Evjen c33.tex V2 - 01/28/2008 4:18pm Page 1505 Chapter 33: Administration and Management Figure 33-6 Figure 33-7 1505 Evjen c33.tex V2 - 01/28/2008 4:18pm Page 1506 Chapter 33: Administration and Management The Add New Users screen (see Figure 33-8) enables you to enter the username, password, e-mail address, and a security question and answer. Figure 33-8 You can create as many users as you like; but to delete or update information for users, you must leave the wizard and manage the users separately. As mentioned earlier, the wizard is simply for creating the initial configuration for future management. Click Next. 6. Add New Access Rules (see Figure 33-9). First, select the folder in the Web application that needs special security settings. Then choose the role or user(s) to whom the rule will apply. Select the permission (Allow or Deny) and click the Add This Rule button. For example, if you had a folder named Secure you could select it and the Administrator role, and t hen click the Allow radio button to permit all users in the Administrator role to access to the Secure folder. All folders that need special permissions must be created ahead of time. The informa- tion shown in the wi zard is cached and is not updated if you decide to create a new folder inside your Web application while you are already on this screen so remem- ber to create your special security folders before starting the wizard. The wizard gives you the capability to apply access rules to either roles or specific users. The Search for Users option is handy if you have defined many users for your Web site and want to search for a specific user. 1506 Evjen c33.tex V2 - 01/28/2008 4:18pm Page 1507 Chapter 33: Administration and Management Figure 33-9 All access rules are sho wn at the bottom on the screen, and you can delete a specific rule and start again. Rules are shown dimmed if they are inherited from the parent configu- ration and cannot be changed here. When you are ready, click Next. 7. The last screen in the Security Setup Wizard is an information page. Click the Finish button to exit the wizard. Creating New Users The ASP.NET Web Site Administration Tool’s Security tab provides ways to manage users without using the wizard and is very helpful for ongoing maintenance of users, roles, and access permissions. To create a new user, simply click the Create User link on the main page of the Security tab (as you saw e arlier in Figure 33-2). The Create User screen, shown in Figure 33-10, is displayed, enabling you to provide username , password, confirmation of password, e-mail, and the security question and answer. You can assign a new user to any number of roles in the Roles list; these are roles currently defined for your Web application. Use this tool to create users named Admin, HRUser and SalesUser and assign them the corresponding roles. 1507 Evjen c33.tex V2 - 01/28/2008 4:18pm Page 1508 Chapter 33: Administration and Management Figure 33-10 Managing Users You can manage existing users by clicking the Manage Users link on the Security tab. A new screen displays a list of all existing users (see Figure 33-11). A search option is available, which makes it easier to find a specific user if the list is long. Find the user you want to manage, then you can update his information, delete the user, reassign roles, or set the user to active or inactive. Managing Roles Two links are provided in the Security tab for managing roles: Disable Roles and Create or Manage Roles. Clicking Disable Roles does just that — disables role management in the Web application; it also dims the other link. Click the Create or Manage Roles link to start managing roles and user assignments to specific roles. A screen displays all roles you have defined so far. You have options to add new roles, delete existing roles, or manage specific roles. Click the Manage link next to a specific role, and a screen shows all the users currently assigned to that role (see Figure 33-12). You can find other users by searching for their names, and you can then assign them to or remove them from a selected role. 1508 Evjen c33.tex V2 - 01/28/2008 4:18pm Page 1509 Chapter 33: Administration and Management Figure 33-11 Figure 33-12 1509 Evjen c33.tex V2 - 01/28/2008 4:18pm Page 1510 Chapter 33: Administration and Management Managing Access Rules The Security tab provides options for creating and managing access rules. Access rules are applied either to an entire Web application or to specific folders inside it. Clicking the Create Access Rules link takes you to a screen where you can view a list of the folders inside your Web application. You can select a specific folder, select a role or a user, and then choose whether you want to enable access to the selected folder. Figure 33-13 shows the Add New Access Rule screen. Figure 33-13 Clicking Manage Access Rules on the Security tab takes you to a screen that shows all existing access rules. You can remove any of these rules and add new ones. You can also readjust the list of access rules if you want to apply them in a specific order. The Manage Access Rules screen is shown in Figure 33-14. The Application Tab The Application tab provides a number of application-specific configurations, including the con- figuration of appSettings, SMTP mail server settings, debugging and trace settings, and starting/ stopping the entire Web application. Managing Application Settings The left side of the screen shows links for creating and managing application settings. The set- tings are stored in the < appSettings > section of the web.config . Most ASP.NET programmers 1510 Evjen c33.tex V2 - 01/28/2008 4:18pm Page 1511 Chapter 33: Administration and Management