Beginning ASP.NET 4.5 in CSharp and VB Opsylum

Recommendations

Info

634 x CHAPTER 16 SECURITY IN YOUR ASP.NET 4.5 WEBSITE the closing tag of the HyperLink control, type the word or followed by a LoginStatus control that you can drag from the Toolbox, or copy from the existing code in the LoggedInTemplate. Finally, wrap the HyperLink and LoginStatus in a pair of parentheses just as you did in the LoggedInTemplate. When you are ready, your LoginView should contain the following code: ... (Manage Site or ) ... 8. Save all your changes and then request the homepage (Default.aspx) for the site in your browser. Verify that you are currently not logged in (check the footer of the page and, if necessary, click the Logout link). 9. Click the Login link on the Menu or TreeView and then log in with the Manager account you created earlier in this chapter. Make sure you don’t check the Remember Me option. The page refreshes and now shows the Manage Site link in the footer of each page (see Figure 16-22). FIGURE 16-22 If you don’t see the Manage Site and Logout links in the footer region, close all browser windows, go back to the WSAT (using Website Í ASP.NET Configuration in VS), and ensure the account you’re using is assigned to the Managers role. 10. Click the Manage Site link to open the Management section of the website. Copy the current URL of the page from the browser’s address bar to the clipboard (it should be something like http:// localhost:49666/Management/Default.aspx). Click the Back button of your browser to go back to the homepage and then click the Logout button in the footer. Close all open browser windows and open a new instance of your browser again. (You can do this from the Windows Start menu or Start screen or you can right-click a page in VS and choose View in Browser.) 11. Paste the address you just copied in the address bar of the browser window and press Enter. Instead of going to an address like: http://localhost:49666/Management/Default.aspx you are taken to the Login page: http://localhost:49666/login.aspx?ReturnUrl=%2fManagement%2fDefault.aspx Note that the page you initially requested (Management/Default.aspx) is now appended to the query string. The forward slashes (/) in the address have been encoded to their URL-safe counterpart — %2f — automatically. Log in with your Manager account and you should see the
The Role Manager x 635 Management section appear again. Next, log out again, log in with one of the other accounts, and then try to access the Management folder again. Because that account doesn’t have permissions to access that folder, you’re redirected to the Login page again. How It Works To see how this works, you need to look at a couple of things. First, look at the settings you added to the Web.config file to limit access to the Management folder: When the ASP.NET run time processes the request for a page, it checks the various configuration files to see whether the current user is allowed to access that resource. For requests to files in the Management folder, it encounters the rule set in the element. It starts scanning the various allow and deny elements with roles or users attributes to specify the users or roles that are affected by the rule. The roles and users attributes take one or more role or user names, separated by a comma. As soon as a rule is found that matches, the scanning process is stopped and that rule is applied. If no rule is satisfied, access is granted! Therefore, it’s important to end the rule with a deny rule to block all other users that haven’t been granted access previously. If you’d add an authorization element to the Web.config in the Management folder, the settings you apply there are looked at first because the security model works inside out. That is, it starts by scanning the Web.config file (if present) in the folder that contains the requested page. If it doesn’t find the file there or it doesn’t contain settings that block or grant access, it goes up in the folder hierarchy searching for configuration files with authorization elements. In the previous exercise, the run-time found the settings in the Web.config file in the root that were then applied to the folder. When an unauthenticated user logs in, the first rule won’t match because the anonymous user is not a member of the Managers role. The user is then denied access because of the deny rule that blocks all users, indicated by the asterisk (*). After you logged in as a Manager and requested the same resource, the rule set was scanned again. The run time then found the allow element that grants access to the Managers role and immediately let you in. The final rule that blocks access to all other users was not even checked. In addition to specific roles or usernames and the asterisk (*) to refer to all users, you can also use the question mark (?) to refer to unauthenticated — or anonymous — users. So, for example, to let any logged-in user access the Reviews folder regardless of the role they are in, and block access to all other users, you can add the following element to your configuration file:
Page 3:
BEGINNING ASP.NET 4.5 FOREWORD . .
