Microsoft .NET Framework FAQ
Microsoft Corporation
July 2001
Summary: This article contains common issues with Microsoft .NET and Microsoft .NET frameworks. (Total 15 Print Page)
content
Conceptual problem runtime technical problem terms assembly application deployment and isolation garbage recycling remote processing interoperability security
Conceptual problem
What is .NET framework?
Running technology problem
the term
What is a public language runtime (CLR)? What is a general type system (CTS)? What is the Public Language Normative (CLS)? What is Microsoft Intermediate Language (MSIL)? What is managed code and managed data?
Assembly
What is the assembly? What is a special assembly and shared assembly? If you want to generate a shared assembly, do you need to sign and manage the system overhead of the key pair? What is the difference between the namespace name and the number of app sets?
Application deployment and isolation
Which options can be used to deploy .NET applications? I have written the assembly to be used in multiple applications. Where do you deploy it? How do I view the assembly installed in the global program cache? What is the application domain?
Garbage collection
What is garbage recovery? How does non-deterministic garbage recovery affect code? Can you avoid the use of garbage recovery?
Remote processing
What is the working mechanism between the process and the process between the process in the public language running library?
Interoperability
Can COM objects can I use in the .NET framework? Can I use the .NET Framework component in a COM program? Can Win32 APIs in the .NET framework program?
safety
What do you have to do for the code to apply to a security system? Why receive security anomalies when running code from the network sharing drive? How to make the code run when the security system stops? How to manage the security of your personal computer? How to manage the security of enterprise computers? How is the security of evidence how to use Windows 2000 security?
Conceptual problem
What is .NET framework?
The Microsoft .NET framework is a platform for generating, deploying, and running web services and applications. It provides a high productivity and standard multilingual environment for integration of existing investments and next-generation applications and services, while providing the flexibility of resolving the deployment and operational challenges of the Internet scale application. The .NET framework consists of three main parts: a public language runtime, a hierarchical collection of unified class libraries and an ACTIVE Server Pages component version called ASP.NET.
Return to the top
Running technology problem
the term
What is a public language runtime (CLR)?
The public language runtime is an execution engine for .NET Framework applications.
It offers several services, including:
Code Management (Loading and Execution) Application Inscription Isolation Type Security Validation IL to Native Code Conversion Data (Enhanced Type Information) Access Management Code Access Security Merration Access Security Force Access Security, including language space Automation of mutual operation object layout between hosting code, COM object, and pre-existing DLL (unmanaged code and data) to developer service support (analysis, commissioning, etc.)
Return to the top
What is a general type system (CTS)?
General Type Systems are a wealth of types of systems built into a public language running library that supports the types and operations existing in most programming languages. General type systems support a complete implementation of a wide range of programming languages.
Return to the top
What is the Public Language Normative (CLS)?
The public language specification is a set of constructors and constraints, which acts as a wizard of library writing and compiler writers. It allows the library to be used through any language that supports CLS and enables those languages to integrate with each other. Public language norms are a subset of common type systems. It is also very important for applications developers who are writing code that will be used by other developers. These APIs are easily used by all other programming languages that operate the library for public language according to the API of the CLS rules. Return to the top
What is Microsoft Intermediate Language (MSIL)?
MSIL is an instruction set that is not related to the CPU, which is compiled into the .NET framework program. It contains instructions that load, store, initialize, and call methods on an object.
After combining metadata and common types, MSIL allows real language integration.
Before execution, MSIL will be converted into machine code and is not explained.
Return to the top
What is managed code and managed data?
The hosted code is a code written for services to the public language runtime (see "What is a public language runtime?"). In order to facilitate these services, the code must provide the runtime information (metadata). By default, all C #, Visual Basic .NET and JScript .NET code are hosted. By default, the Visual Studio .NET C code is not managed, but the compiler can generate managed code by specifying the command line switch (/ CLR).
Closely related to the hosted code is the managed data (data allocated and released by the garbage collector of the public language runtime). By default, C #, Visual Basic and JScript .NET data is hosted. However, the C # data can be marked as unmanaged by using a special keyword. By default, Visual Studio .NET C data is not managed (even when using / the CLR switch), but when using the C hosted extension, the class is marked as a hosted by using the __gc keyword. As the name is implicit, this means that the memory used for the class instance is hosted by the garbage collector. In addition, classes become a fully involved member of the .NET Framework Community, which has brought benefits and limits. One of the benefits is the correct interoperability of classes written in other languages (for example, managed C classes can inherit from Visual Basic class). One of the limits is that the hostess class can only be inherited from the base class.
Return to the top
Assembly
What is the assembly?
The assembly is the main construction block of the .NET framework application. It is a set of functions and is generated, versioned, and deployed in the form of a single implementation unit (one or more files). All managed types and resources may be accessed only in its real-world unit, or if the external code is marked as accessible.
The assembly is self-description through its list (part of each assembly is indispensable). List of:
Establish an assembly ID (in the form of a text name), version, regional, and digital signature (if the assembly will be shared between applications). Define files that make up the assembly implementation (by name and file havehing). Specifies the type and resource of the assembly, including the type and resources exported from the assembly. List the compile time dependencies on other assessments by one. Specifies that the assembly is required to run the required permissions.
This information is used to resolve references, enforce the integrity of the assembly at runtime. Runners can determine and locate the assembly of any run object because each type is loaded in the context of the assembly. The assembly is also a unit that applies code access security permissions. When determining what permissions are confirmed to the code containing the code, consider the identification evidence of each assembly.
The characteristics of the assembly self-description also help to make no impact installation and XCOPY deployment.
Return to the top
What is a special assembly and shared assembly?
The private assembly is used only by a single application and stored in the installation directory of the application (or in the subdirectory therein). The shared assembly is a set of assemblies that can be referenced by multiple applications. In order to share the assembly, you must give the program set a strong name (sometimes also known as strong name) to explicitly generate an assembly for this purpose. In contrast, the dedicated assembly name only needs to be unique in using it.
By distinguishing between a dedicated assembly and sharing assembly, we introduce sharing concepts in expressive decisions. Simply deploy a private assembly to the application directory, you can ensure that the application is only running with a bit used to generate and deploy it. The reference to the private assembly is only resolved to the dedicated application directory.
It can be made a number of reasons for generating and using shared assemblies, such as the ability to represent version strategies. The shared assembly has an encrypted strong name, which means that only the author of this assembly has a key to generate a new version of the program set. So if you generate a policy statement, you want to accept the new version of the assembly, you should be sure that the version update will be affected and verified by the author. Otherwise, you don't have to accept them.
For applications where local installation, shared assemblies are usually explicitly installed into the global program cache (local cache for assemblies maintained by the .NET framework). The key of the .NET framework version management function is: The downloaded code does not affect the execution of the application of the local installation. The downloaded code is placed in a special download cache and is not globally available on your computer, and some download components are generated even in the form of a shared assembly.
The class comes with the .NET frame is generated in the form of a shared assembly.
Return to the top
If you want to generate a shared assembly, do you need to sign and manage the system overhead of the key pair?
Generating a shared assembly does involve using an encryption key. When generating an assembly, only public keys are really required. The compiler for the .NET framework provides a public key when generating a program set (or using custom properties). Common practices are a copy of the universal public key in the source database and point the generated script to this key. Before delivery, you must fully sign an assembly with the appropriate private key. This work is done with SDK tools called Sn.exe (Strong Name).
Unlike Authenticode, strong name signing does not involve certificates. Does not involving third-party units, there is no fee to pay, and there is no certificate chain. In addition, the verification strong name is much lower than the system overhead of authentication Authenticode. However, the strong name is not to make any statement on whether to trust a particular publisher. Strong Name allows you to make sure that the content of a given assembly is not tampered with, and the assembly loaded by your name is from your name publisher when running. But it doesn't make any statement on whether you can trust the identity of this publisher.
Return to the top
What is the difference between the namespace name and the number of app sets?
Namespace is a type of logical naming scheme, which is a simple type name (such as myType) at the beginning of the hierarchical name. Such a naming scheme is completely controlled by developers. For example, type mycompany.fileAccess.a and mycompany.fileAccess.b may have a function of logically with file access. The .NET framework uses a hierarchical naming scheme to divide the type into a logical category of the related function (such as the ASP.NET application framework) or the remote processing function. Design tools can use namespace to make developers easier to browse and reference types in your code. The concept of namespace is independent of the concept of the assembly. A single assembly can include a hierarchical name with a type of different namespace, and the logical namespace root can span multiple assemblies. In the .NET framework, the namespace is naming when the logic design is naming, and the assembly establishes the name range of the type of time.
Return to the top
Application deployment and isolation
Which options can be used to deploy .NET applications? The .NET framework simplifies the deployment by making the application's non-affected installation and XCOPY deployment effectively. Since all requests are first resolved to the dedicated application directory, simply copy the application's directory file to the disk to run the application. No registration is required.
This solution is particularly urgent for web applications, web services, and separate desktop applications. However, in some cases, XCOPY is insufficient as a distribution mechanism. Applications only have little dedicated code and rely on availability of shared assemblies, or the application is not installed locally (but downloaded on demand). In the above case, the .NET framework provides a large number of code download services and integration with the Windows installer. Compared to the current platform, the code download support provided by the .NET framework provides some advantages, including incremental downloads, code access security (without other authenticode dialogs) and application isolation (code downloaded by one application does not affect other applications. program). The Windows installer is another powerful deployment mechanism that can be used for .NET applications. All features of the Windows installer (including publishing, publishing, and application fix) are applicable to the .NET application in Windows Setup 2.0.
