Microsoft. NET Framework FAQ (ii)

What is the difference between a namespace and an assembly name?
Namespaces are a logical naming scheme for types in which a simple type name, such as MyType, is preceded by a point-delimited hierarchy name. Such a naming scheme is entirely under the control of the developer. For example, typing MYCOMPANY.FILEACCESS.A and mycompany.fileaccess.b will logically have functionality related to file access. The. NET framework uses a hierarchical naming scheme for grouping types into logical categories of related functionality, such as , asp.net application framework or remoting capabilities. The design tool can take advantage of namespaces to make it easier for developers to browse and reference types in code. There is no connection between the concept of a namespace and the concept of an assembly. An assembly can contain types whose hierarchy names have different namespace roots, and a logical namespace root can span multiple assemblies. In the. NET framework, namespaces are a convenient way to make logical naming at design time, and assemblies establish name scopes for types at run time.

Application Deployment and Isolation
What options can I use when deploying. NET applications?
The. NET framework simplifies deployment by making it possible for applications to have no impact installation and XCOPY deployment. Because all requests are first parsed in the private application directory, you can run the application without registering by simply copying the directory file of an application to disk.

This scenario is particularly appealing for Web applications, Web services, and stand-alone desktop applications. In some scenarios, however, XCOPY is not sufficient to serve as a distribution mechanism. For example, when an application has very little specialized code, it relies on the shared assembly that is available, or the application is not installed locally (but on demand). For these cases, the. NET Framework provides extended code download services and integration with Windows Installer. The. NET Framework provides code download support that offers many advantages through the current platform, including incremental downloads, code access security (No more "Authenticode" dialog box) and application isolation (code downloaded for one application does not affect other applications). Windows Installer is another powerful deployment mechanism that a. NET application can use. In Windows Installer 1.5, all the features of Windows Installer, including publishing, publishing, and application patching, can be used in. NET applications.

If I have written an assembly and want to use it in multiple applications, where should I deploy it?
Assemblies that are to be used by multiple applications, such as shared assemblies, need to be deployed into the global assembly cache. In pre-release and beta releases, use the/I option of the Alink SDK tool to install assemblies into the cache:

Al/i:mydll.dll
Subsequent versions of Windows Installer can install assemblies into the global assembly cache.

How can I see which assemblies are installed in the global assembly cache?
The. NET framework comes with a Windows shell extension that is used to view the assembly cache. In Windows Explorer, go to% windir%\assembly to activate the viewer.

What is an application domain?
application domains (usually AppDomain) are virtual processes that are used to isolate applications. All objects created in the same application scope (in other words, starting from the entry point of the application, anywhere along the object activation sequence) are created in the same application domain. Multiple application domains can exist in an operating system process, making them an easy way to isolate applications.

The operating system process provides isolation by using different memory address spaces. Although it is effective, it is costly and does not meet the required number of large WEB servers. Instead, the common language runtime enforces application isolation by managing the memory usage of code running in an application domain. This ensures that it does not access memory outside the application domain. It should be noted that only type-safe code can be managed this way (when unsafe code is loaded in an application domain, the runtime cannot guarantee isolation).

Garbage collection
What is garbage collection?
Garbage collection is a mechanism that enables a computer to detect when an object can no longer be accessed. It automatically frees the memory that is used by the object (also calls the cleanup routines that the user writes called "End"). Some garbage collector, such as used by. NET, compresses memory and therefore reduces the working set of the program.

How does non-deterministic garbage collection affect code?
For most programmers, owning a garbage collector (and using objects that can be garbage collected) means never having to worry about freeing memory or reference counting objects, even if you use complex data structures. However, if you typically release system resources (file handles, locks, and so on) in the same block of code that frees object memory, you need to make some changes to the encoding style. When using objects that can be garbage collected, you should provide a way to explicitly free system resources (that is, your program control) while allowing the garbage collector to free up memory when the working set is compressed.

Is it possible to avoid using a heap that can be garbage collected?
All languages that support the runtime allow you to assign class objects from a heap that can be garbage collected. This brings benefits in terms of rapid allocation, and allows programmers to calculate when each object should be explicitly "free" without themselves.

The CLR also provides ValueTypes objects-similar to classes, but ValueType objects are allocated in the Run-time stack (not the heap), so they are automatically reclaimed when your code exits the process that defines those objects. This is the "struct" mode of operation in C #.

Managed Extensions for C + + enable you to select where the class object is allocated. If declared as managed by using the __gc keyword, they will be allocated from a heap that can be garbage collected, and if they do not contain __gc keywords, they will be allocated from the C + + heap as normal C + + objects and explicitly released using the free method.

For more information about garbage collection, see:

Garbage collection: Automatic memory management in the Microsoft. NET Framework (English)


Garbage Collection-Part 2nd: Automatic memory management in the Microsoft. NET Framework (English)

Remote processing
How do I communicate between processes and processes within the common language runtime?
There are two kinds of in-process communication: In the context of a single application domain, or across application domains. In the context of the same application domain, the proxy is used as the listening mechanism, without involving marshaling/serialization. When crossing application domains, use runtime binary protocols for marshaling/serialization.

interprocess communication uses a pluggable channel and formatter protocol for each specific purpose.

If a developer uses the Soapsuds.exe tool to specify an endpoint to generate a metadata proxy, the default value is the HTTP channel with the SOAP formatter.


