We have a few different intranet sites for our various companies/divisions. A lot of the content is unique between them, but they do have some shared components.
Our current deployment setup (which sucks) involves using the Copy Web Site tool in Visual Studio to copy/sync files between the project directory and the deployment location on the server. Then in IIS on the server, we can set up virtual directories pointing to the shared items (mostly .aspx pages). These pages look for a standard master page in the root of the site, and thus work fine in each separate site with its respective branding.
A few examples:
/VacationCalendar
/PhoneDir
/Controls (.ascx files)
While it works okay in production, it sucks for a number of reasons:
The Copy Web Site tool sucks.
You can't debug these components locally, since they don't actually exist in the site.
The site isn't precompiled, which brings obvious performance issues.
So I'd like to throw out all that nonsense and switch to using precompiled sites, with a Web Deployment project putting everything in place on the server. This raises the problem of what to do about the shared components. I'm pretty sure I can't get away with the virtual directory trick in this kind of environment, and frankly, I don't really want to.
How do I make a subdirectory of .aspx/.ascx files and associated image/script/CSS resources act sort of like a class library? Suppose I put everything that's in the VacationCalendar directory into its own project/solution, then have each intranet site import that and make all those files available under the /VacationCalendar path. Is there some way to do anything like that without major headaches?
I don't really want to merge all these sites into a single solution, as there's always a possibility of needing to restrict access in source control.
Disclaimer - I didn't try this out.
Create your shared directories as subdirectories in their own projects. Deploy those projects to a webserver under a disabled site, but link to the actual subdirectory there from the live site.
So in IIS you could have
+ - DisabledWebsite
| |
| + --- PhoneProject
| |
| + --- PhoneDir (at c:/webs/PhoneProject/PhoneDir
|
+ - EnabledSite
|
+ --- RealProject (bound to http:something.com for example)
|
+-- PhoneDir (virtual linked to c:/webs/PhoneProject/PhoneDir
You could then compile PhoneProject and deploy it separately from RealProject. You would probably also have to have a separate namespace for PhoneProject and put its compiled dll into the RealProject/bin directory.
Is it that not obvious or my idea sucks. Anyway:
Make a Master Page, link all sites (precompiled) and have:
Upload on each site that saves in some specific directory (for that site only)
Global Upload on Master Page that saves all files in same dir (available to everyone)
Master Page can have a dir for all shared resources, and each site can have a different folder. No confusion. You can even demand login for some dirs, and set privileges
Related
Strange question but hopefully its possible.
we have files in the root of our site (/files) these are uploaded through the main cms side of the website (/admin) and to be accessed by people who have access to the (/school) directory.
At the moment, if you have the direct link URL EDIT TO THE FILE you can gain access to the file
the files folder has its own web.config file with some rules, is there a way i can add some of my own authentication within the web.config to only allow requests that come from the School folder to have access to the files?
In my head i would have a piece of VB code that does something like this:
If (Request.UrlReferrer <> Nothing) Then
If Page.Request.UrlReferrer.ToString.Contains("/School/") = True Then
???
End If
Else
Response.Redirect("index.aspx")
End If
I've tested this in a simple page and it seems to work okay.
Well, I would assume that the users who can use school folder are memembers of a secuirty role called School (or some such).
thus, any user not a member of school can't use the pages (or files) in the school folder.
Since you want the SAME restricitons for the folder files, then use the same web.config to secure the files folder.
That will mean only users who can use the shools folders will also be the same group of people that only use the files folder.
Now the above will not stop members of securty role "school" from typing in any valid URL to the files folder. So, if you want to prevent this, then I would suggest that for all files up-loaded, you create a folder inside of files folder based on their PK row in the membership table (Memebership.ProviderKey).
Then what you would do is turn off all role groups rights to the files folder. I perfer not EVER allowing a direct URL to files.
