Categories
jBlogMvc Uncategorized

jBlogMvc : part 1 Building the Administration Area

NOTE: In this series I build a blogengine using ASP.NET MVC and jQuery from scratch in order to learn more about these new technologies. If you haven't read the first post in this series, I would encourage you do to that first, or check out the jBlogMvc category. You can also always subscribe to the feeds.

In this part of the series, I build the administration area of the blog engine I am building using the ASP.NET MVC and jQuery, in this part I will cover more basic features used in any blog engine, so lets get started.

What will part 1 cover ?

Basically it will cover how to build an administration area, I chose the wordpress blog engine and tried to clone its structure and some look and feel of it, the operations I will implement in this part will be :

  • Visitor
    • Login — I will just reuse the code available with the default project template for membership stuff.
  • Admin
    • Logout
    • Add Post

The stuff I collected and used all over the net from blogs and used in this part can be summarized in the following,

  1. Using membership for validation
  2. Using the Authorize attribute
  3. Using Model Binders
  4. jQuery Client validation
  5. Small validation framework for business rules and server side validation.(originally written by scott gu)
  6. Using nested master pages in ASP.NET MVC
  7. Applying the "Post/Redirect/Get" (aka PRG) pattern.
  8. Applying some css to make it look nice (based on wordpress blogengine admin layout) [more]

To hold your interest the final look of the administration area will look like this :

admin area

Ok Lets see some code

What's new in version 1 :

Routes

Routes now include an extra route for directing users to the admin area

[code:c#] 

routes.MapRoute(
    "Admin",
    "admin/{action}",
    new { controller = "Admin", action = "Index" }
    );

[/code] 

Models

No new models were added as the database remains as it is, however, I like to highlight a new feature available in the Preview 5, ModelBinders, although ScottGu just mentioned that the team has not yet finalized and will be changed in the beta version.

Note: the MVC team plans to tweak the IModelBinder interface further for the next drop (they recently discovered a few scenarios that necessitate a few changes).  So if you build a custom model binder with preview 5 expect to have to make a few tweaks when the next drop comes out (probably nothing too major – but just a heads up that we know a few arguments will change on its methods). By ScottGu

ModelBinders, which is provided to allow Action methods to take complex types as their parameters. Previously, action methods were only able to take simple types such as strings and integers as their parameters. The new ModelBinder provides the facility to build complex types from component parts that (for example) may be part the result of submitting a form with several fields.

Learn more about ModelBinders from Melvyn Harbour, Timothy Khouri and Maarten Balliauw.

The following code listing is from the PostBinder

 

[code:c#] 

public class PostBinder : IModelBinder
{
    private static string Concat(string modelName, string propertyName)
    {
        return (String.IsNullOrEmpty(modelName)) ? propertyName : modelName + "." + propertyName;
    }

    private static T LookupValue<T>(ControllerContext controllerContext, string propertyName, ModelStateDictionary modelState)
    {
        IModelBinder binder = ModelBinders.GetBinder(typeof(T));
        object value = binder.GetValue(controllerContext, propertyName, typeof(T), modelState);
        return (value is T) ? (T)value : default(T);
    }

    public object GetValue(ControllerContext controllerContext, string modelName, Type modelType, ModelStateDictionary modelState)
    {            if (controllerContext == null)
        {
            throw new ArgumentNullException("controllerContext");
        }
        if (modelType != typeof(Post))
        {
            throw new ArgumentException("This binder only works with Post models.", "modelType");
        }

        // Instantiate a post object, then bind values to each property
        Post p = new Post()
        {

            Title = LookupValue<String>(controllerContext, Concat(null, "Title"), modelState),
            Body = LookupValue<string>(controllerContext, Concat(null, "Body"), modelState),
            Slug = LookupValue<String>(controllerContext, Concat(null, "Slug"), modelState),
            CDate= LookupValue<DateTime>(controllerContext, Concat(null, "CDate"), modelState)
        };
        return p;
    }

}

[/code] 

 

Don't forget to register the Binder (there are four ways to register, check ScottGu's post).