Return to the top
I have written the assembly to be used in multiple applications. Where do you deploy it?
The assembly (such as shared assemblies) that will be used by multiple applications is deployed to the global assembly cache. In the pre-release and beta version, use the GACUTIL SDK tool / I option to install the assembly to the cache:
Gacutil / i mydll.dll
Windows Installer 2.0 (included in Windows XP and Visual Studio .NET) can install the assembly to the global assembly cache.
Return to the top
How do I view the assembly installed in the global program cache?
The .NET framework provides a Windows shell extension for viewing a program cache. Navigate to% windir% / askEMBLY will activate the viewer via the Windows Explorer.
Return to the top
What is the application domain?
Application Domain (usually appdomain) is a virtual process for isolating applications. All objects created in the same application domain within the same application domain within the same application domain within the same application domain within the same application area within the same application range (in other words). Multiple application domains can exist in a single operating system process, which makes them a lightweight method for application isolation.
The operating system process provides isolation by providing a unique memory address space. Although this is very effective, the cost is high and cannot be extended to the number of large web servers. On the other hand, the public language runtime enforces application isolation by managing memory usage of code in the application domain. This ensures that it does not access memory outside the domain boundaries. Note that only type security codes can be managed in this way (the runtime cannot guarantee isolation when the unsafe code is loaded into the application domain).
Return to the top
Garbage collection
What is garbage recovery?
Garbage recycling is a mechanism that allows the computer to detect when the object cannot be accessed. It then automatically releases the memory used by the object (simultaneously calling the cleaning routine called "termination program"). Some garbage collectors (such as the garbage collector used by .NET) compress memory, thereby reducing the work set of procedures.
Return to the top
How does non-deterministic garbage recovery affect code?
For most programmers, there is a garbage collector (and use garbage collection object) means that even if complex data structures are used, they don't have to worry about releasing memory or reference count objects. However, if you typically release system resources (file handles, locks, etc.) in the same code block in which object memory (file handle, lock, etc.) must do need some changes in coding style. For garbage collection objects, a method of releasing system resources in a determining method (ie, the procedure control) should be provided and the garbage collector can release memory during compression work set. Return to the top
Can you avoid the use of garbage recovery?
All languages facing the running library allow for allocation of classes from the garbage recovery heap. This brings the benefits of rapid distribution and makes the programmer do not have to calculate when to explicitly "release" each object.
The CLR also provides so-called ValueType. ValueType is similar to the class, and the VALUETYPE object is allocated on the runtime stack (instead of heap), so they will be automatically recycled when the code exits defines these objects. This is the mode of operation of "structure" in C #.
C hosted extensions allows you to select the location of the assigned class object. If the __gc key is declared as a hosted class, they allocate them from the garbage collection heap. If they do not include the __gc keyword, their behavior is similar to the regular C object, allocating from the C heap, and is explicitly released by the "Free" method.
For additional information about garbage collection, see:
Garbage Recycling: Automatic Memory Management in Microsoft .NET Framework (Part 2): Automatic Memory Management in Microsoft .NET Framework
Return to the top
Remote processing
What is the working mechanism between the process and the process between the process in the public language running library?
There are two aspects within the process: communication between the context between the context in a single application domain, or communication between the application domain. Between the context of the same application domain, the agent is used as a listening mechanism. Does not involve any septation or serialization operation. When crossing multiple application domains, we use the runtime binary protocol to block processing / serialization.
Inter-process communication uses a plug-in channel and formatted program protocol, each of which applies to specific purposes.
If the developer uses tool SOAPSUDS.EXE to specify an endpoint to generate a metadata agent, the default is set to an HTTP channel with the SOAP formatter. If the developer performs explicit remote processing in the hosted environment, you must clear the channels and formatting programs to use. This can be represented as a management form, and load a specific channel by the configuration file or calls the API. The option is: HTTP channel with SOAP formatting program (HTTP is very suitable for use or communication on the Internet) The TCP channel with binary formatting program (TCP is a higher performance option for local area network (LAN) )
When converting between managed codes and non-hosting code, the COM structure (exactly DCOM is used for remote processing. In the intermediate version of the CLR, this is adapted to be served (components using COM services). When it is finally published, any remote processing should be configured.
The distributed garbage collection of objects is hosted by a system called "lease-based survival". Each object has a rental time. When the time expires, the object will disconnect with the CLR's remote processing structure. The object has a default renewal time, and the lease is rented when the object is successfully called from the client. The client can also explicitly renewal.
Return to the top
Interoperability
Can COM objects can I use in the .NET framework?
can. Any COM components that are now deployed can be used in hosted code, usually, the adaptation is completely automated. Specifically, the automatic behavior is to access the COM component from the .NET framework using the built-in .NET framework. This package converts the COM interface disclosed in COM components into an interface compatible with the .NET framework. For the OLE automation interface, the RCW can automatically generate from the type library. For non-OLE automation interfaces, developers can write custom RCW and manually mapped the type of COM interface to the type compatible with the .NET framework.
