By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,584 Members | 3,447 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,584 IT Pros & Developers. It's quick & easy.

Asp.Net 2.0 Multiple Application Solutions

P: n/a
I have been having some fun learning and using the new Controls and methods in .Net 2.0 which will make my life in the future easier and faster. Specifically the new databinding practises and wizards.
But, I have found that trying to do something "outside the norm" adds a rather large level of complexity and/or data replication.

Background
I have been commissioned to create a web-based application for a client. It has a formsaunthentication secured backend for admins to login and manage system data (clients, categories, geographical regions and their related associations). It also has a frontend where users can search through the clients in the system and view their information. The frontend also contains a formsauthentication secured area where the clients can log in and edit some of their information. The 2 entities (Admins and Clients) are separate objects in the data model (because of the completely different information pertaining to each), e.g a client would never become an admin and vice versa.

I decided to use Visual Studio 2005 and .Net 2 for this project because it would give me a head start for when the new technologies are released in November.

The solution is split up into 3 layers - Data Access layer, Businesslogic layer, and Presentation layer (websites)

Problem
I think the main problem I have experienced is multiple formsauthentication methods in one website. Because the two entities both have to log into different areas (therefore different login methods) I could not find a way to do this without making the admin section a separate website within the solution (it would actually be a virtual directory in IIS once it is live). Once I did this, I found another problem with having to replicate data.

I decided early on in the project to make use of the new ObjectDataSource and the DataSet creation wizard within VS 2005. Both websites need to make use of this dataset. When you initially create the dataset it asks for a DB connection string which either has to be hardcoded into it (bad idea) or stored in the web.config (good idea). It then stores the created DataSet in the app_code directory of the website. This presents a problem when having multiple websites with a single solution (at the moment I have the dataset within both websites app_code directories).

Now you might be asking "why not have the DataSet in the Businesslogic or Data Access layers?". One reason - You have to have the DB connection string hardcoded into it, because it cant access the web.config from either of these layers. I understand that. But I havent found a way to set the connection string programatically nor does the DataSet compile if the ConnectionString property of each TableAdapter is set to "none".

Answers?
In short I would like to know if there is either:
A way to have multiple types of formsauthentication in a single website (and how); or
How I can have a shard DataSet somewhere out of a website so that it can be accessed by both websites.

I hope this makes sense and thank anyone that can provide me with any help.

Nov 19 '05 #1
Share this Question
Share on Google+
9 Replies


P: n/a
Membership [1], Roles, and Profiles are what you need to learn.

<%= Clinton Gallagher
METROmilwaukee (sm) "A Regional Information Service"
NET csgallagher AT metromilwaukee.com
URL http://metromilwaukee.com/
URL http://clintongallagher.metromilwaukee.com/

[1]
http://msdn.microsoft.com/library/de...aght000022.asp
"Graham" <en*******@newsgroups.nospam> wrote in message
news:%2****************@TK2MSFTNGP15.phx.gbl...
I have been having some fun learning and using the new Controls and methods
in .Net 2.0 which will make my life in the future easier and faster.
Specifically the new databinding practises and wizards.
But, I have found that trying to do something "outside the norm" adds a
rather large level of complexity and/or data replication.

Background
I have been commissioned to create a web-based application for a client. It
has a formsaunthentication secured backend for admins to login and manage
system data (clients, categories, geographical regions and their related
associations). It also has a frontend where users can search through the
clients in the system and view their information. The frontend also contains
a formsauthentication secured area where the clients can log in and edit
some of their information. The 2 entities (Admins and Clients) are separate
objects in the data model (because of the completely different information
pertaining to each), e.g a client would never become an admin and vice
versa.

I decided to use Visual Studio 2005 and .Net 2 for this project because it
would give me a head start for when the new technologies are released in
November.

The solution is split up into 3 layers - Data Access layer, Businesslogic
layer, and Presentation layer (websites)

Problem
I think the main problem I have experienced is multiple formsauthentication
methods in one website. Because the two entities both have to log into
different areas (therefore different login methods) I could not find a way
to do this without making the admin section a separate website within the
solution (it would actually be a virtual directory in IIS once it is live).
Once I did this, I found another problem with having to replicate data.

I decided early on in the project to make use of the new ObjectDataSource
and the DataSet creation wizard within VS 2005. Both websites need to make
use of this dataset. When you initially create the dataset it asks for a DB
connection string which either has to be hardcoded into it (bad idea) or
stored in the web.config (good idea). It then stores the created DataSet in
the app_code directory of the website. This presents a problem when having
multiple websites with a single solution (at the moment I have the dataset
within both websites app_code directories).

Now you might be asking "why not have the DataSet in the Businesslogic or
Data Access layers?". One reason - You have to have the DB connection string
hardcoded into it, because it cant access the web.config from either of
these layers. I understand that. But I havent found a way to set the
connection string programatically nor does the DataSet compile if the
ConnectionString property of each TableAdapter is set to "none".

Answers?
In short I would like to know if there is either:
A way to have multiple types of formsauthentication in a single website
(and how); or
How I can have a shard DataSet somewhere out of a website so that it can
be accessed by both websites.

I hope this makes sense and thank anyone that can provide me with any help.
Nov 19 '05 #2

P: n/a
Hi Graham,

Welcome to ASPNET newsgroup.
Regarding on the question you mentioned, here are some of my understanding
and suggestion:

1. For formsauthentication, we can separate our web application into
multiple parts (sub folders) and set separate access protection on
different sections so that certain users/role can only access certain part
of the application. So for you scenario, we can consider define two roles ,
frontend user and backend admin, and admin can access those pages that
resides in the admin folder and front end user can access pages in other
normal application folders. We can put the front users and admins accounts
in the same database (by default), or creating two separate database/table
to store them. That's all ok within one single asp.net web application. So
I'm a bit unclear on the
=================
The 2 entities (Admins and Clients) are separate objects in the data model
(because of the completely different information pertaining to each), e.g a
client would never become an admin and vice versa.
=================

IMO, we don't care about whether a client is also an admin, we just apply
authorization setting for our web folder / pages so that those admin pages
can only be accessed by administrators while normal pages can only be
accessed by front client users.

2. For the TAbleAdapter, yes , when creating in asp.net 2.0 project, due to
the dynamic compile model, the code file will be put in the App_Code folder
and also can utilize the connectionStrings section in the web.config.
While in other Class Library project, the VS.NET ide will by default choose
to persiste the connectionStrings in the project assembly's settings data
and after compilation it is not possible to flexibly modify them. So
overcome this, currently we can use the following means;

Create the DataSet/TableAdapters in a separate Class library project, and
after we drag a TAble from the Server explorer and created the DataSet/
TableAdapter, we open the DataSet.Designer.cs file , locate the the
"InitConnection" function of the
xxxTableAdapter class, it is the method that initialize the TableAdapter's
connection property, it used to be something like:

private void InitConnection() {
this.m_connection = new System.Data.SqlClient.SqlConnection();
this.m_connection.ConnectionString =
DSLibrary.Properties.Settings.Default.NorthwindCon nectionString;
}
we can modify it to

private void InitConnection() {
Object obj =
System.Configuration.ConfigurationSettings.GetConf ig("connectionStrings");
ConnectionStringsSection css = obj as ConnectionStringsSection;
string connstr =
css.ConnectionStrings["LocalNorthwindConnStr"].ConnectionString;
this.m_connection = new System.Data.SqlClient.SqlConnection();
this.m_connection.ConnectionString = connstr;

}
Thus, it'll retrieve the connectionstring from the current Application's
AppConfig(web.config for web app) and what we need to do in web application
is just provide the proper connectionstring in app.config/web.config file.

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security


--------------------
| From: "Graham" <en*******@newsgroups.nospam>
| Subject: Asp.Net 2.0 Multiple Application Solutions
| Date: Mon, 10 Oct 2005 15:00:42 +1300
| Lines: 180
| MIME-Version: 1.0
| Content-Type: multipart/alternative;
| boundary="----=_NextPart_000_001A_01C5CDAB.62716EF0"
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| Message-ID: <#L**************@TK2MSFTNGP15.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: 222-152-202-93.jetstream.xtra.co.nz 222.152.202.93
| Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
5.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:349591
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| I have been having some fun learning and using the new Controls and
methods in .Net 2.0 which will make my life in the future easier and
faster. Specifically the new databinding practises and wizards.
| But, I have found that trying to do something "outside the norm" adds a
rather large level of complexity and/or data replication.
| Background
| I have been commissioned to create a web-based application for a client.
It has a formsaunthentication secured backend for admins to login and
manage system data (clients, categories, geographical regions and their
related associations). It also has a frontend where users can search
through the clients in the system and view their information. The frontend
also contains a formsauthentication secured area where the clients can log
in and edit some of their information. The 2 entities (Admins and Clients)
are separate objects in the data model (because of the completely different
information pertaining to each), e.g a client would never become an admin
and vice versa.
| I decided to use Visual Studio 2005 and .Net 2 for this project because
it would give me a head start for when the new technologies are released in
November.
| The solution is split up into 3 layers - Data Access layer, Businesslogic
layer, and Presentation layer (websites)
| Problem
| I think the main problem I have experienced is multiple
formsauthentication methods in one website. Because the two entities both
have to log into different areas (therefore different login methods) I
could not find a way to do this without making the admin section a separate
website within the solution (it would actually be a virtual directory in
IIS once it is live). Once I did this, I found another problem with having
to replicate data.
| I decided early on in the project to make use of the new ObjectDataSource
and the DataSet creation wizard within VS 2005. Both websites need to make
use of this dataset. When you initially create the dataset it asks for a DB
connection string which either has to be hardcoded into it (bad idea) or
stored in the web.config (good idea). It then stores the created DataSet in
the app_code directory of the website. This presents a problem when having
multiple websites with a single solution (at the moment I have the dataset
within both websites app_code directories).
| Now you might be asking "why not have the DataSet in the Businesslogic or
Data Access layers?". One reason - You have to have the DB connection
string hardcoded into it, because it cant access the web.config from either
of these layers. I understand that. But I havent found a way to set the
connection string programatically nor does the DataSet compile if the
ConnectionString property of each TableAdapter is set to "none".
| Answers?
| In short I would like to know if there is either:
| A way to have multiple types of formsauthentication in a single
website (and how); or
| How I can have a shard DataSet somewhere out of a website so that it
can be accessed by both websites.
| I hope this makes sense and thank anyone that can provide me with any
help.
|

Nov 19 '05 #3

P: n/a
Steven,
Thanks for your help. I managed to fix the DataSet problem. I put it into my
Businesslogic layer and added a method for returning the connectionstring.
It seems to work as expected.

For the formsauthentication problem:
Each entity is a separate table in the DB therefore if I was to have the
entire solution in one website I could only use one
authorisation/authentication method (one login page). This page would then
need to check the given credentials against both DB tables in order to give
them access to their available areas. This is further complicated by the
fact that administrators have certian roles and clients do not.
I hope this makes sense to you, I initially wanted the login pages separate
because I see there is a distinct difference between administrators, clients
and each of the secured areas.

Thank you for your help once again.
Graham

"Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
news:Y9**************@TK2MSFTNGXA02.phx.gbl...
Hi Graham,

Welcome to ASPNET newsgroup.
Regarding on the question you mentioned, here are some of my understanding
and suggestion:

1. For formsauthentication, we can separate our web application into
multiple parts (sub folders) and set separate access protection on
different sections so that certain users/role can only access certain part
of the application. So for you scenario, we can consider define two roles
,
frontend user and backend admin, and admin can access those pages that
resides in the admin folder and front end user can access pages in other
normal application folders. We can put the front users and admins
accounts
in the same database (by default), or creating two separate database/table
to store them. That's all ok within one single asp.net web application. So
I'm a bit unclear on the
=================
The 2 entities (Admins and Clients) are separate objects in the data model
(because of the completely different information pertaining to each), e.g
a
client would never become an admin and vice versa.
=================

IMO, we don't care about whether a client is also an admin, we just apply
authorization setting for our web folder / pages so that those admin pages
can only be accessed by administrators while normal pages can only be
accessed by front client users.

