Search

Oct 14, 2009

Rolebase page access and rulebase operation access

Hi Again,

This is typical scenario where programmer done want to allow specific user to visit specific page due to functionality which needs to be secure based on user types. The task like managing users should not accessed by a normal user. So we need security based on user types, more precisely we need Authorization. Once user passed thru authentication it is not Authorization who decide the access of current logged user to perform some task.

Before introductions of ASP.NET Rolebase providers, people used to check on each page for the role, and if it does not have that role then redirection process, here all data related to user role kept in session.

This functionality is much more simpler after introduction of Rolebase provider, we just need to define roles and access to that roles. We can restrict users based on either role or userid itself, its depend how the application needs the functionality. This is for particular page, now what if I need to restrict user at operation level? Mean I don't allow Account user to manage users personal details, he just need to play with user's account, he does not need to update personal details of user. Here we can use Rolebase provider to check whether logged in user have rights to perform that operation or not.

Rolebase page Access: After setting roles and mapping, you just need to add few settings into configuration file which rolebase provider will use to perform authorization. Typical example of such web.config is as following.

Authorization_Admin

Lets understand the setting.

  • location tag in which you have to specify path of resource. If path is directory then the authorization will consider on all the pages inside that directory.
  • authorization tag will contains the allow or deny user/roles listing.
  • allow tag contains the roles attribute, in which you have to put role name. So you are allowing user having SiteAdmin to access ManageUser page. In the same way if you write deny roles then it will deny that particular role to access ManageUser page.
  • deny tag contains roles or user. In typical setting we are putting selected roles/users in allow list and for rest we kept as deny, so in deny you may always find * which means all user or all roles.

Typically we have more then one configuration files kept in different-different directories to manage folder separately.

Now let's see how we can implement operation level security using Rulebase provider. Microsoft Enterprise Library Security Application Block helps developers implement common authorization-related functionality in their applications. We just need to set some configuration setting using which you can identify the operation level access. Following is the typical configuration to implement rulebase provider.

RuleBaseProvider

You can see the how rule has been added here along with expression. You can add new rule by adding name and expression, expression is simple string which contains set of Role name and expression. There are list of more expression you can find bellow. First lets try to understand EditPersonalInfo rule, it has two role SiteAdmin or Superuser or User, so all user having these roles can perform EditPersionInfo operation.

Rule Expression can contains I, R, AND, OR, NOT, (, ), ?, *.

  • I: It will authorize to identity which is supplied with I
    • expresson="I:Imran" will allow a user with identity Imran
  • R: It will authorize to role which is supplied with R
  • Rest will be operator you can use at any time
    • expression="((R:Superuser OR R:AccountAdmin) AND (NOT R:SiteAdmin))"

Now this is all about configuring rules. Will see how to apply these rules in our coding.

RoleProvider_Code

Just two lines of code to know weather user is authorize to do that action or not.

Oct 13, 2009

SQL Challenge - Find second highest salary by department

Hello All,

I am starting this new thread called SQL Challenges, which will have SQL Challenge for beginners. I hope your all like that and participate also.

Jacob Sebastian, had already started posting challenges, I would like you to participate into challenge, may be you can get gift or rewards.

There are some rules and regulation which you have to read before posting any reply, it's very simple not a big deal. So first challenge is out there, to finding out second highest salary by department, please visit this link for more details. You can find scripts to generate data too.

Hope you will have great time to solving and most important thing is learning; you will learn lot not only from question also from the best answer posted for particular challenge.

Oct 11, 2009

Core Service - Extensible Output Caching

Output caching is one of the major factor to load your page more faster. up to now ASP.NET allow developer to store generated output of page, control and HTTP request into memory to used further request.

ASP.NET 4.0 provides the mechanism to let developer handle output cache by creating your own custom output-cache provider and manage the persistency of HTML content. For doing this you just need to create class which derives from System.Web.Caching.OutputCacheProvider type and add it to your caching section of web.config. The default provider is AspNetInternalProvider.

ExtensibleOutputCaching 

In addition, you can choose different provider for different pages! There are two way to do this.

First you need to override one new method in Global.asax called GetOutputCacheProviderName which helps you to select output cache provider.

OutputCacheGlobal

Adding code at request level is like adding more work to do, the easiest way is to select output-cache provider is to set value of attribute providerName which is part of OutputCache page or control directive.

OutputCachePage

Topic: ASP.NET 4.0 and Visual Studio 2010 Web Development Beta 2 Overview

Oct 10, 2009

Core Service – Web.Config file Minification

The configuration file is very important for each web application, each web application will have one master web.config file which contains all the setting that a simple web application needs, on top of it we have machine.config, there always be single machine.config file.

Now typical web.conifg will have lots of section and sub-section which are common for all the application, like AJAX related stuff, IIS integration and many more, what 4.0 does is it moved common setting from web.config to machine.confg, this means now your web.config file in ASP.NET 4.0 either empty or contains following lines.

WebConfigMinification

Topic: ASP.NET 4.0 and Visual Studio 2010 Web Development Beta 2 Overview

Oct 6, 2009

Overview of new features in windows 7 - MTD Session

Hello All,

This is my first post on Windows 7, I have attended the event Microsoft Community TechDays on 3rd October 2009 in Ahmedabad having one of the session on cool features of Windows 7, that had been presented by Vinod Kumar Microsoft Evangelist, who is known for his famous SQL site http://extremeexperts.com/. Who basically expert in SQL Server but did wonderful presentation with only one slide and tones of tips and tricks by Demo, I enjoyed the session lots.

I am listing some cool features which I like the most in windows 7 here, this does not mean that features rest feature I don't like but may be I need to explore windows 7 more and more as there are lots of features that been added to windows 7.




[Jacob Sebastian, Imran Bhadelia, Vinod Kumar]

  • Jump List

    The Jump List feature is designed to provide you with quick access to the documents and tasks associated with your applications. You can think of Jump Lists like little application-specific Start menus. Jump Lists can be found on the application icons that appear on the Taskbar when an application is running or on the Start menu in the recently opened programs section. Jump Lists can also be found on the icons of applications that have been specifically pinned to the Taskbar or the Start menu.

    For developer the JumpListManager class provides an abstraction of the application jump list, including facilities to manipulate custom destinations, user tasks, recent/frequent lists and items removed by the user.



  • VHD [Virtual Hard Disk]

    I like this feature the most, VHDs are widely used as storehouses for hard disk images you intend to deploy out to clients. For example, you can keep different images, for different types of users, in the form of separate VHDs and then just deploy the ones you need to whomever they need to go to. Although VHD is closely intertwined with virtualization, it's also being widely used as a stand-alone tool because Windows 7 adds support for Native VHD, which means you can use it without virtualization in place.

  • Global Keyboard shortcuts

    I love to use keyboard as much as I can, windows 7 have added lots of shortcuts to it, I am listing few here.

    Win+Space operates as a keyboard shortcut for Aero Peek.
    Win+Up and Win+Down are new shortcuts for Maximize and Restore/Minimize.
    Win+Shift+Up vertically maximizes the current window
    Win+Left and Win+Right snap the current window to the left or right half of the current display; successive keypresses will move the window to other monitors in a multi-monitor configuration.
    Win+Shift+Left and Win+Shift+Right move the current window to the left or right display.
    Win+ + and Win+ − (minus sign) zoom the desktop in and out.
    Win+Home operates as a keyboard shortcut for Aero Shake.
    Win+P shows an "external display options" selector that gives the user the choice of showing the desktop on only the computer's screen, only the external display, on both at the same time (mirroring), or on both displays with independent desktops (extending).

  • Direct Access

    Traditionally, remote users connect to internal network resources with a Virtual Private Network (VPN). However, using a VPN can be cumbersome for users because it requires several steps, and several seconds (or even minutes), for authentication to occur. Windows 7, together with Windows Server 2008 R2, introduces DirectAccess, a new solution that enables users to have the same experience working remotely as they would working in the office. Taking advantage of technologies such as IPv6 and IPSec, DirectAccess provides remote computers with automatic, seamless access to the internal network across the Internet without connecting to a Virtual Private Network (VPN), while providing secure and flexible network infrastructure for enterprises.



  • Taskbar APIs for developer



    The IMClient sample demonstrates how taskbar overlay icons and taskbar progress bars can light up an application’s taskbar button instead of relying on an additional dialog or on an icon in the system notification area (tray).

  • Aero Shake

    Aero Shake allows users to clear up any clutter on their screen by shaking (dragging back and forth) a window of their choice with the mouse. All other windows will minimize, while the window the user shook stays active on the screen. When the window is shaken again, they are all restored, similar to desktop preview.

  • Problem Steps Recorder

    A very handy tool to record steps which produce the problem, this is very useful if you belong to Quality Assurance. It gives you details of every operation that you had done along with image and description, and again it requires very less space as its highly compact. The Problem Steps Recorder creates a .MHT file (a type of HTML document that includes images in a single file) compressed in a zip archive. The IT professional can open the .MHT file, view screenshots and get an exact description of the user’s actions. It helps overcome language barriers, allowing IT professionals to diagnose problems regardless of language differences



  • Resource Monitor

    Before I was using process monitor, windows 7 have introduced resource monitor, which is way ahead from process monitor, it gives you all the information regarding CPU, Memory, Disk and Network.



  • More Advance Calculator

    New functionality allows the user to not only calculate in the Standard and Scientific modes, but also in Programmer and Statistics modes. And that’s not all! Ever need conversion formulas for temperature, weight, area, or time? Finding the unit conversion option makes it a snap and takes all the work out of the user’s hands.There are even templates for gas mileage, lease estimations, and mortgage estimations.



  • Aero Peek Your Desktop

    A lesser-known versatile tool introduced with Windows 7 is the Aero Peek. Just click the rectangle in the lower right hand corner of the task bar for quick access to your desktop. The keyboard shortcut Window Key + Space performs the same function.