[code:c#] 

protected void Application_Start()
      {
          ModelBinders.Binders[typeof(Post)] = new PostBinder();
          RegisterRoutes(RouteTable.Routes);
      }

[/code] 

Controllers

In this part, the AdminController appears to hold,  the admin tasks, which till now only include the following actions.

  • index : a default action redirects to the write action.
  • write : an action to be responsible for writing things (only have posts now), so it just redirects to posts.
  • writepost : renders a view to enable authenticated users to write posts and publish it.
  • addpost : a Http Post action which inserts the new post into the database.

 

[code:c#] 

[Authorize]
public class AdminController : Controller
{
    jBlogMvcDataContext jbdc = new jBlogMvcDataContext();

    public ActionResult Index()
    {
        //just a default redirection
        //maybe in future this should be configurable
        return RedirectToAction("Write");
    }
    public ActionResult Write()
    {
        //just a default redirection
        //maybe in future this should be configurable
        return RedirectToAction("WritePost");
    }

    [AcceptVerbs("GET")]
    public ActionResult WritePost()
    {
        Post p = new Post();
        return View(p);
    }

    [AcceptVerbs("POST")]
    public ActionResult AddPost(Post p)
    {
        if (!ViewData.ModelState.IsValid)
            return View("WritePost", p);

        try
        {
            Helpers.InsertPost(p);
            return RedirectToRoute("Posts", new { slug = p.Slug });
        }
        catch
        {
            Helpers.UpdateModelStateWithViolations(p, ViewData.ModelState,System.Data.Linq.ChangeAction.Insert);
            return View("WritePost", p);
        }
    }
}

[/code] 

More over, HomeController now has 2 more extra actions :

  • login
  • logout

just copied from the default template nothing new added.

Views

A lot of views are added this part, actually I am trying nesting master pages, one for the admin area overall, and the other for each module (like: write, manage, .. and so in wordpress), so I added :

  • admin.master
  • admin_write.master
  • writepost.aspx
  • login.aspx
  • _loginWidget.acsx

writepost.aspx

<%@ Page Title="Write Post" Language="C#" MasterPageFile="~/Views/Admin/Admin_Write.Master"
    AutoEventWireup="true" CodeBehind="WritePost.aspx.cs" Inherits="jBlogMvc.Views.Admin.WritePost" %>

<asp:Content ContentPlaceHolderID="head" runat="server">

    <script type="text/javascript">
        $(document).ready(function() {
        $("#fields").validate();});
    </script>

</asp:Content>
<asp:Content ContentPlaceHolderID="MainContent" runat="server">
    <h2>Write Post</h2>
    <form id="fields" action="<%=Url.Action("AddPost","Admin")%>" method="post">
    <table cellpadding="0" cellspacing="0">
        <tr>
            <td>
                <div id="postfields">
                    <p>
                        <label for="title">Title</label>
                        <%=Html.TextBox("Title", new { id="title",@class="required"})%>
                        <%=Html.ValidationMessage("Title")%>
                    </p>
                    <p>
                        <label for="body">Body</label>
                        <%=Html.TextArea("Body", new { id = "body", rows = "6", cols = "50", @class = "required" })%>
                        <%=Html.ValidationMessage("Body")%>
                    </p>
                    <p>
                        <label for="slug">Slug</label>
                        <%=Html.TextBox("Slug", new { id = "slug", @class = "required" })%>
                        <%=Html.ValidationMessage("Slug")%>
                    </p>
                    <p>
                        <label for="cdate">Creation Date</label>
                        <%=Html.TextBox("CDate", ViewData.Model.CDate.ToString("MM/dd/yyyy"),
                            new { id = "cdate", @class = "required date" })%>
                        <%=Html.ValidationMessage("CDate")%>
                    </p>
                </div>
            </td>
            <td id="tdsubmitbox" valign="top">
                <div id="submitbox">
                    <div class="buttons">
                        <button type="submit" class="positive">
                            <img src="../../Content/icons/tick.png" alt="" />Publish
                        </button>
                    </div>
                </div>
            </td>
        </tr>
    </table>
    </form>
</asp:Content>

_loginWidget.ascx

And it looks like this

logged in view                                  logged off

logged in widget not logged in

Utils

I added some code to perform the validation logic for custom business rules, this is the simplest implementation for this task copied from ScottGu's post, for more complex implementation scenarios I strongly recommend the following posts,

For client side jquery I used the validation plugin found here, Server side I used the small framework scott gu wrote in his post for simplicity.

