由买买提看人间百态

boards

本页内容为未名空间相应帖子的节选和存档,一周内的贴子最多显示50字,超过一周显示500字 访问原贴
DotNet版 - authentication
相关主题
payan, talk a little bit about rainbow关于asp.net session的弱问题
ASP web application 问题请教How to logout of windows authentication?
how to use window authentication in the ASP.net? Thank you!有人用.NET做PORTAL么?
web farmRe: payan, talk a little bit about rainb
Session ID in URLGot some side projects that needs help
Redirecting User to Login Page [fwd]A question on authentication and cookie
ASP.NET -- help whidbey 什么时候出来?
How can .Net Web App get local PC Credentials谁有PDC WHIDBEY DOWNLOAD?
相关话题的讨论汇总
话题: session话题: login话题: net话题: c#
进入DotNet版参与讨论
1 (共1页)
c*o
发帖数: 70
1
I have a .net C# web application, in which there are 2 kinds of users,e.g.
teachers and students, who can login from different login pages. Hence, I need
2 web.config files to handle the login authentication. It seems to me that I
have to create 2 sub projects for each so that the web.config files can be put
in the subfolders respectively. Is there a way that ONE project can accomplish
this? Thanks!
p***n
发帖数: 635
2
you might want to read this article about personalization
http://www.asptoday.com/content.asp?id=684

【在 c*o 的大作中提到】
: I have a .net C# web application, in which there are 2 kinds of users,e.g.
: teachers and students, who can login from different login pages. Hence, I need
: 2 web.config files to handle the login authentication. It seems to me that I
: have to create 2 sub projects for each so that the web.config files can be put
: in the subfolders respectively. Is there a way that ONE project can accomplish
: this? Thanks!

a*****a
发帖数: 438
3
can't you build one login page and use role authentication?

【在 c*o 的大作中提到】
: I have a .net C# web application, in which there are 2 kinds of users,e.g.
: teachers and students, who can login from different login pages. Hence, I need
: 2 web.config files to handle the login authentication. It seems to me that I
: have to create 2 sub projects for each so that the web.config files can be put
: in the subfolders respectively. Is there a way that ONE project can accomplish
: this? Thanks!

c*o
发帖数: 70
4
Thank you, Payan. The topic is really what I need, unfortunately, it is not
accessable without subscription. Would you please send them, Part1 and 2, to
me if you have them? Thank you so much!

need
I
put
accomplish

【在 p***n 的大作中提到】
: you might want to read this article about personalization
: http://www.asptoday.com/content.asp?id=684

c*o
发帖数: 70
5
Sounds interesting. Any resource for role authentication in .net for login?
Based on my knowledge, a set of webpages are protected from access by a login
page. All of them are in a project, and the authentication and authorization
rules are defined in the web.config file in the same directory in the same
project. Do you think the role authentication based one-login page can achieve
this? Thank you so much!

need
I
put
accomplish

【在 a*****a 的大作中提到】
: can't you build one login page and use role authentication?
C****n
发帖数: 2324
6
Your knowledge regarding authentication is valid, but nobody is using it. The
best pratice is to protect all your pages and allow anonymous login and use
role based authentication to control access.
Go to www.asp.net then go to IBUYSPY tab to get the sample.
By the way, there's a misunderstanding of WEB.CONFIG in your post. You can
have as many web.config as necessary in one project and place them in sub
folders, which will guard the folders under it.

login
achieve
users,e.g.
I
that
be

【在 c*o 的大作中提到】
: Sounds interesting. Any resource for role authentication in .net for login?
: Based on my knowledge, a set of webpages are protected from access by a login
: page. All of them are in a project, and the authentication and authorization
: rules are defined in the web.config file in the same directory in the same
: project. Do you think the role authentication based one-login page can achieve
: this? Thank you so much!
:
: need
: I
: put

j*****o
发帖数: 320
7
This is better than controlling by session, right?
Thanks.

【在 C****n 的大作中提到】
: Your knowledge regarding authentication is valid, but nobody is using it. The
: best pratice is to protect all your pages and allow anonymous login and use
: role based authentication to control access.
: Go to www.asp.net then go to IBUYSPY tab to get the sample.
: By the way, there's a misunderstanding of WEB.CONFIG in your post. You can
: have as many web.config as necessary in one project and place them in sub
: folders, which will guard the folders under it.
:
: login
: achieve

d****t
发帖数: 362
8

Really? It seems to me we have to set up a sub-project in a folder in order
guard the pages under the folder. This is because .net will not consider the
fold a virtual directory without a subproject, then the web.config in it will
lead to errors. I just tried it on my computer.

【在 C****n 的大作中提到】
: Your knowledge regarding authentication is valid, but nobody is using it. The
: best pratice is to protect all your pages and allow anonymous login and use
: role based authentication to control access.
: Go to www.asp.net then go to IBUYSPY tab to get the sample.
: By the way, there's a misunderstanding of WEB.CONFIG in your post. You can
: have as many web.config as necessary in one project and place them in sub
: folders, which will guard the folders under it.
:
: login
: achieve

C****n
发帖数: 2324
9
Don't know what you mean, but web.config CAN be placed in any folders, and you
can have multi web.config files in one project.
Some settings can only be in one place though.

will

【在 d****t 的大作中提到】
:
: Really? It seems to me we have to set up a sub-project in a folder in order
: guard the pages under the folder. This is because .net will not consider the
: fold a virtual directory without a subproject, then the web.config in it will
: lead to errors. I just tried it on my computer.