Remember, only IIS respects the IIS security settings and provider for a web based URL. Code behind is 100% free to load, read, write, use, play with ANY file via code behind. Code behind uses plain jane FULL path names - and those path names and file names used by code behind does NOT care nor use IIS security settings. Only web based URL's dish out by IIS respect and use the IIS security settings you have for the schools folder. So, copy the web.config for schools over to files, and you are done.
But, code behind? it does not care nor use those settings at all.
So, code behind does NOT use nor respect nor care about IIS security settings. IIS role membership ONLY applies to the asp.net pages and web based URL's. But, code behind is a 100% free to get and grab any file on the system - even files outside of the wwwroot path name of the web site.
So, as a 2nd level and better security?
I would not allow ANY URL's to the files folder.
You then display a grid or list of files on the web page, and code behind for the download button can then go read/get the file (you can use TransMitFile to download that file)
So, best approach is to not allow ANY valid URL's to the files folder.
However, for now, since you only want people who can use the schools folder also be the SAME people that can use the files folder? Then just use the same web.config for both folders - only those people with role of "school" will thus have use and rights to the files folder.
From the information you provided, then you don't really need any code changes - only to take the security settings from the school folder web.config, and copy that to the files folder, and you should be done.
Now, it is possible that the schools folder is not secured by using IIS security and roles - but then again, that would a epic face plant and horrible design choice.
I am looking to use the below asp.net 4.0 web application structure but not quite sure how to achieve my result as explained below. What configuration will be needed to handle path issues for referencing both. For example ~/css/style.css needs to dig into the WEBSITE. I know I will have to create a helper for RESOURCES -- WebResourcePath("images/image1.jpg") returns full path if that works in a separate virtual directory?
Default Web Site
>SAR-GROUPS
SARGROUPS_WEBSITE
SARGROUPS_RESOURCES
All website files like aspx, js, css, etc. normal web files go in the WEBSITE folder. The RESOURCES folder will contain other files like pdfs, xml, txt, images, and files . These files will not need to be uploaded or updated during deployments and can remain untouched. When I deploy the WEBSITE I only need to delete the WEBSITE folder and copy the new precompiled folder in SAR-GROUPS again. I have to deploy like this as it is automated deployment from scrips that run so this is an xcopy deployment.
Does anyone have good practices or a working setup to achieve this. I am not looking at alternate methods unless it cannot be done or the other way is much better for auto builds.
Thanks
If the files in the SARGROUPS_WEBSITE directory need to reference resources in the SARGROUPS_RESOURCES directory then why not just make the SARGROUPS_RESOURCES virtual directory inside the SARGROUPS_WEBSITE directory? This way you can point the SARGROUPS_RESOURCES virtual directory at a physical location on the disk and delete the contents of SARGROUPS_WEBSITE without touching the resources.
So structure would be
Default Web Site
>SAR-GROUPS
SARGROUPS_WEBSITE
SARGROUPS_RESOURCES
But the physical structure could be anything
You can then reference them like
~/SARGROUPS_RESOURCES/css/style.css
*untested
EDIT
You've totally not understood my answer and/or virtual folders.
Physical structure example:
D:\Inetpub\WEBSITE
D:\Inetpub\RESOURCES
IIS structure:
IIS Root -> Site (that is a website and points to D:\Inetpub\WEBSITE)
IIS Root -> Site > Resources (that is a virtual directory and points to D:\Inetpub\RESOURCES)
I want to backup my existing ASP.net web app before updating it.
Therefore I create a backup folder inside the website (ie same level as App_Code, web.config). Call it something like Backup_20110910
Then I move all the current website files/folders (excluding web.config, app_data) into the backup folder.
Then I extract the zip of the latest code in the now clean folder.
Is there any potential problems with this approach? As after all, you are increasing the number of csharp files in your website folder, could there be conflicts etc.
I wouldn't back up within the folder structure, there's a possibility that someone then finds your backup folders and browses to them, running the older code. If you zip it then you suddenly have files someone can download too. Even more amusingly if, as a lot of people do, when you change web.config you rename the old one to web.config.bak a lot of security scanners look for that because now it can be downloaded, as it's no longer a .config file, but a .bak.
