using parentheses with method calls
in asp, you could freely call methods on objects without using parentheses, as shown below: sub writedata() response.write "this is data"end subwritedata
in asp .net, you must use parentheses with all of your calls, even for methods that do not take any parameters. writing your code, as in the example below, allows it to function correctly in both asp and asp .net. sub writedata() response.write("this is data")end subcall writedata()
byval is now the default
in visual basic, all parameter arguments were, by default, passed by reference or byref. in visual basic .net, this has changed so that all arguments are now passed by value or byval by default. if you still wish to have "byref" behavior, you must explicitly use the byref keyword in front of your parameters as follows:sub mybyrefsub (byref value) value = 53;end sub
this is an area where you really need to be careful. when you are moving your code over to asp .net, i suggest double and triple checking each parameter used in your method calls to ensure that this change is what you really want. i suspect you will need to change some of them.no more default properties
the concept of default properties no longer exists in visual basic .net. what this means is that if you have asp code that relies on a default property that was provided by one of your objects, you will need to change this to explicitly reference the desired property, as shown in the following code: 'asp syntax (implicit retrieval of column value property)set conn = server.createobject("adodb.connection")conn.open("testdb")set rs = conn.execute("select * from products")response.write rs("name")'asp.net syntax (explicit retrieval of column value property)conn = server.createobject("adodb.connection")conn.open("testdb")rs = conn.execute("select * from products")response.write (rs("name").value)
changes in data types
in visual basic .net, integer values are now 32 bits and long types have become 64 bits.
problems may arise when invoking methods on com objects from asp .net or calling microsoft® win32® api calls inside your custom visual basic components. pay special attention to the actual data types required to ensure you are passing in or casting your values correctly.structured exception handling
although the familiar on error resume next and on error goto error handling techniques are still allowed in visual basic .net, they are not the best way to do things anymore. visual basic now has full-blown structured exception handing using the try, catch, and finally keywords. if possible, you should move to this new model for error handling as it allows for a more powerful and consistent mechanism in dealing with your application errors. com-related changes
with the introduction of the .net framework and asp .net, com really has not been changed at all. this does not mean, however, that you do not need to worry about com objects and how they behave when you are using them from asp .net. there are a couple of fundamental things you need to be aware of.threading model changes
the asp .net threading model is the multiple threaded apartment (mta). what this means is that components that you are using that were created for the single threaded apartment (sta) will no longer perform or function reliably without taking some extra precautions in asp .net. this includes, but is not limited to, all com components that have been created using visual basic 6.0 and earlier versions. aspcompat attribute
you will be glad to hear that you can still use these sta components without having to change any code. what you need to do is include the compatibility attribute aspcompat=true in a <%@page> tag on the asp .net page. for example, <%@page aspcompat=true language=vb%>. using this attribute will force your page to execute in sta mode, thus ensuring your component will continue to function correctly. if you attempt to use an sta component without specifying this tag, the run time will throw an exception.
setting this attribute to true will also allow your page to call com+ 1.0 components that require access to the unmanaged asp built-in objects. these are accessible via the objectcontext object.
if you set this tag to true, your performance will degrade slightly. i suggest doing this only if you absolutely need to.early binding versus late binding
in asp, all calls to com objects occur through the idispatch interface. this is known as "late binding" because calls to the actual objects are handled indirectly via idispatch at run time. in asp .net, you can continue to invoke your components in this fashion if you like.dim obj as objectobj = server.createobject("progid")obj.mymethodcall
this works but it is not the preferred manner to access your components. with asp .net, you can now take advantage of early binding and create your objects directly as follows: dim obj as new myobjectmyobject.mymethodcall()
early binding allows you to interact with your components in a type-safe manner. in order to take advantage of early binding with your com components, you need to add a reference in your project in much the same way that you add a com reference to a visual basic 6.0 project. assuming that you are using visual studio .net, a managed proxy object is created behind the scenes, on top of your com component, giving you the impression you are dealing directly with your com component as a .net component.
at this point you may wonder about performance. there is definitely some overhead involved when using com interoperability as you now have an extra layer introduced because of the proxy object. in most cases, however, this will not be a factor because the amount of actual cpu instructions for the interoperation to occur is still substantially less than that required by your indirect idispatch calls. you will be gaining more than you will lose. the ideal situation, of course, is to use newly created, managed objects, but we know that this will not always be possible immediately because of our investments in com components over the years. onstartpage and onendpage methods
one area that needs some additional consideration involves the use of the legacy onstartpage and onendpage methods. if you rely on these methods to access asp intrinsic objects, you will need to use the aspcompat directive and use server.createobject to create your component in an early-bound fashion, as shown below: dim obj as myobjobj = server.createobject(myobj)obj.mymethodcall()
notice that instead of using the "progid," we have used the actual type in an early-bound manner. in order for this to work, you will need to add a reference to your com component in your visual studio project so that the early-bound wrapper class is created for you. this should be the only case where you must continue to use server.createobject. com summary
table 2 is a summary of what you need to do to continue to use your com components as efficiently as possible.
