Page 142 - DCAP312_WEB_TECHNOLOGIES

Page 142 - DCAP312_WEB_TECHNOLOGIES_II

P. 142

Web Technologies-II

Notes Let us discuss the details of both section groups now.
The system.web Section Group
Now we will include configuration settings that, we did have set up somewhere in the IIS
administration console. At Microsoft’s MSDN Library, we can find an overview of all the tags
that the system.web section group understands, but, depending on the complexity of our site,
we may not ever use even half of those options.
<authentication>
The authentication section controls the type of authentication used within our Web application,
as contained in the attribute mode. We will enter the value “None” if anyone may access our
application. If authentication is required, we will use “Windows”, “Forms” or “Passport” to
define the type of authentication. For example:
<authentication mode= “Windows”/>
<authorization>
To allow or deny access to our web application to certain users or roles, use <allow> or <deny>
child tags.
<authorization>
<allow roles= “Administrators, Users” />
<deny users= “*” />
</authorization>
It is important to understand that ASP.NET’s authorization module iterates through the sections,
applying the first rule that corresponds to the current user. In this example, users carrying the
role Administrators or Users will be allowed access, while all others (indicated by the * wildcard)
will encounter the second rule and will subsequently be denied access.
<compilation>
Here, we can configure the compiler settings for ASP.NET. We can use loads of attributes
here, of which the most common are debug and default Language. Set debug to “true” only if
we want the browser to display debugging information. Since turning on this option reduces
performance, we had normally wanted to set it to “false”. The default Language attribute tells
ASP.NET which language compiler to use, since we could use either Visual Basic .NET or C#
for instance. It has value by default.
<custom Errors>
To provide our end users with custom, user-friendly error messages, we can set the mode
attribute of this section to on. If we set it to Remote Only, custom errors will be shown only to
remote clients, while local host users will see the ugly but useful ASP.NET errors -- clearly, this is
helpful when debugging. Setting the mode attribute to off will show ASP.NET errors to all users.
If we supply a relative or absolute address in the default Redirect attribute, the application will
be automatically redirected to this address in case of an error. Note that the relative address
is relative to the location of the Web. Configuration file, not the page in which the error takes
place. In addition we can use <error> tags to provide a status Code and a redirect attributes:
<custom Errors mode= “Remote Only” default Redirect= “/error.html “>
<error status Code=“403“ redirect= “/accessdenied.html” />
<error status Code= “404” redirect= “/pagenotfound.html” />
</custom Errors>
<globalization>
The globalization section is useful when we want to change the encoding or the culture of our
application. Globalization is such an extensive subject could be dedicated to the matter. In short,

136 LOVELY PROFESSIONAL UNIVERSITY

137 138 139 140 141 142 143 144 145 146 147