If developers perform explicit remoting in the managed world, you need to explicitly specify which channels and formatters to use. This can be represented by a configuration file in a manageable way, or by using API calls to load a specific channel. The options are as follows:
HTTP channel with SOAP formatter (HTTP is running well on the Internet or whenever it has to communicate through a firewall)

TCP channel with binary formatter (TCP is a high performance option for LAN)

SMTP Channel with SOAP formatter (meaning only for cross computers)

When converting between managed and unmanaged code, the COM infrastructure (especially DCOM) is used for remoting. In the intermediate version of the CLR, this also applies to service components (components that use COM + services). In the final release, it is possible to configure any remote components.

Distributed garbage collection for objects is managed by a system called lease lifetime. Each object has a lease time, and when it expires, the object is disconnected from the CLR's remoting infrastructure. Object has a default update time-the lease is updated when the client successfully invokes the object. The client can update the lease explicitly.

Interoperability
Can I use COM objects in the. NET Framework program?
Is. Any COM component that you are deploying now can be used in managed code. Normally, the required adjustments are made entirely automatically.

In particular, you can use the Run-time callable Wrapper (RCW) to access COM components from the. NET framework. This wrapper converts COM interfaces provided by COM components to interfaces that are compatible with the. NET Framework. For OLE Automation interfaces, the RCW can be automatically generated from the type library, and for non-OLE automation interfaces, developers can write custom RCW that manually map the type provided by the COM interface to a type that is compatible with the. NET Framework.

Can I use the. NET framework components in a COM program?
Is. The managed type you are creating now can be accessed through COM. Typically, the desired configuration is completely automated. Some of the new features of the managed development environment cannot be accessed in COM. For example, you cannot use static methods and parameterized constructors in COM. In general, it is a good idea to determine the user in advance for a given type. If the type needs to be used in COM, you will be limited to using COM-accessible attributes.

By default, managed types may or may not be visible, as determined by the language used to write managed types.

In particular, you can use the COM callable Wrapper (CCW) to access. NET Framework components from COM. This is similar to the RCW (see the previous question), but they are in the opposite direction. Similarly, if the. NET Framework development tool does not automatically generate wrappers, or if the automatic method is not what you need, you can develop a custom CCW.

Can I use the Win32 API in the. NET Framework program?
Is. The P/invoke,.net Framework program allows you to access the native code base by means of a static DLL entry point.

The following is an example of C # calling the Win32 MessageBox function:

Using System;
Using System.Runtime.InteropServices;

Class Mainapp
{
[DllImport ("user32.dll", entrypoint= "MessageBox")]
public static extern int MessageBox (int hWnd, string strmessage, String strcaption, uint uitype);

public static void Main ()
{
MessageBox (0, "Hello, this is pinvoke! ",". NET ", 0);
}
}

Security
How do I coordinate code with the security system?
Typically, this is not a problem-most applications run safely and are not interfered with by malicious attacks. Security is enforced by simply using standard class libraries to access resources, such as files, or by performing protected actions, such as inverting private members of a type. One of the simple tasks that an application developer needs to accomplish is to include a permission request (a public security) that restricts the permissions that the code might receive to the permissions it needs. This also ensures that if the code is allowed to run, it will have all the permissions it needs at run time.

Only when developers need to write new base class libraries that provide new types of resources do they need to deal directly with security systems. In this case, not all code has a potential security problem, and the code access security mechanism restricts it to the part of the code that replaces the security system.

Why is there a security exception when running code on a network shared drive?
The default security policy grants limited permissions only to code from the local Intranet zone. This area is defined by Internet Explorer security settings and should be configured to match the local network within the enterprise. Because files named by UNC or mapped drives, such as the NET Use command, are required to be sent on the local network, they are also in the local Intranet zone.

The default value is set for the worst case scenario for an insecure Intranet. If your intranet is more secure, you can modify the security policy (with the CASPol tool) to grant additional permissions to the local intranet or some of its parts, such as a specific computer share name.

How do you write code that runs when the security system stops the code?
A security exception occurs when the code attempts to perform an unauthorized operation. Permissions are granted based on the code, especially its location. For example, code that runs from the Internet has less permissions than code that runs on the local computer, because experience has shown that it has a lower reliability. Therefore, to run code that failed because of a security exception, you must increase the permissions granted to it. An easy way is to move your code to a more trusted location, such as a local file system. But this approach is not effective in any case (a good example of a WEB application is another example of an Intranet application on a corporate network). Therefore, do not change the location of the code, but instead grant more permissions to the location by changing the security policy. Do this using the Code Access Security Policy Tool (Caspol.exe) or the graphical management tool (available in Beta 2 and later). If you are a developer or publisher of code, you can also digitally sign it, and then modify the security policy to grant more permissions to code with that digital signature. However, when you do any of these things, keep in mind that this code is granted fewer permissions because it is not from a trusted source-you should make sure that the code does not perform malicious or damaging actions until you move the code to the local computer or change the security policy.

How do I manage the security of personal or enterprise computers?
Currently, the CASPol command-line tool is the only way to manage security. The security policy consists of two levels: by computer and by user. We plan to provide comprehensive management tools and enterprise policy management support in the first edition of the. NET Framework.

How is evidence-based security working with Windows 2000 security?
Evidence-based security, based on authorization codes, works with Windows 2000 security, which is based on a login identity. For example, to access a file, managed code must have code access security file permissions and must run under a login identity with NTFS file access. The managed libraries included in the. NET Framework also provide classes for role-based security. These enable applications to work with Windows logon identities and user groups.