ASP.NET (Part 4)

With ASP.NET Core, we have rewritten the web framework and .NET framework to better enable a modern web development experience and provide a baseline to build the next 15 years of server development.

This controller is capable of servicing a Web API GET request, responding on the api/Product route as well as handle a request for the Index page and return with the content of a Razor-based view.

Yeoman generators

Secrets Manager

env.IsDevelopment() This is a check that the current environment is named “Development”. By default, when you debug an application from Visual Studio 2015, an environment variable called “ASPNETCORE_ENVIRONMENT” is set to the value “Development” and ASP.NET Core can interpret that value and make features available to the Development environment only. If that environment variable is NOT set, ASP.NET Core assumes that you are running in Production.

We recommend that you look at the switch of an application to ASP.NET Core as a rewrite instead of a migration

A repository is an object that encapsulates the data layer, and contains logic for retrieving data and mapping it to an entity model.

CreateAtRoute also adds a Location header to the response. The Location header specifies the URI of the newly created to-do item.

ASP.NET Core can figure out to call the controller’s method based on the name of the class by the Controller postfix convention. Unless you need specific features of the Controller base class you don’t have to inherit from it in ASP.NET Core.

ASP.NET Core’s MVC version supports both API and MVC endpoints in the same controller, so I don’t need to create a separate controller class (although generally it’s a good idea to separate API and UI endpoints)

If you run on Windows you will likely want to run Kestrel behind IIS to gain infrastructure features like port 80/443 forwarding via Host Headers,
process lifetime management and certificate management to name a few.

Once you’ve installed the hosting bundle (or you install the .NET Core SDK on your Dev machine) the AspNetCoreModule is available in the IIS native module list:

While the IIS Site/Virtual still needs an IIS Application Pool to run in, the Application Pool should be set to use No Managed Code. Since the App Pool acts merely as a proxy to forward requests, there’s no need to have it instantiate a .NET runtime.

It’s also a good idea to run secure SSL requests through IIS proper by setting up certificates through the IIS certificate store and letting IIS handle the SSL authentication. IIS can also provide static file serving, gzip compression of static content, static file caching, Url Rewriting and a host of other features that IIS provides natively. IIS is really good and efficient at processing non-application requests, so it’s worthwhile to take advantage of that.

In order to run an application with IIS you have to first publish it. There are two ways to that you can do this today:
● Use dotnet publish
● Use the Visual Studio Publishing Features

Dependency Injection on MVC 6

Or as below

Will be automatically resolved by .net framework


Webpack and aspnetcore environment core configuration

CreatedAtAction helper method

Nuget packaging


Test runner

Facts are tests which are always true. They test invariant conditions.
Theories are tests which are only true for a particular set of data.

Tag Helpers

Overriding existing tags

If you need HttpContext information, copy the values you care about to a state object or inside a closure and pass it in to the background worker.  Don’t pass the HttpContext instance itself, as it’s not a thread-safe object and even simple property getters (like HttpContext.Request.Url) might throw.

The .NET runtime uses an AppDomain as a container for code and data, just like the operating system uses a process as a container for code and data. As the operating system uses a process to isolate misbehaving code, the .NET runtime uses an AppDomain to isolate code inside of a secure boundary.

An AppDomain belongs to only a single process, but single process can hold multiple AppDomains. An AppDomain is relatively cheap to create (compared to a process), and has relatively less overhead to maintain than a process.

Each ASP.NET application will have it’s own set of global variables: Cache, Application, and Session objects are not shared.

Even though the code for both of the applications resides inside the same process, the unit of isolation is the .NET AppDomain. If there are classes with shared or static members, and those classes exist in both applications, each AppDomain will have it’s own copy of the static fields – the data is not shared. The code and data for each application is safely isolated and inside of a boundary provided by the AppDomain.

Since ASP.NET cannot swap the dll into the existing AppDomain , it starts a new AppDomain. The old application domain is “drain stopped”, that is, existing requests are allowed to finish executing, and once they are all finished the AppDomain can unload. The new AppDomain starts with the new code and begins taking all new requests.

Shadow Copy allows us to overwrite any dll in the bin directory during an update without taking the web application offline.

Using the CurrentDomain property of the AppDomain class you can inspect properties about the AppDomain your code is executing in, including the Shadow Copy settings.

Difference between Task.Run and QueueBackgroundWorkItem in Asp.Net


It is more performant since it doesn’t have to switch thread contexts back to the original thread context.

This is true with UI applications, where there is only one UI thread that you have to “sync” back to.

