The page configuration settings allow the developer to control some of the default behaviors for all the ASP.NET pages in the application or machine. Property Description Default Val[r]
(1)Session 19
Configuring an
(2)Review
A service has two characteristics: Interface and Registration
Web services reduce the “communication-gap” among the Web applications,
enhancing interactivity Web sites thereby group together to form a constellation, providing users a rich user experience
Advantages of Web Services Cross business integration Improved efficiency
Closer customer relationships
Facilitation of just-in-time integration
The extension of a Web service file in NET is asmx
The [WebMethod] tag notifies the ASP.NET compiler that the method to follow
(3)Exploring ASP.NET / Session 19 / of 31
Review contd
A Web service could be called from a browser, an ASP page or even another Web
service Using the browser, the Web service can be accessed using either HTTP-GET or HTTP-POST A SOAP request from an ASP page, or a Web service to another Web service can also be made
WSDL is the short form for Web Services Description Language WSDL is the
grammar for a Web service, or moreover, could be thought of as a language that describes or portrays a Web service
The proxy class does not contain any application logic Instead, it contains the
transporting logic as to how the parameters would be passed, and the result retrieved
The proxy class will also contain a list of all the methods that are present in the
Web service and their prototypes
UDDI is the abbreviation for Universal Description, Discovery and Integration UDDI helps in registering the services provided by the service providers, so that
(4)Objectives
Discuss Machine.Config Discuss Web.Config
Discuss the structure of a configuration
file
Secure your web pages using
(5)Web Pages – Web Application
Individual web pages together form a web application Advantage of grouping individual pages together into an
application, is that values can be set for all these pages at once, by setting the properties of the application
The setting of values for the properties of an application
that will control the application at runtime, is known as configuring the ASP.NET application
Web Page Web Page Web Page Web Page
Web Page
- -
(6)Configuration Files
In ASP.NET, all that needs to be done to configure an
application, is to create a configuration file called
web.config, and place it in the root directory of the
application
This web.config is an XML based file
<configuration>
<system.web>
<sessionState timeout=”20” /> </system.web>
</configuration>
ASP.NET provides the configuration files that are needed to customize the web site These files offer remarkable
(7)Features of Configuration Files Stored in plain text format
Written in XML Rules for naming tags and
attributes
No need to restart server in case of changes
to file
Each directory overrides earlier
configuration file
(8)Rules for naming the Tags
Type of Tags Rule
Tag and attribute names Camel-cased : First character of a tag
name is lowercase, and the first letter of any subsequent words is uppercase Attribute values Pascal-case : first character is
uppercase, and the first letter of any subsequent concatenated words is uppercase Exceptions being true and
(9)Types of Configuration Files
Machine.config
Decides configuration for all the applications residing on the server
Settings are applied to single application residing on the server
XML based file is
Stored in C:\WinNT\Microsoft.NET\Framework\v.1.xxxx\config
Build number of net CLR
Web.config
Only one file per ASP.NET installation on a machine
XML based file stored in the web application directory of the web server
(10)Types of Configuration Files – Contd…
Web Applications
One per machine
One per application Override settings of
(11)Structure of Configuration Files
The configuration file encloses all the tags within the
configuration tags, which if not done, the compiler throws an exception
The configuration properties of the machine are set
between these tags
Within the configuration tags, the configuration
information is grouped into two categories:
configuration section handler declaration area configuration section settings area
Configuration sections are defined between
<configSections> and </configSections> tags
The individual sections are defined using the
(12)Typical Web.config File
<configuration> <configSections>
<section name="sectionSettings" type="Class" /> <sectionGroup name="sectionGroup">
<section name="sectionSettings" type="Class" /> </sectionGroup>
</configSections>
<section name=”sectionSettings” type=<Class>” /> <sectionGroup>
<sectionSettings attribute="someValue" /> <sectionSettings SomeAttribute=”SomeValue”> <element attribute=”value”/>
</sectionSettings> </sectionGroup>
(13)Configuration Section Handler Declaration Area
Defines a class (usually a NET base class) that will be used to interpret the configuration data This section is enclosed between the
<configSections> tag
Generally, this section is placed in the
Machine.Config file, and need not be placed in each and every Web.Config file, as it will be
(14)Configuration Sections Settings Area
Defines the actual settings for some particular option
Contains the section handlers in which the configuration code is written
Each of the section handlers is grouped in a <sectionGroup>, that offers a structure to the configuration file
(15)Page Configuration Settings
<configuration>
<system.web>
<pages buffer=”true”
enableViewState=”false” /> </system.web>
</configuration>
The page configuration settings allow the developer to control some of the default behaviors for all the ASP.NET pages in the application or machine
Property Description Default Value
Buffer Sets whether the response to a client is sent directly, or is first buffered on the server and then sent
True
enableView State