table 2. asp .net settings for legacy com objects
com component type/methodasp .net setting/procedurescustom sta (visual basic components or other components marked as "apartment")use aspcompat, use early bindingcustom mta (atl or custom com components marked as "both" or "free")do not use aspcompat, use early bindingintrinsic objects (accessed via objectcontext)use aspcompat, use early bindingonstartpage, onendpageuse aspcompat, use server.createobject(type)
these same settings apply whether or not your components are deployed in com+.application configuration changes
in asp, all web application configuration information is stored in the system registry and the iis metabase. this makes it quite difficult to view or modify settings because often the correct administration tools are not even installed on your server. asp .net introduces a whole new configuration model based on simple, human readable xml files. each asp .net application has its own web.config file that lives in its main application directory. it is here that you control the custom configuration, behavior, and security of your web application.
if you are like i was, you will be tempted to go to the internet services manager snap-in to inspect and change the settings for your asp .net application. understand, however, that we now have two totally separate configuration models. with the exception of some security settings, for the most part all other settings made using the iis administration tool are ignored by asp .net applications. you need to place your configuration settings in the web.config file.
application configuration with .net is an article in itself and i will not detail it here. table 3 shows some of the more interesting configuration sections you can set in your file. keep in mind that there are many more.
table 3. sample web.config settings
settingdescription<appsettings>
configures custom application settings.<authentication>
configures asp .net authentication support.<pages>
identifies page-specific configuration settings.<processmodel>
configures the asp .net process model settings on iis systems.<sessionstate>
specifies session state options.
there are classes available in the .net base class libraries that simplify programmatic access to these settings.state management
if your application uses the session or application intrinsic object to store state information, you can continue to use these in asp .net without any problems. as an added benefit, you now have a couple of more options for your state storage location.state management options
in asp .net, you have additional options for your state storage model that will finally allow you to go beyond a single web server and support state management across a web farm.
you configure your state management options in the <sessionstate> section of your web.config file as follows:<sessionstate mode="inproc" stateconnectionstring="tcpip=127.0.0.1:42424" sqlconnectionstring="data source=127.0.0.1;user id=sa;password=" cookieless="false" timeout="20"/>
the mode attribute specifies where you would like to store your state information. your options are inproc, stateserver, sqlserver, or off.
table 4. session state storage information
optiondescriptioninprocsession state is stored locally on this server (asp style).stateserversession state is stored in a state service process located remotely or potentially locally.sqlserversession state is stored in a sql server database.offsession state is disabled.
stateconnectionstring and sqlconnectionstring obviously come into factor if you use one of these other options. you can only use one storage option per application.storing com components
one thing to keep in mind is that if you rely on storing references to your legacy com components in the session or application object, you cannot use the new state storage mechanisms (stateserver or sqlserver) within your application. you will need to use inproc. this is due, in part, for the need of an object to be self-serializable in .net terms, something that com components obviously cannot do. new, managed components you create, on the other hand, can do this relatively easily and thus can use the new state storage models. performance
as far as performance goes, nothing comes for free, of course. one can safely assume that in most cases, inproc will continue to be the best performer, followed by stateserver and then sqlserver. you should perform you own tests with your application to ensure the option you select will meet your performance goals.sharing state between asp and asp .net
another important thing to consider is that although your application can contain both asp and asp .net pages, you cannot share state variables stored in the intrinsic session or application objects. you either need to duplicate this information in both systems or come up with a custom solution until your application is fully migrated. the bottom line is that if you have made little use of the session and application objects, you should be in good shape. if, on the other hand, you use these objects extensively, you will need to proceed with caution and perhaps come up with a custom short-term solution to sharing your state. security-related changes
security is another area that requires a great deal of focus. here is a brief overview of the asp .net security system. consult the asp .net security documentation for a more thorough investigation.
asp .net security is primarily driven from settings in the security sections of your web.config file. asp .net works in concert with iis to provide a complete security model for your application. iis security settings are some of the few application settings that will actually carry over and be applied to your asp .net application in a similar manner to that in asp. there are, of course, many additional enhancements. authentication
for authentication, asp .net supports the different options shown in table 5.
table 5. asp .net authentication options
typedescriptionwindowsasp .net uses windows authentication.formscookie-based, custom login forms.passportexternal microsoft provided passport service.noneno authentication is performed.
these are the same options you have in asp, with the exception of the new passport authentication option. as an example, the following configuration section enables windows-based authentication for an application:<configuration> <system.web> <authentication mode="windows"/> </system.web></configuration>