So ConfigureAwait(false) does not save you a thread jump in ASP.NET; it does save you the reentering of the request context, but this is normally very fast. ConfigureAwait(false) could be useful if you’re trying to do a small amount of parallel processing of a request, but really TPL is a better fit for most of those scenarios.

What if I really do need “sync over async”?

In the case of async/await, this typically means making sure that any awaits inside of the asynchronous implementation you’re calling are using ConfigureAwait(false) on all await points; this will prevent the await from trying to marshal back to the current SynchronizationContext.

As a library implementer, it’s a best practice to always use ConfigureAwait(false) on all of your awaits, unless you have a specific reason not to; this is good not only to help avoid these kinds of deadlock problems, but also for performance, as it avoids unnecessary marshaling costs.

Await a minute – that isn’t async!

When you call. Result on an incomplete Task, the thread executing the method has to sit and wait for the task to complete, which blocks the thread from doing any other useful work in the meantime. This negates the benefit of the asynchronous nature of the task. pipeline


And here is automatic redirection

This method will not redirect to status page, it will just print it:

Another usage



ASP.NET MVC 5 – walk-through – (Part 3)

Performing Raw SQL Queries

The Entity Framework Code First API includes methods that enable you to pass SQL commands directly to the database. You have the following options:

  • Use the DbSet.SqlQuery method for queries that return entity types. The returned objects must be of the type expected by the DbSetobject, and they are automatically tracked by the database context unless you turn tracking off.
  • Use the Database.SqlQuery method for queries that return types that aren’t entities. The returned data isn’t tracked by the database context, even if you use this method to retrieve entity types.
  • Use the Database.ExecuteSqlCommand for non-query commands.

One of the advantages of using the Entity Framework is that it avoids tying your code too closely to a particular method of storing data. It does this by generating SQL queries and commands for you, which also frees you from having to write them yourself.

You can disable tracking of entity objects in memory by using the AsNoTracking method. Typical scenarios in which you might want to do that include the following:

  • A query retrieves such a large volume of data that turning off tracking might noticeably enhance performance.
  • You want to attach an entity in order to update it, but you earlier retrieved the same entity for a different purpose. Because the entity is already being tracked by the database context, you can’t attach the entity that you want to change. One way to handle this situation is to use the AsNoTracking option with the earlier query.

Many developers write code to implement the repository and unit of work patterns as a wrapper around code that works with the Entity Framework. These patterns are intended to create an abstraction layer between the data access layer and the business logic layer of an application. Implementing these patterns can help insulate your application from changes in the data store and can facilitate automated unit testing or test-driven development (TDD). However, writing additional code to implement these patterns is not always the best choice for applications that use EF, for several reasons:

  • The EF context class itself insulates your code from data-store-specific code.
  • The EF context class can act as a unit-of-work class for database updates that you do using EF.
  • Features introduced in Entity Framework 6 make it easier to implement TDD without writing repository code.

Most of the time you don’t need to be aware of this use of proxies, but there are exceptions:

  • In some scenarios you might want to prevent the Entity Framework from creating proxy instances. For example, when you’re serializing entities you generally want the POCO classes, not the proxy classes. One way to avoid serialization problems is to serialize data transfer objects (DTOs) instead of entity objects, another way is to  disable proxy creation.
  • When you instantiate an entity class using the new operator, you don’t get a proxy instance. This means you don’t get functionality such as lazy loading and automatic change tracking. This is typically okay; you generally don’t need lazy loading, because you’re creating a new entity that isn’t in the database, and you generally don’t need change tracking if you’re explicitly marking the entity as Added. However, if you do need lazy loading and you need change tracking, you can create new entity instances with proxies using the Create method of the DbSet class.
  • You might want to get an actual entity type from a proxy type. You can use the GetObjectType method of the ObjectContext class to get the actual entity type of a proxy type instance.

To Create SQL Server Database Project you can download template from:

post deployment scripts

SQL Server Object Explorer

Models are classes that you will use to work with the data. Each model mirrors a table in the database and contains properties that correspond to the columns in the table.

New Scaffolded Item



HTTP Error 403.14 – Forbidden – The Web server is configured to not list the contents of this directory

data annotations and validation

You can add a metadata class that contains the attributes. When you associate the model class to the metadata class, those attributes are applied to the model. In this approach, the model class can be regenerated without losing all of the attributes that have been applied to the metadata class.


These attributes will not be lost when you regenerate the model classes because the metadata attribute is applied in partial classes that are not regenerated.

enabling SSL for web projects

RegisterBundle, adding bootstrap css files into existing bundle.