Return to the top
Can I use the .NET Framework component in a COM program?
can. The currently generated managed type can be accessed through COM, usually, the configuration is completely automated. Some new features of the hosted development environment cannot be accessed through COM. For example, static methods and parameterized constructors cannot be used through COM. Normally, it is best to determine the expected user of a given type in advance. If you want to use the type of COM, you may be limited to the ability to use COM accessible.
Based on the language used to write managed types, this type may be visible by default, or may not be visible.
Specifically, the automatic behavior is to access the .NET framework component from the COM using COM-callable packaging (CCW). This is similar to RCW (see the previous problem), but the working direction is reversed. In addition, if the .NET framework development tool cannot automatically generate a package, or if the auto behavior is not what you want, you can develop a custom CCW.
Return to the top
Can Win32 APIs in the .NET framework program?
can. Use the platform call, .NET framework can access the native code base by static DLL entry.
Below is a C # example of calling the win32 messagebox function:
Using system;
Using system.Runtime.InteropServices;
Class Mainapp
{
[DLLIMPORT ("User32.dll", entrypoint = "mess")]]
Public Static Extern Int MessageBox (int hwnd, strmessage, string strcaption, uint uitype);
Public static void main ()
{
Messagebox (0, "Hello, This Is Pinvoke In Operation!", ".Net", 0);
}
}
Return to the top
safety
What do you have to do for the code to apply to a security system?
This is usually not a problem, most applications will run safely and will not be utilized by malicious attacks. Just use standard class libraries to access resources (such as files) or perform protected operations (such as types of private member reflections), security is enhanced by these libraries. A simple matter that developers may need to do is to include permission requests (declared security form) to limit the permissions that the code can receive (restricting the permissions it needs). This ensures that all rights needed to be made only if the code is allowed to run.
Only developers who write new base libraries open new resource types need to directly use the security system. Not all code has potential security hazards, code access security will happen to significantly restrict the very small code of explicitly rewriting the security system.
Return to the top
Why receive security anomalies when running code from the network sharing drive?
The default security policy only grants a limited set of permissions to code from the local intranet area. This area is defined by the Internet Explorer security setting and should be configured to match local networks in the enterprise. Since the file named UNC or mapping drive (such as using the NET USE command) is sent through the local network, these files are also in the local Intranet area. The default is to set the worst case for unsafe intranet. If your intranet is secure, you can modify the security policy (with .NET Frame Configuration Tools or Caspol tools), you can grant more permissions to your local intranet or its part (eg, a specific computer sharing name).
Return to the top
How to make the code run when the security system stops?
A security exception occurs when the code is attempts to perform an operation without authority. Permissions award based on known code, especially its location. For example, the code running from the Internet is less permissions obtained from the code running from the local computer, because the proven proves is not as reliable as the latter. Therefore, in order to run the code that failure due to an abnormal safety, it must be added to grant it. A simple way to do this is to move the code to a more trusted location (such as a local file system). But this does not apply to all situations (web applications are a good example, the intranet application on the company network is another example). Therefore, if you do not change the location of the code, you can also change the security policy to grant more permissions to this location. This can be done using the .NET Framework Configuration Tool or Code Access Security P &P PEtry P &P (Caspol.exe). If you are a code developer or publisher, you can also add a digital signature for the code, then modify the security policy, and grant more permissions to the code with the signature. However, when using any of the above operations, remember that the permissions granted to the code should be less, because it is not from the recognizable reliability. Before moving the code to the local computer or change the security policy, make sure that the trust code does not perform malicious or harmful operations.
Return to the top
How to manage the security of your personal computer? How to manage the security of enterprise computers?
The .NET framework includes a .NET Framework Configuration Tool -MMC Management Unit (MSCORCFG.MSC) to configure several aspects of CLR, including security policies. The management unit not only supports the management of security policies on the local computer, but also creates a corporate policy deployment package that is compatible with the System Management Server and Group Policy. Command Line Utility Caspol.exe can also be used for scripting policy changes on your computer. To run any tool in a command prompt, change the current directory to the installation directory of the .NET Framework (in% Windir% / Microsoft.Net / Framework / V1.0.2914.16 /) and type MSCORCFG.MSC or CASPOL. EXE.
Return to the top
How is the security of evidence how to use Windows 2000 security?
Evidence-based security (it authorized code) is used with Windows 2000 security (it based on login ID). For example, for access files, managed code must have both code access security file permissions, but also run under the login ID with NTFS file access. The checked library contained in the .NET framework also provides classes for role-based security. These classes enable applications to use Windows login identity and user groups.
Return to the top