I'm a newbie to asp.net and this is a theoretical question but could someone please elaborate the following:-
[msdn]
The AnonymousTemplate property specifies the content template to display to Web site users when they are not logged in to the Web site. This template is displayed when the Name property of the Page User property is null.
I want to know how does the name property is assigned and all the background tasks that runs to achieve it.
I'm not getting sufficient information and have looked at this How can I set the Page.User Property in ASP.NET?
Thanks!!
As far as I know, the way to change the Name property value is to authenticate as a user.
Make it simple: AnonymousTemplate will be shown when the user is not yet logged in.
Related
I have an asp.net webpage that has user login enabled. Inside of my loginview controller I have my anonymous and loggedin code. Is it possible to have the same code in both, but for example just add a button in the loggedin view. All I want to do is when the user logs in display the same information except if logged in show a button, that is not shown when user is anonymous. Any help would be appreciated thank you. I already tried putting the same code into both anonymous and logged in but I get an error saying that a box already contains a definition for that name.
You can try reusing templates in code, as you can create your own template instance, but it really isn't worth the effort. It would be best to just copy the markup and change the ID's. I know it's a pain...
You get the naming conflict because it defines the template instance as a single instance, and each instance gets implemented in the control tree (even though it may not be rendered).
I have been working on mvc3 application and trying to localize the same. I came accross this very good site which made me use the logic of identifying the language selection by the user through cookies. What it does is:
User clicks the hyperlink of language
The clicked setting is saved in a cookie
Page is reloaded
In the BaseController class the ExecuteCore method is overloaded, here the cookie is read and the CurrentUICulture and CurrentCulture is set.
Now, this works great. But What if the user have disabled the cookie ?
So i feel this wont work.
Then I thot of using a workaround. What i tried was
I created a HiddenField
User clicks the hyperlink of language
The clicked setting is saved in a cookie
The clicked setting is also saved in HiddenField
Page is reloaded
In the BaseController class the ExecuteCore method is overloaded, here if the cookie value is present then its read and the CurrentUICulture and CurrentCulture is set.
If cookie is not found then I will try to read the hidden field value from Request object.
But I cant find the hiddenfield in the Request object in the ExecuteCore method.
So am i doing something wrong ?
PLease suggest me with some way. Also I dont want to use the route way of saving the culture.
Hidden fields values are only sent when you submit the form that contains them. If you only click on some hyperlink, the browser redirects to the href that this link is pointing to and no value will be sent, so you cannot expect to read it in your ExecureCore method. So, if you want this to work you will have to include the language as part of the querystring of the link.
Also I dont want to use the route way of saving the culture.
If you don't include the value as part of the url (query string or route), and cookies are disabled, the culture value has no way of reaching to your server.
i have a form where i have the field "Real Cost" i want to customize its appearance and wither it should be validated based on user role.
to be more clear is say the client want to show his field in the form or details page and also make it editable for users in Roles "Senior Sales, Manager" but not other roles, so can anyone please guide me of the best way ?
should i write custom required validation based on user in role, and if so can you please provide the right implementation of it?
some may tell me create custom model for this, but i think it would be hassle plus the Roles will be dynamic so it is not predefined set of roles.
i hope i was clear enough
Security is definitely something that should be happening in the model or the controller but never in the View -- that is well beyond the View's scope of concern. Which is to display the data that the controller gives it.
To expand on #Wyatt you need to make all these decisions at the model level and then populate a 'View Model' with all the answers, which then can be used in the view to improve user experience.
In the ViewModel for this form, have a property IsRealCostEditable, which will be set by your service/model layer by checking the user's role. Now you can easily adjust the UI for that field.
You can create duplicate pages and one page can contain the view model which doesn't changes anything in the page... AND you can have an EDIT button which redirects to the editable page.
Make that page protected with authentication. SO you will asked to authenticate as your role before you can edit it
OTHERWISE.. there is no way your ViewModel can make decisions, its on the Service Layer.
I have some pages that have content that is relevant to both logged in users and non logged in users. For example, pages with contact information, privacy policies, etc. All the pages have your typical navigation menu but the thing is logged in users normally see a different navigation menu bar than non logged in users.
What is the best way to do this in ASP.net?
So far, possible solutions include the following:
Displaying the content using a pop up window. The page will contain no menu and is just some basic page doesn't need to check what type of user is seeing it.
Programmatically changing the master page depending on whether the user is authenticated or not. However, there are some variables on one of the master pages that need to be accessed but isn't touched at all by non logged in users.
Putting the content in a user control and sticking this user control on two separate pages to be displayed to the appropriate user.
I'm not really a fan of #1 because users visiting the site for the first time may have some type of popup blocker or have javascript disabled.
I know #2 is possible by having the page use some type of base class that has inherited from MasterPage. However, I've read that this might not be the best design since now one of the pages has access to variables that isn't really necessary.
The third method sounds reasonable but then there'd be two separate ASPX files.
Is there a proper way of doing this? Or another method I haven't thought of yet?
edit
To clarify, logged in users need to set certain variables in their master pages where non logged in users do not. The reason for this is that there is a user control that displays a special navigation menu that will highlight certain items depending on these variables.
For example, the user control requires a string to determine which item to highlight. A page with profile information will provide "profile" as a parameter that will highlight the "Profile" item on the menu.
The menu in the user control is generated dynamically based on data from the database. The menu items are grouped by category and are displayed with an appropriate heading that is also pulled from the DB.
Programmably changing the master page is easy; just supply the correct URL on pre init, set
protected override void OnPreInit(..)
{
if (this.User != null) {
if (this.User.Identity.IsAuthenticated)
this.MasterPageFile = "~/loggedin.master";
else
this.MasterPageFile = "~/notloggedin.master";
}
}
No base class needed for this.
User control approach would work too, but changing master page file is really easy to do.
EDIT: If you have properties to set or get from the master, you could have the code-behind file implement the interface, and check if the this.Master reference is of that interface type.
HTH.
I have an ASP.NET website with some independent sections. I need a way to turn on/off the different sections (each section is in it's own directory) based on the user selection. How can I prevent the users from accessing sections that are turned off?
The solution I ended up using was to make a new class ModulePage that inherited Page. In the OnInit it would check an Abstract property I added IxModule to see if that that module was turned on or off, if it was on the page will display and if it is not the user is redirected to another page. Each page in each module has to be change to inherit ModulePage and then just specify the IxModule value. It is working very well.
you can require a log-in for those pages. I'm not sure if that's what you want.
You could look for a specific web.config app setting for each section. Each section would need a web.config setting with a sectionID app setting element.
If your using master pages, just do a check in the master's on PageLoad and check to see if the user has access to the sectionID store in the config setting. Store the section IDs that the current user has access to in the session or a cookie or something (not sure what type of security your looking for). Have one global function to lookup the app setting from the web.config. Depending on which page is calling it (from which directory) you will get the specific section's ID.
If the user does not have access redirect or show a message or something.