Professional ASP.NET 3.5 in C# and Visual Basic Part 77 pps

For instance, suppose you are using the sitemap file from Listing 14-1 and you have a pretty large amount of site navigation to add under the area of Entertainment.. The ASP.NET persona

Trang 1

Listing 14-34: Locking down the AdminOnly.aspx page in the web.config

<system.web>

</authorization>

</system.web>

</location>

</configuration>

Now, because theAdminOnly.aspxpage is accessible only to the users who are in the Admin role, the

next step is to allow users to login to the application The application demo accomplishes this task by

creating aDefault.aspxpage that contains a Login server control as well as a TreeView control bound

to a SiteMapDataSource control This simple ASP.NET page is presented in Listing 14-35

Listing 14-35: The Default.aspx page

<%@ Page Language="VB" %>

</head>

<body>

<div>

<asp:Login ID="Login1" runat="server">

</asp:Login>

<br />

<asp:TreeView ID="TreeView1" runat="server"

DataSourceID="SiteMapDataSource1" ShowLines="True">

</asp:TreeView>

<br />

<asp:SiteMapDataSource ID="SiteMapDataSource1" runat="server" />

</div>

</form>

</body>

</html>

With theDefault.aspxpage in place, another change is made to theWeb.sitemapfile that was originally presented in Listing 14-1 For this example, you add a<siteMapNode>element that works with the new

AdminOnly.aspxpage This node is presented here:

<siteMapNode title="Administration" description="The Administrators page"

url="AdminOnly.aspx" roles="Admin" />

After all items are in place in your application, the next step is to enable security trimming for the site

navigation system

Trang 2

Enabling Security Trimming

By default, security trimming is disabled Even if you start applying values to therolesattribute for any

<siteMapNode>element in yourweb.configfile, it does not work To enable security trimming, you

must fine-tune the provider declaration for the site navigation system

To make the necessary changes to the XmlSiteMapProvider, you need to make these changes high up

in the configuration chain, such as to themachine.configfile or the defaultweb.configfile, or you can

make the change lower down, such as in your application’sweb.configfile This example makes the

change in theweb.configfile

Figure 14-36

To alter the XmlSiteMapProvider in theweb.configfile, you first clear out the already declared instance

After it is cleared, you then redeclare a new instance of the XmlSiteMapProvider, but this time you enable

security trimming, as illustrated in Listing 14-36

Trang 3

Listing 14-36: Enabling security trimming in the provider

<system.web>

<add siteMapFile="web.sitemap" name="AspNetXmlSiteMapProvider"

type="System.Web.XmlSiteMapProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"

securityTrimmingEnabled="true" />

</providers>

</siteMap>

</system.web>

</configuration>

Figure 14-37

Trang 4

From this example, you can see that a new XmlSiteMapProvider is defined and the

securityTimmingEn-abledattribute is then set totrue(shown in bold) With security trimming enabled, the roles attribute in

the<siteMapNode>element is utilized in the site navigation system

To test it out for yourself, run theDefault.aspxpage You are first presented with a page that does not

include the link to the administration portion of the page, as illustrated in Figure 14-36

From this figure, you can see that the Administration link is not present in the TreeView control Now,

however, log in to the application as a user contained in the Admin role You then see that, indeed, the

site navigation has changed to reflect the role of the user, as presented in Figure 14-37

Security trimming is an ideal way of automatically altering the site navigation that is presented to users

based upon the roles they have in the role management system

Nesting SiteMap F iles

You are not required to place all your site navigation within a singleWeb.sitemapfile In fact, you can

spread it out into multiple.sitemapfiles if you wish and then bring them all together into a single

.sitemapfile — also known as nesting.sitemapfiles

For instance, suppose you are using the sitemap file from Listing 14-1 and you have a pretty large amount

of site navigation to add under the area of Entertainment You could put all this new information in the

currentWeb.sitemapfile, or you could keep all the Entertainment links in another sitemap file and just

reference that in the main sitemap file

In the simplest case, nesting sitemap files is easily achievable To see it in action, create a new.sitemap

file (calledEntertainment.sitemap) and place this file in your application An example

Entertain-ment.sitemapfile is presented in Listing 14-37

Listing 14-37: The Entertainment.sitemap

<?xml version="1.0" encoding="utf-8" ?>

<siteMapNode url="Entertainment.aspx" title="Entertainment"

description="The Entertainment Page">

<siteMapNode url="Movies.aspx" title="Movies"

description="The Latest in Movies" />

<siteMapNode url="Fashion.aspx" title="Fashion"

description="The Latest in Fashion" />

</siteMapNode>

</siteMap>

You can place theEntertainment.sitemapin the root directory where you also have the main