Page 7 and 8:
BEGINNING ASP.NET 4.5 IN C# AND VB
Page 9:
—To Niek
Page 13:
CREDITS Acquisitions Editor Mary Ja
Page 17 and 18:
CONTENTS FOREWORD INTRODUCTION xxxi
Page 19 and 20:
CONTENTS Working with Files in Your
Page 21 and 22:
CONTENTS Not All Controls Rely on V
Page 23 and 24:
CONTENTS Skins 245 Creating a Skin
Page 25 and 26:
CONTENTS Providing Feedback to User
Page 27 and 28:
CONTENTS Single Item Controls 455 P
Page 29 and 30:
CONTENTS Authentication: How Can Yo
Page 31:
CONTENTS Introducing Bundling and M
Page 35 and 36:
INTRODUCTION TO BUILD EFFECTIVE AND
Page 37 and 38:
INTRODUCTION ‰ Chapter 4, “Work
Page 39 and 40:
INTRODUCTION HOW THIS BOOK IS STRUC
Page 41 and 42:
INTRODUCTION ‰ Code shown for the
Page 43 and 44:
INTRODUCTION FIGURE I-2 The Site fo
Page 45:
BEGINNING ASP.NET 4.5
Page 48 and 49:
2 x CHAPTER 1 GETTING STARTED WITH
Page 50 and 51:
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
34 x CHAPTER 2 BUILDING AN ASP.NET
Page 82 and 83:
Page 84 and 85:
Page 86 and 87:
Page 88 and 89:
Page 90 and 91:
Page 92 and 93:
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
Page 100 and 101:
Page 102 and 103:
Page 104 and 105:
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
66 x CHAPTER 3 DESIGNING YOUR WEB P
Page 114 and 115:
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128 and 129:
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147:
100 x CHAPTER 3 DESIGNING YOUR WEB
Page 148 and 149:
Page 150 and 151:
Page 153 and 154:
4Working with ASP.NET Server Contro
Page 155 and 156:
Introduction to Server Controls x 1
Page 157 and 158:
Introduction to Server Controls x 1
Page 159 and 160:
A Closer Look at ASP.NET Server Con
Page 161 and 162:
A Closer Look at ASP.NET Server Con
Page 163 and 164:
Types of Controls x 117 FIGURE 4-4
Page 165 and 166:
Types of Controls x 119 The Smart T
Page 167 and 168:
Types of Controls x 121 } DropDownL
Page 169 and 170:
Types of Controls x 123 Container C
Page 171 and 172:
Types of Controls x 125 Note that t
Page 173 and 174:
Types of Controls x 127 FIGURE 4-12
Page 175 and 176:
Types of Controls x 129 FinishButto
Page 177 and 178:
Types of Controls x 131 FileUpload
Page 179 and 180:
Types of Controls x 133 Validation
Page 181 and 182:
The ASP.NET State Engine x 135 serv
Page 183 and 184:
The ASP.NET State Engine x 137 FIGU
Page 185 and 186:
The ASP.NET State Engine x 139 4. A
Page 187 and 188:
Practical Tips on Working with Cont
Page 189:
Summary x 143 ⊲ WHAT YOU LEARNED
Page 192 and 193:
146 x CHAPTER 5 PROGRAMMING YOUR AS
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
Page 212 and 213:
Page 214 and 215:
Page 216 and 217:
Page 218 and 219:
Page 220 and 221:
Page 222 and 223:
Page 224 and 225:
Page 226 and 227:
Page 228 and 229:
Page 230 and 231:
Page 232 and 233:
Page 234 and 235:
Page 236 and 237:
Page 238 and 239:
Page 240 and 241:
Page 242 and 243:
Page 244 and 245:
Page 246 and 247:
Page 248 and 249:
Page 250 and 251:
Page 253 and 254:
6Creating Consistent Looking Websit
Page 255 and 256:
Consistent Page Layout with Master
Page 257 and 258:
Page 259 and 260:
Page 261 and 262:
Page 263 and 264:
Page 265 and 266:
Using a Centralized Base Page x 219
Page 267 and 268:
Page 269 and 270:
Page 271 and 272:
Page 273 and 274:
Page 275 and 276:
Themes x 229 With this exported tem
Page 277 and 278:
Themes x 231 Replace Theme with Sty
Page 279 and 280:
Themes x 233 type="text/css" rel=
Page 281 and 282:
Themes x 235 ASP.NET themes are not