How to seed data with AddOrUpdate with a complex key

Group By Multiple Columns

EF: Include with where clause

Default configuration settings are specified in the Machine.config file located in the %SystemRoot%\Microsoft.NET\Framework\versionNumber\CONFIG\ directory. Values are inherited by child sites and applications. If there is a configuration file in a child site or application, the inherited values do not appear, but can be overridden and are available to the configuration API.

The following default <anonymousIdentification> element is not explicitly configured in the Machine.config file or in the root Web.config file. However, it is the default configuration that is returned by an application.




ASP.NET MVC 5 – walk-through – (Part 2)

For full documentation please visit:

Repository Pattern with C# and Entity Framework

Sorting Example:

X.PagedList This is fork of Troy’s project PagedList ( The main different is that X.PagedList is portable assembly. It means, that you can use it not only in Web projects, but in Winforms, Window Phone, Silverlight and etc. projects.

Implement paging in asp net mvc

Load Balancers

sample ILogger interface


You write method overrides that are automatically called when query is about to be executed. In these methods you can examine or log the query that is being sent to the database, and you can change the query before it’s sent to the database or return something to Entity Framework yourself without even passing the query to the database.


Application_Start method

These lines of code are what causes your interceptor code to be run when Entity Framework sends queries to the database. Notice that because you created separate interceptor classes for transient error simulation and logging, you can independently enable and disable them.

Another option is to put this code in the DbConfiguration class that you created earlier to configure the execution policy.

Wherever you put this code, be careful not to execute DbInterception.Add for the same interceptor more than once, or you’ll get additional interceptor instances. For example, if you add the logging interceptor twice, you’ll see two logs for every SQL query.

Entity Framework Code First Approach

Entity Framework Code First End To End

If you deploy a database by running migrations automatically and you are deploying to a web site that runs on multiple servers, you could get multiple servers trying to run migrations at the same time.  Migrations are atomic, so if two servers try to run the same migration, one will succeed and the other will fail (assuming the operations can’t be done twice). In that scenario if you want to avoid those issues, you can call migrations manually and set up your own code so that it only happens once.

By using data annotation attributes, you can make one code change that will fix the display format in every view that shows the data. DataType attributes do not provide any validation.

You can also use attributes to control how your classes and properties are mapped to the database.

It means we can use DataAnnotations for both client-side formatting/validation and for database formatting, validation and mapping.

The DatabaseGenerated attribute with the None parameter on the CourseID property specifies that primary key values are provided by the user rather than generated by the database.

Column mapping is generally not required, because the Entity Framework usually chooses the appropriate SQL Server data type based on the CLR type that you define for the property. The CLR decimal type maps to a SQL Server decimal type. But in this case you know that the column will be holding currency amounts, and the money data type is more appropriate for that.

By convention, the Entity Framework enables cascade delete for non-nullable foreign keys and for many-to-many relationships. This can result in circular cascade delete rules, which will cause an exception when you try to add a migration.

Example on foreign key constraint and delete cascade

Many to many relationship in entity framework code first

Fluent API

You can use the fluent API to specify most of the formatting, validation, and mapping rules that you can do by using attributes.

Entity Framework Relationships Fluent API

First look at the Fluent API

Lazy loading in LINQ to SQL

Eager loading in LINQ to SQL

Difference between eager loading and lazy loading

Eager loading often offers the best performance, because a single query sent to the database is typically more efficient than separate queries for each entity retrieved.

On the other hand, in some scenarios lazy loading is more efficient. Eager loading might cause a very complex join to be generated, which SQL Server can’t process efficiently.

Lazy loading might perform better because eager loading would retrieve more data than you need. If performance is critical, it’s best to test performance both ways in order to make the best choice.

One way to avoid serialization problems is to serialize data transfer objects (DTOs) instead of entity objects.

Here are some other ways to disable lazy loading:

  • For specific navigation properties, omit the virtual keyword when you declare the property.
  • For all navigation properties, set LazyLoadingEnabled to false, put the following code in the constructor of your context class:

The code specifies eager loading for the Instructor.OfficeAssignment and the Instructor.Courses navigation property.

Eager loading is better than lazy loading only if the page is displayed more often with a course selected than without.

Inserting Updating and Deleting entities in Entity Framework

Normally the scaffolder doesn’t scaffold a primary key because the key value is generated by the database and can’t be changed and isn’t a meaningful value to be displayed to users. For Course entities the scaffolder does include an text box for the CourseID field because it understands that the DatabaseGeneratedOption.None attribute means the user should be able enter the primary key value.