Web.sitemapfile Now, working from the sitemap file that from the earlier Listing 14-1, you make the

following addition to the bottom of the list as presented in Listing 14-38

Listing 14-38: Additions to the Web.sitemap file

Trang 5

Instead of using the standardurl,title, anddescriptionattributes, you just point to the other sitemap file to be included in this main sitemap file using thesiteMapFileattribute Running this page gives you results similar to those presented in Figure 14-38

Figure 14-38

Another approach to nesting sitemap files is to build a second provider in the sitemap provider model

definitions and to then use theproviderattribute within the<siteMapNode>element to reference this

declaration To accomplish this task, you first add a new sitemap provider reference in theweb.config

file This is illustrated in Listing 14-39

Listing 14-39: Using another provider in the same Web.sitemap file

<system.web>

<add siteMapFile="Entertainment.sitemap" name="AspNetXmlSiteMapProvider2"

type="System.Web.XmlSiteMapProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

</providers>

</siteMap>

</system.web>

</configuration>

From this bit of code, you can see that a second provider is defined Defining a second sitemap provider does not mean that you have to use the<clear />element in the<provider>section, but instead, you simply define a new provider that has a new name In this case, the name of the provider is AspNetXml-SiteMapProvider2 Also, within this provider definition, thesiteMapFileattribute is used to point to

the name of the sitemap file that should be utilized

With this in place, you can then reference this declaration by using theproviderattribute within the

<siteMapNode>element of theWeb.sitemapfile To add theEntertainment.sitemapfile in this manner, your<siteMapNode>element should take the form presented in Listing 14-40

Trang 6

Listing 14-40: Using a second provider in the Web.sitemap file

This gives you the same results as those shown in Figure 14-38 Besides providing another way of nesting

sitemap files, you gain a lot of power using theproviderattribute If you build a new sitemap provider

that pulls sitemap navigation information from another source (rather than from an XML file), you can

mix those results in the mainWeb.sitemapfile The end result could have items that come from two or

more completely different data sources

Summar y

This chapter introduced the navigation mechanics that ASP.NET 3.5 provides At the core of the

naviga-tion capabilities is the power to detail the naviganaviga-tion structure in an XML file, which can then be utilized

by various navigation controls — such as the new TreeView and SiteMapPath controls

The powerful functionality that the navigation capabilities provide saves you a tremendous amount of

coding time

In addition to showing you the core infrastructure for navigation in ASP.NET 3.5, this chapter also

described both the TreeView and SiteMapPath controls and how to use them throughout your

appli-cations The great thing about these controls is that, right out of the box, they can richly display your

navigation hierarchy and enable the end user to work through the site easily In addition, these

con-trols are easily changeable so that you can go beyond the standard appearance and functionality that

they provide

Along with the TreeView server control, this chapter also looked at the Menu server control You

will find a lot of similarities between these two controls as they both provide a means to look at

hierarchical data

Finally, this chapter looked at how to achieve URL mapping, as well as how to localize yourWeb

.sitemapfiles and filter the results of the site navigation contents based upon a user’s role in the role

management system

Trang 7

Many Web applications must be customized with information that is specific to the end user who

is presently viewing the page In the past, the developer usually provided storage of

personal-ization properties for end users viewing the page by means of cookies, theSessionobject, or

theApplicationobject Cookies enabled storage of persistent items so that when the end user

returned to a Web page, any settings related to him were retrieved in order to be utilized again by

the application Cookies are not the best way to approach persistent user data storage, however,

mainly because they are not accepted by all computers and also because a crafty end user can easily

alter them

As you will see in Chapter 16, ASP.NET membership and role management capabilities are ways

that ASP.NET can conveniently store information about the user How can you, as the developer,

use the same mechanics to store custom information?

