The safe body in ASP.NET verifies of realize

.The terrace of NET and its ASP+ each procedure member can't neglect a strong and big the function of development for providing, should not affect to a certain and phonetic hobby the choice have most the tool of development of the efficiency. But current, ASP+ provided many a function for can't comparing tos really.
The mighty server in several kinds of functions that provide of# etc. language of edit and translate the information all, and use the ASP+ of page inside C of+, you would be real to feel the usage phonetic and free, hour in distance in plait at the web page can see to edit and translate the ASP up+ of usage ASP carries to control an all functions for, canning realize almost the customer of the past carries RAD development the tool can realize, ASP+ can use directly and expediently.The technique of XML in the NET, use a few and simple function and then can act for the some database or exchange the information with the other procedure with the XML.
Released future, will have more and more languages support ASP+ of development, but Fuji 通 the United States subsidiary very much the Cobol for.NET, can let Cobol also developped the ASP+ apply the procedure.Only one sorry is, ASP+ can't still run now at the other terrace top that divided by the series of Windows, but this is exactly.NET at the matter that do.
Base on the above advantage, more and more the application of Webs will use the ASP the + the way develops, at realizes in a specific way if electronic commerce etc. application, must value every kind of safety problem, this problem involves operate system, network management and procedure safety etc. numerous aspectses, being limited by the space, this text will introduce how to use the ASP+ of installing and realizes with the procedure safe body verification.
ASP+ of related install
ASP+ of install the method more special, it use the config.web this the type of XML document to save to install the information, you can use notepad or the editor of XMLs to modify its contents expediently, provision of establish the way is a subdivision to record to inherit or overlay the paternal uncle catalogue get of install the enactment, is to say that under the catalogue of root put a config.web document, so any next class catalogue will inherit installing of this document inside automatically, if the some statures catalogue demand installs moreover, we can again another set up a config.web put to record the bottom in that subdivision.This kind of install to manage the way to install your applied procedure, modification and safety managements that installs are all extremely beneficial.
ASP+ provided three kinds of main bodies a verification method namely:Windows, Cookie with Passport, the Windows is to directs to use the oneself of Windows safe management method, you can pass customer and IIS etc. legal powers that establisheses the Windows guarantee safety, sophisticate big application in some, use this method will very much with trivial.The method of Passport is more convenient with the safety, customer only use a customer an application for with password can visitting any member standing, and while logging off leave, having related information in Passport all meeting clearance, you can then affray trust using it, believing Passport comparing in keeping with Internet.In business enterprise class appliedly, usage the Cookie method limits with SSL, IP the some net in etc. tube technique same can realize certain safety.
Introduce below the Cookie install:
You need to set up a config.web for as follows contents, undering the C:\ the inetpub\ the wwwroot\( the IIS lacks the province catalogue) combine to put it, the config.web that establish system install very much, general at\ WINNT\ Microsoft.NET\ Framework\ v...Catalogue bottom.
< configuration>
< security>
< authentication mode=" Cookie">
< cookie decryptionkey=" autogenerate" loginurl="/ login.aspx" cookie=".ASPXAUTH"/>
</ authentication>
< authorization>
< deny users="?" />
</ authorization>
</ security>
</ configuration>
Should install the document declare to verify with the method of Cookie, at you visit that catalogue and its subdivisions record the next the document of aspx, if you have no the Cookie of the attestation, it would the heavy definite direction arrive the login.aspx.If you need a catalogue( can put the procedure of the customer application) for doing not need body an attestation to then can set up a config.web for as follows and under that catalogue put:
< configuration>
< security>
< authorization>
< allow users="*"/>
</ authorization>
</ security>
</ configuration>



Procedure design
You need to under the catalogue of root establish the Default.aspx with login.aspx these two ASPs+ procedure.
Login.aspx procedure contents is as follows:



<%@ Import Namespace=" System.Web.Security"%>
<%@ Import Namespace=" System.Data"%>
<%@ Import Namespace=" System.Data.ADO"%>
< html>
< head>
< title> Login</ title>
< script language=" C#" runat= server Debug=" true">
void Login_Click(Object sender, EventArgs e) {
if(Page.IsValid)
{ ADODataReader dr;
// conjunction database, the customer puts with the password in ODBC link of database form in the QCDB Users
ADOConnection cn = new ADOConnection("DSN=QCDB");
cn.Open();
ADOCommand cmdQuestion = new ADOCommand("SELECT Password FROM Users WHERE name = "" + YourName.Text + """, cn);
// choice cowgirl customer information
cmdQuestion.Execute(out dr);
// set up a datareader get the SQL result
If( dr.Read())// get to should of the first a data
if(dr["Password"].ToString() == Password.Text)
CookieAuthentication.RedirectFromLoginPage(YourNam e.Text, AbidingCookie.Checked);
Else// top language sentence born a Cookie, keep the Cookie permanently if customer choice AbidingCookie,,
Msg.Text=" password mistake";
else
Msg.Text=" customer nonexistent";
}
}
</ script>
</ head>< center>< body>
< ASP: Label id=" Msg" ForeColor=" red" Font- Name=" Verdana";
Font- Size="18" runat= server/>
< form runat= server>
< table>< tr>< td>< ASP: label text=" customer: " runat= server/></ td>
< td>< ASP: textbox id=" YourName" runat= server/></ td>
</ tr>< tr>< td>< ASP: label text=" password:" runat= server/></ td>
< td>< ASP: textbox id=" Password" TextMode=" Password" runat= server/></ td>
< td>< ASP: button id=" btnLogin" Text=" certain" OnClick=" Login_Click" runat= Server/></ td>
< td></ td></ tr>< tr>< td> another time need not importation in hope password</ td>
< td>< ASP: CheckBox id= AbidingCookie runat=" server"/></ td>
< td></ td></ tr></ td>< td></ td></ tr></ table>
</ form></ td>< td width="283" height="1" bgcolor="# F0F0F0"></ td>
</ tr></ table></ center></ div>< p></ p></ body>
</ html>
Default.aspx procedure contents is as follows:
<%@ Page LANGUAGE=" c#"%>
< html>< head> the < title> welcomes to arrive at.NET world</ title>
< script runat= server>
private void Page_Load(Object Src, EventArgs E )
{ Welcome.InnerHtml=" congratulate you pass the body a verification"+ Context.User.Identity.Name;
} private void Signout_Click(Object sender, EventArgs E)
{ CookieAuthentication.SignOut();
// press the original Cookie in clearance in key in SignOut
Response.Redirect("login.aspx");
// make the customer heavy to input new customer, password
}
</ script>< body>< center>
< h3>< font face=" Verdana">.The NET body a verification system hints your</ font> the </ h3>
< span id=" Welcome" runat= server/>< form runat= server>
< input type=" submit" OnServerClick=" Signout_Click" Value=" the cancel should register the body a" runat=" server"/>< p>
</ form>< p>< a href="/ adduser/"> enter to manage the room</ a></ p></ center></ body></ html>
While carrying out in a specific way, be what a customer that have not yet the attestation view your website.Hour of aspx document( attention, Cookie attestation to.The document of aspx rises function), the system discovers that customer has no Cookie, hence it the heavy definite direction arrives the login.aspx, being the customer inputs right customer with after the password, system is that customer born a Cookie stand together to engrave the heavy definite direction in auto on starting that customer want something to view.The document of aspx and carry out it, lack the province then the definite direction arrives the Default.aspx, up the Default.aspx that provide then hint you to have passed the body an attestation.
Summary
Because we used the Session follows applied procedure interview or particular Web in period in conversation browser informations, taking the HTTP of the homologous cookie the claim pass for to come from same the browser of Web, so prevent the quilt person usage Sniffer etc. the method is illegal to intercept and seize the information of Cookie, you need consideration usage SSL or other safe communication networks encrypt the method.
For the above procedure, you can join the information of the customer IP address in Table expediently, verify the customer of Intranet.Because Cookie resemble an ID card, in bar of someone is illegal to use your Cookie, should let Cookie along with the close of the browser together clearance.
In fine, a verification method is combinative again every kind of encrypt means and perfect safety in operate systems install can for need the enough support in offering in application of the safe attestation mostly.

um.... what should that post be? article? problem?

This post rivals the liner notes text for John Fahey's "Voice Of The Turtle" (the longest run-together sentence I've ever seen).

http://www.johnfahey.com/pages/votnote.html

I can't understand what in the world made someone put so much time into writing such thing but ok, whatever... if someone find it interesting let him enjoy!