Sets whether ViewState is to be enabled or disabled
(16)Application Setting
The application settings section is enclosed between the
<appSettings> and </appSettings> tags
These settings allow the user to set the application configuration
details
Application settings enable to store and retrieve information as
key-value pairs
It is also possible to store, SQL queries
<configuration> <appSettings>
<add key=”MySQLQuery” value=”Select * FROM MySQLTable”/> </appSettings>
</configuration>
(17)Compilation Setting
The compilation settings section is used to specify the compilation options that
are necessary to compile the application source files
References of the assemblies that are required during compilation can be
specified here
It is also possible to specify whether to run the application in a debug mode
Attribute Option Description
Debug Specifies whether to compile retail binaries or debug binaries
true Specifies compilation of debug binaries false Specifies compilation of retail binaries
(18)Compilation Setting Configuration
<configuration> <system.web> <compilation debug=“false"
defaultLanguage=”C#”/> </system.web>
</configuration>
(19)Sub-tags of Compilation tag
<configuration> <system.web> <compilation
debug=“true” defaultLanguage=“C#”> <assemblies>
<add assembly="System.Data" /> </assemblies>
</compilation> </system.web> </configuration>
<add> <remove> <clear>
(20)Sub-tags of Compilation tag Contd…
<configuration> <system.web> <compilation
debug=“true” defaultLanguage=“C#”> <namespaces>
<add namespace=“System.Web.UI” /> </namespaces>
</compilation> </system.web>
</configuration>
(21)Sub-tags of Compilation tag Contd…
<compilers> sub-tag
(22)customErrors Setting
ASP.NET provides the flexibility to write custom error
pages, and redirect the browser (client) to these error pages when any specific error occurs
The error pages to be displayed can be designed to give
a more polite and user-friendly explanation of the error and its cause
<customErrors
defaultRedirect="url"
mode="On|Off|RemoteOnly">
<error statusCode="statuscode" redirect="url“/> </customErrors>
(23)customErrors Example
<configuration> <system.web>
<customErrors defaultRedirect= "http://
localhost/Appdir/allErrors.aspx" mode="RemoteOnly">
<error statusCode="404"
redirect=" http:// localhost/ Appdir/ ErrorNo404.aspx"/>
</customErrors> </system.web>
(24)Authentication
<configuration> <system.web>
<authentication mode="Windows|Forms|Passport|None"> <forms name="name" loginUrl="url"
protection="All|None|Encryption "
timeout="xx" path="/" >
<credentials passwordFormat="Clear|SHA1|MD5"> <user name="username" password="password" /> </credentials>
</forms>
<passport redirectUrl="internal"/> </authentication>
</system.web>
The process of identifying the valid user/password, and providing services
(25)Authentication Types
Specifies Windows authentication as default authentication mode Used for any form of IIS authentication
Specifies ASP.NET forms-based
authentication as default authentication mode Widely used method
Specifies Microsoft Passport authentication as default authentication mode
No authentication Used by
anonymous users and applications providing own authentication
WINDOWS FORMS
(26)Attributes of <forms> tag
Attribute Option Description
Name None Cookie name used for authentication
LoginUrl None Login page URL The client is redirected to this URL if no authentication cookie
protection Encryption Cookie should not be stored as plain text but should be
encrypted for protection
Validation Validation scheme verifies whether the contents of an encrypted cookie have been altered in transit
ALL Application uses both data validation and encryption to protect the cookie
None Both encryption and validation are disabled
To use Form Authentication, the authentication mode needs to be specified as
Forms, in which case the <forms> sub-tag can be supplied having following
(27)Attributes of <forms> tag
Attribute Option Description
timeout The amount of time, in minutes, after which the authentication cookie expires Default value is 30
(28)Forms Authentication Example
<configuration> <system.web>
<authentication mode="Forms"> <forms name="MainForm"
loginUrl="LoginPage.aspx"
protection="None" timeout="60">
<credentials passwordFormat="Clear">
<user name="User1" password="user1!"/> <user name="User2" password="user2@"/> <user name="User3" password="user3#"/> </credentials>
</forms>
</authentication> </system.web>
(29)Authorization
After setting the authentication settings for an application, access rights need to be assigned as to who can access the application
Setting these access rights is known as Authorization
Using Authorization settings, users are actually authorized to access the website
<authorization>
(30)Authorization Example
<configuration> <system.web>
<authentication mode="Forms">
<forms name="MainForm” loginUrl="LoginPage.aspx" protection="None" timeout="60">
<credentials passwordFormat="Clear">
<user name="User1" password="user1!"/> <user name="User2" password="user2@"/> <user name="User3" password="user3#"/> </credentials>
</forms>
</authentication>
<authorization>
<allow users=”User2, User3” /> <deny users=”User1” />
</authorization>
(31)Summary
ASP.NET is a collection of all the ASP.NET pages, the custom
controls and modules
It provides the configuration files to customize the web site
The ASP.NET configuration files are written in XML, which enables
the developer to modify them using an XML parser
Two types of configuration files exist in ASP.NET:
Machine.Config Web.Config
A hierarchical structure can be formed with every directory,
(32)Summary Contd…
Within the configuration tags, the configuration information is
grouped into two categories:
The configuration section handler declaration area The configuration section settings area
The process of validating the user name and password is known as