.Net MVC Interview Day -1

ASP .Net

1. What is MVC (Model view controller)?

  • It stands for Model View Controller.
  • MVC framework is used to develop web application.
  • This framework developed by Microsoft on 2007.
  • MVC is an architectural pattern that can be separate tree main component such as Mode, View and Controller.

Authentication and Authorization in MVC Framework

ASP .Net
In this we will discuss about the ASP.NET Roles and Membership API from MVC perspective. We will try to see how the default Roles and Membership provides can be used for authentication and authorization in an MVC application. We will also see how we can implement custom forms authentication in an ASP.NET MVC application.

AntiForgeryToken in MVC Framework

ASP .Net

AntiForgeryToken

  • AntiForgeryToken is a great feature in ASP.NET MVC framework.
  • It generates a hidden field in form and valid value in cookies that is validated when the form is submitted to server.
  • It protect your application against cross site request forgery.

What is Cross Site Request Forgery?

  • Cross Site Request Forgery is a one type of attack.
  • It defined as a forgery request or fraud request, which comes on an authenticated site from cross site and is treated as an authenticated request.
  • The impact of CSRF attack is limited of the capabilities exposed by the vulnerable application.

Client Side Validation in MVC Framework

ASP .Net

Client Side Validation

  • ASP.NET MVC framework also supports client side validation by using jqyery.
  • It will validate data immediate and display the error message in browser.
  • Validation should now happen on the client without a round trip to the server.
  • If the client disables javascript in the browser, then client side validation does not work but server side validation will continue to work as normal.

Custom Validation in MVC

ASP .Net

Custom Validation

Validation attributes are a way to configure the model. Some validation rules are implemented based on your business. Your business rules might not be data data annotations validation. You need to implement for new business rule in your MVC application. This case you can go to custom validation.