Jsp, Tomcat, J2Ee, Linux Web Hosting, Hibernate Programming Blog

The tags for a control really don t look like much, especially if you just keep the default settings for the control. In fact, from looking at the tags in Source view, you d wonder how they accomplish anything at all there s really not much to them. But, as is often the case, first appearances don t tell all. There are actually lots of attributes and settings hidden inside the … tags. These attributes are just intentionally hidden so as to avoid cluttering up the Source view of the page. If you switch back to the Design view, and use the control s Common Tasks menu to convert the control to a template, the … tags in Source view will change, often dramatically. Even if converting a control to a template has absolutely no visible effect on the control in Design view, chances are the switch has had a big effect on the content of the … tags. For example, when you convert a Login control to a template, and switch to Source view, the number of tags between the Login control s opening and closing asp tags increases dramatically. In fact, I can t show all the tags here they d take several pages to display. Included in the expanded template view of the server control are the actual HTML tags used to render the control in the user s Web browser. You can edit any attribute in any tag you like (you can even design your controls that way). In Design view, choosing Reset from the Common Tasks menu collapses the control back to its smaller size in Source view. But remember, the Reset option also cancels out any customization you did while in the template view. I imagine most people would find it tedious to design things by tinkering with individual attributes in a templated server control. But then again, it all depends on your background and experience. There s no rule that says you must work in Source view. But you can if you want to do what works. Relaxing Password Constraints By default, Visual Web Developer requires that passwords be at least seven characters long and contain at least one non-alphanumeric character. This provides for strong security perhaps stronger than your site really needs. If you re not storing personal or financial information about users, you may want to relax the rules a little so users can make up passwords that are easier for them to remember. Chapter 7: Working with ASP.NET Controls 149
Note: In case you are looking for affordable and reliable webhost to host and run your j2ee application check Vision j2ee hosting services

remember. You can create the account using either the Web Site Administration Tool, or your CreateAcct.aspx page. It doesn t matter which you use because the result will be the same: The user is added to the database. Server Controls in Source View When you drag a server control from the Toolbox to the page, you add a pair of … tags that define that control to the Source of your page. You can see for yourself by clicking the Source button after adding a server control to a page. For example, the tags representing a Login control would look something like this: Most of the server controls you create should follow the same general syntax, as summarized here: where controlType is the type of control, and matches the name shown in the Toolbox. yourName is the name that uniquely identifies the control. VWD creates a default name, such as Login1. You can replace the default name with a name of your own choosing. runat= server identifies the item as a server control, to be executed on the Web server rather than on the client computer. Figure 7-21: Testy is added to the Site Members role. 148 Part II: Building Your Web Site
Note: If you are looking for high quality webhost to host and run your jsp application check Vision christian web host services

The new LoginView control at the top of the Master Page is a big help in that regard. Because any time you open in a Web browser a page that uses that Master, you ll see your current status right away. If you re currently testing things out as an anonymous user, you ll see a Login link in the Master, as shown at the top of Figure 7-20. When you re testing things out as a logged-in user, you ll see Hello, your current user name, and a Logout link, as shown at the bottom side of that same figure. Keep in mind, too, that any user accounts that you create through the CreateUserWizard control are actual user accounts that will be stored in the database. You can view all current user accounts at any time via the Web Site Administration tool. Here s how: 1. From Visual Web Developer s menu bar, choose Website . ASP.NET Configuration. 2. In the Web Site Administration tool, click the Security tab. 3. Click Manage Users. 4. To see what role any user is in, click the Edit Roles link in that user s role. For example, in Figure 7-21 I created a new user account for a hypothetical user named Testy. Clicking the Edit Roles link for that user shows that the user has indeed been added to the SiteMembers role, as per the code added to the page to ensure that each new user is assigned to the SiteMembers role. Because there s no way to recover a forgotten password on your local PC, if you forget the password for any sample user account you create, your best bet would be to just delete the account by clicking the Delete User link next to the account name. Then you can re-create the account with a password you ll Figure 7-20: Login View control as seen by anonymous user (top) and authenticated users (bottom). Chapter 7: Working with ASP.NET Controls 147
Note: If you are looking for high quality webhost to host and run your jsp application check Vision florida web design services

In the figure, I applied the Classic scheme to the ChangePassword control, just to give it some color. But even that step is optional. The control doesn t require any further configuration, so you can just close and save the page. Testing Membership At this point, you have built some more of your site s membership infrastructure. When you test pages by viewing them in a Web browser, you will be experiencing the site exactly as strangers who are visiting the site will experience it. That can be very confusing if you forget about the access rules you defined back when you were first configuring membership. For example, if you right-click the ChangePassword.aspx page and choose View in Browser, you might be shocked to discover that the ChangePassword.aspx page doesn t open. Instead, the Login.aspx page opens! Most confusing indeed! But it s not an error or a problem. It s the way things are supposed to work. Here s why. Any page that s stored in the MemberPages folder is off-limits to anonymous users (assuming you created an access rule to make it off-limits, as described in Chapter 3). When an anonymous user attempts to open a page in the Member Pages folder, she is automatically redirected to the Login.aspx page. If you re not signed into an account when you try to open ChangePassword.aspx, the same rule applies to you. Opening ChangePassword.aspx automatically redirects you to Login.aspx. If you sign into a user account on the Login.aspx page and click the Submit button, then you ll be taken to the ChangePassword.aspx page. It s important to understand how that works, otherwise you ll drive yourself absolutely batty trying to open members-only pages from the standpoint of an anonymous user, because every page you try to open will take you to Login.aspx until you actually log into a user account. Drag Figure 7-19: Change Password control added to a page. 146 Part II: Building Your Web Site
Note: In case you are looking for affordable and reliable webhost to host and run your j2ee application check Vision j2ee hosting services

The ChangePassword control As its name implies, the ChangePassword control lets a logged-in user change her password. Unlike other pages you ve created in this chapter, a Change Password page applies only to logged-in users. An anonymous user can create an account and password, using the CreateAcct.aspx page described earlier. An anonymous user can also recover a lost password, assuming he or she has set up an account in the past and has simply forgotten their password. That user would access the RecoverPassword.aspx page to get their password. But again, you won t be able to really put RecoverPassword.aspx to the test until after the site is on a Web server. Because only logged-in users can change their password, you can put the page that allows password changes into the protected MemberPages folders. The other pages described in this chapter, CreateAcct.aspx, Login.aspx, and RecoverPassword.aspx, need to be in the root folder, or some other folder to which anonymous users have access. To put the ChangePassword.aspx page in the MemberPages folder, rightclick that folder name in Solution Explorer and choose Add New Item as shown in Figure 7-18. In the Add New Item dialog box that opens, be sure to choose Web Form. I named my page ChangePassword.aspx, but you can name yours as you see fit. As with any page, you can add text, tables, pictures, or whatever to make it look however you like. The only control you must add to the page is a ChangePassword control. Just drag that control name from the Login category of the Toolbox onto the page, as shown in Figure 7-19. Figure 7-18: About to add a new page to the Member Pages folder. Chapter 7: Working with ASP.NET Controls 145
Note: If you are looking for best quality webspace to host and run your tomcat application check Vision virtual web hosting services

But keep in mind that I said it may be something as simple as that. Only your hosting provider can tell you specifically what s needed to get your Password Recovery control to work on their Web servers. Furthermore, and this is important enough to put in a warning: If you add the tag shown above to the Web.config file on your local PC, you might create a situation where your site doesn t work at all. Wait until you ve actually posted your site to a Web server to configure SMTP mail for your site. Even though you can t put the RecoverPassword.aspx page to the test yet, you still need to provide a link to the page so that once the page is published, people can get to the page. And ideal place for the link would be the Login. aspx page, where users will likely first discover they ve forgotten their password. Figure 7-17 shows an example where I ve added a link to the Login. aspx page that asks if the user has forgotten his password. The target of that link is the RecoverPassword.aspx page. Figure 7-17: Forgot your password? This link was added to Login. aspx. 144 Part II: Building Your Web Site Testing RecoverPassword on your Local PC I don t mean to imply that it s absolutely impossible to test the RecoverPassword.aspx page on your local PC. The fact is, if you know how to configure IIS, understand virtual directories, and have access to an e-mail server, you could get the control to work. However, doing so doesn t really solve anything because getting the control to work on your local PC is irrelevant. The control only needs to work on the Web server. Even if you did get the control to work on your local PC, you d probably still have to reconfigure on the Web server to get it to work in your actual, live Web site.
Note: In case you are looking for affordable and reliable webhost to host and run your j2ee application check Vision web and email hosting services