Client side validation

And server implementation as well

serverSide

Moreover, The Helper Class (which acts as the business layer) has some additions in order to add a post to the database.

Css and designs

Css http://particletree.com/features/rediscovering-the-button-element/ and http://wordpress.org

Icons http://www.famfamfam.com/lab/icons/silk/

Summary

And thats all for this part, I have more and more features coming while writing this engine I have learned much till now, hope someone is learning with me too.

In this part, I used some features of the ASP.NET MVC to build an administration area, jQuery too was used on client side (validator plugin) so what do you think? you are most welcomed to leave comments.

Download version one : jBlogMvc_version_1.zip

If you liked this blog post then please subscribe to this blog.

Categories
jBlogMvc Uncategorized

Introducing jBlogMvc

ok

Long time no posts, well I was studying Sharepoint 2007 technologies and actually started a series for development a while ago I just managed to write two  introductory posts and didn't write more I have some ideas I'd love to share in sharepoint development which I hope to write about them some time in the future and complete the series. However, recently the new ASP.NET MVC framework has gathered some fame and actually I too got attached to it and I am keen to learn new technologies and so, also the jQuery javascript library has been the choice of most the .NET web developers community.

Its Time to Learn

So, I have read alot of blogs and articles on ASP.NET MVC which has a massive amount of resources (while not being beta yet), I also read the excellent book "jQuery in Action" and learned a lot from it I do recommend it for learning jquery. Now its time to utilize this learning in a simple application that experience the stuff I read about, then I stumbled across this article Want To Learn Web Programming? Write A Blog Engine so be it, I will build a (Simple-Fully featured) blog engine in order to learn more and use these two new kids on the block.

Of course, I will use ASP.NET MVC, jquery and finally I will use Sql Express as the datastore and Linq to Sql for dal.[more]

Where I learn from

Before starting building my blog series I would like to share the blogs I read to learn from ASP.NET MVC

  1. Storefront MVC Series by Rob Conery.
  2. Stephen Walther Excellent MVC Tips and Forum series.
  3. Of course Scott Gu's mvc announcements and demos.
  4. Phil Haack blog.
  5. Steve Sanderson
  6. Emad Ibrahim the creator of Yonkly the open source twitter clone built on ASP.NET MVC and jQuery.
  7. Matt Hawley
  8. ASP.NET MVC tagged articles on DotNetKicks
  9. The Official ASP.NET MVC forums.

Let's start

So, what's jBlogMvc? its a small blogengine I am going to build in an agile process, jBlogMvc if you haven't notice j stands for jQuery, Blog for the engine itself  and Mvc for the ASP.NET MVC. I say here that this engine will be simple and complete I will try to add features as much as possible and build it in an extensible way like modern blog engines to enable themes, widgets and plugins. Also I need to point that the work on this blog engine is totally inspired from the great open source blog engines which include BlogEngine.NET, WordPress and other non blog engines as yonkly and many others.

What will part 0 cover ?

Other than announcing the blog engine, in this part I will have a version 0 that will have the following:

  • Vistor
    • Viewing posts By Chronological order.
    • Viewing individual posts.

Ok show me some code!

Too much talking lets get to the code now, ok the solution is as shown in the figure consisting of the following :

 solution

The database

For this ZERO part I didn't include much for the blog engine, the only table I included is the Post table as shown below, I do believe this table will be expanded more by time and more parts in the series.

database

Routes

[code:c#]

public static void RegisterRoutes(RouteCollection routes)
        {
            routes.IgnoreRoute("{resource}.axd/{*pathInfo}");

            routes.MapRoute(
                "Posts",
                "post/{slug}",
                new { controller = "Home", action = "post" }
            );

            routes.MapRoute(
                "Default",
                "{action}/{id}",
                new { controller = "Home", action = "Index", id = "" }
            );

        }

[/code]

Models

Just added here a dbml file (Linq to Sql DataContext) , and I added a PostEx.cs file and added a property for the Post, God Bless partial classes. PostEx.cs as shown in Listing 2.

[code:c#]

public partial class Post
    {
        public string RelativeLink
        {
            get
            {
                return VirtualPathUtility.ToAbsolute("~/post/") + Slug;
            }
        }
    }

[/code]

Controllers

For now I only have one controller the HomeController which has simply 3 actions for now.

  • index : Renders a view with all posts sorted in a chronological order
  • post(slug) : Renders a view for the post with a matching slug if not found it renders error404 view
  • premalink(guid) : Renders a view for the post with a matching guid if not found it renders error404 view

HomeController as shown in Listing 2.

[code:c#]

public class HomeController : Controller
    {
        /// <summary>
        /// Renders a view with all posts sorted in a chronological order
        /// </summary>
        /// <returns></returns>
        public ActionResult index()
        {
            var posts = Helpers.GetPostList() ?? new List<Post>();
            return View(posts);
        }

        /// <summary>
        /// Renders a view for the post with a matching slug
        /// if not found it renders error404 view
        /// </summary>
        /// <param name="slug">Post slug to be matched</param>
        public ActionResult post(string slug)
        {
            var post = Helpers.GetPostBySlug(slug);
            return post != null ? View("single", post) : View("error404");
        }

        /// <summary>
        /// Renders a view for the post with a matching premalink
        /// if not found it renders error404 view
        /// </summary>
        /// <param name="id">Post premalink to be matched</param>
        public ActionResult premalink(Guid id)
        {
            var post = Helpers.GetPostByPemalink(id);
            return post != null ? View("single", post) : View("error404");
        }
    }

[/code]

Views

The solution now contains one master page for the overall site, three views, and one usercontrol

  • site.Master : gives the overall look and feel for the site
  • index.aspx : renders all posts.
  • single.aspx : renders a single post.
  • error404.aspx : to be rendered when a request to a non matching post slug or premalink
  • _postView.ascx : the post template to be used

Utils

Two classes that help me

  • Config: Contains some static properties that read from hard coded strings (in a version coming up should read from the web.config or even a database table).
  • Helpers: just some common helper methods.

Config File

[code:c#]

public class Config
   {
       static public string BlogName { get { return "My Blog Name"; } }
       static public string BlogDescription { get { return "This blog is built using the ASP.NET MVC framework."; } }
       static public string BlogUrl { get { return VirtualPathUtility.ToAbsolute("~/"); } }
       static public string Version { get { return "0.1.0.0"; } }
   }

 

[/code]

 

Summary

In this part, I just announced jBlogMvc the ASP.NET MVC and jQuery blogengine which I build in order to learn more about the two new technologies (at least for me), so what do you think? you are most welcomed to leave comments.

Download version zero : jBlogMvc_version_0.zip (624.80 kb)

If you liked this blog post then please subscribe to this blog.

Categories
Sharepoint Uncategorized

SP Dev part 2 : Understanding Sharepoint Custom Pages

NOTE: If you haven't read the first post in this series, I would encourage you do to that first, or check out the Sharepoint category. You can also always subscribe to the feeds.

The Sharepoint 2007 System introduces two types of pages the first type usually called Application Pages and other type called Site Pages.

As a sharepoint developer you should know both of these types of pages and when to use them, so let me define them here briefly and show some differences between them to help you decide which type of pages you will want to use when developing in sharepoint.

Application Pages

Application Pages are non customizable and are found in  the C:Program FilesCommon FilesMicrosoft Sharedweb server extensions12TEMPLATELAYOUTS, its worthy to note that this physical directory is mapped to the virtual _layouts directory whenever WSS/MOSS creates a new Web application in the IIS. By using this mapping scheme along with some additional processing logic, the WSS/MOSS runtime can make each application page accessible within the context of any site in the farm.

