Skip to main content

70-562 Security Trimming

Security Triming is achieved by putting a web.config in each folder... each aspx file has its own folder denies * all users, and db tables in the app_data folder can be maintained with the website administration tool
wwebadmin tool can be started from website->configuration then you click on the security link, then manage users so there's two layers of security, the ones in the app_data folder and the ones in web.config that overide
app_data.

Web adminstration tool can use both both form and windows authentication, windows is handled by iis there is a control for the login button, and one to display the login user user in the sitemap section of the web.config needs to say securityTrimming enabled if a node doesnt have a page associated with it, the node needs to have roles attribute to allow to access to any pages in it's subfolder, or is this just to show the menu item in the sitepath control?

Giving roles to a sitemap node just show the node doesnt give access to the page, this is done in the child web.config files

Comments

Popular posts from this blog

Rxjs Forkjoin vs Zip

These Rxjs combination operators are handy to make Rest calls in parallel and combine their results. Both take n observables and will return the results, with the difference that forkJoin will complete even if one of the nested observables errors of completes.

React JS Patterns

React JS is always evolving, and evolving quickly. These evolutions can be very significant ones, for example, the addition of hooks. React has a lot of code patterns, often these patterns are motivated by the DRY and/or the open-close principle. These patterns sometimes come in to replace a previous one, yet the previous ones still stays in use, as a consequence, the list of patterns keep growing. The goal of the next few posts will be to list the patterns commonly used in React JS developpement. Some patterns are more specific to JSX and I will start with these, and maybe add patterns specific to Redux.

Object.create vs. Object.Assign

The two functions return a new Object but with a difference. Object.assign will go through an enumerable and copy it's properties. Object.create will create a new empty object but link it's proto chain to the old object. One way to view this is with JSON.stringify(newCreatedObject) this would return an empty object, since all the properties are not part of the object's own properties, but inherited through prototype inheritance. In both case, the advantage is it allows to extended existing objects without modifying the original. This is particularly important when receiving arguments from a caller, in this case it's better to use these methods instead of modifying the caller's object since he might have planned to use it again later, expecting it to be in it's original state.