Labels

Tuesday, June 26, 2007

Microsoft Guidelines to create a good ASP.NET application - Ver 2

Hi,

Following is the checklist to be followed for good ASP.NET application recommended by Microsoft:

Source:

http://msdn2.microsoft.com/en-us/library/ms998530.aspx

Design Considerations

Check

Description


Consider security and performance.


Partition your application logically.


Evaluate affinity.


Reduce round trips.


Avoid blocking on long-running tasks.


Use caching.


Avoid unnecessary exceptions.


Threading

Check

Description


Tune the thread pool by using the formula to reduce contention.


Consider minIoThreads and minWorkerThreads for burst load.


Do not create threads on a per-request basis.


Avoid blocking threads.


Avoid asynchronous calls unless you have additional parallel work.


Resource Management

Check

Description


Pool resources.


Explicitly call Close or Dispose on resources you open.


Do not cache or block on pooled resources.


Know your application allocation pattern.


Obtain resources late and release them early.


Avoid per-request impersonation.


Pages

Check

Description


Trim your page size.


Enable buffering.


Use Page.IsPostBack to minimize redundant processing.


Partition page content to improve caching efficiency and reduce rendering.


Ensure pages are batch compiled.


Ensure debug is set to false.


Optimize expensive loops.


Consider using Server.Transfer instead of Response.Redirect.


Use client-side validation.


Server Controls

Check

Description


Identify the use of view state in your server controls.


Use server controls where appropriate.


Avoid creating deep hierarchies of controls.


Data Binding

Check

Description


Avoid using Page.DataBind.


Minimize calls to DataBinder.Eval.


Caching

Check

Description


Separate dynamic data from static data in your pages.


Configure the memory limit.


Cache the right data.


Refresh your cache appropriately.


Cache the appropriate form of data.


Use output caching to cache relatively static pages.


Choose the right cache location.


Use VaryBy attributes for selective caching.


Use kernel caching on Microsoft® Windows Server™ 2003.


State Management

Check

Description


Store simple state on the client where possible.


Consider serialization costs.


Application State

Check

Description


Use static properties instead of the Application object to store application state.


Use application state to share static, read-only data.


Do not store single-threaded apartment (STA) COM objects in application state.


Session State

Check

Description


Prefer basic types to reduce serialization costs.


Disable session state if you do not use it.


Avoid storing STA COM objects in session state.


Use the ReadOnly attribute when you can.


View State

Check

Description


Disable view state if you do not need it.


Minimize the number of objects you store in view state.


Determine the size of your view state.


HTTP Modules

Check

Description


Avoid long-running and blocking calls in pipeline code.


Consider asynchronous events.


String Management

Check

Description


Use Response.Write for formatting output.


Use StringBuilder for temporary buffers.


Use HtmlTextWriter when building custom controls.


Exception Management

Check

Description


Implement a Global.asax error handler.


Monitor application exceptions.


Use try/finally on disposable resources.


Write code that avoids exceptions.


Set timeouts aggressively.


COM Interop

Check

Description


Use ASPCOMPAT to call STA COM objects.


Avoid storing COM objects in session state or application state.


Avoid storing STA components in session state.


Do not create STA components in a page constructor.


Supplement classic ASP Server.CreateObject with early binding.


Data Access

Check

Description


Use paging for large result sets.


Use a DataReader for fast and efficient data binding.


Prevent users from requesting too much data.


Consider caching data.


Security Considerations

Check

Description


Constrain unwanted Web server traffic.


Turn off authentication for anonymous access.


Validate user input on the client.


Avoid per-request impersonation.


Avoid caching sensitive data.


Segregate secure and non-secure content.


Only use Secure Sockets Layer (SSL) for pages that require it.


Use absolute URLs for navigation.


Consider using SSL hardware to offload SSL processing.


Tune SSL timeout to avoid SSL session expiration.


Deployment Considerations

Check

Description


Avoid unnecessary process hops.


Understand the performance implications of a remote middle tier.


Short-circuit the HTTP pipeline.


Configure the memory limit.


Disable tracing and debugging.


Ensure content updates do not cause additional assemblies to be loaded.


Avoid XCOPY under heavy load.


Consider precompiling pages.


Consider Web garden configuration.


Consider using HTTP compression.


Consider using perimeter caching.


Thanks & Regards,

Arun Manglick

SMTS || Microsoft Technology Practice || Bridgestone - Tyre Link || Persistent Systems || 3023-6258


No comments:

Post a Comment