2. For the TAbleAdapter, yes , when creating in asp.net 2.0 project, due
to
the dynamic compile model, the code file will be put in the App_Code
folder
and also can utilize the connectionStrings section in the web.config.
While in other Class Library project, the VS.NET ide will by default
choose
to persiste the connectionStrings in the project assembly's settings data
and after compilation it is not possible to flexibly modify them. So
overcome this, currently we can use the following means;

Create the DataSet/TableAdapters in a separate Class library project, and
after we drag a TAble from the Server explorer and created the DataSet/
TableAdapter, we open the DataSet.Designer.cs file , locate the the
"InitConnection" function of the
xxxTableAdapter class, it is the method that initialize the TableAdapter's
connection property, it used to be something like:

private void InitConnection() {
this.m_connection = new System.Data.SqlClient.SqlConnection();
this.m_connection.ConnectionString =
DSLibrary.Properties.Settings.Default.NorthwindCon nectionString;
}
we can modify it to

private void InitConnection() {
Object obj =
System.Configuration.ConfigurationSettings.GetConf ig("connectionStrings");
ConnectionStringsSection css = obj as ConnectionStringsSection;
string connstr =
css.ConnectionStrings["LocalNorthwindConnStr"].ConnectionString;
this.m_connection = new System.Data.SqlClient.SqlConnection();
this.m_connection.ConnectionString = connstr;

}
Thus, it'll retrieve the connectionstring from the current Application's
AppConfig(web.config for web app) and what we need to do in web
application
is just provide the proper connectionstring in app.config/web.config file.

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security


--------------------
| From: "Graham" <en*******@newsgroups.nospam>
| Subject: Asp.Net 2.0 Multiple Application Solutions
| Date: Mon, 10 Oct 2005 15:00:42 +1300
| Lines: 180
| MIME-Version: 1.0
| Content-Type: multipart/alternative;
| boundary="----=_NextPart_000_001A_01C5CDAB.62716EF0"
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| Message-ID: <#L**************@TK2MSFTNGP15.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: 222-152-202-93.jetstream.xtra.co.nz 222.152.202.93
| Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
5.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:349591
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| I have been having some fun learning and using the new Controls and
methods in .Net 2.0 which will make my life in the future easier and
faster. Specifically the new databinding practises and wizards.
| But, I have found that trying to do something "outside the norm" adds a
rather large level of complexity and/or data replication.
| Background
| I have been commissioned to create a web-based application for a client.
It has a formsaunthentication secured backend for admins to login and
manage system data (clients, categories, geographical regions and their
related associations). It also has a frontend where users can search
through the clients in the system and view their information. The frontend
also contains a formsauthentication secured area where the clients can log
in and edit some of their information. The 2 entities (Admins and Clients)
are separate objects in the data model (because of the completely
different
information pertaining to each), e.g a client would never become an admin
and vice versa.
| I decided to use Visual Studio 2005 and .Net 2 for this project because
it would give me a head start for when the new technologies are released
in
November.
| The solution is split up into 3 layers - Data Access layer,
Businesslogic
layer, and Presentation layer (websites)
| Problem
| I think the main problem I have experienced is multiple
formsauthentication methods in one website. Because the two entities both
have to log into different areas (therefore different login methods) I
could not find a way to do this without making the admin section a
separate
website within the solution (it would actually be a virtual directory in
IIS once it is live). Once I did this, I found another problem with having
to replicate data.
| I decided early on in the project to make use of the new
ObjectDataSource
and the DataSet creation wizard within VS 2005. Both websites need to make
use of this dataset. When you initially create the dataset it asks for a
DB
connection string which either has to be hardcoded into it (bad idea) or
stored in the web.config (good idea). It then stores the created DataSet
in
the app_code directory of the website. This presents a problem when having
multiple websites with a single solution (at the moment I have the dataset
within both websites app_code directories).
| Now you might be asking "why not have the DataSet in the Businesslogic
or
Data Access layers?". One reason - You have to have the DB connection
string hardcoded into it, because it cant access the web.config from
either
of these layers. I understand that. But I havent found a way to set the
connection string programatically nor does the DataSet compile if the
ConnectionString property of each TableAdapter is set to "none".
| Answers?
| In short I would like to know if there is either:
| A way to have multiple types of formsauthentication in a single
website (and how); or
| How I can have a shard DataSet somewhere out of a website so that it
can be accessed by both websites.
| I hope this makes sense and thank anyone that can provide me with any
help.
|

Nov 19 '05 #4

P: n/a
Thanks for your response Graham,

Yes, if the different users's account data are reside in separate table, we
need to query both tables when performing the logon(authentication). And
ASP.NET applicaiton's formsauthentication only allows single default login
page. If you're wanting to build separate login UI for different users
(client and admin), I think you can consider put a front login UI in the
default login page and let the user to choice login type, login as a normal
client user or login as an administrator, then redirect them to the actual
concrete detailed login page according to their choice and perform the
actual login/authentication code logic. How do you think of this? And for
roles, it doesn't matter whether users are from which table, we just query
the roles from database and assigned to the logon user.

Anyway, since your scenario is different from the common one, we need to
manually add some additional code rather than simply use the default
membership wizard to generate all the work.

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security

--------------------
| From: "Graham" <en*******@newsgroups.nospam>
| References: <#L**************@TK2MSFTNGP15.phx.gbl>
<Y9**************@TK2MSFTNGXA02.phx.gbl>
| Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| Date: Tue, 11 Oct 2005 09:20:10 +1300
| Lines: 191
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| X-RFC2646: Format=Flowed; Original
| Message-ID: <ev**************@TK2MSFTNGP10.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: 222-152-206-76.jetstream.xtra.co.nz 222.152.206.76
| Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
0.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:349798
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| Steven,
| Thanks for your help. I managed to fix the DataSet problem. I put it into
my
| Businesslogic layer and added a method for returning the
connectionstring.
| It seems to work as expected.
|
| For the formsauthentication problem:
| Each entity is a separate table in the DB therefore if I was to have the
| entire solution in one website I could only use one
| authorisation/authentication method (one login page). This page would
then
| need to check the given credentials against both DB tables in order to
give
| them access to their available areas. This is further complicated by the
| fact that administrators have certian roles and clients do not.
| I hope this makes sense to you, I initially wanted the login pages
separate
| because I see there is a distinct difference between administrators,
clients
| and each of the secured areas.
|
| Thank you for your help once again.
| Graham
|
| "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
| news:Y9**************@TK2MSFTNGXA02.phx.gbl...
| > Hi Graham,
| >
| > Welcome to ASPNET newsgroup.
| > Regarding on the question you mentioned, here are some of my
understanding
| > and suggestion:
| >
| > 1. For formsauthentication, we can separate our web application into
| > multiple parts (sub folders) and set separate access protection on
| > different sections so that certain users/role can only access certain
part
| > of the application. So for you scenario, we can consider define two
roles
| > ,
| > frontend user and backend admin, and admin can access those pages that
| > resides in the admin folder and front end user can access pages in other
| > normal application folders. We can put the front users and admins
| > accounts
| > in the same database (by default), or creating two separate
database/table
| > to store them. That's all ok within one single asp.net web application.
So
| > I'm a bit unclear on the
| > =================
| > The 2 entities (Admins and Clients) are separate objects in the data
model
| > (because of the completely different information pertaining to each),
e.g
| > a
| > client would never become an admin and vice versa.
| > =================
| >
| > IMO, we don't care about whether a client is also an admin, we just
apply
| > authorization setting for our web folder / pages so that those admin
pages
| > can only be accessed by administrators while normal pages can only be
| > accessed by front client users.
| >
| > 2. For the TAbleAdapter, yes , when creating in asp.net 2.0 project,
due
| > to
| > the dynamic compile model, the code file will be put in the App_Code
| > folder
| > and also can utilize the connectionStrings section in the web.config.
| > While in other Class Library project, the VS.NET ide will by default
| > choose
| > to persiste the connectionStrings in the project assembly's settings
data
| > and after compilation it is not possible to flexibly modify them. So
| > overcome this, currently we can use the following means;
| >
| > Create the DataSet/TableAdapters in a separate Class library project,
and
| > after we drag a TAble from the Server explorer and created the DataSet/
| > TableAdapter, we open the DataSet.Designer.cs file , locate the the
| > "InitConnection" function of the
| > xxxTableAdapter class, it is the method that initialize the
TableAdapter's
| > connection property, it used to be something like:
| >
| > private void InitConnection() {
| > this.m_connection = new System.Data.SqlClient.SqlConnection();
| > this.m_connection.ConnectionString =
| > DSLibrary.Properties.Settings.Default.NorthwindCon nectionString;
| > }
| >
| >
| > we can modify it to
| >
| > private void InitConnection() {
| > Object obj =
| >
System.Configuration.ConfigurationSettings.GetConf ig("connectionStrings");
| > ConnectionStringsSection css = obj as ConnectionStringsSection;
| > string connstr =
| > css.ConnectionStrings["LocalNorthwindConnStr"].ConnectionString;
| > this.m_connection = new System.Data.SqlClient.SqlConnection();
| > this.m_connection.ConnectionString = connstr;
| >
| > }
| >
| >
| > Thus, it'll retrieve the connectionstring from the current Application's
| > AppConfig(web.config for web app) and what we need to do in web
| > application
| > is just provide the proper connectionstring in app.config/web.config
file.
| >
| > Thanks,
| >
| > Steven Cheng
| > Microsoft Online Support
| >
| > Get Secure! www.microsoft.com/security
| >
| >
| >
| >
| > --------------------
| > | From: "Graham" <en*******@newsgroups.nospam>
| > | Subject: Asp.Net 2.0 Multiple Application Solutions
| > | Date: Mon, 10 Oct 2005 15:00:42 +1300
| > | Lines: 180
| > | MIME-Version: 1.0
| > | Content-Type: multipart/alternative;
| > | boundary="----=_NextPart_000_001A_01C5CDAB.62716EF0"
| > | X-Priority: 3
| > | X-MSMail-Priority: Normal
| > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| > | Message-ID: <#L**************@TK2MSFTNGP15.phx.gbl>
| > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| > | NNTP-Posting-Host: 222-152-202-93.jetstream.xtra.co.nz 222.152.202.93
| > | Path:
| >
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| > 5.phx.gbl
| > | Xref: TK2MSFTNGXA02.phx.gbl
| > microsoft.public.dotnet.framework.aspnet:349591
| > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| > |
| > | I have been having some fun learning and using the new Controls and
| > methods in .Net 2.0 which will make my life in the future easier and
| > faster. Specifically the new databinding practises and wizards.
| > | But, I have found that trying to do something "outside the norm" adds
a
| > rather large level of complexity and/or data replication.
| > | Background
| > | I have been commissioned to create a web-based application for a
client.
| > It has a formsaunthentication secured backend for admins to login and
| > manage system data (clients, categories, geographical regions and their
| > related associations). It also has a frontend where users can search
| > through the clients in the system and view their information. The
frontend
| > also contains a formsauthentication secured area where the clients can
log
| > in and edit some of their information. The 2 entities (Admins and
Clients)
| > are separate objects in the data model (because of the completely
| > different
| > information pertaining to each), e.g a client would never become an
admin
| > and vice versa.
| > | I decided to use Visual Studio 2005 and .Net 2 for this project
because
| > it would give me a head start for when the new technologies are
released
| > in
| > November.
| > | The solution is split up into 3 layers - Data Access layer,
| > Businesslogic
| > layer, and Presentation layer (websites)
| > | Problem
| > | I think the main problem I have experienced is multiple
| > formsauthentication methods in one website. Because the two entities
both
| > have to log into different areas (therefore different login methods) I
| > could not find a way to do this without making the admin section a
| > separate
| > website within the solution (it would actually be a virtual directory in
| > IIS once it is live). Once I did this, I found another problem with
having
| > to replicate data.
| > | I decided early on in the project to make use of the new
| > ObjectDataSource
| > and the DataSet creation wizard within VS 2005. Both websites need to
make
| > use of this dataset. When you initially create the dataset it asks for
a
| > DB
| > connection string which either has to be hardcoded into it (bad idea) or
| > stored in the web.config (good idea). It then stores the created
DataSet
| > in
| > the app_code directory of the website. This presents a problem when
having
| > multiple websites with a single solution (at the moment I have the
dataset
| > within both websites app_code directories).
| > | Now you might be asking "why not have the DataSet in the
Businesslogic
| > or
| > Data Access layers?". One reason - You have to have the DB connection
| > string hardcoded into it, because it cant access the web.config from
| > either
| > of these layers. I understand that. But I havent found a way to set the
| > connection string programatically nor does the DataSet compile if the
| > ConnectionString property of each TableAdapter is set to "none".
| > | Answers?
| > | In short I would like to know if there is either:
| > | A way to have multiple types of formsauthentication in a single
| > website (and how); or
| > | How I can have a shard DataSet somewhere out of a website so that
it
| > can be accessed by both websites.
| > | I hope this makes sense and thank anyone that can provide me with any
| > help.
| > |
| >
|
|
|

Nov 19 '05 #5

P: n/a
Steven,
Regarding letting users choose their login type:
I do not think that it is a viable option letting an end user select what
login type they want to try, In most of my experience end users can not be
trusted.

