Maximizing.ASP.dot.NET.Real.World.ObjectOriented.Development [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Maximizing.ASP.dot.NET.Real.World.ObjectOriented.Development [Electronic resources] - نسخه متنی

Jeffrey Putz

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

History

The Postback Process

Server Controls, Their Events and Event Handlers

The Application and Page Events

Postback Events

Wiring Events

Summary

Chapter 8. HttpHandlers and HttpModules

The Built-in Handlers

Handling File Types of Your Own

Example: Protecting Your Images from Bandwidth Leeching

HttpModules: The Replacement for ISAPI

Example: Adding Users to Roles

Summary

Chapter 9. Server Controls

Simple Derived Controls

Building Your Own Server Control from Scratch

Using Viewstate

Efficient Rendering of Your HTML

Composite Controls

Composite Controls Versus User Controls

Summary

Chapter 10. Web Services as Objects

Converting Your Code to a Web Service

Consuming a Web Service

Object-Oriented Programming Without "Owning" the Object

Modifying the Proxy Class

Summary

Chapter 11. Membership and Security

Forms Authentication and Membership

The Built-in Membership Provider

Building Your Own Provider

Authentication Controls

Summary

Chapter 12. Profiles, Themes, and Skins

Profiles in Relation to Membership Records

Building Your Own Profile Provider

Themes

Skinning Controls

Tying the Look to User Profiles

Summary

Chapter 13. Declarative Programming

Overview

Validation Controls

Data Controls

Web Parts

Navigation Controls

Expressions

Summary

Part III. Development Issues

Chapter 14. Developing with Visual Studio

Versions

Default Behavior of the IDE

Pitfalls of the Designer

Multiple Projects and References

The Debugger

Summary

Chapter 15. Performance, Scalability, and Metrics

Terms Defined

Fragment Caching

Data Caching

Managing Viewstate

Variations in Data Access Methods

String Concatenation vs. StringBuilder

Using Trace to Measure Time

ACT and WAS

Performance Monitor

Hardware

SQL Profiler and Query Analyzer

Summary

Chapter 16. Testing, Deployment, and Code Management

Test, Test, and Retest with All Stakeholders

Test-Driven Development

Getting the Bits Out to Production

Versioning and Splitting Up the Work

Summary

Chapter 17. More Advanced Topics

Streams

Networking

Threading
توضیحات
افزودن یادداشت جدید






The Built-in Membership Provider


You might be wondering how this "magic" works. As I mentioned earlier, the membership system uses a provider that ties these classes to a data store. In the case of the default provider, a SQL Server 2005 Express database is created, and data is stored there.

To configure the built-in SQL Server provider, called System.Web.Security.SqlMembershipProvider, you don't need to add anything to web.config, but you may have to specify that you're using Forms authentication. To use the built-in role management that works with the SQL database, you'll need to enable the role manager (the role manager is not "on" by default). At minimum then, your web.config file will need to include the elements shown in Listing 11.1.

Listing 11.1. The minimum web.config elements for Forms authentication and role management


<?xml version="1.0"?>
<configuration>
<system.web>
<authentication mode="Forms" />
<roleManager enabled="true" />
</system.web>
</configuration>

Beyond that, the methods found in Membership and Roles are so self-explanatory that I'll leave you to your own devices to explore them. A complete framework is created to manage users and their credentials without a single line of database plumbing on your part.

As a refresher, you'll recall that FormsAuthentication. SetAuthCookie(string name, bool saveLogin) does the actual work of causing a user to physically be logged into your site. Calling the User.Identity.Name property identifies the users, and User.Identity.IsAuthenticated checks if the user is logged in at all.

Role management is particularly useful because you can lock out users from entire folders or pages with simple additions to web.config, and you can redirect the users automatically to a login page. This great feature has been around since the beginning of ASP.NET, and it is demonstrated in Listing 11.2.

Listing 11.2. Specifying permissions on a folder by role from web.config


<?xml version="1.0"?>
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="login.aspx" />
</authentication>
</system.web>
<location path="admin">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*" />
</authorization>
</system.web>
</location>
</configuration>

This example shows that a folder in our application called "admin" can only be accessed by users in the role "Admin," while everyone else should be shut out. These rules are enforced one at a time, in sequence, until the user matches the criteria. By putting the loginUrl attribute in the forms tag of the authentication section, we indicate where a user should be directed when they try to go somewhere they shouldn't.

That's all you need to know to get the basics of using Membership and role management in your application. It does not replace Forms authentication from the previous versions of ASP.NET, but it does supplement it by taking care of all of this user housekeeping for you.

Because using a SQL Server 2005 Express database in the site's file system might not be ideal for you (because of its 4 gigabyte size limit or your use of a database on another server), Microsoft has provided a way to perform the very same Membership functions via an external SQL Server database. An easy-to-use wizard called aspnet_regsql.exe, found at C:\WINDOWS\Microsoft.NET\Framework\v2.0.xxxx, will take database connection information and create all the necessary database pieces for Membership, role management, and personalization. You won't have to mess with running SQL scripts at all.

To make the SqlMembershipProvider and role manager work in your application with an external database, you'll need to set web.config to include the settings in Listing 11.3 in addition to the previous entries mentioned. The key parts are a connection string that points to the database created with the wizard, the specification of the SqlRoleProvider in the roleManager element's provider section, and the specification of the SqlMembershipProvider in the membership element's provider section. We'll get deeper into this configuration when we build our own providers. Remember that if you use the default Express database, you don't need to make these settings at all because they're taken care of at the machine level.

Listing 11.3. Setting web.config to use the SqlMembershipProvider


<?xml version="1.0"?>
<configuration>
<connectionStrings>
<add name="SqlServices" connectionString="your string" />
</connectionStrings>
<system.web>
<roleManager enabled="true" defaultProvider="SqlProvider">
<providers>
<add name="SqlProvider"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="SqlServices" />
</providers>
</roleManager>
<membership defaultProvider="SqlProvider"
userIsOnlineTimeWindow="20">
<providers>
<add
name="SqlProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="SqlServices"
applicationName="MyApplication"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
requiresUniqueEmail="true"
passwordFormat="Hashed" />
</providers>
</membership>
</system.web>
</configuration>


/ 146