Backup outside the web root, not within and all of those worries will go away.
There won't be an issue - except that it might become confusing to have identical folder structures within the current folder structure - it's always wisest to keep backups completly seperate from the current build
Using FileZilla, I can access folders that are outside my web directory. How can I do the same with Dreamweaver so that I can edit the files and automatically save/upload all through Dreamweaver? I currently can only access the web directory.
I know how to include them with PHP, but I would like Dreamweaver to find/access them.
Thank you!
You would have to set the Site Definition (both local and remote) paths to look one level higher than you currently have it. So if the local path is
My Documents/Web Sites/This Site
you would change it to
My Documents/Web Sites/
and if the remote is:
/user/home/domain.com/
change to
/user/home/
The problem you are going to run into is that Dreamweaver doesn't work well when set like this. It assumes the Remote path is the public web root and will create all sorts of files and folders there automatically and DW expects those to be in the public root. Also, things like setting paths to includes and images automatically will start to not work as all paths will start outside of the public web root.
Best to leave it as it is and use an external FTP program to handle the files outside of the web site.
We've bumped up against this situation previously where the desire was to have the PHP include files be moved outside the public HTML directory. JCL1178's answer is absolutely conceptually correct.
The actual implementation was to duplicate the site (under "Manage Sites") and essentially create a separate site for the "includes" directory that would go one level up. So the "Root Directory" setting was normal (in our case "public_html/" in the main site and we removed "public_html/" from the Root Directory setting in the "includes" site, effectively causing the path to go one level up.
Definitely not an ideal situation/workflow, to say the least, as you'll end up with two site definitions for one site (which can cause other issues); but Dreamweaver is what it is. We were working on a project offsite that did not allow for anything other than Dreamweaver to be used, so this is what we came up with to comply.
As an added note: we were only able to implement this solution because the webhosting plan allowed us to get to the root. If you're on a webhosting plan that is strictly limited to the public directory, the whole thing will be DOA.
I have an existing fairly large classic asp website, with virtual directories configured to centralize certain resources. My problem is for some reason I can't access any of my namespaces and classes. I tried adding a reference to another project where I have classes in a namespace "DAL" and even though intellisense sees the classes and the website compiles fine, it errors when I try to access any page that references a class in the "DAL" namespace.
I get the following error message in my browser "CS0103: The name 'CMS' does not exist in the current context". Part of the problem is website project's root is not the same folder/level as the web root in IIS. So my libraries are in the website root "/bin" folder, but iis is looking for these files in the IIS webroot which is at a lower level. So how can I get .net to see my binaries without putting them in the lower IIS website root directory? I tried setting up a virtual directory to my .dll file but it seems to have no effect.
thank you for your help!
======================CLARIFICATION====================
What I'm trying to do is keep the .dll files I want my website to use in a higher level directory then the folder I have set as the web root in IIS. So say the library i want to use it "DAL" it in the projects /bin folder, but under IIS the default site's Local Path is set to "/site/default". The only way I can seem to use the "DAL" library is by putting the /bin folder into "/site/default/bin", which for this project is not an option. Does this help?
Using an NTFS Junction Point to achieve what sounds like the same goal has been working for me.
By way of an example, I have a web site with 20+ child IIS Applications that are largely identical (don't ask!), rather than duplicating the 'bin' folder in each of these (they would be identical) each child application has a 'bin' junction that points to the 'bin' folder in the web site root.
/bin <- this is the actual 'bin' folder
/app1
/app1/bin <- this is a junction point
/app2
/app2/bin <- this is a junction point
/app3
/app3/bin <- this is a junction point
/images
...
...
To create these junction points, if you're using Vista/Win2k8 or later you can use the built-in command 'mklink', for earlier versions of Windows use the SysInternals junction.exe tool - available here.
Maybe make the website route folder a nested application in IIS?