From your explanation it sounds like you can have multiple separate
formsauthentication methods per website. Is that correct? If so an
explanation on how to implement would solve all my problems.
Otherwise I think I will continue with splitting up the frontend and teh
admin backend into two separate websites.
Thanks for your ongoing support.

Graham

"Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
news:Qa**************@TK2MSFTNGXA02.phx.gbl...
Thanks for your response Graham,

Yes, if the different users's account data are reside in separate table,
we
need to query both tables when performing the logon(authentication). And
ASP.NET applicaiton's formsauthentication only allows single default login
page. If you're wanting to build separate login UI for different users
(client and admin), I think you can consider put a front login UI in the
default login page and let the user to choice login type, login as a
normal
client user or login as an administrator, then redirect them to the actual
concrete detailed login page according to their choice and perform the
actual login/authentication code logic. How do you think of this? And
for
roles, it doesn't matter whether users are from which table, we just query
the roles from database and assigned to the logon user.

Anyway, since your scenario is different from the common one, we need to
manually add some additional code rather than simply use the default
membership wizard to generate all the work.

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security

--------------------
| From: "Graham" <en*******@newsgroups.nospam>
| References: <#L**************@TK2MSFTNGP15.phx.gbl>
<Y9**************@TK2MSFTNGXA02.phx.gbl>
| Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| Date: Tue, 11 Oct 2005 09:20:10 +1300
| Lines: 191
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| X-RFC2646: Format=Flowed; Original
| Message-ID: <ev**************@TK2MSFTNGP10.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: 222-152-206-76.jetstream.xtra.co.nz 222.152.206.76
| Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
0.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:349798
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| Steven,
| Thanks for your help. I managed to fix the DataSet problem. I put it
into
my
| Businesslogic layer and added a method for returning the
connectionstring.
| It seems to work as expected.
|
| For the formsauthentication problem:
| Each entity is a separate table in the DB therefore if I was to have the
| entire solution in one website I could only use one
| authorisation/authentication method (one login page). This page would
then
| need to check the given credentials against both DB tables in order to
give
| them access to their available areas. This is further complicated by the
| fact that administrators have certian roles and clients do not.
| I hope this makes sense to you, I initially wanted the login pages
separate
| because I see there is a distinct difference between administrators,
clients
| and each of the secured areas.
|
| Thank you for your help once again.
| Graham
|
| "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
| news:Y9**************@TK2MSFTNGXA02.phx.gbl...
| > Hi Graham,
| >
| > Welcome to ASPNET newsgroup.
| > Regarding on the question you mentioned, here are some of my
understanding
| > and suggestion:
| >
| > 1. For formsauthentication, we can separate our web application into
| > multiple parts (sub folders) and set separate access protection on
| > different sections so that certain users/role can only access certain
part
| > of the application. So for you scenario, we can consider define two
roles
| > ,
| > frontend user and backend admin, and admin can access those pages
that
| > resides in the admin folder and front end user can access pages in
other
| > normal application folders. We can put the front users and admins
| > accounts
| > in the same database (by default), or creating two separate
database/table
| > to store them. That's all ok within one single asp.net web
application.
So
| > I'm a bit unclear on the
| > =================
| > The 2 entities (Admins and Clients) are separate objects in the data
model
| > (because of the completely different information pertaining to each),
e.g
| > a
| > client would never become an admin and vice versa.
| > =================
| >
| > IMO, we don't care about whether a client is also an admin, we just
apply
| > authorization setting for our web folder / pages so that those admin
pages
| > can only be accessed by administrators while normal pages can only be
| > accessed by front client users.
| >
| > 2. For the TAbleAdapter, yes , when creating in asp.net 2.0 project,
due
| > to
| > the dynamic compile model, the code file will be put in the App_Code
| > folder
| > and also can utilize the connectionStrings section in the web.config.
| > While in other Class Library project, the VS.NET ide will by default
| > choose
| > to persiste the connectionStrings in the project assembly's settings
data
| > and after compilation it is not possible to flexibly modify them. So
| > overcome this, currently we can use the following means;
| >
| > Create the DataSet/TableAdapters in a separate Class library project,
and
| > after we drag a TAble from the Server explorer and created the
DataSet/
| > TableAdapter, we open the DataSet.Designer.cs file , locate the the
| > "InitConnection" function of the
| > xxxTableAdapter class, it is the method that initialize the
TableAdapter's
| > connection property, it used to be something like:
| >
| > private void InitConnection() {
| > this.m_connection = new System.Data.SqlClient.SqlConnection();
| > this.m_connection.ConnectionString =
| > DSLibrary.Properties.Settings.Default.NorthwindCon nectionString;
| > }
| >
| >
| > we can modify it to
| >
| > private void InitConnection() {
| > Object obj =
| >
System.Configuration.ConfigurationSettings.GetConf ig("connectionStrings");
| > ConnectionStringsSection css = obj as ConnectionStringsSection;
| > string connstr =
| > css.ConnectionStrings["LocalNorthwindConnStr"].ConnectionString;
| > this.m_connection = new System.Data.SqlClient.SqlConnection();
| > this.m_connection.ConnectionString = connstr;
| >
| > }
| >
| >
| > Thus, it'll retrieve the connectionstring from the current
Application's
| > AppConfig(web.config for web app) and what we need to do in web
| > application
| > is just provide the proper connectionstring in app.config/web.config
file.
| >
| > Thanks,
| >
| > Steven Cheng
| > Microsoft Online Support
| >
| > Get Secure! www.microsoft.com/security
| >
| >
| >
| >
| > --------------------
| > | From: "Graham" <en*******@newsgroups.nospam>
| > | Subject: Asp.Net 2.0 Multiple Application Solutions
| > | Date: Mon, 10 Oct 2005 15:00:42 +1300
| > | Lines: 180
| > | MIME-Version: 1.0
| > | Content-Type: multipart/alternative;
| > | boundary="----=_NextPart_000_001A_01C5CDAB.62716EF0"
| > | X-Priority: 3
| > | X-MSMail-Priority: Normal
| > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| > | Message-ID: <#L**************@TK2MSFTNGP15.phx.gbl>
| > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| > | NNTP-Posting-Host: 222-152-202-93.jetstream.xtra.co.nz
222.152.202.93
| > | Path:
| >
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| > 5.phx.gbl
| > | Xref: TK2MSFTNGXA02.phx.gbl
| > microsoft.public.dotnet.framework.aspnet:349591
| > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| > |
| > | I have been having some fun learning and using the new Controls and
| > methods in .Net 2.0 which will make my life in the future easier and
| > faster. Specifically the new databinding practises and wizards.
| > | But, I have found that trying to do something "outside the norm"
adds
a
| > rather large level of complexity and/or data replication.
| > | Background
| > | I have been commissioned to create a web-based application for a
client.
| > It has a formsaunthentication secured backend for admins to login and
| > manage system data (clients, categories, geographical regions and
their
| > related associations). It also has a frontend where users can search
| > through the clients in the system and view their information. The
frontend
| > also contains a formsauthentication secured area where the clients can
log
| > in and edit some of their information. The 2 entities (Admins and
Clients)
| > are separate objects in the data model (because of the completely
| > different
| > information pertaining to each), e.g a client would never become an
admin
| > and vice versa.
| > | I decided to use Visual Studio 2005 and .Net 2 for this project
because
| > it would give me a head start for when the new technologies are
released
| > in
| > November.
| > | The solution is split up into 3 layers - Data Access layer,
| > Businesslogic
| > layer, and Presentation layer (websites)
| > | Problem
| > | I think the main problem I have experienced is multiple
| > formsauthentication methods in one website. Because the two entities
both
| > have to log into different areas (therefore different login methods) I
| > could not find a way to do this without making the admin section a
| > separate
| > website within the solution (it would actually be a virtual directory
in
| > IIS once it is live). Once I did this, I found another problem with
having
| > to replicate data.
| > | I decided early on in the project to make use of the new
| > ObjectDataSource
| > and the DataSet creation wizard within VS 2005. Both websites need to
make
| > use of this dataset. When you initially create the dataset it asks for
a
| > DB
| > connection string which either has to be hardcoded into it (bad idea)
or
| > stored in the web.config (good idea). It then stores the created
DataSet
| > in
| > the app_code directory of the website. This presents a problem when
having
| > multiple websites with a single solution (at the moment I have the
dataset
| > within both websites app_code directories).
| > | Now you might be asking "why not have the DataSet in the
Businesslogic
| > or
| > Data Access layers?". One reason - You have to have the DB connection
| > string hardcoded into it, because it cant access the web.config from
| > either
| > of these layers. I understand that. But I havent found a way to set
the
| > connection string programatically nor does the DataSet compile if the
| > ConnectionString property of each TableAdapter is set to "none".
| > | Answers?
| > | In short I would like to know if there is either:
| > | A way to have multiple types of formsauthentication in a single
| > website (and how); or
| > | How I can have a shard DataSet somewhere out of a website so
that
it
| > can be accessed by both websites.
| > | I hope this makes sense and thank anyone that can provide me with
any
| > help.
| > |
| >
|
|
|

Nov 19 '05 #6

P: n/a
Hi Graham,

Thanks for your reply. If provide multiple login UI on the single LOGIN
page is not acceptable, I'm afraid it would be hard to achieve multiple
login in the single application. Though we can manually do the
FormsAuthentication so as to validate the user from both the two database,
we're still limited to one login page per application. So if the admin
pages and normal users page haven't much cross related application data or
states need to share, you can consider separate them into two application
that'll make development much easier(using the buildin membership service
and VS.NET ide design-time support can save much time).

