
- Design and implement the Azure role life cycle
- Identify and implement Start,
- Run and Stop events;
- Identify startup tasks (IIS configuration [app pool], registry configuration, third-party tools)
- Configure state management
- Choose a state management mechanism (in-process and out of process state management),
- Plan for scalability,
- Use cookies or local storage to maintain state,
- Apply configuration settings in web.config file,
- Implement sessionless state (for example, QueryString)
- Design a caching strategy
- Implement page output caching (performance oriented),
- Implement data caching,
- Implement HTTP caching,
- Implement Azure caching
- Design and implement a WebSocket strategy
- Read and write string and binary data asynchronously (long-running data transfers),
- Choose a connection loss strategy,
- Decide a strategy for when to use WebSockets,
- Implement SignalR
- Design HTTP modules and handlers
- Implement synchronous and asynchronous modules and handlers,
- Choose between modules and handlers in IIS
Design the user experience (20-25%)
- Apply the user interface design for a web application
- Create and apply styles by using CSS,
- Structure and lay out the user interface by using HTML,
- Implement dynamic page content based on a design
- Design and implement UI behaviour
- Implement client validation,
- Use JavaScript and the DOM to control application behaviour,
- Extend objects by using prototypal inheritance,
- Use AJAX to make partial page updates,
- Implement the UI by using JQuery
- Compose the UI layout of an application
- Implement partials for reuse in different areas of the application,
- Design and implement pages by using Razor templates (Razor view engine),
- Design layouts to provide visual structure,
- Implement master/application pages
- Enhance application behaviour and style based on browser feature detection
- Detect browser features and capabilities;
- Create a web application that runs across multiple browsers and mobile devices;
- Enhance application behaviour and style by using vendor-specific extensions, for example, CSS
- Plan an adaptive UI layout
- Plan to run applications in browsers on multiple devices (screen resolution, CSS, HTML),
- Plan for mobile web applications
Develop the user experience (15-20%)
- Plan for search engine optimization and accessibility
- Use analytical tools to parse HTML,
- View and evaluate conceptual structure by using plugs-in for browsers,
- Write semantic markup (HTML5 and ARIA) for accessibility (for example, screen readers)
- Plan and implement globalisation and localisation
- Plan a localisation strategy;
- Create and apply resources to UI, including JavaScript resources; set cultures; create satellite resource assemblies
- Design and implement MVC controllers and actions
- Apply authorisation attributes,
- Global filters and authentication filters;
- Specify an override filter;
- Implement action behaviours;
- Implement action results;
- Implement model binding
- Design and implement routes
- Define a route to handle a URL pattern,
- Apply route constraints,
- Ignore URL patterns,
- Add custom route parameters,
- Define areas
- Control application behaviour by using MVC extensibility points
- Implement MVC filters and controller factories;
- Control application behaviour by using action results,
- Viewengines,
- Model binders and route handlers
- Reduce network bandwidth
- Bundle and minify scripts (CSS and JavaScript),
- Compress and decompress data (using gzip/deflate; storage),
- Plan a content delivery network (CDN) strategy (for example, Azure CDN)
Troubleshoot and debug web applications (20-25%)
- Prevent and troubleshoot runtime issues
- Troubleshoot performance,
- Security and errors;
- Implement tracing,
- Logging (including using attributes for logging) and debugging (including IntelliTrace);
- Enforce conditions by using code contracts; enable and configure health monitoring (including Performance Monitor)
- Design an exception handling strategy
- Handle exceptions across multiple layers,
- Display custom error pages using global.asax or creating your own HTTPHandler or set web.config attributes, handle first chance exceptions
- Test a web application
- Create and run unit tests (for example, use the Assert class), create mocks;
- Create and run web tests, including using Browser Link;
- Debug a web application in multiple browsers and mobile emulators
- Debug an Azure application
- Collect diagnostic information by using Azure Diagnostics API and appropriately implement on demand versus scheduled;
- Choose log types (for example, event logs, performance counters and crash dumps);
- Debug an Azure application by using IntelliTrace, Remote Desktop Protocol (RDP) and remote debugging;
- Interact directly with remote Azure websites using Server Explorer.