Page 283 and 284:
Themes x 237 FIGURE 6-19 How It Wor
Page 285 and 286:
Themes x 239 VB.NET Dim myCookie As
Page 287 and 288:
Themes x 241 FIGURE 6-21 Within the
Page 289 and 290:
Themes x 243 C# preferredTheme.Valu
Page 291 and 292:
Skins x 245 a cookie called Preferr
Page 293 and 294:
Skins x 247 3. In the Extension box
Page 295 and 296:
Practical Tips on Creating Consiste
Page 297 and 298:
Summary x 251 The imaginary CSS cla
Page 299 and 300:
7Navigation WHAT YOU WILL LEARN IN
Page 301 and 302:
Different Ways to Move Around Your
Page 303 and 304:
Using the Navigation Controls x 257
Page 305 and 306:
Page 307 and 308:
Page 309 and 310:
Page 311 and 312:
Page 313 and 314:
Page 315 and 316:
Page 317 and 318:
Page 319 and 320:
Page 321 and 322:
Page 323 and 324:
Programmatic Redirection x 277 Redi
Page 325 and 326:
Programmatic Redirection x 279 How
Page 327 and 328:
Practical Tips on Navigation x 281
Page 329:
Page 332 and 333:
286 x CHAPTER 8 USER CONTROLS advan
Page 334 and 335:
288 x CHAPTER 8 USER CONTROLS TRY I
Page 336 and 337:
290 x CHAPTER 8 USER CONTROLS How I
Page 338 and 339:
292 x CHAPTER 8 USER CONTROLS 4. Sw
Page 340 and 341:
294 x CHAPTER 8 USER CONTROLS Note:
Page 342 and 343:
296 x CHAPTER 8 USER CONTROLS ASP.N
Page 344 and 345:
298 x CHAPTER 8 USER CONTROLS The c
Page 346 and 347:
300 x CHAPTER 8 USER CONTROLS Image
Page 348 and 349:
302 x CHAPTER 8 USER CONTROLS When
Page 350 and 351:
304 x CHAPTER 8 USER CONTROLS If _n
Page 352 and 353:
306 x CHAPTER 8 USER CONTROLS How I
Page 354 and 355:
308 x CHAPTER 8 USER CONTROLS This
Page 356 and 357:
310 x CHAPTER 8 USER CONTROLS ⊲ W
Page 358 and 359:
312 x CHAPTER 9 VALIDATING USER INP
Page 360 and 361:
Page 362 and 363:
Page 364 and 365:
Page 366 and 367:
Page 368 and 369:
Page 370 and 371:
Page 372 and 373:
Page 374 and 375:
Page 376 and 377:
Page 378 and 379:
Page 380 and 381:
Page 382 and 383:
Page 384 and 385:
Page 386 and 387:
Page 388 and 389:
Page 390 and 391:
Page 392 and 393:
Page 395 and 396:
10 ASP.NET AJAX WHAT YOU WILL LEARN
Page 397 and 398:
Using ASP.NET AJAX in Your Projects
Page 399 and 400:
Page 401 and 402:
Page 403 and 404:
Page 405 and 406:
Page 407 and 408:
Page 409 and 410:
Using Web Services and Page Methods
Page 411 and 412:
Page 413 and 414:
Page 415 and 416:
Page 417 and 418:
Page 419 and 420:
Page 421 and 422:
Page 423 and 424:
Page 425 and 426:
Page 427 and 428:
Practical Ajax Tips x 381 How It Wo
Page 429:
Page 432 and 433:
386 x CHAPTER 11 JQUERY Fortunately
Page 434 and 435:
388 x CHAPTER 11 JQUERY FIGURE 11-1
Page 436 and 437:
390 x CHAPTER 11 JQUERY This lists
Page 438 and 439:
392 x CHAPTER 11 JQUERY In addition
Page 440 and 441:
394 x CHAPTER 11 JQUERY COMMON MIST
Page 442 and 443:
396 x CHAPTER 11 JQUERY can apply v
Page 444 and 445:
398 x CHAPTER 11 JQUERY The ID Sele
Page 446 and 447:
400 x CHAPTER 11 JQUERY The first s
Page 448 and 449:
402 x CHAPTER 11 JQUERY In the foll
Page 450 and 451:
404 x CHAPTER 11 JQUERY MODIFYING T
Page 452 and 453:
406 x CHAPTER 11 JQUERY jQuery goes
Page 454 and 455:
408 x CHAPTER 11 JQUERY Common Mist
Page 456 and 457:
410 x CHAPTER 11 JQUERY Now that yo
Page 458 and 459:
412 x CHAPTER 11 JQUERY 8. Open the
Page 460 and 461:
414 x CHAPTER 11 JQUERY As you saw
Page 462 and 463:
416 x CHAPTER 11 JQUERY 7. Save you
Page 464 and 465:
418 x CHAPTER 11 JQUERY look at jQu
Page 466 and 467:
420 x CHAPTER 11 JQUERY ⊲ WHAT YO
Page 468 and 469:
422 x CHAPTER 12 INTRODUCTION TO DA
Page 470 and 471:
Page 472 and 473:
Page 474 and 475:
Page 476 and 477:
Page 478 and 479:
Page 480 and 481:
Page 482 and 483:
Page 484 and 485:
Page 486 and 487:
Page 488 and 489:
Page 490 and 491:
Page 492 and 493:
Page 494 and 495:
Page 496 and 497:
Page 498 and 499:
Page 500 and 501:
454 x CHAPTER 13 DISPLAYING AND UPD
Page 502 and 503:
Page 504 and 505:
Page 506 and 507:
Page 508 and 509:
Page 510 and 511:
Page 512 and 513:
Page 514 and 515:
Page 516 and 517:
Page 518 and 519:
Page 520 and 521:
Page 522 and 523:
Page 524 and 525:
Page 526 and 527:
Page 528 and 529:
Page 530 and 531:
Page 532 and 533:
Page 534 and 535:
Page 536 and 537:
Page 538 and 539:
Page 540 and 541:
Page 543 and 544:
14 LINQ and the ADO.NET Entity Fram
Page 545 and 546:
Introducing LINQ x 499 surprise tha
Page 547 and 548:
Mapping Your Data Model to an Objec
Page 549 and 550:
Page 551 and 552:
Page 553 and 554:
Introducing Query Syntax x 507 and
Page 555 and 556:
Introducing Query Syntax x 509 Wher
Page 557 and 558:
Introducing Query Syntax x 511 Firs
Page 559 and 560:
Introducing Query Syntax x 513 diff
Page 561 and 562:
Introducing Query Syntax x 515 Orde
Page 563 and 564:
Using Server Controls with LINQ Que
Page 565 and 566:
Page 567 and 568:
Page 569 and 570:
Page 571 and 572:
Page 573 and 574:
Page 575 and 576:
Page 577 and 578:
Page 579 and 580:
Page 581 and 582:
Page 583 and 584:
Page 585 and 586:
Page 587 and 588:
Page 589 and 590:
Page 591 and 592:
Page 593 and 594:
Page 595 and 596:
Page 597 and 598:
Summary x 551 model. Combined with
Page 599 and 600:
15 Working with Data — Advanced T
Page 601 and 602:
Formatting Your Controls Using Styl
Page 603 and 604:
Page 605 and 606:
Page 607 and 608:
Page 609 and 610:
Handling Events x 563 background-im
Page 611 and 612:
Handling Events x 565 4. Make sure
Page 613 and 614:
Handling Events x 567 The PreRender
Page 615 and 616:
Handling Events x 569 Button1_Click
Page 617 and 618:
Handling Events x 571 Select Case e
Page 619 and 620:
Handling Events x 573 The RowDataBo
Page 621 and 622:
Handling Events x 575 These classes
Page 623 and 624:
Handling Events x 577 8. Save all y
Page 625 and 626:
Hand-Coding Data Access Code x 579
Page 627 and 628:
Hand-Coding Data Access Code x 581
Page 629 and 630: Hand-Coding Data Access Code x 583
Page 635 and 636: Caching x 589 In all the database e
Page 637 and 638: Caching x 591 Output Caching With o
Page 639 and 640: Caching x 593 Programmatic Caching
Page 641 and 642: Caching x 595 ‰ SummaryLabel ‰
Page 643 and 644: Caching x 597 } font-style: italic;
Page 645 and 646: Caching x 599 expiration date, whic
Page 647 and 648: Summary x 601 EXERCISES 1. Imagine
Page 649 and 650: 16 Security in Your ASP.NET 4.5 Web
Page 651 and 652: Introducing Security x 605 Authoriz
Page 653 and 654: Introducing the Login Controls x 60
Page 673 and 674: The Role Manager x 627 such as the
Page 675 and 676: The Role Manager x 629 1 . From wit
Page 677 and 678: The Role Manager x 631 FIGURE 16-19
Page 679: The Role Manager x 633 2. Save and
Page 683 and 684: The Role Manager x 637 Alternativel
Page 685 and 686: The Role Manager x 639 } } case Lis
Page 687 and 688: Summary x 641 SUMMARY You can imple
Page 689 and 690: 17 Personalizing Websites WHAT YOU
Page 691 and 692: Understanding Profile x 645 In the
Page 693 and 694: Understanding Profile x 647 You can
Page 695 and 696: Understanding Profile x 649 5. To t
Page 697 and 698: Understanding Profile x 651 To defi