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

--------------------
| From: "Graham" <en*******@newsgroups.nospam>
| References: <#L**************@TK2MSFTNGP15.phx.gbl>
<Y9**************@TK2MSFTNGXA02.phx.gbl>
<ev**************@TK2MSFTNGP10.phx.gbl>
<Qa**************@TK2MSFTNGXA02.phx.gbl>
| Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| Date: Wed, 12 Oct 2005 08:30:38 +1300
| Lines: 319
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-RFC2646: Format=Flowed; Original
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| Message-ID: <u6**************@TK2MSFTNGP14.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: 222-152-206-76.jetstream.xtra.co.nz 222.152.206.76
| Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
4.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:350104
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| Steven,
| Regarding letting users choose their login type:
| I do not think that it is a viable option letting an end user select what
| login type they want to try, In most of my experience end users can not
be
| trusted.
|
| From your explanation it sounds like you can have multiple separate
| formsauthentication methods per website. Is that correct? If so an
| explanation on how to implement would solve all my problems.
| Otherwise I think I will continue with splitting up the frontend and teh
| admin backend into two separate websites.
| Thanks for your ongoing support.
|
| Graham
|
| "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
| news:Qa**************@TK2MSFTNGXA02.phx.gbl...
| > Thanks for your response Graham,
| >
| > Yes, if the different users's account data are reside in separate
table,
| > we
| > need to query both tables when performing the logon(authentication).
And
| > ASP.NET applicaiton's formsauthentication only allows single default
login
| > page. If you're wanting to build separate login UI for different users
| > (client and admin), I think you can consider put a front login UI in the
| > default login page and let the user to choice login type, login as a
| > normal
| > client user or login as an administrator, then redirect them to the
actual
| > concrete detailed login page according to their choice and perform the
| > actual login/authentication code logic. How do you think of this? And
| > for
| > roles, it doesn't matter whether users are from which table, we just
query
| > the roles from database and assigned to the logon user.
| >
| > Anyway, since your scenario is different from the common one, we need to
| > manually add some additional code rather than simply use the default
| > membership wizard to generate all the work.
| >
| > Thanks,
| >
| > Steven Cheng
| > Microsoft Online Support
| >
| > Get Secure! www.microsoft.com/security
| >
| >
| >
| >
| >
| > --------------------
| > | From: "Graham" <en*******@newsgroups.nospam>
| > | References: <#L**************@TK2MSFTNGP15.phx.gbl>
| > <Y9**************@TK2MSFTNGXA02.phx.gbl>
| > | Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| > | Date: Tue, 11 Oct 2005 09:20:10 +1300
| > | Lines: 191
| > | X-Priority: 3
| > | X-MSMail-Priority: Normal
| > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| > | X-RFC2646: Format=Flowed; Original
| > | Message-ID: <ev**************@TK2MSFTNGP10.phx.gbl>
| > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| > | NNTP-Posting-Host: 222-152-206-76.jetstream.xtra.co.nz 222.152.206.76
| > | Path:
| >
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| > 0.phx.gbl
| > | Xref: TK2MSFTNGXA02.phx.gbl
| > microsoft.public.dotnet.framework.aspnet:349798
| > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| > |
| > | Steven,
| > | Thanks for your help. I managed to fix the DataSet problem. I put it
| > into
| > my
| > | Businesslogic layer and added a method for returning the
| > connectionstring.
| > | It seems to work as expected.
| > |
| > | For the formsauthentication problem:
| > | Each entity is a separate table in the DB therefore if I was to have
the
| > | entire solution in one website I could only use one
| > | authorisation/authentication method (one login page). This page would
| > then
| > | need to check the given credentials against both DB tables in order to
| > give
| > | them access to their available areas. This is further complicated by
the
| > | fact that administrators have certian roles and clients do not.
| > | I hope this makes sense to you, I initially wanted the login pages
| > separate
| > | because I see there is a distinct difference between administrators,
| > clients
| > | and each of the secured areas.
| > |
| > | Thank you for your help once again.
| > | Graham
| > |
| > | "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
| > | news:Y9**************@TK2MSFTNGXA02.phx.gbl...
| > | > Hi Graham,
| > | >
| > | > Welcome to ASPNET newsgroup.
| > | > Regarding on the question you mentioned, here are some of my
| > understanding
| > | > and suggestion:
| > | >
| > | > 1. For formsauthentication, we can separate our web application into
| > | > multiple parts (sub folders) and set separate access protection on
| > | > different sections so that certain users/role can only access
certain
| > part
| > | > of the application. So for you scenario, we can consider define two
| > roles
| > | > ,
| > | > frontend user and backend admin, and admin can access those pages
| > that
| > | > resides in the admin folder and front end user can access pages in
| > other
| > | > normal application folders. We can put the front users and admins
| > | > accounts
| > | > in the same database (by default), or creating two separate
| > database/table
| > | > to store them. That's all ok within one single asp.net web
| > application.
| > So
| > | > I'm a bit unclear on the
| > | > =================
| > | > The 2 entities (Admins and Clients) are separate objects in the data
| > model
| > | > (because of the completely different information pertaining to
each),
| > e.g
| > | > a
| > | > client would never become an admin and vice versa.
| > | > =================
| > | >
| > | > IMO, we don't care about whether a client is also an admin, we just
| > apply
| > | > authorization setting for our web folder / pages so that those admin
| > pages
| > | > can only be accessed by administrators while normal pages can only
be
| > | > accessed by front client users.
| > | >
| > | > 2. For the TAbleAdapter, yes , when creating in asp.net 2.0 project,
| > due
| > | > to
| > | > the dynamic compile model, the code file will be put in the App_Code
| > | > folder
| > | > and also can utilize the connectionStrings section in the
web.config.
| > | > While in other Class Library project, the VS.NET ide will by default
| > | > choose
| > | > to persiste the connectionStrings in the project assembly's settings
| > data
| > | > and after compilation it is not possible to flexibly modify them. So
| > | > overcome this, currently we can use the following means;
| > | >
| > | > Create the DataSet/TableAdapters in a separate Class library
project,
| > and
| > | > after we drag a TAble from the Server explorer and created the
| > DataSet/
| > | > TableAdapter, we open the DataSet.Designer.cs file , locate the the
| > | > "InitConnection" function of the
| > | > xxxTableAdapter class, it is the method that initialize the
| > TableAdapter's
| > | > connection property, it used to be something like:
| > | >
| > | > private void InitConnection() {
| > | > this.m_connection = new System.Data.SqlClient.SqlConnection();
| > | > this.m_connection.ConnectionString =
| > | > DSLibrary.Properties.Settings.Default.NorthwindCon nectionString;
| > | > }
| > | >
| > | >
| > | > we can modify it to
| > | >
| > | > private void InitConnection() {
| > | > Object obj =
| > | >
| >
System.Configuration.ConfigurationSettings.GetConf ig("connectionStrings");
| > | > ConnectionStringsSection css = obj as ConnectionStringsSection;
| > | > string connstr =
| > | > css.ConnectionStrings["LocalNorthwindConnStr"].ConnectionString;
| > | > this.m_connection = new System.Data.SqlClient.SqlConnection();
| > | > this.m_connection.ConnectionString = connstr;
| > | >
| > | > }
| > | >
| > | >
| > | > Thus, it'll retrieve the connectionstring from the current
| > Application's
| > | > AppConfig(web.config for web app) and what we need to do in web
| > | > application
| > | > is just provide the proper connectionstring in app.config/web.config
| > file.
| > | >
| > | > Thanks,
| > | >
| > | > Steven Cheng
| > | > Microsoft Online Support
| > | >
| > | > Get Secure! www.microsoft.com/security
| > | >
| > | >
| > | >
| > | >
| > | > --------------------
| > | > | From: "Graham" <en*******@newsgroups.nospam>
| > | > | Subject: Asp.Net 2.0 Multiple Application Solutions
| > | > | Date: Mon, 10 Oct 2005 15:00:42 +1300
| > | > | Lines: 180
| > | > | MIME-Version: 1.0
| > | > | Content-Type: multipart/alternative;
| > | > | boundary="----=_NextPart_000_001A_01C5CDAB.62716EF0"
| > | > | X-Priority: 3
| > | > | X-MSMail-Priority: Normal
| > | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| > | > | Message-ID: <#L**************@TK2MSFTNGP15.phx.gbl>
| > | > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| > | > | NNTP-Posting-Host: 222-152-202-93.jetstream.xtra.co.nz
| > 222.152.202.93
| > | > | Path:
| > | >
| >
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| > | > 5.phx.gbl
| > | > | Xref: TK2MSFTNGXA02.phx.gbl
| > | > microsoft.public.dotnet.framework.aspnet:349591
| > | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| > | > |
| > | > | I have been having some fun learning and using the new Controls
and
| > | > methods in .Net 2.0 which will make my life in the future easier and
| > | > faster. Specifically the new databinding practises and wizards.
| > | > | But, I have found that trying to do something "outside the norm"
| > adds
| > a
| > | > rather large level of complexity and/or data replication.
| > | > | Background
| > | > | I have been commissioned to create a web-based application for a
| > client.
| > | > It has a formsaunthentication secured backend for admins to login
and
| > | > manage system data (clients, categories, geographical regions and
| > their
| > | > related associations). It also has a frontend where users can search
| > | > through the clients in the system and view their information. The
| > frontend
| > | > also contains a formsauthentication secured area where the clients
can
| > log
| > | > in and edit some of their information. The 2 entities (Admins and
| > Clients)
| > | > are separate objects in the data model (because of the completely
| > | > different
| > | > information pertaining to each), e.g a client would never become an
| > admin
| > | > and vice versa.
| > | > | I decided to use Visual Studio 2005 and .Net 2 for this project
| > because
| > | > it would give me a head start for when the new technologies are
| > released
| > | > in
| > | > November.
| > | > | The solution is split up into 3 layers - Data Access layer,
| > | > Businesslogic
| > | > layer, and Presentation layer (websites)
| > | > | Problem
| > | > | I think the main problem I have experienced is multiple
| > | > formsauthentication methods in one website. Because the two entities
| > both
| > | > have to log into different areas (therefore different login
methods) I
| > | > could not find a way to do this without making the admin section a
| > | > separate
| > | > website within the solution (it would actually be a virtual
directory
| > in
| > | > IIS once it is live). Once I did this, I found another problem with
| > having
| > | > to replicate data.
| > | > | I decided early on in the project to make use of the new
| > | > ObjectDataSource
| > | > and the DataSet creation wizard within VS 2005. Both websites need
to
| > make
| > | > use of this dataset. When you initially create the dataset it asks
for
| > a
| > | > DB
| > | > connection string which either has to be hardcoded into it (bad
idea)
| > or
| > | > stored in the web.config (good idea). It then stores the created
| > DataSet
| > | > in
| > | > the app_code directory of the website. This presents a problem when
| > having
| > | > multiple websites with a single solution (at the moment I have the
| > dataset
| > | > within both websites app_code directories).
| > | > | Now you might be asking "why not have the DataSet in the
| > Businesslogic
| > | > or
| > | > Data Access layers?". One reason - You have to have the DB
connection
| > | > string hardcoded into it, because it cant access the web.config from
| > | > either
| > | > of these layers. I understand that. But I havent found a way to set
| > the
| > | > connection string programatically nor does the DataSet compile if
the
| > | > ConnectionString property of each TableAdapter is set to "none".
| > | > | Answers?
| > | > | In short I would like to know if there is either:
| > | > | A way to have multiple types of formsauthentication in a
single
| > | > website (and how); or
| > | > | How I can have a shard DataSet somewhere out of a website so
| > that
| > it
| > | > can be accessed by both websites.
| > | > | I hope this makes sense and thank anyone that can provide me with
| > any
| > | > help.
| > | > |
| > | >
| > |
| > |
| > |
| >
|
|
|

