PowerBuilder Developer Journal 2009年4月刊:PB技术精华
需积分: 3 113 浏览量
更新于2024-08-02
收藏 9.38MB PDF 举报
"这是一期来自2009年4月的《PowerBuilder Developer Journal》(PBDJ),是专门关注PowerBuilder技术的权威杂志,自1994年以来一直提供PowerBuilder信息来源。该期杂志由一系列专业编辑、顾问团队支持,包括Bruce Armstrong、Loren Corbridge等人。内容涵盖各种技术文章、教程和行业动态,旨在帮助读者掌握最新的PowerBuilder技术和趋势。"
在这一期中,你可以期待以下内容:
1. **封面故事与主题文章**:虽然具体的文章主题未给出,但通常PBDJ会包含深入的技术讨论,可能涉及PowerBuilder的最新版本更新、开发工具的优化、性能提升技巧,以及如何利用PowerBuilder进行高效的应用程序开发。
2. **专题报道**:可能会有关于特定领域的PowerBuilder应用,如数据库集成、用户界面设计、移动开发或者Web服务等方面的实践经验和案例研究。
3. **专家专栏**:由Bruce Armstrong作为主编,可能会有他本人或编辑顾问团队的专家撰写的专业观点和建议,分享他们在PowerBuilder开发中的经验和见解。
4. **开发者实践**:杂志可能包含来自社区的开发者贡献的实战技巧、代码示例和问题解决方案,这些内容对初级到高级的PowerBuilder开发者都极具价值。
5. **广告与市场动态**:广告部分可能会展示新的PowerBuilder相关产品、服务和工具,以及行业内的活动和会议信息,帮助读者了解市场动态和新产品。
6. **活动与会议**:事件经理和团队可能在杂志中宣传即将举行的PowerBuilder研讨会、用户组会议或其他技术交流活动,为读者提供参与学习和交流的机会。
7. **设计与制作**:高质量的设计和布局,由Art Director Abraham Addo领导的团队负责,确保杂志内容的视觉吸引力和易读性。
这期PBDJ是PowerBuilder开发者、爱好者和专业人士获取专业信息和同行经验交流的重要平台,通过它,读者可以保持对PowerBuilder这个强大开发工具的最新进展和最佳实践的了解。
PBDJ APRIL 2009 | POWERBUILDER.SYS-CON.COM
PAGE 6
POWERBUILDER.SYS-CON.COM | PBDJ APRIL 2009
PAGE 7
modifi cations. Even after putting in that effort,
you often fi nd yourself having to modify the code
and user interface components that consume the
membership data, such as screens for logging in,
editing user profi les, retrieving passwords, etc.
It was with this hardship in mind that the SQL
Membership Provider was born.
Using Visual Studio and a simple command-
line command, a Web site can be created that
provides functionality and user interface com-
ponents for authentication, profi le editing, and
password management capabilities using SQL
Server 2005 or SQL Server Express as a data store.
Passwords are secured by being stored hashed
or encrypted, by enforcing a “password lockout”
policy, and by requiring security questions and
answers to reset. The best part is that all of this
functionality can be provided without the devel-
oper writing a single line of code.
There are not many cases where “one size fi ts
all,” and membership functionality certainly falls
into that category. Fortunately, customizing the
Membership Provider is almost as simple as using
its default confi guration. Basic customization can
be handled in the confi guration fi le for the Web
application, still not requiring any user-written
code. For instance, you can confi gure whether
a security question must be answered before a
password is reset by setting the requiresQues-
tionAndAnswer attribute of the membership
provider’s “add” element. The PasswordRecovery
control then works with the membership provider
and adjusts its user interface by adding steps to
the password recovery “wizard” to prompt for the
security question confi gured by the user and to
validate the answer provided.
If the application needs to draw on information
from a proprietary source, such as a company’s
internal user management application, a custom
membership provider can be created. When
implementing a membership provider, the devel-
oper is responsible for, and has complete control
over, all aspects of the process. From connectiv-
ity to the data source, to password protection, to
creating new users; each step requires explicit
implementation. Fortunately, once completed,
the provider can be plugged into the Web site via
the Web confi guration and will work seamlessly
with the existing membership controls. While this
method offers a great deal of control and fl exibil-
ity, it requires a fair amount of effort for someone
who needs only minor functionality changes that
are not confi gurable using the existing providers.