C****n
发帖数: 2324
10

Don't use session. It will work, not the best pratice.
I strongly suggest anybody who wants to learn .NET to check out the IBUYSPY
sample. It's the best samle I've seen so far.
The
use
login?
authorization
same

【在 j*****o 的大作中提到】
: This is better than controlling by session, right?
: Thanks.

相关主题
Redirecting User to Login Page [fwd]关于asp.net session的弱问题
ASP.NET -- helpHow to logout of windows authentication?
How can .Net Web App get local PC Credentials有人用.NET做PORTAL么?
进入DotNet版参与讨论
p***n
发帖数: 635
11
hmm,i am waiting for WHIDBEY alpha to arrive ...

it.
can
sub
a

【在 C****n 的大作中提到】
:
: Don't use session. It will work, not the best pratice.
: I strongly suggest anybody who wants to learn .NET to check out the IBUYSPY
: sample. It's the best samle I've seen so far.
: The
: use
: login?
: authorization
: same

p***y
发帖数: 79
12
I have Longhorn, Yukon and Whidbey, but need to find a
test machine to install them.

【在 p***n 的大作中提到】
: hmm,i am waiting for WHIDBEY alpha to arrive ...
:
: it.
: can
: sub
: a

p***y
发帖数: 79
13
Nod, session is not easy to manage, especially in
web farm. Also, I heard that C# web project sometime
will drop session for unknow bug.

【在 C****n 的大作中提到】
:
: Don't use session. It will work, not the best pratice.
: I strongly suggest anybody who wants to learn .NET to check out the IBUYSPY
: sample. It's the best samle I've seen so far.
: The
: use
: login?
: authorization
: same

p***n
发帖数: 635
14
that is awsome. i've setup a virtual pc of windows 2003 but i am still waiting
for Whidbey

IBUYSPY

【在 p***y 的大作中提到】
: I have Longhorn, Yukon and Whidbey, but need to find a
: test machine to install them.

p***y
发帖数: 79
15
yeah, I might install virtual pc too. is it easy to set up?
any special requirement? how is the speed? I already have
a win2k3 installed.

【在 p***n 的大作中提到】
: that is awsome. i've setup a virtual pc of windows 2003 but i am still waiting
: for Whidbey
:
: IBUYSPY

a*****a
发帖数: 438
16
you can store session state in another machine or another service..

【在 p***y 的大作中提到】
: Nod, session is not easy to manage, especially in
: web farm. Also, I heard that C# web project sometime
: will drop session for unknow bug.

C****n
发帖数: 2324
17
I just had a damn headache bug with session.
The problem has lasted for months, and never be solved. I just realize it's
session problem today.
ASP.NET will restart for some internal reasons, hence discard your session
values, even with a single CPU.
DAMN, what a stupid mistake.

IBUYSPY

【在 a*****a 的大作中提到】
: you can store session state in another machine or another service..
L*******r
发帖数: 1011
18
It may be the fault of an unmature feature. :)
IIS and ASP .Net suppot some resource mangement concepts.
When the server thinks your program costs too much memory or in other "bad"
situation which may
bring the server down, it will restart your program.
If this is true, it got to have some place to do the setting.
But yes, throwing out the session value is not a good idea. :(
This is just my guess. :)

【在 C****n 的大作中提到】
: I just had a damn headache bug with session.
: The problem has lasted for months, and never be solved. I just realize it's
: session problem today.
: ASP.NET will restart for some internal reasons, hence discard your session
: values, even with a single CPU.
: DAMN, what a stupid mistake.
:
: IBUYSPY

p***y
发帖数: 79
19
maybe that's not the reason, from its document, when
asp.net restart for some reason, the session will be
kept since session is stored in different place as
asp.net.
also, from what I know, only c# has his problem.
vb.net is fine.

【在 L*******r 的大作中提到】
: It may be the fault of an unmature feature. :)
: IIS and ASP .Net suppot some resource mangement concepts.
: When the server thinks your program costs too much memory or in other "bad"
: situation which may
: bring the server down, it will restart your program.
: If this is true, it got to have some place to do the setting.
: But yes, throwing out the session value is not a good idea. :(
: This is just my guess. :)

k****i
发帖数: 1072
20
By default,the session state is stored with the local web server.If the
asp.net worker process down, the state will be lost.But session service can be
configured to be run out of process and stored in either a state server or sql
server 【 在 popsy (小孩儿皇帝) 的大作中提到: 】
"bad"
it's
session
相关主题
Re: payan, talk a little bit about rainb whidbey 什么时候出来?
Got some side projects that needs help谁有PDC WHIDBEY DOWNLOAD?
A question on authentication and cookieWhidbey
进入DotNet版参与讨论
C****n
发帖数: 2324
21
nO OFFENSE, BUT YOU REALLY NEED TO LEARN DEEPER OF asp.net.
Especially the statement of C# and VB.NET.

