ASP.NET

How to use mode "Windows"?

Change the authentication mode to Windows.

Windows Authentication mode provides the developer to authenticate a user based on Windows user accounts. This is the default authentication mode provided by ASP.Net. You can easily get the Identity of the user by using User.Identity.Name. This will return the computer name along with the user name. Windows authentication also provides IsInRole method to find the role of the user and than you can give permissions to the user depending on the role.

</authentication>

Deny access to the anonymous user in the <authorization> section as follows:

</authorization>

Other you can make a special client to access you project with windows authentication. Code like this (this case you can get value using 'User.Identity.Name', then you can use it to do other work you like.):

</authorization>

How to use mode "Forms"?

Change the authentication mode to Forms.

Insert the <Forms> tag, and fill the appropriate attributes. (For more information about these attributes, refer to the MSDN documentation)

First you should specify a page and make sure all clients can found it. Code like this

</authentication>

Deny access to the anonymous user in the <authorization> section as follows:

</authorization>

Second in that page you to validate the user's Id and Password. Code like this:

You can use one of two methods to generate the forms authentication cookie and redirect the user to an appropriate page in the cmdLogin_ServerClick event. Sample code is provided for both scenarios. Use either of them according to your requirement.

(1). Call the RedirectFromLoginPage method to automatically generate the forms authentication cookie and redirect the user to an appropriate page in the cmdLogin_ServerClick event:

private void cmdLogin_ServerClick(object sender, System.EventArgs e)

{

If (ValidateUser(txtUserName.Value,txtUserPass.Value) )

{

FormsAuthentication.RedirectFromLoginPage(txtUserName.Value, false);

}

else

{

Response.Redirect("logon.aspx", true);

}

(2). Generate the authentication ticket, encrypt it, create a cookie, add it to the response, and redirect the user. This gives you more control in how you create the cookie. You can also include custom data along with the FormsAuthenticationTicket in this case.

Private void cmdLogin_ServerClick(object sender, System.EventArgs e)

{

if (ValidateUser(txtUserName.Value,txtUserPass.Value) )

{

FormsAuthenticationTicket tkt;

string cookiestr;

HttpCookie ck;

tkt = new FormsAuthenticationTicket(1, txtUserName.Value, DateTime.Now,

DateTime.Now.AddMinutes(30), chkPersistCookie.Checked, "your custom data");

cookiestr = FormsAuthentication.Encrypt(tkt);

ck = new HttpCookie(FormsAuthentication.FormsCookieName, cookiestr);

if (chkPersistCookie.Checked)

ck.Expires=tkt.Expiration;

ck.Path = FormsAuthentication.FormsCookiePath;

Response.Cookies.Add(ck);

string strRedirect;

strRedirect = Request["ReturnUrl"];

if (strRedirect==null)

strRedirect = "default.aspx";

Response.Redirect(strRedirect, true);

}

else

Response.Redirect("logon.aspx", true);

}

Windows Authentication

Windows Authentication provider is the default authentication provider for ASP.NET applications. When a user using this authentication logs in to an application, the credentials are matched with the Windows domain through IIS.

There are 4 types of Windows Authentication methods:
1) Anonymous Authentication - IIS allows any user
2) Basic Authentication - A windows username and password has to be sent across the network (in plain text format, hence not very secure).
3) Digest Authentication - Same as Basic Authentication, but the credentials are encrypted. Works only on IE 5 or above
4) Integrated Windows Authentication - Relies on Kerberos technology, with strong credential encryption

Forms Authentication - This authentication relies on code written by a developer, where credentials are matched against a database. Credentials are entered on web forms, and are matched with the database table that contains the user information.
-----------------------------------------------------------------------------------

Session is used to store per-user information for the current Web session on the server. It supports using a database server as the back-end store.
Cookie should be used to store per-user information for the current Web session or persistent information on the client, therefore client has control over the contents of a cookie.
Cache object is shared between users in a single application. Its primary purpose is to cache data from a data store and should not be used as a primary storage. It supports automatic invalidation features.
Application object is shared between users to store application-wide state and should be used accordingly.