Nov 19 '05 #7

P: n/a
Hi Graham,

How are you going on this issue? If there're anything else we can help,
please feel free to post here.
Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| X-Tomcat-ID: 181327491
| References: <#L**************@TK2MSFTNGP15.phx.gbl>
<Y9**************@TK2MSFTNGXA02.phx.gbl>
<ev**************@TK2MSFTNGP10.phx.gbl>
<Qa**************@TK2MSFTNGXA02.phx.gbl>
<u6**************@TK2MSFTNGP14.phx.gbl>
| MIME-Version: 1.0
| Content-Type: text/plain
| Content-Transfer-Encoding: 7bit
| From: st*****@online.microsoft.com (Steven Cheng[MSFT])
| Organization: Microsoft
| Date: Wed, 12 Oct 2005 09:35:24 GMT
| Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| Message-ID: <jN*************@TK2MSFTNGXA02.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| Lines: 373
| Path: TK2MSFTNGXA02.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:350209
| NNTP-Posting-Host: tomcatimport2.phx.gbl 10.201.218.182
|
| Hi Graham,
|
| Thanks for your reply. If provide multiple login UI on the single LOGIN
| page is not acceptable, I'm afraid it would be hard to achieve multiple
| login in the single application. Though we can manually do the
| FormsAuthentication so as to validate the user from both the two
database,
| we're still limited to one login page per application. So if the admin
| pages and normal users page haven't much cross related application data
or
| states need to share, you can consider separate them into two application
| that'll make development much easier(using the buildin membership service
| and VS.NET ide design-time support can save much time).
|
| Thanks,
|
| Steven Cheng
| Microsoft Online Support
|
| Get Secure! www.microsoft.com/security
| (This posting is provided "AS IS", with no warranties, and confers no
| rights.)
|
| --------------------
| | From: "Graham" <en*******@newsgroups.nospam>
| | References: <#L**************@TK2MSFTNGP15.phx.gbl>
| <Y9**************@TK2MSFTNGXA02.phx.gbl>
| <ev**************@TK2MSFTNGP10.phx.gbl>
| <Qa**************@TK2MSFTNGXA02.phx.gbl>
| | Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| | Date: Wed, 12 Oct 2005 08:30:38 +1300
| | Lines: 319
| | X-Priority: 3
| | X-MSMail-Priority: Normal
| | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| | X-RFC2646: Format=Flowed; Original
| | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| | Message-ID: <u6**************@TK2MSFTNGP14.phx.gbl>
| | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | NNTP-Posting-Host: 222-152-206-76.jetstream.xtra.co.nz 222.152.206.76
| | Path:
|
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| 4.phx.gbl
| | Xref: TK2MSFTNGXA02.phx.gbl
| microsoft.public.dotnet.framework.aspnet:350104
| | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| |
| | Steven,
| | Regarding letting users choose their login type:
| | I do not think that it is a viable option letting an end user select
what
| | login type they want to try, In most of my experience end users can not
| be
| | trusted.
| |
| | From your explanation it sounds like you can have multiple separate
| | formsauthentication methods per website. Is that correct? If so an
| | explanation on how to implement would solve all my problems.
| | Otherwise I think I will continue with splitting up the frontend and
teh
| | admin backend into two separate websites.
| | Thanks for your ongoing support.
| |
| | Graham
| |
| | "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
| | news:Qa**************@TK2MSFTNGXA02.phx.gbl...
| | > Thanks for your response Graham,
| | >
| | > Yes, if the different users's account data are reside in separate
| table,
| | > we
| | > need to query both tables when performing the logon(authentication).
| And
| | > ASP.NET applicaiton's formsauthentication only allows single default
| login
| | > page. If you're wanting to build separate login UI for different users
| | > (client and admin), I think you can consider put a front login UI in
the
| | > default login page and let the user to choice login type, login as a
| | > normal
| | > client user or login as an administrator, then redirect them to the
| actual
| | > concrete detailed login page according to their choice and perform the
| | > actual login/authentication code logic. How do you think of this?
And
| | > for
| | > roles, it doesn't matter whether users are from which table, we just
| query
| | > the roles from database and assigned to the logon user.
| | >
| | > Anyway, since your scenario is different from the common one, we need
to
| | > manually add some additional code rather than simply use the default
| | > membership wizard to generate all the work.
| | >
| | > Thanks,
| | >
| | > Steven Cheng
| | > Microsoft Online Support
| | >
| | > Get Secure! www.microsoft.com/security
| | >
| | >
| | >
| | >
| | >
| | > --------------------
| | > | From: "Graham" <en*******@newsgroups.nospam>
| | > | References: <#L**************@TK2MSFTNGP15.phx.gbl>
| | > <Y9**************@TK2MSFTNGXA02.phx.gbl>
| | > | Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| | > | Date: Tue, 11 Oct 2005 09:20:10 +1300
| | > | Lines: 191
| | > | X-Priority: 3
| | > | X-MSMail-Priority: Normal
| | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| | > | X-RFC2646: Format=Flowed; Original
| | > | Message-ID: <ev**************@TK2MSFTNGP10.phx.gbl>
| | > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | > | NNTP-Posting-Host: 222-152-206-76.jetstream.xtra.co.nz
222.152.206.76
| | > | Path:
| | >
|
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| | > 0.phx.gbl
| | > | Xref: TK2MSFTNGXA02.phx.gbl
| | > microsoft.public.dotnet.framework.aspnet:349798
| | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| | > |
| | > | Steven,
| | > | Thanks for your help. I managed to fix the DataSet problem. I put
it
| | > into
| | > my
| | > | Businesslogic layer and added a method for returning the
| | > connectionstring.
| | > | It seems to work as expected.
| | > |
| | > | For the formsauthentication problem:
| | > | Each entity is a separate table in the DB therefore if I was to
have
| the
| | > | entire solution in one website I could only use one
| | > | authorisation/authentication method (one login page). This page
would
| | > then
| | > | need to check the given credentials against both DB tables in order
to
| | > give
| | > | them access to their available areas. This is further complicated
by
| the
| | > | fact that administrators have certian roles and clients do not.
| | > | I hope this makes sense to you, I initially wanted the login pages
| | > separate
| | > | because I see there is a distinct difference between administrators,
| | > clients
| | > | and each of the secured areas.
| | > |
| | > | Thank you for your help once again.
| | > | Graham
| | > |
| | > | "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
| | > | news:Y9**************@TK2MSFTNGXA02.phx.gbl...
| | > | > Hi Graham,
| | > | >
| | > | > Welcome to ASPNET newsgroup.
| | > | > Regarding on the question you mentioned, here are some of my
| | > understanding
| | > | > and suggestion:
| | > | >
| | > | > 1. For formsauthentication, we can separate our web application
into
| | > | > multiple parts (sub folders) and set separate access protection on
| | > | > different sections so that certain users/role can only access
| certain
| | > part
| | > | > of the application. So for you scenario, we can consider define
two
| | > roles
| | > | > ,
| | > | > frontend user and backend admin, and admin can access those
pages
| | > that
| | > | > resides in the admin folder and front end user can access pages
in
| | > other
| | > | > normal application folders. We can put the front users and admins
| | > | > accounts
| | > | > in the same database (by default), or creating two separate
| | > database/table
| | > | > to store them. That's all ok within one single asp.net web
| | > application.
| | > So
| | > | > I'm a bit unclear on the
| | > | > =================
| | > | > The 2 entities (Admins and Clients) are separate objects in the
data
| | > model
| | > | > (because of the completely different information pertaining to
| each),
| | > e.g
| | > | > a
| | > | > client would never become an admin and vice versa.
| | > | > =================
| | > | >
| | > | > IMO, we don't care about whether a client is also an admin, we
just
| | > apply
| | > | > authorization setting for our web folder / pages so that those
admin
| | > pages
| | > | > can only be accessed by administrators while normal pages can
only
| be
| | > | > accessed by front client users.
| | > | >
| | > | > 2. For the TAbleAdapter, yes , when creating in asp.net 2.0
project,
| | > due
| | > | > to
| | > | > the dynamic compile model, the code file will be put in the
App_Code
| | > | > folder
| | > | > and also can utilize the connectionStrings section in the
| web.config.
| | > | > While in other Class Library project, the VS.NET ide will by
default
| | > | > choose
| | > | > to persiste the connectionStrings in the project assembly's
settings
| | > data
| | > | > and after compilation it is not possible to flexibly modify them.
So
| | > | > overcome this, currently we can use the following means;
| | > | >
| | > | > Create the DataSet/TableAdapters in a separate Class library
| project,
| | > and
| | > | > after we drag a TAble from the Server explorer and created the
| | > DataSet/
| | > | > TableAdapter, we open the DataSet.Designer.cs file , locate the
the
| | > | > "InitConnection" function of the
| | > | > xxxTableAdapter class, it is the method that initialize the
| | > TableAdapter's
| | > | > connection property, it used to be something like:
| | > | >
| | > | > private void InitConnection() {
| | > | > this.m_connection = new System.Data.SqlClient.SqlConnection();
| | > | > this.m_connection.ConnectionString =
| | > | > DSLibrary.Properties.Settings.Default.NorthwindCon nectionString;
| | > | > }
| | > | >
| | > | >
| | > | > we can modify it to
| | > | >
| | > | > private void InitConnection() {
| | > | > Object obj =
| | > | >
| | >
| System.Configuration.ConfigurationSettings.GetConf ig("connectionStrings");
| | > | > ConnectionStringsSection css = obj as ConnectionStringsSection;
| | > | > string connstr =
| | > | > css.ConnectionStrings["LocalNorthwindConnStr"].ConnectionString;
| | > | > this.m_connection = new System.Data.SqlClient.SqlConnection();
| | > | > this.m_connection.ConnectionString = connstr;
| | > | >
| | > | > }
| | > | >
| | > | >
| | > | > Thus, it'll retrieve the connectionstring from the current
| | > Application's
| | > | > AppConfig(web.config for web app) and what we need to do in web
| | > | > application
| | > | > is just provide the proper connectionstring in
app.config/web.config
| | > file.
| | > | >
| | > | > Thanks,
| | > | >
| | > | > Steven Cheng
| | > | > Microsoft Online Support
| | > | >
| | > | > Get Secure! www.microsoft.com/security
| | > | >
| | > | >
| | > | >
| | > | >
| | > | > --------------------
| | > | > | From: "Graham" <en*******@newsgroups.nospam>
| | > | > | Subject: Asp.Net 2.0 Multiple Application Solutions
| | > | > | Date: Mon, 10 Oct 2005 15:00:42 +1300
| | > | > | Lines: 180
| | > | > | MIME-Version: 1.0
| | > | > | Content-Type: multipart/alternative;
| | > | > | boundary="----=_NextPart_000_001A_01C5CDAB.62716EF0"
| | > | > | X-Priority: 3
| | > | > | X-MSMail-Priority: Normal
| | > | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| | > | > | Message-ID: <#L**************@TK2MSFTNGP15.phx.gbl>
| | > | > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | > | > | NNTP-Posting-Host: 222-152-202-93.jetstream.xtra.co.nz
| | > 222.152.202.93
| | > | > | Path:
| | > | >
| | >
|
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| | > | > 5.phx.gbl
| | > | > | Xref: TK2MSFTNGXA02.phx.gbl
| | > | > microsoft.public.dotnet.framework.aspnet:349591
| | > | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| | > | > |
| | > | > | I have been having some fun learning and using the new Controls
| and
| | > | > methods in .Net 2.0 which will make my life in the future easier
and
| | > | > faster. Specifically the new databinding practises and wizards.
| | > | > | But, I have found that trying to do something "outside the
norm"
| | > adds
| | > a
| | > | > rather large level of complexity and/or data replication.
| | > | > | Background
| | > | > | I have been commissioned to create a web-based application for a
| | > client.
| | > | > It has a formsaunthentication secured backend for admins to login
| and
| | > | > manage system data (clients, categories, geographical regions and
| | > their
| | > | > related associations). It also has a frontend where users can
search
| | > | > through the clients in the system and view their information. The
| | > frontend
| | > | > also contains a formsauthentication secured area where the
clients
| can
| | > log
| | > | > in and edit some of their information. The 2 entities (Admins and
| | > Clients)
| | > | > are separate objects in the data model (because of the completely
| | > | > different
| | > | > information pertaining to each), e.g a client would never become
an
| | > admin
| | > | > and vice versa.
| | > | > | I decided to use Visual Studio 2005 and .Net 2 for this project
| | > because
| | > | > it would give me a head start for when the new technologies are
| | > released
| | > | > in
| | > | > November.
| | > | > | The solution is split up into 3 layers - Data Access layer,
| | > | > Businesslogic
| | > | > layer, and Presentation layer (websites)
| | > | > | Problem
| | > | > | I think the main problem I have experienced is multiple
| | > | > formsauthentication methods in one website. Because the two
entities
| | > both
| | > | > have to log into different areas (therefore different login
| methods) I
| | > | > could not find a way to do this without making the admin section a
| | > | > separate
| | > | > website within the solution (it would actually be a virtual
| directory
| | > in
| | > | > IIS once it is live). Once I did this, I found another problem
with
| | > having
| | > | > to replicate data.
| | > | > | I decided early on in the project to make use of the new
| | > | > ObjectDataSource
| | > | > and the DataSet creation wizard within VS 2005. Both websites
need
| to
| | > make
| | > | > use of this dataset. When you initially create the dataset it
asks
| for
| | > a
| | > | > DB
| | > | > connection string which either has to be hardcoded into it (bad
| idea)
| | > or
| | > | > stored in the web.config (good idea). It then stores the created
| | > DataSet
| | > | > in
| | > | > the app_code directory of the website. This presents a problem
when
| | > having
| | > | > multiple websites with a single solution (at the moment I have the
| | > dataset
| | > | > within both websites app_code directories).
| | > | > | Now you might be asking "why not have the DataSet in the
| | > Businesslogic
| | > | > or
| | > | > Data Access layers?". One reason - You have to have the DB
| connection
| | > | > string hardcoded into it, because it cant access the web.config
from
| | > | > either
| | > | > of these layers. I understand that. But I havent found a way to
set
| | > the
| | > | > connection string programatically nor does the DataSet compile if
| the
| | > | > ConnectionString property of each TableAdapter is set to "none".
| | > | > | Answers?
| | > | > | In short I would like to know if there is either:
| | > | > | A way to have multiple types of formsauthentication in a
| single
| | > | > website (and how); or
| | > | > | How I can have a shard DataSet somewhere out of a website
so
| | > that
| | > it
| | > | > can be accessed by both websites.
| | > | > | I hope this makes sense and thank anyone that can provide me
with
| | > any
| | > | > help.
| | > | > |
| | > | >
| | > |
| | > |
| | > |
| | >
| |
| |
| |
|
|

Nov 19 '05 #8

P: n/a
Hey,
Sorry, completely forgot to say thanks. All those issues have been fixed.
Thanks for all your help.

Graham

"Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
news:xL**************@TK2MSFTNGXA01.phx.gbl...
Hi Graham,

How are you going on this issue? If there're anything else we can help,
please feel free to post here.
Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| X-Tomcat-ID: 181327491
| References: <#L**************@TK2MSFTNGP15.phx.gbl>
<Y9**************@TK2MSFTNGXA02.phx.gbl>
<ev**************@TK2MSFTNGP10.phx.gbl>
<Qa**************@TK2MSFTNGXA02.phx.gbl>
<u6**************@TK2MSFTNGP14.phx.gbl>
| MIME-Version: 1.0
| Content-Type: text/plain
| Content-Transfer-Encoding: 7bit
| From: st*****@online.microsoft.com (Steven Cheng[MSFT])
| Organization: Microsoft
| Date: Wed, 12 Oct 2005 09:35:24 GMT
| Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| Message-ID: <jN*************@TK2MSFTNGXA02.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| Lines: 373
| Path: TK2MSFTNGXA02.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:350209
| NNTP-Posting-Host: tomcatimport2.phx.gbl 10.201.218.182
|
| Hi Graham,
|
| Thanks for your reply. If provide multiple login UI on the single LOGIN
| page is not acceptable, I'm afraid it would be hard to achieve multiple
| login in the single application. Though we can manually do the
| FormsAuthentication so as to validate the user from both the two
database,
| we're still limited to one login page per application. So if the
admin
| pages and normal users page haven't much cross related application data
or
| states need to share, you can consider separate them into two
application
| that'll make development much easier(using the buildin membership
service
| and VS.NET ide design-time support can save much time).
|
| Thanks,
|
| Steven Cheng
| Microsoft Online Support
|
| Get Secure! www.microsoft.com/security
| (This posting is provided "AS IS", with no warranties, and confers no
| rights.)
|
| --------------------
| | From: "Graham" <en*******@newsgroups.nospam>
| | References: <#L**************@TK2MSFTNGP15.phx.gbl>
| <Y9**************@TK2MSFTNGXA02.phx.gbl>
| <ev**************@TK2MSFTNGP10.phx.gbl>
| <Qa**************@TK2MSFTNGXA02.phx.gbl>
| | Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| | Date: Wed, 12 Oct 2005 08:30:38 +1300
| | Lines: 319
| | X-Priority: 3
| | X-MSMail-Priority: Normal
| | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| | X-RFC2646: Format=Flowed; Original
| | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| | Message-ID: <u6**************@TK2MSFTNGP14.phx.gbl>
| | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | NNTP-Posting-Host: 222-152-206-76.jetstream.xtra.co.nz 222.152.206.76
| | Path:
|
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| 4.phx.gbl
| | Xref: TK2MSFTNGXA02.phx.gbl
| microsoft.public.dotnet.framework.aspnet:350104
| | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| |
| | Steven,
| | Regarding letting users choose their login type:
| | I do not think that it is a viable option letting an end user select
what
| | login type they want to try, In most of my experience end users can
not
| be
| | trusted.
| |
| | From your explanation it sounds like you can have multiple separate
| | formsauthentication methods per website. Is that correct? If so an
| | explanation on how to implement would solve all my problems.
| | Otherwise I think I will continue with splitting up the frontend and
teh
| | admin backend into two separate websites.
| | Thanks for your ongoing support.
| |
| | Graham
| |
| | "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
| | news:Qa**************@TK2MSFTNGXA02.phx.gbl...
| | > Thanks for your response Graham,
| | >
| | > Yes, if the different users's account data are reside in separate
| table,
| | > we
| | > need to query both tables when performing the logon(authentication).
| And
| | > ASP.NET applicaiton's formsauthentication only allows single default
| login
| | > page. If you're wanting to build separate login UI for different
users
| | > (client and admin), I think you can consider put a front login UI in
the
| | > default login page and let the user to choice login type, login as a
| | > normal
| | > client user or login as an administrator, then redirect them to the
| actual
| | > concrete detailed login page according to their choice and perform
the
| | > actual login/authentication code logic. How do you think of this?
And
| | > for
| | > roles, it doesn't matter whether users are from which table, we just
| query
| | > the roles from database and assigned to the logon user.
| | >
| | > Anyway, since your scenario is different from the common one, we
need
to
| | > manually add some additional code rather than simply use the default
| | > membership wizard to generate all the work.
| | >
| | > Thanks,
| | >
| | > Steven Cheng
| | > Microsoft Online Support
| | >
| | > Get Secure! www.microsoft.com/security
| | >
| | >
| | >
| | >
| | >
| | > --------------------
| | > | From: "Graham" <en*******@newsgroups.nospam>
| | > | References: <#L**************@TK2MSFTNGP15.phx.gbl>
| | > <Y9**************@TK2MSFTNGXA02.phx.gbl>
| | > | Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| | > | Date: Tue, 11 Oct 2005 09:20:10 +1300
| | > | Lines: 191
| | > | X-Priority: 3
| | > | X-MSMail-Priority: Normal
| | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| | > | X-RFC2646: Format=Flowed; Original
| | > | Message-ID: <ev**************@TK2MSFTNGP10.phx.gbl>
| | > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | > | NNTP-Posting-Host: 222-152-206-76.jetstream.xtra.co.nz
222.152.206.76
| | > | Path:
| | >
|
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| | > 0.phx.gbl
| | > | Xref: TK2MSFTNGXA02.phx.gbl
| | > microsoft.public.dotnet.framework.aspnet:349798
| | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| | > |
| | > | Steven,
| | > | Thanks for your help. I managed to fix the DataSet problem. I put
it
| | > into
| | > my
| | > | Businesslogic layer and added a method for returning the
| | > connectionstring.
| | > | It seems to work as expected.
| | > |
| | > | For the formsauthentication problem:
| | > | Each entity is a separate table in the DB therefore if I was to
have
| the
| | > | entire solution in one website I could only use one
| | > | authorisation/authentication method (one login page). This page
would
| | > then
| | > | need to check the given credentials against both DB tables in
order
to
| | > give
| | > | them access to their available areas. This is further complicated
by
| the
| | > | fact that administrators have certian roles and clients do not.
| | > | I hope this makes sense to you, I initially wanted the login pages
| | > separate
| | > | because I see there is a distinct difference between
administrators,
| | > clients
| | > | and each of the secured areas.
| | > |
| | > | Thank you for your help once again.
| | > | Graham
| | > |
| | > | "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in
message
| | > | news:Y9**************@TK2MSFTNGXA02.phx.gbl...
| | > | > Hi Graham,
| | > | >
| | > | > Welcome to ASPNET newsgroup.
| | > | > Regarding on the question you mentioned, here are some of my
| | > understanding
| | > | > and suggestion:
| | > | >
| | > | > 1. For formsauthentication, we can separate our web application
into
| | > | > multiple parts (sub folders) and set separate access protection
on
| | > | > different sections so that certain users/role can only access
| certain
| | > part
| | > | > of the application. So for you scenario, we can consider define
two
| | > roles
| | > | > ,
| | > | > frontend user and backend admin, and admin can access those
pages
| | > that
| | > | > resides in the admin folder and front end user can access pages
in
| | > other
| | > | > normal application folders. We can put the front users and
admins
| | > | > accounts
| | > | > in the same database (by default), or creating two separate
| | > database/table
| | > | > to store them. That's all ok within one single asp.net web
| | > application.
| | > So
| | > | > I'm a bit unclear on the
| | > | > =================
| | > | > The 2 entities (Admins and Clients) are separate objects in the
data
| | > model
| | > | > (because of the completely different information pertaining to
| each),
| | > e.g
| | > | > a
| | > | > client would never become an admin and vice versa.
| | > | > =================
| | > | >
| | > | > IMO, we don't care about whether a client is also an admin, we
just
| | > apply
| | > | > authorization setting for our web folder / pages so that those
admin
| | > pages
| | > | > can only be accessed by administrators while normal pages can
only
| be
| | > | > accessed by front client users.
| | > | >
| | > | > 2. For the TAbleAdapter, yes , when creating in asp.net 2.0
project,
| | > due
| | > | > to
| | > | > the dynamic compile model, the code file will be put in the
App_Code
| | > | > folder
| | > | > and also can utilize the connectionStrings section in the
| web.config.
| | > | > While in other Class Library project, the VS.NET ide will by
default
| | > | > choose
| | > | > to persiste the connectionStrings in the project assembly's
settings
| | > data
| | > | > and after compilation it is not possible to flexibly modify
them.
So
| | > | > overcome this, currently we can use the following means;
| | > | >
| | > | > Create the DataSet/TableAdapters in a separate Class library
| project,
| | > and
| | > | > after we drag a TAble from the Server explorer and created the
| | > DataSet/
| | > | > TableAdapter, we open the DataSet.Designer.cs file , locate the
the
| | > | > "InitConnection" function of the
| | > | > xxxTableAdapter class, it is the method that initialize the
| | > TableAdapter's
| | > | > connection property, it used to be something like:
| | > | >
| | > | > private void InitConnection() {
| | > | > this.m_connection = new System.Data.SqlClient.SqlConnection();
| | > | > this.m_connection.ConnectionString =
| | > | > DSLibrary.Properties.Settings.Default.NorthwindCon nectionString;
| | > | > }
| | > | >
| | > | >
| | > | > we can modify it to
| | > | >
| | > | > private void InitConnection() {
| | > | > Object obj =
| | > | >
| | >
|
System.Configuration.ConfigurationSettings.GetConf ig("connectionStrings");
| | > | > ConnectionStringsSection css = obj as ConnectionStringsSection;
| | > | > string connstr =
| | > | > css.ConnectionStrings["LocalNorthwindConnStr"].ConnectionString;
| | > | > this.m_connection = new System.Data.SqlClient.SqlConnection();
| | > | > this.m_connection.ConnectionString = connstr;
| | > | >
| | > | > }
| | > | >
| | > | >
| | > | > Thus, it'll retrieve the connectionstring from the current
| | > Application's
| | > | > AppConfig(web.config for web app) and what we need to do in web
| | > | > application
| | > | > is just provide the proper connectionstring in
app.config/web.config
| | > file.
| | > | >
| | > | > Thanks,
| | > | >
| | > | > Steven Cheng
| | > | > Microsoft Online Support
| | > | >
| | > | > Get Secure! www.microsoft.com/security
| | > | >
| | > | >
| | > | >
| | > | >
| | > | > --------------------
| | > | > | From: "Graham" <en*******@newsgroups.nospam>
| | > | > | Subject: Asp.Net 2.0 Multiple Application Solutions
| | > | > | Date: Mon, 10 Oct 2005 15:00:42 +1300
| | > | > | Lines: 180
| | > | > | MIME-Version: 1.0
| | > | > | Content-Type: multipart/alternative;
| | > | > | boundary="----=_NextPart_000_001A_01C5CDAB.62716EF0"
| | > | > | X-Priority: 3
| | > | > | X-MSMail-Priority: Normal
| | > | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| | > | > | Message-ID: <#L**************@TK2MSFTNGP15.phx.gbl>
| | > | > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | > | > | NNTP-Posting-Host: 222-152-202-93.jetstream.xtra.co.nz
| | > 222.152.202.93
| | > | > | Path:
| | > | >
| | >
|
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| | > | > 5.phx.gbl
| | > | > | Xref: TK2MSFTNGXA02.phx.gbl
| | > | > microsoft.public.dotnet.framework.aspnet:349591
| | > | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| | > | > |
| | > | > | I have been having some fun learning and using the new
Controls
| and
| | > | > methods in .Net 2.0 which will make my life in the future easier
and
| | > | > faster. Specifically the new databinding practises and wizards.
| | > | > | But, I have found that trying to do something "outside the
norm"
| | > adds
| | > a
| | > | > rather large level of complexity and/or data replication.
| | > | > | Background
| | > | > | I have been commissioned to create a web-based application for
a
| | > client.
| | > | > It has a formsaunthentication secured backend for admins to
login
| and
| | > | > manage system data (clients, categories, geographical regions
and
| | > their
| | > | > related associations). It also has a frontend where users can
search
| | > | > through the clients in the system and view their information.
The
| | > frontend
| | > | > also contains a formsauthentication secured area where the
clients
| can
| | > log
| | > | > in and edit some of their information. The 2 entities (Admins
and
| | > Clients)
| | > | > are separate objects in the data model (because of the
completely
| | > | > different
| | > | > information pertaining to each), e.g a client would never become
an
| | > admin
| | > | > and vice versa.
| | > | > | I decided to use Visual Studio 2005 and .Net 2 for this
project
| | > because
| | > | > it would give me a head start for when the new technologies are
| | > released
| | > | > in
| | > | > November.
| | > | > | The solution is split up into 3 layers - Data Access layer,
| | > | > Businesslogic
| | > | > layer, and Presentation layer (websites)
| | > | > | Problem
| | > | > | I think the main problem I have experienced is multiple
| | > | > formsauthentication methods in one website. Because the two
entities
| | > both
| | > | > have to log into different areas (therefore different login
| methods) I
| | > | > could not find a way to do this without making the admin section
a
| | > | > separate
| | > | > website within the solution (it would actually be a virtual
| directory
| | > in
| | > | > IIS once it is live). Once I did this, I found another problem
with
| | > having
| | > | > to replicate data.
| | > | > | I decided early on in the project to make use of the new
| | > | > ObjectDataSource
| | > | > and the DataSet creation wizard within VS 2005. Both websites
need
| to
| | > make
| | > | > use of this dataset. When you initially create the dataset it
asks
| for
| | > a
| | > | > DB
| | > | > connection string which either has to be hardcoded into it (bad
| idea)
| | > or
| | > | > stored in the web.config (good idea). It then stores the created
| | > DataSet
| | > | > in
| | > | > the app_code directory of the website. This presents a problem
when
| | > having
| | > | > multiple websites with a single solution (at the moment I have
the
| | > dataset
| | > | > within both websites app_code directories).
| | > | > | Now you might be asking "why not have the DataSet in the
| | > Businesslogic
| | > | > or
| | > | > Data Access layers?". One reason - You have to have the DB
| connection
| | > | > string hardcoded into it, because it cant access the web.config
from
| | > | > either
| | > | > of these layers. I understand that. But I havent found a way to
set
| | > the
| | > | > connection string programatically nor does the DataSet compile
if
| the
| | > | > ConnectionString property of each TableAdapter is set to "none".
| | > | > | Answers?
| | > | > | In short I would like to know if there is either:
| | > | > | A way to have multiple types of formsauthentication in a
| single
| | > | > website (and how); or
| | > | > | How I can have a shard DataSet somewhere out of a website
so
| | > that
| | > it
| | > | > can be accessed by both websites.
| | > | > | I hope this makes sense and thank anyone that can provide me
with
| | > any
| | > | > help.
| | > | > |
| | > | >
| | > |
| | > |
| | > |
| | >
| |
| |
| |
|
|

Nov 19 '05 #9

P: n/a
Thanks for your followup Graham,

Really glad that you've already overcome that problem and continue your
work. If there're any further questions in the furture, please feel free to
post here.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| From: "Graham" <en*******@newsgroups.nospam>
| References: <#L**************@TK2MSFTNGP15.phx.gbl>
<Y9**************@TK2MSFTNGXA02.phx.gbl>
<ev**************@TK2MSFTNGP10.phx.gbl>
<Qa**************@TK2MSFTNGXA02.phx.gbl>
<u6**************@TK2MSFTNGP14.phx.gbl>
<jN*************@TK2MSFTNGXA02.phx.gbl>
<xL**************@TK2MSFTNGXA01.phx.gbl>
| Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| Date: Thu, 3 Nov 2005 14:39:25 +1300
| Lines: 510
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-RFC2646: Format=Flowed; Original
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| Message-ID: <#W**************@TK2MSFTNGP12.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: 222-153-144-207.jetstream.xtra.co.nz 222.153.144.207
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP12.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.dotnet.framework.aspnet:135695
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| Hey,
| Sorry, completely forgot to say thanks. All those issues have been fixed.
| Thanks for all your help.
|
| Graham
|
| "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
| news:xL**************@TK2MSFTNGXA01.phx.gbl...
| > Hi Graham,
| >
| > How are you going on this issue? If there're anything else we can help,
| > please feel free to post here.
| > Thanks,
| >
| > Steven Cheng
| > Microsoft Online Support
| >
| > Get Secure! www.microsoft.com/security
| > (This posting is provided "AS IS", with no warranties, and confers no
| > rights.)
| > --------------------
| > | X-Tomcat-ID: 181327491
| > | References: <#L**************@TK2MSFTNGP15.phx.gbl>
| > <Y9**************@TK2MSFTNGXA02.phx.gbl>
| > <ev**************@TK2MSFTNGP10.phx.gbl>
| > <Qa**************@TK2MSFTNGXA02.phx.gbl>
| > <u6**************@TK2MSFTNGP14.phx.gbl>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain
| > | Content-Transfer-Encoding: 7bit
| > | From: st*****@online.microsoft.com (Steven Cheng[MSFT])
| > | Organization: Microsoft
| > | Date: Wed, 12 Oct 2005 09:35:24 GMT
| > | Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| > | Message-ID: <jN*************@TK2MSFTNGXA02.phx.gbl>
| > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| > | Lines: 373
| > | Path: TK2MSFTNGXA02.phx.gbl
| > | Xref: TK2MSFTNGXA02.phx.gbl
| > microsoft.public.dotnet.framework.aspnet:350209
| > | NNTP-Posting-Host: tomcatimport2.phx.gbl 10.201.218.182
| > |
| > | Hi Graham,
| > |
| > | Thanks for your reply. If provide multiple login UI on the single
LOGIN
| > | page is not acceptable, I'm afraid it would be hard to achieve
multiple
| > | login in the single application. Though we can manually do the
| > | FormsAuthentication so as to validate the user from both the two
| > database,
| > | we're still limited to one login page per application. So if the
| > admin
| > | pages and normal users page haven't much cross related application
data
| > or
| > | states need to share, you can consider separate them into two
| > application
| > | that'll make development much easier(using the buildin membership
| > service
| > | and VS.NET ide design-time support can save much time).
| > |
| > | Thanks,
| > |
| > | Steven Cheng
| > | Microsoft Online Support
| > |
| > | Get Secure! www.microsoft.com/security
| > | (This posting is provided "AS IS", with no warranties, and confers no
| > | rights.)
| > |
| > | --------------------
| > | | From: "Graham" <en*******@newsgroups.nospam>
| > | | References: <#L**************@TK2MSFTNGP15.phx.gbl>
| > | <Y9**************@TK2MSFTNGXA02.phx.gbl>
| > | <ev**************@TK2MSFTNGP10.phx.gbl>
| > | <Qa**************@TK2MSFTNGXA02.phx.gbl>
| > | | Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| > | | Date: Wed, 12 Oct 2005 08:30:38 +1300
| > | | Lines: 319
| > | | X-Priority: 3
| > | | X-MSMail-Priority: Normal
| > | | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| > | | X-RFC2646: Format=Flowed; Original
| > | | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| > | | Message-ID: <u6**************@TK2MSFTNGP14.phx.gbl>
| > | | Newsgroups: microsoft.public.dotnet.framework.aspnet
| > | | NNTP-Posting-Host: 222-152-206-76.jetstream.xtra.co.nz
222.152.206.76
| > | | Path:
| > |
| >
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| > | 4.phx.gbl
| > | | Xref: TK2MSFTNGXA02.phx.gbl
| > | microsoft.public.dotnet.framework.aspnet:350104
| > | | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| > | |
| > | | Steven,
| > | | Regarding letting users choose their login type:
| > | | I do not think that it is a viable option letting an end user select
| > what
| > | | login type they want to try, In most of my experience end users can
| > not
| > | be
| > | | trusted.
| > | |
| > | | From your explanation it sounds like you can have multiple separate
| > | | formsauthentication methods per website. Is that correct? If so an
| > | | explanation on how to implement would solve all my problems.
| > | | Otherwise I think I will continue with splitting up the frontend and
| > teh
| > | | admin backend into two separate websites.
| > | | Thanks for your ongoing support.
| > | |
| > | | Graham
| > | |
| > | | "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
| > | | news:Qa**************@TK2MSFTNGXA02.phx.gbl...
| > | | > Thanks for your response Graham,
| > | | >
| > | | > Yes, if the different users's account data are reside in separate
| > | table,
| > | | > we
| > | | > need to query both tables when performing the
logon(authentication).
| > | And
| > | | > ASP.NET applicaiton's formsauthentication only allows single
default
| > | login
| > | | > page. If you're wanting to build separate login UI for different
| > users
| > | | > (client and admin), I think you can consider put a front login UI
in
| > the
| > | | > default login page and let the user to choice login type, login
as a
| > | | > normal
| > | | > client user or login as an administrator, then redirect them to
the
| > | actual
| > | | > concrete detailed login page according to their choice and
perform
| > the
| > | | > actual login/authentication code logic. How do you think of this?
| > And
| > | | > for
| > | | > roles, it doesn't matter whether users are from which table, we
just
| > | query
| > | | > the roles from database and assigned to the logon user.
| > | | >
| > | | > Anyway, since your scenario is different from the common one, we
| > need
| > to
| > | | > manually add some additional code rather than simply use the
default
| > | | > membership wizard to generate all the work.
| > | | >
| > | | > Thanks,
| > | | >
| > | | > Steven Cheng
| > | | > Microsoft Online Support
| > | | >
| > | | > Get Secure! www.microsoft.com/security
| > | | >
| > | | >
| > | | >
| > | | >
| > | | >
| > | | > --------------------
| > | | > | From: "Graham" <en*******@newsgroups.nospam>
| > | | > | References: <#L**************@TK2MSFTNGP15.phx.gbl>
| > | | > <Y9**************@TK2MSFTNGXA02.phx.gbl>
| > | | > | Subject: Re: Asp.Net 2.0 Multiple Application Solutions
| > | | > | Date: Tue, 11 Oct 2005 09:20:10 +1300
| > | | > | Lines: 191
| > | | > | X-Priority: 3
| > | | > | X-MSMail-Priority: Normal
| > | | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| > | | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| > | | > | X-RFC2646: Format=Flowed; Original
| > | | > | Message-ID: <ev**************@TK2MSFTNGP10.phx.gbl>
| > | | > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| > | | > | NNTP-Posting-Host: 222-152-206-76.jetstream.xtra.co.nz
| > 222.152.206.76
| > | | > | Path:
| > | | >
| > |
| >
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| > | | > 0.phx.gbl
| > | | > | Xref: TK2MSFTNGXA02.phx.gbl
| > | | > microsoft.public.dotnet.framework.aspnet:349798
| > | | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| > | | > |
| > | | > | Steven,
| > | | > | Thanks for your help. I managed to fix the DataSet problem. I
put
| > it
| > | | > into
| > | | > my
| > | | > | Businesslogic layer and added a method for returning the
| > | | > connectionstring.
| > | | > | It seems to work as expected.
| > | | > |
| > | | > | For the formsauthentication problem:
| > | | > | Each entity is a separate table in the DB therefore if I was to
| > have
| > | the
| > | | > | entire solution in one website I could only use one
| > | | > | authorisation/authentication method (one login page). This page
| > would
| > | | > then
| > | | > | need to check the given credentials against both DB tables in
| > order
| > to
| > | | > give
| > | | > | them access to their available areas. This is further
complicated
| > by
| > | the
| > | | > | fact that administrators have certian roles and clients do not.
| > | | > | I hope this makes sense to you, I initially wanted the login
pages
| > | | > separate
| > | | > | because I see there is a distinct difference between
| > administrators,
| > | | > clients
| > | | > | and each of the secured areas.
| > | | > |
| > | | > | Thank you for your help once again.
| > | | > | Graham
| > | | > |
| > | | > | "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in
| > message
| > | | > | news:Y9**************@TK2MSFTNGXA02.phx.gbl...
| > | | > | > Hi Graham,
| > | | > | >
| > | | > | > Welcome to ASPNET newsgroup.
| > | | > | > Regarding on the question you mentioned, here are some of my
| > | | > understanding
| > | | > | > and suggestion:
| > | | > | >
| > | | > | > 1. For formsauthentication, we can separate our web
application
| > into
| > | | > | > multiple parts (sub folders) and set separate access
protection
| > on
| > | | > | > different sections so that certain users/role can only access