When building custom application pages you should use the Microsoft.Sharepoint.LayoutsPageBase as a base class and should be content pages that reference to the ~/_layouts/application.master master page, Application Pages might include in line code or have a code behind file compiled in a dll, to deploy application pages they should be the LAYOUTS directory and all custom code dlls either in the GAC.[more]

Standard Application Pages in the WSS

Site Pages (Content Pages)

Site Pages can be customized on a site-by-site basis. default.aspx page in the Blank site is considered a site page as well as the AllItems.aspx used in lists. When customizing site pages this might lead to hundreds of versions of one site pages, site pages have only one physical version and all customized pages reside in the Content Database of the Web Application. This leads us to one important optimization point known as page ghosting, imagine that you have just created 100 new WSS sites from the Blank Site template. If none of these sites requires a customized version of its home page (default.aspx), would it still make sense to copy the exact same page definition file into the content database 100 times? Ofcourse not, rather than copying 100 version of the same page in the content database, the WSS runtime can load the page template from the file system of the Web server and use it to process any request for an uncustomized page instance. Therefore, you can say that page ghosting describes the act of processing a request for an uncustomized page instance by using a page template loaded into memory from the file system of the front-end Web server.

Security consideration : Since the site page can be customized for every customized version, a copy must be stored in the content database, which in turn raises a security issue what if a user having an administrator permission and tries to write in line code within a customized version. This security concern is dealt in WSS by having a default policy that prohibits in line scripting in site pages. The default policy also runs site pages in a no-compile mode, which means they are not compiled into DLLs.

 

Conclusion

In this part I just scratched the 2 types of pages used in the Sharepoint System I have to say that there is more and more to talk about on this topic which I will write more through this series.

Categories
Sharepoint Uncategorized

SP Dev part 1 : Sharepoint 2007 Development model {Features}

Sharepoint A new feature in the Sharepoint 2007 is the "Feature" development style which means that every tiny and huge development task in the sharepoint is considered a "Feature".

Features can be activated or deactivated through a site administrator, which enables the very simple turn on/off of anything in the site.

Features are used for developing anything starting from a small button to a full site definition and tons of files and functions including webparts, workflows, lists, pages, content types, document libraries and others. I will try to include the development of all these topics in this series wish me luck and provide feedback. [more]

For a start I will show here in this part how to get started with the feature development and the basic elements and files needed for a developing and deploying a sharepoint feature.

Before opening the Visual Studio and starting to code, knowing what the files and where will they be deployed on the server will be mandatory. A very basic feature will include 2 xml files one named feature.xml and the other will hold the elements of this feature usually named elements.xml or elementsManifest.xml, consider that the files for any feature must be deployed in their own special directory inside the WSS system directory named FEATURES. The FEATURES directory is located inside another WSS system directory named TEMPLATE.

C:Program FilesCommon FilesMicrosoft Sharedweb server extensions12TEMPLATEFEATURES

In our Hello sharepoint feature we will make a very basic feature named HelloSharepoint that when activated will add menu item in the SiteActions menu that will redirect to google.

Feature.xml

<Feature
Id="{INSERT-GUID-HERE}"
Title="Hello Sharepoint Feature"
Description="This is a custom feature which adds a custom item to link to google"
Scope="Web"
Hidden="FALSE"
ImageUrl="google.gif"
xmlns="http://schemas.microsoft.com/sharepoint/">
<ElementManifests>
<ElementManifest Location="ElementsManifest.xml" />
</ElementManifests>
</Feature>

As shown above the feature.xml looks very simple, only Id and Scope are the two required attributes and all the others are optional and a full list can be found here.

ElementsManifest.xml

<Elements xmlns="http://schemas.microsoft.com/sharepoint/">
<CustomAction
Id="SiteActionsToolbar"
GroupId="SiteActions"
Location="Microsoft.SharePoint.StandardMenu"
Title="Hello Sharepoint"
Sequence="100"
Description="A custom menu item links to google"
ImageUrl="_layouts/images/google.gif" >
<UrlAction Url="http://www.google.com"/>
</CustomAction>
</Elements>

And the elementsManifest.xml here describes the elements to be installed with the feature and we only define one element (a CustomAction) you find a bunch of types of elements to be added here.

That's all we are done with building our very first feature inside the WSS/MOSS world, I know some of the attributes here seem vague and other seem simple anyway I will try to put a part or two for only discussing these files with their various options.