Stored Procedures in Entity Framework

Using stored procedures with entity framework code first approach

ASP.NET MVC5 Async Queries


A web server has a limited number of threads available, and in high load situations all of the available threads might be in use. When that happens, the server can’t process new requests until the threads are freed up. With synchronous code, many threads may be tied up while they aren’t actually doing any work because they’re waiting for I/O to complete. With asynchronous code, when a process is waiting for I/O to complete, its thread is freed up for the server to use for processing other requests. As a result, asynchronous code enables server resources to be use more efficiently, and the server is enabled to handle more traffic without delays.

The following highlights show what was added to the synchronous code for the Index method to make it asynchronous:

Some things to be aware of when you are using asynchronous programming with the Entity Framework:

  • The async code is not thread safe. In in other words, don’t try to do multiple operations in parallel using the same context instance. For example do not update bank account balance of an user in parallel. Because context is not thread safe, you may be updating bank account with different value than you are intending.
  • If you want to take advantage of the performance benefits of async code, make sure that any library packages that you’re using (such as for paging), also use async if they call any Entity Framework methods that cause queries to be sent to the database.

Use stored procedures for inserting, updating, and deleting

This code instructs Entity Framework to use stored procedures for insert, update, and delete operations on the Department entity.

More details for implementation visit: or check videos above.

Concurrency Check in Entity Framework

A concurrency conflict occurs when one user displays an entity’s data in order to edit it, and then another user updates the same entity’s data before the first user’s change is written to the database. If you don’t enable the detection of such conflicts, whoever updates the database last overwrites the other user’s changes. In many applications, this risk is acceptable: if there are few users, or few updates, or if isn’t really critical if some changes are overwritten, the cost of programming for concurrency might outweigh the benefit. In that case, you don’t have to configure the application to handle concurrency conflicts.

If your application does need to prevent accidental data loss in concurrency scenarios, one way to do that is to use database locks. This is called pessimistic concurrency. For example, before you read a row from a database, you request a lock for read-only or for update access. If you lock a row for update access, no other users are allowed to lock the row either for read-only or update access, because they would get a copy of data that’s in the process of being changed. If you lock a row for read-only access, others can also lock it for read-only access but not for update.

Difference between optimistic and pessimistic concurrency control

Managing locks has disadvantages. It can be complex to program. It requires significant database management resources, and it can cause performance problems as the number of users of an application increases. For these reasons, not all database management systems support pessimistic concurrency. The Entity Framework provides no built-in support for it.

optimistic concurrency

The alternative to pessimistic concurrency is optimistic concurrency. Optimistic concurrency means allowing concurrency conflicts to happen, and then reacting appropriately if they do. For example,

John runs the Departments Edit page, changes the Budget amount for the English department from $350,000.00 to $0.00.

Before John clicks Save, Jane runs the same page and changes the Start Date field from 9/1/2007 to 8/8/2013.

John clicks Save first and sees his change when the browser returns to the Index page, then Jane clicks Save. What happens next is determined by how you handle concurrency conflicts. Some of the options include the following:

  • You can keep track of which property a user has modified and update only the corresponding columns in the database. In the example scenario, no data would be lost, because different properties were updated by the two users. The next time someone browses the English department, they’ll see both John’s and Jane’s changes — a start date of 8/8/2013 and a budget of Zero dollars.

    You can let Jane’s change overwrite John’s change. The next time someone browses the English department, they’ll see 8/8/2013 and the restored $350,000.00 value. This is called a Client Wins or Last in Wins scenario. (All values from the client take precedence over what’s in the data store.) As noted in the introduction to this section, if you don’t do any coding for concurrency handling, this will happen automatically.

  • You can prevent Jane’s change from being updated in the database. Typically, you would display an error message, show her the current state of the data, and allow her to reapply her changes if she still wants to make them. This is called a Store Wins scenario. (The data-store values take precedence over the values submitted by the client.)

You can resolve conflicts by handling OptimisticConcurrencyException exceptions that the Entity Framework throws. In order to know when to throw these exceptions, the Entity Framework must be able to detect conflicts.

The rowversion value is a sequential number that’s incremented each time the row is updated. In an Update or Delete command, the Where clause includes the original value of the tracking column (the original row version) . If the row being updated has been changed by another user, the value in the rowversion column is different than the original value, so the Update or Delete statement can’t find the row to update because of the Where clause.

The attribute is called Timestamp because previous versions of SQL Server used a SQL timestamp data type before the SQL rowversion replaced it. The .Net type for rowversion is a byte array.

fluent API:

code implementation:

Using ROWVERSION or TIMESTAMP to detect concurrency conflicts