tailieunhanh - Professional ASP.NET 3.5 in C# and Visual Basic Part 86

Professional in C# and Visual Basic Part 86. Building on the revolutionary release, adds several key new developer features including AJAX, LINQ, and a new CSS designer in Visual Web Developer 2008. The dramatic reduction in code that developers realized from the more than 50 new server controls in now allows developers the time to make their applications more interactive with AJAX, to work with data in their preferred language with LINQ, and to build visually attractive and consistent standards-based sites with CSS. . | Chapter 16 Membership and Role Management Listing 16-35 Checking for a specific user in a particular role VB @ Page Language VB script runat server Protected Sub Button1_Click ByVal sender As Object ByVal e As _ AdminPageRights End Sub script html xmlns http 1999 xhtml head runat server title Role Manager title head body form id form1 runat server asp TextBox ID TextBox1 Runat server asp TextBox asp Button ID Button1 Runat server Text Button OnClick Button1_Click p asp GridView ID GridView1 Runat server asp GridView p form body html C @ Page Language C script runat server protected void Button1_Click object sender EventArgs e AdminPageRights script Understanding How Roles Are Cached By default after you retrieve a user s roles from the data store underlying the role management service you can store these roles as a cookie on the client machine. This is done so you do not have to access the data store each and every time the application needs a user s role status. There is always a bit of risk in working with cookies because the end user can manipulate the cookie and thereby gain access to information or parts of an application that normally would be forbidden to that particular user. 807 Chapter 16 Membership and Role Management Although roles are cached in a cookie the default is that they are cached for only 30 minutes at a time. You can deal with this role cookie in several ways some of which might help to protect your application better. One protection for your application is to delete this role cookie using the DeleteCookie method of the Roles API when the end user logs on to the site. This is illustrated in Listing 16-36. Listing 16-36 Deleting the end user s role cookie upon authentication VB If Then .

TỪ KHÓA LIÊN QUAN