Thanks to the provider model and object-ori-
ented programming, there’s a much easier middle
ground.
To demonstrate the ease with which a Mem-
bership Provider can be customized, it’s best to
consider a real-world example. The standard SQL
Membership Provider has a great deal of function-
ality to protect and manage Web site passwords.
With nothing more than confi guration, passwords
can be protected and stored using a one-way
hash so that even database administrators cannot
retrieve them. To grant access to a user who has
forgotten his password, a new password must be
created. This is typically done via the Password
Reset Web Control, which implicitly uses the Reset-
Password method of the SQL Membership Provider
to auto-generate a new password and send it to the
user in an e-mail message.
Your password has been reset. Please return to the site and
log in using the following information.
User Name: JoePiccirilli
Password: :mits(*^w?C[@m
As you can see, the default reset password func-
tionality creates a strong password based on ran-
dom characters that include letters, numbers, and
special characters. While this implementation
offers great protection, it also has many usability
issues. For a user to type this password, he has to
distinguish between characters that appear simi-
lar (1 vs. I, 0 vs. O, etc.) Some users might even be
challenged to simply fi nd the characters in ques-
tion. Even the option of copy-and-paste falls short
if you aren’t careful. The default selection logic
of many mail clients will try to select all of the
characters after and excluding the leading colon
“:” in the password above. After too many invalid
attempts, the user could be locked out of the
site, causing more frustration. The Membership
Provider gives you some control over passwords,
such as minimum password length, minimum
required non-alphanumeric characters; even
a password-strength regular expression. If you
want to allow strong passwords while resetting to
more basic passwords, you need to move beyond
the native capabilities of the SQL Membership
Provider.
To customize the SQL Membership Provider,
you start by creating a new class that inherits
from the existing SQLMembershipProvider class.
public class MembershipProvider : SQLMembershipProvider
FEATURE
W
ith the release of ASP.NET 2.0, Microsoft
introduced Web developers to the “pro-
vider” model that addresses common
application infrastructure needs using a system of
pluggable modules adhering to common inter-
faces.
ASP.NET shipped with modules to cover Mem-
bership (authentication), Roles (authorization),
Sitemap (navigation), and others. These mod-
ules work with each other, and with many of the
controls included in Visual Studio, to drastically
reduce the amount of code needed to perform
the functions that nearly every Web application
requires.
Each provider shipped with multiple imple-
mentations to cover the most common develop-
ment and deployment scenarios. More impor-
tantly, the providers were built in a way that lets
developers customize key elements of functional-
ity without having to write an entire provider from
scratch and without having to worry about any
other code that consumes it.
I will be talking specifi cally about the SQL
Membership provider that handles authentica-
tion and user management functionality using a
SQL Server database as the membership reposi-
tory. I’ll provide examples of how to customize the
behavior of the provider using very little code.
Anyone developing membership-based Web
sites has likely found himself writing code to
manage users. Those who are industrious enough
(or simply tired of the pain) may take it one step
further and write more generic code that can
be plugged into different sites with only minor
Customizing the .NET SQL
Membership Provider
How to customize the behavior of the provider
using very little code
JOE PICCIRILLI
剩余18页未读,继续阅读
2008-12-17 上传
点击了解资源详情
2008-12-19 上传
2022-09-20 上传
2022-09-19 上传
114 浏览量
2359 浏览量
JACKDAMAO
- 粉丝: 0
- 资源: 9
我的内容管理
展开
最新资源
- DWR中文文档v0.9
- Oracle 概念 第一章 概述
- 深入浅出linux driver编写
- C++职业程序员必备手册
- LPC2114/2124/2212/2214中文手册
- windows mobile 6.1注册表修改技巧
- 最新.net软件工程师面试题(自己辛苦整合)
- c++ 探秘 之 c++ viewer -2 (难找的好刊)
- loadrunner教程
- DSP实验指导书,CCS的安装使用等,适用于DSP系列,如DSP2407,DSP2812等
- c++ 探秘 之 c++ viewer -2 (难找的好刊)
- Practical.Apache.Struts2.Web.2.0.Projects.pdf
- Linux编译内核详解
- WCF入门 (Windows Communication Foundation)
- c++ 深入探秘 之 c++ viewer-1
- 汇编讲解 电子书 txt