Design and implement security (20-25%)
- Configure authentication
- Authenticate users;
- Enforce authentication settings;
- Choose between Windows, Forms and custom authentication;
- Manage user session by using cookies;
- Configure membership providers;
- Create custom membership providers;
- Configure ASP.NET Identity
- Configure and apply authorisation
- Create roles,
- Authorise roles by using configuration,
- Authorise roles programmatically,
- Create custom role providers,
- Implement WCF service authorisation
- Design and implement claims-based authentication across federated identity stores
- Implement federated authentication by using Azure Access Control Service;
- Create a custom security token by using Windows Identity Foundation;
- Handle token formats (for example, oAuth, OpenID,
- Microsoft Account, Google, Twitter and Facebook) for SAML and SWT tokens
- Manage data integrity
- Apply encryption to application data, apply encryption to the configuration sections of an application, sign application data to prevent tampering
- Implement a secure site with ASP.NET
- Secure communication by applying SSL certificates;
- Salt and hash passwords for storage;
- Use HTML encoding to prevent cross-site scripting attacks (ANTI-XSS Library);
- Implement deferred validation and handle unvalidated requests, for example, form, querystring and URL;
- Prevent SQL injection attacks by parameterising queries;
- Prevent cross-site request forgeries (XSRF)
MVC Mind Map
- Caching
1.1 ASP.NET OutputCache
1.2 Azure – Distributed Caching
1.3 .NET Data Access Layer Caching
1.4 HTML5 App Cache - State Management
2.1 HttpContext.items
2.2 Cookies
2.3 Cache
2.4 Session
2.5 QueryString
2.6 Profile - MVC Views
3.1 @HTML Helper
3.2 @Scripts Helper
3.3 @Styles Helper
3.4 ViewBag – passes data between controller and view, alternative is TempData[] – key/value dictionary to store data similar to session but the data is deleted at the end of the HTTP request.
3.5 Partial Views
3.6 Razor Syntax
3.7 Layout View
3.8 Mobile Device Support - QA
4.1 Unit Testing
4.2 Code Contracts - Architecture
5.1 Repository Pattern - Authentication
6.1 Membership Providers
6.2 Forms Auth - Controller
7.1 ModelState
7.2 MVC3 – Async Controller
7.3 Actions(methods)
7.3.1 Returns ActionResult
7.3.2 Action Filters - Security
8.1 MVC AntiForgery Token
8.2 .Net Framework – Blacklist
8.3 AnitXSS Library - ASP.NET
9.1 HTTP Handlers
9.2 HTTP Modules - Communication
10.1 Web Sockets
10.2 SignalR - Accessibility
11.1 Globalisation
11.1.1 Internationalisation
11.1.2 Resource Files
11.1.3 Localisation
11.1.4 Satellite Assemblies
11.1.5 Localised Views
11.1.6 UICulture – Resource File Selection
11.1.7 Culture – conversion and formatting
11.2 ARIA
11.3 IIS SEO toolkit - MVC Filters
12.1 ChildActionOnlyAttribute
12.2 AuthorizeAttribute
12.3 ValidateInputAttribute
12.4 RequireHttpsAttribute
12.5 ValidateAntiForgeryTokenAttribute
12.6 HandleErrorAttribute
12.7 Register global in FilterConfig.cs
12.8 Register in class for Controller level
12.9 OverrideAuthorization – MVC5 - MVC Value Providers
13.1 RouteDataValueProvider
13.2 HttpFileCollectionValueProvider
13.3 FormsValueProvider
13.4 QueryStringProvider - MVC ActionResult
14.1 ViewResult – Inherits from ViewResultBase
14.2 RedirectResult – URL
14.3 JsonResult
14.4 JavaScriptResult
14.5 FileResult
14.6 ContentResult
14.7 EmptyResult
14.8 RedirectToRouteResult
14.9 PartialViewResult – Inherits from ViewResultBase – AJAX - Routing
15.1 Routecollection – Stores routes
15.2 Constraints
15.3 routes.ignore
15.4 MapPageRoute – Web forms
15.5 Attribute routing – routes.MapMvcAttributeRoutes() - Javascript
16.1 Jquery
16.2 Prototypes
16.3 MVC Client Side Validation - Model
17.1 Data Annotatons
17.1.1 DataType
17.1.2 Range
17.1.3 Required
17.1.4 StringLength
17.1.5 RegularExpression
17.1.6 Remote – Client Side
17.2 Binders - Performance Optimization
18.1 Bundling
18.2 Minification
18.3 IIS Content Compression
18.4 CDN
18.5 Visual Studio Profiling
18.6 Windows Performance Monitor - Diagnostics
19.1 Visual Studio Intellitrace
19.2 MVC Exception Handling
19.2.1 OnException
19.2.2 HandleErrorAttribute
19.3 Windows Azure Diagnostics
Materials:
http://failedturing.blogspot.com/search/label/70-486
http://www.codingwebapps.com/category/asp-net-mvc/asp-net-mvc-certification-exam-70-486/
http://www.codingwebapps.com/microsoft-asp-net-mvc-certification-exam-70-486-plan-the-application-layers/
Live as if you were to die tomorrow. Learn as if you were to live forever.. -Mahatma Gandhi