Page 699 and 700: Understanding Profile x 653 press t
Page 701 and 702: Understanding Profile x 655 10. Dou
Page 703 and 704: Understanding Profile x 657 1. In M
Page 705 and 706: Understanding Profile x 659 e As Ev
Page 707 and 708: Understanding Profile x 661 That’
Page 709 and 710: Understanding Profile x 663 By clic
Page 711 and 712: Understanding Profile x 665 sent to
Page 713 and 714: Understanding Profile x 667 5. From
Page 715 and 716: Understanding Profile x 669 10. Ent
Page 717 and 718: Other Ways of Dealing with Profile
Page 719 and 720: Other Ways of Dealing with Profile
Page 721 and 722: Summary x 675 How It Works Much of
Page 723: Summary x 677 ⊲ WHAT YOU LEARNED
Page 726 and 727: 680 x CHAPTER 18 EXCEPTION HANDLING
Page 728 and 729: 682 x CHAPTER 18 EXCEPTION HANDLING
Page 730 and 731:
684 x CHAPTER 18 EXCEPTION HANDLING
Page 732 and 733:
Page 734 and 735:
Page 736 and 737:
Page 738 and 739:
Page 740 and 741:
Page 742 and 743:
Page 744 and 745:
Page 746 and 747:
Page 748 and 749:
Page 750 and 751:
Page 752 and 753:
Page 754 and 755:
Page 756 and 757:
Page 758 and 759:
Page 760 and 761:
Page 762 and 763:
Page 764 and 765:
Page 766 and 767:
Page 768 and 769:
Page 770 and 771:
Page 772 and 773:
Page 774 and 775:
Page 776 and 777:
730 x CHAPTER 19 DEPLOYING YOUR WEB
Page 778 and 779:
Page 780 and 781:
Page 782 and 783:
Page 784 and 785:
Page 786 and 787:
Page 788 and 789:
Page 790 and 791:
Page 792 and 793:
Page 794 and 795:
Page 796 and 797:
Page 798 and 799:
Page 800 and 801:
Page 802 and 803:
Page 804 and 805:
Page 806 and 807:
Page 808 and 809:
Page 810 and 811:
Page 812 and 813:
Page 814 and 815:
768 x APPENDIX A EXERCISE ANSWERS E
Page 816 and 817:
770 x APPENDIX A EXERCISE ANSWERS C
Page 818 and 819:
Page 820 and 821:
Page 822 and 823:
Page 824 and 825:
778 x APPENDIX A EXERCISE ANSWERS V
Page 826 and 827:
Page 828 and 829:
Page 830 and 831:
Page 832 and 833:
786 x APPENDIX A EXERCISE ANSWERS D
Page 834 and 835:
788 x APPENDIX A EXERCISE ANSWERS F
Page 836 and 837:
790 x APPENDIX A EXERCISE ANSWERS }
Page 839 and 840:
BConfiguring SQL Server 2012 So far
Page 841 and 842:
Configuring SQL Server 2012 x 795 C
Page 843 and 844:
Configuring SQL Server 2012 x 797 Y
Page 845 and 846:
Configuring SQL Server 2012 x 799 Y
Page 847 and 848:
Configuring SQL Server 2012 x 801 I
Page 849 and 850:
Configuring SQL Server 2012 x 803 t
Page 851:
Configuring Application Services x
Page 854 and 855:
allowAnonymous attribute - ASP.NET
Page 856 and 857:
Basic Settings mode - C# implementi
Page 858 and 859:
ClientID property - complex events
Page 860 and 861:
CreateUserUrl property - data Creat
Page 862 and 863:
decimal data type - DynamicEnableDe
Page 864 and 865:
European cookie law - external styl
Page 866 and 867:
input controls - handling input co
Page 868 and 869:
IIS:ASP.NET - interface IIS:ASP.NET
Page 870 and 871:
Label control - logical operators L
Page 872 and 873:
Microsoft Developer Network - New S
Page 874 and 875:
PageWrapper element- PhotoAlbumId p
Page 876 and 877:
Profile.GetProfile - ReadAllText me
Page 878 and 879:
RoleGroups - server side configurin
Page 880 and 881:
SQL statement - styling installing,
Page 882 and 883:
text strings - types validation con
Page 884 and 885:
validation controls- ViewState coll
Page 886 and 887:
web services - Where clause flow of
Page 888:
Try Safari Books Online FREE for 15
show all

Beginning ASP.NET 4.5 in CSharp and VB Opsylum

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?