Figure 33-14 are used to manually modifying this tag in previous versions of ASP.NET. Figure 33-15 shows the Application tab. Clicking the Create Application Settings link takes you to a screen where you can provide the name and the value information. Clicking Manage Application Settings takes you to a screen where you can view existing settings and edit or delete them. You can also create new setting from this screen. Managing SMTP Configuration Click the Configure SMTP E-Mail Settings link to view a screen like the one shown in Figure 33-16. The configure SMTP mail settings feature is useful if your Web application can send autogener- ated e-mails. Instead of denoting SMTP server configuration in the code, you can spell it out in the configuration file by entering values here in the administration tool. Specify the server name, port, sender e-mail address, and authentication type. Managing Tracing and Debugging Information Clicking the Application tab’s Configure Debugging and Tracing link takes you to a screen (see Figure 33-17) where you can enable or disable tracing and debugging. Select whether you want to display trace information on each page. You can also specify whether to track just local requests or all requests, as well as trace sorting and caching configuration. 1511 Evjen c33.tex V2 - 01/28/2008 4:18pm Page 1512 Chapter 33: Administration and Management Figure 33-15 To configure default error pages, you simply click Define Default Error Page on the screen you saw in Figure 33-15. This takes you to a screen where you can select a URL that is used for redirection in case of an error condition (see Figure 33-18). Taking an Application Offline You can take your entire Web application offline simply by clicking the T ake Application Offline link (again, refer to Figure 33-15). The link stops the app domain for your Web application. It is useful if you want to perform a scheduled maintenance for an application. The Provider Tab The final tab in the ASP.NET Web Site Administration Tool is Provider, shown in Figure 33-19. You use it to set up additional providers and to determine the providers your application will use. The Provider page is simple, but it contains an important piece of information: the default data provider with which your application is geared to work. In Figure 33-19, the application is set up to work with the AspNetSqlProvider provider, the default data provider. 1512 Evjen c33.tex V2 - 01/28/2008 4:18pm Page 1513 Chapter 33: Administration and Management Figure 33-16 The two links on this tab let you set up either a single data provider or a specific data provider for each of the features in ASP.NET that requires a data provider. If you click the latter, you are presented with the screen shown in Figure 33-20. It enables you to pick the available providers separately for Membership and Role management. As you can see from the screenshots and brief explanations provided here, you could now handle a large portion of the necessary configurations through a GUI. You no longer have to figure out which setting must be placed in the web.config file. This functionality becomes even more important as the web.config file grows. In ASP.NET 1.0/1.1, the web.config file was a reasonable size, but with all the features provided by ASP.NET 2.0 or 3.5, the web.config file has the potential to become very large. These GUI-based tools are an outstanding way to configure some of the most com- monly needed settings. However, there are many settings that can not be modified with the Web Server Administration Tool, such as the AJAX settings, so you will still need to edit web.config in many cases. 1513 Evjen c33.tex V2 - 01/28/2008 4:18pm Page 1514 Chapter 33: Administration and Management Figure 33-17 Configuring ASP.NET in IIS on Vista If you are using IIS as the basis of your ASP.NET applications, you will find that it is quite easy to con- figure the ASP.NET application directly through the Internet Information Services (IIS) Manager if you are using Windows Vista. To access the ASP.NET configurations, open IIS and expand the Web Sites folder, which contains all the sites configured to work with IIS. Remember that not all your Web sites are configured to work in this manner because it is also possible to create ASP.NET applications that make use of the new ASP.NET built-in Web server. Once you have expanded the IIS Web Sites folder, right-click one of the applications in this folder and you will notice that the options you have available to you for configuration will appear in the IIS Manager (see Figure 33-21). The options available to you enable you to completely configure ASP.NET or even configure IIS itself. The focus of this chapter is on the ASP.NET section of the options. In addition to the options you can select from one of the available icons, you can also configure some basic settings of the application by clicking the Basic Settings link in the Actions pane on the right-hand side of the IIS Manager. When clicking the Basic Settings link, you w ill get a dialog box, as shown in Figure 33-22. 1514 . Evjen c 33. tex V2 - 01/28/2008 4:18pm Page 150 5 Chapter 33 : Administration and Management Figure 33 -6 Figure 33 -7 150 5 Evjen c 33. tex V2 - 01/28/2008 4:18pm Page 150 6 Chapter 33 : Administration and. web.config in many cases. 15 13 Evjen c 33. tex V2 - 01/28/2008 4:18pm Page 151 4 Chapter 33 : Administration and Management Figure 33 -17 Configuring ASP. NET in IIS on Vista If you are using IIS as. 4:18pm Page 151 1 Chapter 33 : Administration and Management Figure 33 -14 are used to manually modifying this tag in previous versions of ASP. NET. Figure 33 - 15 shows the Application tab. Clicking the