 

Deploying the feature

 

  1. Copying the feature files (feature.xml and elementsManifest.xml) in the Features server path
    C:Program FilesCommon FilesMicrosoft Sharedweb server extensions12TEMPLATEFEATURES , and the google.gif in the C:Program FilesCommon FilesMicrosoft Sharedweb server extensions12TEMPLATELAYOUTSimages
  2. Running STSADM.EXE operation to install the feature with WSS/MOSS "stsadm -o InstallFeature -filename HelloSharepointfeature.xml -force"
  3. Restarting IIS
  4. Finally, activating the features within the site administration

SPpart1.zip (6.74 kb)

Categories
BlogEngineDotNet Uncategorized

Upgraded to BlogEngine 1.4.5

Finally working with fully featured BlogEngine on godaddy the BlogEngine v 1.4.5 has been released and I had the time to update my blog, and finally works as a charm with godaddy shared hosting.

Some features that didn't work with the 1.4 version was the whole new widget system, Profiles and anything that used the BinaryFormatter at the end, which needed a high or full trust while godaddy shared hosting only allows meduim trust.

In version 1.4.5 Mads and the team removed all the BinaryFormatters references and used normal xml serializers save the widget and extension settings.

For all blogengine users using shared hosting, go ahead v 1.4.5 works out of the box, and also check the new features released in the latest version.

Categories
Sharepoint Uncategorized

Beginning Sharepoint 2007 Development

I mentioned a long while ago that I will work on some sharepoint and workflow foundation in order to enlarge my development knowledge base, I learned some stuff on the way may be all sharepoint and workflows beginners already know them but I love to share them for others.

I will start another series for sharepoint development (for beginners as myself) so If anyone out there finds out a better approach for anything I write or correction welcome for commenting on the posts so all can benefit too.

This series will start with introductory posts that are needed to understand the architecture and object model of sharepoint, these introduction points are all over the web and blogs of sharepoint pros, I will write them again in my wa, then proceed with some basic development then advanced, I don't have an outline for the posts I am gonna write I have some ideas any reader is welcome to add in comments any topic related to sharepoint development wants me to write about, hoping this series be useful like my older one Design Time Support of Custom Controls, so wish me luck.

 

Categories
My Site Uncategorized

Have been tagged

This blog has been idle for some while, I was very busy, out of mood, studying for my masters and reading new technologies (for me like workflow and sharepoint development and some WCF). I didn't know what time my blogging mood will be back, until my friend Moses insisted to get me back and tagged me in the how I got started in software development, that started a while ago by Michel Eaton. So here we go.

How old were you when you started programming?

10 years old (12 years ago).

How did you get started in programming?

My father used to make simple programs using C that showed dots and stuff I dont get till now Smile, he used to let me write for him some code. Few years more my sister joined computer science and had assignments to program C++ application thats when I really got involved and started to read.(16 years old)

What was your first language?

By that time it was C. 

What was the first real program you wrote? 

My very first own program I wrote was the famous star pyramid using C++, My first windows application and favourite is the MineSweeper, which is my helloworld application that I used for many languages, I used to have the following minesweeper versions (WinForms, WPF, Assembly, Silverlight, OpenGL, DirectX, javascript).

What languages have you used since you started programming?

C, C++, VisualBasic.Net, C#, Java, Assembly, Prolog, Javascript, HTML/XHTML, XAML and lot of other technologies related to development not considered programming language.

What was your first professional programming gig?

Was 4 years ago, I used C# for building winforms applications connecting to databases in my summer training that time.

If you knew then what you know now, would you have started programming? 

OfCourse. I code with passion, love blogging and exploring new technologies around the block. I could have never imagined myself anything other than what am I in now.

What is the one thing you would tell new developers?

Code for fun not for money. Have a life. Don't forget to lie to girls &  Buy your RayBan as Mads said I already got mineCool thank you Mads.

What's the most fun you've ever had … programming?

Building my very first Minesweeper and talking about it to my very best friend that time.

Now what ..?

