Security in ASP.NET 2.0

Previous page
Table of content
Next page

Overview

In December 2004, Microsoft made available its ASP.NET v1.1 Membership Management Component Prototype. This was distributed as an SDK which, when used by a developer in a project, was referenced as an assembly named MemberRole.dll. Microsoft defines it as "a collection of classes and sample scripts that allows a developer to more easily authenticate users, authorize users, and store per-user property data in a user profile." MemberRole.dll was simply a backport of a series of classes, from the then ASP.NET 2.0 Beta 2 framework, compiled under the 1.1 framework. This backported version conforms to the same API as is found in ASP.NET 2.0.

Just before releasing the SDK, Microsoft informed the DotNetNuke Core Team of its intentions with this backport. The Core Team discussed the pros and cons of taking advantage of the backport and, after much debate, decided to implement it at that time, using the backport, rather than waiting eleven months to prepare for a future upgrade of DotNetNuke to the ASP.NET 2.0 framework. When it was time to upgrade to the ASP.NET 2.0 framework with DotNetNuke's 4.0 release, the upgrade task was less complicated because of this decision. The majority of the changes required replacing the DLL reference with a reference to the new classes within the 2.0 framework.

Other factors that weighed in this decision included what MemberRole.dll offered in addition to the easier migration path. In adapting MemberRole.dll, DotNetNuke was also preparing itself for exposure to the hosting market through Microsoft's Shared Hosting Initiative. This initiative not only placed DotNetNuke in front of a new audience, but also helped DotNetNuke form a solid relationship with Microsoft. That relationship allows DotNetNuke to work closely with Microsoft and reap additional benefits, such as the special license for MemberRole.dll usage that extends the length this DLL can remain in production use. For example, the typical MemberRole.dll license was only permitted for production usage for a period of 90 days after the release of the ASP.NET 2.0 framework. The MemberRole.dll included in framework version 1.1 DotNetNuke releases does not contain this restriction.

For developers, it's important to understand that the MemberRole.dll referenced in the DotNetNuke 3.x versions, which use the ASP.NET 1.1 framework, is now part of the ASP.NET 2.0 framework. In DotNetNuke 4.x versions, which use the ASP.NET 2.0 framework, it is referenced from the System .Web.Security namespace.

Before discussing the details of how DotNetNuke uses Member Role, it is first essential that you understand how security works in ASP.NET 2.0.



Previous page
Table of content
Next page
Professional DotNetNuke 4.0 (c) Open Source Web Application Framework for ASP. NET 4.0
Professional DotNetNuke 4: Open Source Web Application Framework for ASP.NET 2.0 (Programmer to Programmer)
ISBN: 0471788163
EAN: 2147483647
Year: 2006
Pages: 182
Authors: Shaun Walker, Joe Brinkman, Bruce Hopkins, Scott McCulloch, Chris Paterra, Patrick J. Santry, Scott Willhite, Dan Caron
BUY ON AMAZON
ERP and Data Warehousing in Organizations: Issues and Challenges
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Microsoft VBScript Professional Projects
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy