ADGroup Verification in ASP.NET Web Applications

Normally in Enterprise level , users will be provided access at the ADGroup level for the application that are hosted at the intranet and internet. The web application will contains the access related code. There are two to check this access at ADGroup.
1. LDAP QUERY
2. Net inbuilt method

The first one LDAP approach is more time consumable. Also to add more value, we will be using a service account to pull the Active Directory information. This is risk, we are pulling firm sensitive data from the Active Directory. Moreover to check a single ADGroup, we are pulling all the existing and verifying it via loop. This is a bad practice. And causes Performance issues.

The Dotnet inbuilt function IsInRole is simplest way to achieve this. we need to know the domain name where the ADGroup is in place. The syntax for this goes like this.

bool IsHavingAccess = HttpContext.Current.User.Identity.IsInRole(domain\Adgroup);

This will help us to just verify the access security and provide the result. So by using this method, we are nowhere pulling sensitive information and logic will be very fast. Hope this helps.

CodeProject

Dynamically assign a function to event in javascript

In javascript, using code we can assign function to the events of the elements.

In general, we can assign the function name to the event name directly, Please see the below example.

var element = document.getElementById("testElement");
element.onclick = DynamicFunction;

function DynamicFunction()
{
 alert("sample function");
}

Consider a scenario where you have to assign a function with parameters. we cannot do in the below mentioned way. this will throw a script error.

var element = document.getElementById("testElement");
element.onclick = DynamicFunctionWithParameters(x,y);

function DynamicFunctionWithParameters(param1, param2)
{
 alert("sample function");
}

we have to go with a round about way to achieve the same, see the below example.

var element = document.getElementById("testElement");
element.onclick = function(x,y){DynamicFunctionWithParameters(x,y);};

function DynamicFunctionWithParameters(param1, param2)
{
 alert("sample function");
}

I think you know, we can even directly write the function instead writing it separately and assigning it to the event later. the below example explains this. while mentioning this way we cannot have the function name, and also the same function cannot not be reused.

var element = document.getElementById("testElement");
element.onclick = function(param1, param2)
{
 alert("sample function");
};

HttpContext is Null

In ASP.Net application, HttpContext type will be instantiated for current thread and it loads all the context values related to the Request sent to the server. While we use the Asynchronous concept in the ASP.Net application, the HTTPContext will not have a reference or values in the asynchronous thread. Apart from the normal Page execution thread, new threads will be created for every Async task we are using, So while referring those Context objects Care should be taken. Otherwise the application will throw error.

HttpContext.Current object will be null, when we are using Asynchronous task [PageAsyncTask].

To avoid this or overcome this, capture the needed values from the base thread and share it with a static class to the other threads. This capturing of values should happen before the invoking of Async Calls.

Mime Content Types for office 2007 documents

The Content Type of the office 2007 files are different from the normal office documents. the files are strored and maintained internally as xml formats. While uploading these documents they are uploaded in octet stream[binary stream].
For more details check this link. openxmldeveloper.org

The Content Types of the office 2007 files is listed below.

File Extension	Content Type
docm	application/vnd.ms-word.document.macroEnabled.12
docx	application/vnd.openxmlformats-officedocument.wordprocessingml.document
dotm	application/vnd.ms-word.template.macroEnabled.12
dotx	application/vnd.openxmlformats-officedocument.wordprocessingml.template
ppsm	application/vnd.ms-powerpoint.slideshow.macroEnabled.12
ppsx	application/vnd.openxmlformats-officedocument.presentationml.slideshow
pptm	application/vnd.ms-powerpoint.presentation.macroEnabled.12
pptx	application/vnd.openxmlformats-officedocument.presentationml.presentation
xlsb	application/vnd.ms-excel.sheet.binary.macroEnabled.12
xlsm	application/vnd.ms-excel.sheet.macroEnabled.12
xlsx	application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xps	application/vnd.ms-xpsdocument

Manual verification of Validation Controls before getting submitted using Javascript

The Validation controls plays a major role in validation client data before it is getting posted in to the server. This is done by placing the appropriate validation controls required. This takes care of data validation before posting on its own. Suppose this same task has to handle even when validation controls are present. Let us see this.
A JavaScript function displayed below will takes care of a similar task.

function VerifyValidators()
{
    //To verify the validators are passed in data validation.
    //This Page_ClientValidate() function will return true if all the validation are passed else it returns false.
    if (Page_ClientValidate() == true)
    { 
        form1.submit();
    }
}

The Page_ClientValidate() function will not be included in the page by default. To implement this function we need a minimum a single validation control. Then, this function is rendered as a part of any validation control by default. By using this function, we can check the Data Validation even before it gets posted to the server. Some times when using this functionality the page may not be posted to the server, then page has to be submitted to the server manually as given in the function or in any other way.

ViewState Vs ControlState

we all know, in asp.net 1.x the web controls use the Viewstate to maintain state between postbacks. this involves more data to be transfered from and to the server. the best practice is to disbale ViewState when it is not required, but still this is problem in many other cases, suppose we use the DataGrid controls, which consumes most of the ViewState normally, the ViewState cannot be disabled because it has to support other events related to that control. the DataGrid page number, event command are stored in the Viewstate, so this is more inconvinient.
In Asp.Net 2.0, the Viewstate concept is changed and they have introduced the controlstate, which is a part of Viewstate, only for the purpose to maintain control state, not the content of it. Control state is another type of hidden state reserved exclusively for controls to maintain their core behavioral functionality, whereas view state only contains state to maintain the control's contents (UI). Technically, control state is stored in the same hidden field as view state (being just another leaf node at the end of the view state hierarchy), but if you disable view state on a particular control, or on an entire page, the control state is still propagated. this enables us to use more Web Controls, as the viewstate is maintained internally. this will not support DataGrid, because it is part of Asp.Net 1.x, the new controls of Asp.Net 2.0 will support this feature. even the viewstate is disabled the event triggered, other control properties are maintained in the controls state.

The supported controls are listed below.
Control -> Properties Stored in Control State
CheckBoxList -> PreviousItemCount, PreviousOffset
ContentPager -> CurrentPage, PageCount
DetailsView -> PageIndex, Mode, DefaultMode
FormView -> PageIndex, Mode, DefaultMode
GridView -> EditIndex, SelectedIndex, PageIndex, SortDirection, SortExpression
ListControl -> SelectedIndices
(base class for BulletedList, CheckBoxList, DropDownList, ListBox, and RadioButtonList)
LoginView -> TemplateIndex
MultiView -> ActiveViewIndex
Table -> CurrentRow, ViewMode

Partial Classes

Partial Classes allow user to split the class file accross multiple source files. The benifit behind this approach is to hide the funtionality of the class. the same class can be created in may places and appropriate methods can be placed in the code file so that it derived classes can focus on significant part alone.