"bad"
it's
session

【在 p***y 的大作中提到】
: maybe that's not the reason, from its document, when
: asp.net restart for some reason, the session will be
: kept since session is stored in different place as
: asp.net.
: also, from what I know, only c# has his problem.
: vb.net is fine.

p***y
发帖数: 79
22
forget this config le, blush...

【在 k****i 的大作中提到】
: By default,the session state is stored with the local web server.If the
: asp.net worker process down, the state will be lost.But session service can be
: configured to be run out of process and stored in either a state server or sql
: server 【 在 popsy (小孩儿皇帝) 的大作中提到: 】
: "bad"
: it's
: session

p***y
发帖数: 79
23
if anything wrong, just point out...

【在 C****n 的大作中提到】
: nO OFFENSE, BUT YOU REALLY NEED TO LEARN DEEPER OF asp.net.
: Especially the statement of C# and VB.NET.
:
: "bad"
: it's
: session

C****n
发帖数: 2324
24
When you are talking about ASP.NET, or .Net framework, there's no way that
there will be any difference between C# and VB.NET.
.Net framework is language neutral.
So, even I don't know the answer of the question, I know your statement:
must be wrong. They are either both fine or both problematic.
The Session server issue has been explained well above by somebody else.
C****n
发帖数: 2324
25
你都中意逃学威龙?

be
sql

【在 k****i 的大作中提到】
: By default,the session state is stored with the local web server.If the
: asp.net worker process down, the state will be lost.But session service can be
: configured to be run out of process and stored in either a state server or sql
: server 【 在 popsy (小孩儿皇帝) 的大作中提到: 】
: "bad"
: it's
: session

p***y
发帖数: 79
26
这个到不是我自己遇到过的问题。 忘了在那里看到的.
大概是以前在一个forum里面看到的。
有个家伙说他的website是用c#写的,发现有时session会丢失, 把
整个website装成vb.net就再也没有同样的问题了。 然后又有几个人
跳出来说这个是C#的问题.

【在 C****n 的大作中提到】
: When you are talking about ASP.NET, or .Net framework, there's no way that
: there will be any difference between C# and VB.NET.
: .Net framework is language neutral.
: So, even I don't know the answer of the question, I know your statement:
: must be wrong. They are either both fine or both problematic.
: The Session server issue has been explained well above by somebody else.

L*******r
发帖数: 1011
27
hehe. Why don't they ask some ASP .net developer directly? :)
Some ASP .Net developers are easily found on asp.net and gotdotnet.com. I
guess they are willing to
answer this question.

【在 p***y 的大作中提到】
: 这个到不是我自己遇到过的问题。 忘了在那里看到的.
: 大概是以前在一个forum里面看到的。
: 有个家伙说他的website是用c#写的,发现有时session会丢失, 把
: 整个website装成vb.net就再也没有同样的问题了。 然后又有几个人
: 跳出来说这个是C#的问题.

L*******r
发帖数: 1011
28
就象kongzi说的,如果使用C# default setting, session state会丢失,因为default
setting是
sesstion states stored in process.
Hope this article helps.
http://www.codeguru.com/vb_internet/PK102302.html
There are two general ways to manage the Session state and three specific ways
within the two general categories. The first general category is in-process
Session storage, and the second general way is out-of-process Session storage.
In-process session caching stores information in the aspnet_wp.exe worker
process and

【在 p***y 的大作中提到】
: maybe that's not the reason, from its document, when
: asp.net restart for some reason, the session will be
: kept since session is stored in different place as
: asp.net.
: also, from what I know, only c# has his problem.
: vb.net is fine.

e***g
发帖数: 158
29
what the. session state should be in memeory, replication and persistence
is another story. dotnet is just immature.

【在 L*******r 的大作中提到】
: 就象kongzi说的,如果使用C# default setting, session state会丢失,因为default
: setting是
: sesstion states stored in process.
: Hope this article helps.
: http://www.codeguru.com/vb_internet/PK102302.html
: There are two general ways to manage the Session state and three specific ways
: within the two general categories. The first general category is in-process
: Session storage, and the second general way is out-of-process Session storage.
: In-process session caching stores information in the aspnet_wp.exe worker
: process and

1 (共1页)
进入DotNet版参与讨论
相关主题
谁有PDC WHIDBEY DOWNLOAD?Session ID in URL
WhidbeyRedirecting User to Login Page [fwd]
Visual Studio.net is buggy.ASP.NET -- help
用 ClickOnce 功能 Deploy 应用程序How can .Net Web App get local PC Credentials
payan, talk a little bit about rainbow关于asp.net session的弱问题
ASP web application 问题请教How to logout of windows authentication?
how to use window authentication in the ASP.net? Thank you!有人用.NET做PORTAL么?
web farmRe: payan, talk a little bit about rainb
相关话题的讨论汇总
话题: session话题: login话题: net话题: c#