First, I'd like to thank my friend Moses for not only tagging me but for making me get back to the blogging mood, I hope to continue blogging regularly like old days.

Second, I'd like to pass this to my favourite bloggers, most of them already have been tagged, I recommend you reading them too, Dave, Matt, Mads, Moses, Joe and Keyvan. And now I tag Bashmohandes to write his story.

Anyone reading this and wants to write about his story just head straight to Michel's post and write him a comment.

Categories
Uncategorized

Moving to Sharepoint and Workflow

My blog has been quiet for a long time now, I had a crowded month I didn't get the time to write anything but I am back to writing I hope so.

Last month I had some working tasks on new technologies (for me) , a new course to study for and of course all my PreMasters studies in my university.

So, I think my focus next blog post will be on the new stuff I learned about Sharepoint 2007 and workflow foundation hope I can write something useful.

By the way I have just passed the 70-631 Exam TS: Configuring Windows SharePoint Services 3.0. So I have a new MCTS in my transcript.

Categories
BlogEngineDotNet Uncategorized

Yet another BlogEngine.NET feature that I love

A while ago, Al Nyveldt wrote a post on 5 things he loves about BlogEngine.Net  and I totally agree with him on all the 5 and more coming in the future releases,  Mads Kristensen too wrote and made a video on a the widget framework on a nice feature coming up in the next version of blogengine.net.

BlogEngine.Net is built to take advantage of standards, one standard I loved that is implemented in BlogEngine is the OpenSearch 
standard.[more]

The cool thing about this standard is that modern browsers are able to detect it and have the option to add the search through the blog.

Internet explorer 7  firefox 2

The opensearch standard is an xml document written in a special format you can see mine here.

And when I search through the browser I am sent to this :

search

So to implement opensearch in your site, (should have something to search in) you need to do these 2 steps.

  1. Build an opensearch format xml file.
  2. Attach the file from your homepage using the appropriate tag in the head section, like the following.
<link title="Amr Elsehemy's Weblog" type="application/opensearchdescription+xml" 
href="http://www.amrelsehemy/opensearch.axd" rel="search"/>

Thats All.

Categories
ASP.NET Uncategorized

ASP.NET Security : 2- More Basics

In my previous post I showed that ASP.NET application goes through 3 security context levels and discussed the first one :

  1. IIS Level
  2. ASP.NET worker process level
  3. ASP.NET pipeline level

In this post, I will talk a little on ASP.NET worker process level, before starting I would like to point out the development environment we use, the development machines run windows XP and IIS 5.1, the server runs windows server 2003 on IIS 6 of course, so I need to point out the differences. [more]

2- The Worker Process Context :

IIS 5

After IIS authentication, if the request is for ASP.NET (.aspx, .ashx, ….etc. ) the IIS thread sends the request to aspnet_isapi.dll which starts the aspnet_wp worker process. This worker process runs under the ASPNET account. ASPNET account is a local account created when the .NET Framework is installed. ASPNET has minimum privileges to be able to run an ASP.NET application which you can know in this article :
from http://www.microsoft.com/technet…..mspx
You can change the identity from ASPNET to other one using the section in machine.config

	<processModel userName="xxx" password="XXX"/>
	
IIS 6

In IIS 6, the model is changed where the incoming request in first queued to the application pool that the website is hosted in, then the w3wp.exe worker process servers it.
This time rather than the ASPNET account a new one was introduced named NETWORK SERVICE with the same minimum privileges. To change the this account from the IIS manager, the Application Pool properties > Identity Tab as shown in figure, Read More on Application Pools.

iis pool identity

Next in the worker process, one of the pooled threads picks the request. This thread will by default inherit the identity of the worker process itself defined before, this happens when impersonation is disabled, while if it is enabled the thread will take the identity handed by the IIS, shown in the previous post.

To enable impersonation use this section in web.config

<identity impersonate="true"/>

read more about it on How to implement impersonation in an ASP.NET application

Note: If the impersonation is enabled, the worker process account doesn't change, but impersonation is only used with the code executed in the page, where any database access or file access uses the impersonated account.

Next the last security context level is handled the request and executes, next post I will show preliminary information on the ASP.NET pipeline level.