session 14
Post on 30-Dec-2015
28 Views
Preview:
DESCRIPTION
TRANSCRIPT
Building Applications using ASP.NET and C# / Session 14 / 2 of 18
Session ObjectivesSession Objectives
Discuss:
Machine.Config
Secure your web pages using Authentication
Web.Config
Structure of a configuration file
Building Applications using ASP.NET and C# / Session 14 / 3 of 18
Web Pages – Web Pages – Web ApplicationWeb ApplicationWeb PageWeb PageWeb PageWeb PageWeb Page
------------------
WEB APPLICATION
Building Applications using ASP.NET and C# / Session 14 / 4 of 18
ConfigurConfiguration ation FilesFiles
<configuration><system.web>
<sessionState timeout=”10” /></system.web>
</configuration>
Stored in plain text format
No need to restart server in case of changes to file
Written in XML. Rules for naming tags and attributes
Clients cannot view the file from browser
Each directory can have its own file Each directory overrides earlier configuration file
Tag and attribute names
Attribute values
FEATURES
Building Applications using ASP.NET and C# / Session 14 / 5 of 18
Types of Types of Configuration Configuration Files - 1Files - 1
Machine.config Settings are applied to all the applications residing on the server
Settings are applied to single application residing on the server
XML based file
Stored in C:\WinNT\Microsoft.NET\Framework\v.1.xxxx\config
Build number of .net CLR
Web.config
Only one file per ASP.net installation on a machine
XML based file
One file per each directory of the web application
Building Applications using ASP.NET and C# / Session 14 / 6 of 18
Types of Types of Configuration Configuration Files - 2Files - 2
Web Applicatio
ns
One per machine
One per applicationOverride settings of machine.config
Building Applications using ASP.NET and C# / Session 14 / 7 of 18
Typical Typical Web.config Web.config FileFile
<configuration> <configSections> <section name="sectionSettings" type="Class" /> <sectionGroup name="sectionGroup"> <section name="sectionSettings" type="Class" /> </sectionGroup> </configSections> <section name=”sectionSettings” type=<Class>” /> <sectionGroup> <sectionSettings attribute="someValue" />
<sectionSettings SomeAttribute=”SomeValue”> <element attribute=”value”>
</sectionSettings> </sectionGroup></configuration>
Configuration section Handler Declaration Area
Configuration section Settings Area
Building Applications using ASP.NET and C# / Session 14 / 8 of 18
Page Page ConfiguratioConfiguration Settingn Setting<configuration>
<system.web> <pages buffer=”false”
enableViewState=”true” /></system.web>
</configuration>
Response to the client can be buffered
View state can be set
Building Applications using ASP.NET and C# / Session 14 / 9 of 18
ApplicatioApplication Settingn Setting
<configuration> <appSettings> <add key=”MyQuery” value=”Select * FROM MyTable”/> </appSettings></configuration>
Configuration settings in form of key-value pair
The settings are read in ASP.NET page
...String GetQuery = Configuration.AppSettings(“MyQuery”);...
Building Applications using ASP.NET and C# / Session 14 / 10 of 18
CompilatiCompilation on SettingSetting<configuration>
<system.web> <compilation debug="true" defaultLanguage=”C#”/> </system.web></configuration>
Specifies whether to compile retail binaries or debug binaries.
Provides a semicolon-separated list of language names to use in dynamic compilation of files
Building Applications using ASP.NET and C# / Session 14 / 11 of 18
Sub-tags of Sub-tags of Compilation Compilation tag -1tag -1
<configuration> <system.web> <compilation debug="true"defaultLanguage=”C#”/> <assemblies> <add assembly="System.Net" /> </assemblies></system.web></configuration>
add remove clear
Building Applications using ASP.NET and C# / Session 14 / 12 of 18
Sub-tags of Sub-tags of Compilation Compilation tag - 2tag - 2<configuration> <system.web> <compilation debug="true" defaultLanguage=”C#”/> <namespaces> <add namespace="System.Web.UI" /> </namespaces></system.web></configuration>
Building Applications using ASP.NET and C# / Session 14 / 13 of 18
customErrcustomErrors ors Setting Setting
<customErrors defaultRedirect="url" mode="On|Off|RemoteOnly"> <error statusCode="statuscode" redirect="url“/></customErrors>
<configuration> <system.web> <customErrors defaultRedirect="http://localhost/allError.aspx" mode="RemoteOnly"> <error statusCode="404" redirect=“http://localhost/Error404.aspx"/> </customErrors> </system.web></configuration>
Building Applications using ASP.NET and C# / Session 14 / 14 of 18
Authentication Authentication and Authorization and Authorization -1-1
<configuration> <system.web> <authentication mode="Windows|Forms|Passport|None"> <forms name="name" loginUrl="url" protection="All|None|Encryption " timeout="xx" path="/" > <credentials passwordFormat="Clear|SHA1|MD5"> <user name="username" password="password" /> </credentials> </forms> <passport redirectUrl="internal"/> </authentication> </system.web></configuration>
Building Applications using ASP.NET and C# / Session 14 / 15 of 18
Authentication Authentication and Authorization and Authorization - 2- 2
Authentication Type Description
Windows authentication as default authentication mode. Used for any form of IIS authentication
ASP.NET forms-based authentication as default authentication mode
Microsoft Passport authentication as default authentication mode
No authentication. Used by anonymous users and applications providing own authentication
Building Applications using ASP.NET and C# / Session 14 / 16 of 18
Attributes of Attributes of <forms> tag<forms> tagAttribut
e Option
Description
Name None Cookie name used for authentication
LoginUrl None Login page URL. The client is redirected to this URL if no authentication cookie
protection ALL Application uses both data validation and encryption to protect the cookie.
None Both encryption and validation are disabled
timeout The amount of time, in minutes, after which the authentication cookie expires. Default value is 30.
path Path for cookies issued by the application. Default value is a backslash (/)
Building Applications using ASP.NET and C# / Session 14 / 17 of 18
Forms Forms AuthenticaAuthenticationtion
<configuration> <system.web> <authentication mode="Forms"> <forms name="form1" loginUrl="login.aspx" protection="None" timeout="60"> <credentials passwordFormat="Clear">
<user name="zeal" password="SaysYahoo"/> <user name="scooby" password="doo"/> <user name="cow" password="moo"/>
</credentials> </forms> </authentication> </system.web></configuration>
Building Applications using ASP.NET and C# / Session 14 / 18 of 18
AuthorAuthorizationization<configuration>
<system.web> <authentication mode="Forms"> <forms name="form1” loginUrl="login.aspx" protection="None" timeout="60"> <credentials passwordFormat="Clear">
<user name="zeal" password="SaysYahoo"/> <user name="scooby" password="doo"/> <user name="cow" password="moo"/>
</credentials> </forms> </authentication><authorization>
<allow users=”scooby, cow” /><deny users=”zeal” />
</authorization> </system.web></configuration>
top related