Cookies:

There two type of cookies in ASP.NET

Persistent cookies:

cookies are stored on your computer hard disk. They stay on your hard disk and can be accessed by web servers until they are deleted or have expired.

Non-persistent cookies:

cookies are saved only while your web browser is running. They can be used by a web server only until you close your browser. They are not saved on your disk.

------------------------------------------------------------------------------------

The default Global.asax file template includes five methods within a server-side <script> tag:

Application_Start executes when the web application first starts
Application_End runs when the application is shutting down
Application_Error executes whenever an unhandled exception reaches the application
Session_Start executes when a new session is created
Session_End runs when a session is expired or abandoned

-------------------------------------------------------------------------------------

Difference between response.redirect and server.transfer

Response.Redirect should be used when:

we want to redirect the request to some plain HTML pages on our server or to some other web server
we don't care about causing additional roundtrips to the server on each request
we do not need to preserve Query String and Form Variables from the original request
we want our users to be able to see the new redirected URL where he is redirected in his browser (and be able to bookmark it if its necessary)

Server.Transfer should be used when:

we want to transfer current page request to another .aspx page on the same server
we want to preserve server resources and avoid the unnecessary roundtrips to the server
we want to preserve Query String and Form Variables (optionally)

we don't need to show the real URL where we redirected the request in the users Web Browser
---------------------------------------------------------------------------------------------------------------------

What is Data Cache?

Data Cache is used to storing frequently used data in the Cache memory. It's much efficient to retrieve data from the data cache instead of database or other sources. We need use System.Web.Caching namespace. The scope of the data caching is within the application domain unlike "session". Every user can able to access this objects.

How data caching is work?

When client request to the server, server execute the stored procedure or function or select statements on the Sql Server database then it returns the response to the browser. If we run again same process will happen on the web server with sql server.

In the very first time retrieve the records from the sql server database and stored into the Cache memory. After that records will retrieve from Cache memory (IIS). We can set expiration period time after expiration time over the caching again it will hit the sql server database and stored into the cache memory and next retrieve will happen on the data cache memory.

Advantages of Cookies

Following are main advantages of using cookies in web application:

It's very simple to use and implement.
We can avoid database hitting.
We can reduce network traffic.

How to create data cache?

Cache["Employee"] = "DataSet Name"

We can create data caching use Cache Keyword. It's located in the System.Web.Caching namespace. It's just like assigning value to the variable

How to Read data from Data Cache?

Dataset dsEmployee = (Dataset) Cache ["Employee"]

This is very similar to assigning object to the Dataset.

Where does Data Cache are stored?

This is one of the interesting things to find out the Data Caching in your local drive. First of all, From "IE Internet Option ", delete Browsing History to clear Cache.

How to remove a Data Cache?

We can remove Data Cache manually.

  //We need to specify the cache name

   Cache.Remove(String key);

Example:


TimeSpan ts = 
new TimeSpan(0, 0, 10);        

//If cache has null, it will create two cache 
and it will bind into the gridview        

if (Cache["Employee"] == null)

{            

 dtEmployee = new DataTable("Employee");

 dtEmployee.Columns.Add("EmpID", typeof(int));

 dtEmployee.Columns.Add("EmpName", typeof(string));

 DataRow rs = dtEmployee.NewRow();

 rs[0] = 10; rs[1] = "Annathurai"; dtEmployee.Rows.Add(rs);
 //To assign datatable to cache memory.            

 Cache["Employee"] = dtEmployee;  Cache.Insert("Employee", dtEmployee, null, Cache.NoAbsoluteExpiration, ts);  Response.Write("Its processing with Database hit");       

}       

else       

{           

 //If cache has value, It retrive from cache memory and bind into the gridview           

 Response.Write("Its processing from cache");       

} 

/Here we are converting cache into datatable        

GridView1.DataSource = (DataTable)Cache["Employee"];       

GridView1.DataBind();

Software Tips & Tricks

Saturday, August 2, 2014

ASP.NET

How to use mode "Windows"?

Difference between response.redirect and server.transfer

No comments:

Post a Comment