| > | certain
| > | | > part
| > | | > | > of the application. So for you scenario, we can consider
define
| > two
| > | | > roles
| > | | > | > ,
| > | | > | > frontend user and backend admin, and admin can access those
| > pages
| > | | > that
| > | | > | > resides in the admin folder and front end user can access
pages
| > in
| > | | > other
| > | | > | > normal application folders. We can put the front users and
| > admins
| > | | > | > accounts
| > | | > | > in the same database (by default), or creating two separate
| > | | > database/table
| > | | > | > to store them. That's all ok within one single asp.net web
| > | | > application.
| > | | > So
| > | | > | > I'm a bit unclear on the
| > | | > | > =================
| > | | > | > The 2 entities (Admins and Clients) are separate objects in
the
| > data
| > | | > model
| > | | > | > (because of the completely different information pertaining to
| > | each),
| > | | > e.g
| > | | > | > a
| > | | > | > client would never become an admin and vice versa.
| > | | > | > =================
| > | | > | >
| > | | > | > IMO, we don't care about whether a client is also an admin, we
| > just
| > | | > apply
| > | | > | > authorization setting for our web folder / pages so that those
| > admin
| > | | > pages
| > | | > | > can only be accessed by administrators while normal pages can
| > only
| > | be
| > | | > | > accessed by front client users.
| > | | > | >
| > | | > | > 2. For the TAbleAdapter, yes , when creating in asp.net 2.0
| > project,
| > | | > due
| > | | > | > to
| > | | > | > the dynamic compile model, the code file will be put in the
| > App_Code
| > | | > | > folder
| > | | > | > and also can utilize the connectionStrings section in the
| > | web.config.
| > | | > | > While in other Class Library project, the VS.NET ide will by
| > default
| > | | > | > choose
| > | | > | > to persiste the connectionStrings in the project assembly's
| > settings
| > | | > data
| > | | > | > and after compilation it is not possible to flexibly modify
| > them.
| > So
| > | | > | > overcome this, currently we can use the following means;
| > | | > | >
| > | | > | > Create the DataSet/TableAdapters in a separate Class library
| > | project,
| > | | > and
| > | | > | > after we drag a TAble from the Server explorer and created the
| > | | > DataSet/
| > | | > | > TableAdapter, we open the DataSet.Designer.cs file , locate
the
| > the
| > | | > | > "InitConnection" function of the
| > | | > | > xxxTableAdapter class, it is the method that initialize the
| > | | > TableAdapter's
| > | | > | > connection property, it used to be something like:
| > | | > | >
| > | | > | > private void InitConnection() {
| > | | > | > this.m_connection = new System.Data.SqlClient.SqlConnection();
| > | | > | > this.m_connection.ConnectionString =
| > | | > | >
DSLibrary.Properties.Settings.Default.NorthwindCon nectionString;
| > | | > | > }
| > | | > | >
| > | | > | >
| > | | > | > we can modify it to
| > | | > | >
| > | | > | > private void InitConnection() {
| > | | > | > Object obj =
| > | | > | >
| > | | >
| > |
| >
System.Configuration.ConfigurationSettings.GetConf ig("connectionStrings");
| > | | > | > ConnectionStringsSection css = obj as
ConnectionStringsSection;
| > | | > | > string connstr =
| > | | > | >
css.ConnectionStrings["LocalNorthwindConnStr"].ConnectionString;
| > | | > | > this.m_connection = new System.Data.SqlClient.SqlConnection();
| > | | > | > this.m_connection.ConnectionString = connstr;
| > | | > | >
| > | | > | > }
| > | | > | >
| > | | > | >
| > | | > | > Thus, it'll retrieve the connectionstring from the current
| > | | > Application's
| > | | > | > AppConfig(web.config for web app) and what we need to do in
web
| > | | > | > application
| > | | > | > is just provide the proper connectionstring in
| > app.config/web.config
| > | | > file.
| > | | > | >
| > | | > | > Thanks,
| > | | > | >
| > | | > | > Steven Cheng
| > | | > | > Microsoft Online Support
| > | | > | >
| > | | > | > Get Secure! www.microsoft.com/security
| > | | > | >
| > | | > | >
| > | | > | >
| > | | > | >
| > | | > | > --------------------
| > | | > | > | From: "Graham" <en*******@newsgroups.nospam>
| > | | > | > | Subject: Asp.Net 2.0 Multiple Application Solutions
| > | | > | > | Date: Mon, 10 Oct 2005 15:00:42 +1300
| > | | > | > | Lines: 180
| > | | > | > | MIME-Version: 1.0
| > | | > | > | Content-Type: multipart/alternative;
| > | | > | > | boundary="----=_NextPart_000_001A_01C5CDAB.62716EF0"
| > | | > | > | X-Priority: 3
| > | | > | > | X-MSMail-Priority: Normal
| > | | > | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| > | | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| > | | > | > | Message-ID: <#L**************@TK2MSFTNGP15.phx.gbl>
| > | | > | > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| > | | > | > | NNTP-Posting-Host: 222-152-202-93.jetstream.xtra.co.nz
| > | | > 222.152.202.93
| > | | > | > | Path:
| > | | > | >
| > | | >
| > |
| >
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSF TNGP08.phx.gbl!TK2MSFTNGP1
| > | | > | > 5.phx.gbl
| > | | > | > | Xref: TK2MSFTNGXA02.phx.gbl
| > | | > | > microsoft.public.dotnet.framework.aspnet:349591
| > | | > | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| > | | > | > |
| > | | > | > | I have been having some fun learning and using the new
| > Controls
| > | and
| > | | > | > methods in .Net 2.0 which will make my life in the future
easier
| > and
| > | | > | > faster. Specifically the new databinding practises and
wizards.
| > | | > | > | But, I have found that trying to do something "outside the
| > norm"
| > | | > adds
| > | | > a
| > | | > | > rather large level of complexity and/or data replication.
| > | | > | > | Background
| > | | > | > | I have been commissioned to create a web-based application
for
| > a
| > | | > client.
| > | | > | > It has a formsaunthentication secured backend for admins to
| > login
| > | and
| > | | > | > manage system data (clients, categories, geographical regions
| > and
| > | | > their
| > | | > | > related associations). It also has a frontend where users can
| > search
| > | | > | > through the clients in the system and view their information.
| > The
| > | | > frontend
| > | | > | > also contains a formsauthentication secured area where the
| > clients
| > | can
| > | | > log
| > | | > | > in and edit some of their information. The 2 entities (Admins
| > and
| > | | > Clients)
| > | | > | > are separate objects in the data model (because of the
| > completely
| > | | > | > different
| > | | > | > information pertaining to each), e.g a client would never
become
| > an
| > | | > admin
| > | | > | > and vice versa.
| > | | > | > | I decided to use Visual Studio 2005 and .Net 2 for this
| > project
| > | | > because
| > | | > | > it would give me a head start for when the new technologies
are
| > | | > released
| > | | > | > in
| > | | > | > November.
| > | | > | > | The solution is split up into 3 layers - Data Access layer,
| > | | > | > Businesslogic
| > | | > | > layer, and Presentation layer (websites)
| > | | > | > | Problem
| > | | > | > | I think the main problem I have experienced is multiple
| > | | > | > formsauthentication methods in one website. Because the two
| > entities
| > | | > both
| > | | > | > have to log into different areas (therefore different login
| > | methods) I
| > | | > | > could not find a way to do this without making the admin
section
| > a
| > | | > | > separate
| > | | > | > website within the solution (it would actually be a virtual
| > | directory
| > | | > in
| > | | > | > IIS once it is live). Once I did this, I found another problem
| > with
| > | | > having
| > | | > | > to replicate data.
| > | | > | > | I decided early on in the project to make use of the new
| > | | > | > ObjectDataSource
| > | | > | > and the DataSet creation wizard within VS 2005. Both websites
| > need
| > | to
| > | | > make
| > | | > | > use of this dataset. When you initially create the dataset it
| > asks
| > | for
| > | | > a
| > | | > | > DB
| > | | > | > connection string which either has to be hardcoded into it
(bad
| > | idea)
| > | | > or
| > | | > | > stored in the web.config (good idea). It then stores the
created
| > | | > DataSet
| > | | > | > in
| > | | > | > the app_code directory of the website. This presents a problem
| > when
| > | | > having
| > | | > | > multiple websites with a single solution (at the moment I
have
| > the
| > | | > dataset
| > | | > | > within both websites app_code directories).
| > | | > | > | Now you might be asking "why not have the DataSet in the
| > | | > Businesslogic
| > | | > | > or
| > | | > | > Data Access layers?". One reason - You have to have the DB
| > | connection
| > | | > | > string hardcoded into it, because it cant access the
web.config
| > from
| > | | > | > either
| > | | > | > of these layers. I understand that. But I havent found a way
to
| > set
| > | | > the
| > | | > | > connection string programatically nor does the DataSet
compile
| > if
| > | the
| > | | > | > ConnectionString property of each TableAdapter is set to
"none".
| > | | > | > | Answers?
| > | | > | > | In short I would like to know if there is either:
| > | | > | > | A way to have multiple types of formsauthentication in a
| > | single
| > | | > | > website (and how); or
| > | | > | > | How I can have a shard DataSet somewhere out of a
website
| > so
| > | | > that
| > | | > it
| > | | > | > can be accessed by both websites.
| > | | > | > | I hope this makes sense and thank anyone that can provide me
| > with
| > | | > any
| > | | > | > help.
| > | | > | > |
| > | | > | >
| > | | > |
| > | | > |
| > | | > |
| > | | >
| > | |
| > | |
| > | |
| > |
| > |
| >
|
|
|

Nov 19 '05 #10

This discussion thread is closed

Replies have been disabled for this discussion.