ASP.NET 3.5 provides you with an outstanding feature — personalization The ASP.NET

personal-ization engine provided with this latest release can make an automatic association between the end

user viewing the page and any data points stored for that user The personalization properties that

are maintained on a per-user basis are stored on the server and not on the client These items are

conveniently placed in a data store of your choice (such as Microsoft’s SQL Server) and, therefore,

the end user can then access these personalization properties on later site visits

This feature is an ideal way to start creating highly customizable and user-specific sites without

building any of the plumbing beforehand In this case, the plumbing has been built for you! The

personalization feature is yet another way that the ASP.NET team is making developers more

pro-ductive and their jobs easier

The Personalization Model

The personalization model provided with ASP.NET 3.5 is simple and, as with most items that come

with ASP.NET, it is an extensible model as well Figure 15-1 shows a simple diagram that outlines

the personalization model

Trang 8

Server Controls

Web Parts

Interfaces Control Personalization Profile API

Data Stores

Custom Data Store

SQL Server 7.0/2000/2005/2008

Figure 15-1

From this diagram, you can see the three layers in this model First, look at the middle layer of the

per-sonalization model — the Perper-sonalization Services layer This layer contains the Profile API This new

Profile API layer enables you to program your end user’s data points into one of the lower-layer data

stores Also included in this layer are the server control personalization capabilities, which are important

for the Portal Framework and the use of Web Parts The Portal Framework and Web Parts are discussed

in Chapter 17

Although certain controls built into ASP.NET can utilize the personalization capabilities for storing

information about the page settings, you can also use this new engine to store your own data points As

with Web Parts, these points can be used within your ASP.NET pages

Below the Personalization Services layer, you find the default personalization data provider for working

with Microsoft’s SQL Server 2008, 2005, or 2000, as well as the new Microsoft SQL Server Express Edition

files You are not limited to just this one data store when applying the personalization features of ASP.NET

3.5; you can also extend the model and create a custom data provider for the personalization engine

You can read about how to create your own providers in Chapter 13.

Now that you have looked briefly at the personalization model, you can begin using it by creating some

stored personalization properties that can be used later within your applications

Trang 9

Creating Personalization Proper ties

The nice thing about creating custom personalization properties is that you can do it so easily After

these properties are created, you gain the capability to have strongly typed access to them It is also

possible to create personalization properties that are used only by authenticated users, and also some

that anonymous users can utilize These data points are powerful — mainly because you can start using them immediately in your application without building any underlying infrastructures to support them The first step is to create some simple personalization properties Later, you learn how to use these

personalization properties within your application

Adding a Simple Personalization Property

The first step is to decide what data items from the user you are going to store For this example, create

a few items about the user that you can use within your application; assume that you want to store the following information about the user:

❑ First name

❑ Last name

❑ Last visited

❑ Age

❑ Membership Status

ASP.NET has a heavy dependency on storing configurations inside XML files, and the ASP.NET 3.5

personalization engine is no different All these customization points concerning the end user are defined and stored within theweb.configfile of the application This is illustrated in Listing 15-1

Listing 15-1: Creating personalization properties in the web.config file

<system.web>

</properties>

</profile>

</system.web>

</configuration>

Trang 10

Within theweb.configfile and nested within the <system.web>section of the file, you create

a<profile>section in order to work with the ASP.NET 3.5 personalization engine Within this

<profile>section of theweb.configfile, you create a<properties>section In this section, you can

define all the properties you want the personalization engine to store

From this code example, you can see that it is rather easy to define simple properties using the<add>

element This element simply takes thenameattribute, which takes the name of the property you want

to persist

You start out with the assumption that accessing the page you will build with these properties is already

authenticated using Windows authentication (you can read more on authentication and authorization in

the next chapter) Later in this chapter, you look at how to apply personalization properties to anonymous

users as well The capability to apply personalization properties to anonymous users is disabled by

default (for good reasons)

After you have defined these personalization properties, it is just as easy to use them as it is to define

them The next section looks at how to use these definitions in an application

Using Personalization Properties

Now that you have defined the personalization properties in theweb.configfile, it is possible to use these

items in code For example, you can create a simple form that asks for some of this information from the

end user On theButton_Clickevent, the data is stored in the personalization engine Listing 15-2 shows

an example of this

Listing 15-2: Using the defined personalization properties

VB

<%@ Page Language="VB" %>

Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs)

If Page.User.Identity.IsAuthenticated Then

Profile.FirstName = TextBox1.Text

Profile.LastName = TextBox2.Text

Profile.Age = TextBox3.Text

Profile.Member = Radiobuttonlist1.SelectedItem.Text

Profile.LastVisited = DateTime.Now().ToString()

Label1.Text = "Stored information includes:<p>" & _

"First name: " & Profile.FirstName & _

"<br>Last name: " & Profile.LastName & _

"<br>Age: " & Profile.Age & _

"<br>Member: " & Profile.Member & _

"<br>Last visited: " & Profile.LastVisited Else

Label1.Text = "You must be authenticated!"

End If

End Sub

</script>

Định dạng
Số trang	10
Dung lượng	208,66 KB