script language="JavaScript" type="text/JavaScript"
//to store timeout ID
var tID;
function tickTimer(t)
{
//if time is in range
if(t>=0)
{
document.writeln(t);
t=t-1;
tID=setTimeout("tickTimer('"+t+"')",1000);
}
//stop the timeout event
else
{
killTimer(tID);
document.writeln("
Time Out!");
}
}
//function to stop the timeout event
function killTimer(id)
{
clearTimeout(id);
}
script
I am removing angular brackets becuase it is not accepting it please put it where needed in the javascript functions
call these function like this
body onLoad="tickTimer(10)" onUnload="killTimer(tID)"
Now let’s analyze the code:
1. We have created two functions tickTimer() and killTimer().
2. We have defined two event handlers onLoad and onUnload which’d call the respective functions at respective events.
When the code above (as a web page) is executed, it’d proceed as:
1. First the onLoad event calls tickTimer function with the initial time, the countdown timer has to be ticked down form.
2. The function displays the initial time remaining, does some calculations and calls a method setTimeout().
3. The setTimeout function now calls the function passed, every 1000 milliseconds 1 second). On setting the timeout event this method returns a unique ID which would be used to stop the timeout event when needed (onUnload or when timer has ticked down to 0).
One thing you may get confused with is how without loop or anything as such, are we able to count the timer down. Answer is, because JavaScript is an event driven language. First, we are defining a body onLoad event to make a call to some function as the web page is loaded. Second, we are defining a timeout event that would call the function itself (recursive call) every one second indefinitely until the timeout event is cleared. We are clearing the timeout either when the countdown timer reaches 0 or when the page gets unloaded (onUnload).
Sunday, August 15, 2010
Relationship Between IIS and ASP.NET
We should understand the relationship between Internet Information Services (IIS) authentication and the Microsoft® ASP.NET security architecture when designing your application. This will allow you to authenticate your users appropriately and obtain the correct security context within your application. You should note that ASP.NET application security configuration and IIS security configuration are completely independent and can be used independently or in conjunction with each other.
IIS maintains security related configuration settings in the IIS metabase. However, ASP.NET maintains security (and other) configuration settings in XML configuration files. While this generally simplifies the deployment of your application from a security standpoint, the security model adopted by your application will necessitate the correct configuration of both the IIS metabase and your ASP.NET application via its configuration file (Web.config).
ASP.NET Authentication Providers and IIS Security
ASP.NET implements authentication using authentication providers, which are code modules that verify credentials and implement other security functionality such as cookie generation. ASP.NET supports the following three authentication providers:
Forms Authentication. Using this provider causes unauthenticated requests to be redirected to a specified HTML form using client side redirection. The user can then supply logon credentials, and post the form back to the server. If the application authenticates the request (using application-specific logic), ASP.NET issues a cookie that contains the credentials or a key for reacquiring the client identity. Subsequent requests are issued with the cookie in the request headers, which means that subsequent authentications are unnecessary.
Passport Authentication. This is a centralized authentication service provided by Microsoft that offers a single logon facility and membership services for participating sites. ASP.NET, in conjunction with the Microsoft® Passport software development kit (SDK), provides similar functionality as Forms Authentication to Passport users.
Windows Authentication. This provider utilizes the authentication capabilities of IIS. After IIS completes its authentication, ASP.NET uses the authenticated identity's token to authorize access.
To enable a specified authentication provider for an ASP.NET application, you must create an entry in the application's configuration file as follows:
// web.config file
In addition to authentication, ASP.NET provides an impersonation mechanism to establish the application thread's security token. Obtaining the correct token relies upon you configuring IIS authentication, ASP.NET authentication providers, and ASP.NET impersonation settings appropriately.
Authentication using Windows accounts
If you plan to authenticate users using accounts maintained by a Microsoft Windows NT® domain controller or within Microsoft Windows® 2000 Active Directory™, you should use IIS Authentication coupled with the Windows Provider for ASP.NET, as illustrated in Figure 2. By using this approach, you do not need to write any specific authentication code. When authentication happens using this method, ASP.NET constructs and attaches a Windows Principal object to the application context based on the authenticated user. As a result, the ASP.NET thread can run as the authenticated user and can obtain the user's group membership.
In some cases, you may want to bypass IIS authentication and implement a custom solution. This is also possible with ASP.NET. For example, you can write a custom ISAPI filter that checks the user's credentials against Active Directory and the creation of the Windows Principal object would be performed manually. There are other methods besides this one that will work, but they all require more code than using the .NET provider directly.
Authentication using non-Windows accounts
If you are planning to authenticate users at the application level, and the users do not have Windows accounts, you will typically configure IIS to use Anonymous authentication. In this configuration, consider the following .NET authentication modules:
None: Use when you are not authenticating users at all, or developing custom authentication code.
Forms: Use when you want to provide users with a logon page.
Passport: Use when you are using Passport services.
Impersonation and delegation
With impersonation, ASP.NET applications can optionally execute with the identity of the client on whose behalf they're operating. Impersonation is usually performed for resource access control. You should carefully consider whether or not impersonation is required, as it consumes additional server resources. Delegation is a more powerful form of impersonation and allows remote resources to be accessed by the server process while acting as the client.
If impersonation is enabled, ASP.NET will receive the token to impersonate from IIS. You have more granular control of impersonation in a Web application when using ASP.NET in comparison to traditional Active Server Pages (ASP). This is controlled by specifying a value in the application's Web.config file.
You have the following three options when specifying the required impersonation setting:
Impersonation enabled. In this instance, ASP.NET will impersonate the token passed to it by IIS, which will either be an authenticated user or the anonymous Internet user account.
Impersonation enabled, with a specific impersonation identity specified. In this instance, ASP.NET will impersonate the token generated using the configured identity. In this case the client token, if applicable, is not used.
Impersonation is disabled. This is the default setting for backward compatibility with ASP. In this instance, the ASP.NET thread will run using the process token of the application worker process, which by default is the IIS system account, regardless of which combination of IIS and ASP.NET authentication have been used.
If the application resides on a UNC share, ASP.NET will always impersonate the IIS UNC token to access that share unless a configured account is used. If an explicitly configured account is provided, ASP.NET will use that account in preference to the IIS UNC token.
IIS maintains security related configuration settings in the IIS metabase. However, ASP.NET maintains security (and other) configuration settings in XML configuration files. While this generally simplifies the deployment of your application from a security standpoint, the security model adopted by your application will necessitate the correct configuration of both the IIS metabase and your ASP.NET application via its configuration file (Web.config).
ASP.NET Authentication Providers and IIS Security
ASP.NET implements authentication using authentication providers, which are code modules that verify credentials and implement other security functionality such as cookie generation. ASP.NET supports the following three authentication providers:
Forms Authentication. Using this provider causes unauthenticated requests to be redirected to a specified HTML form using client side redirection. The user can then supply logon credentials, and post the form back to the server. If the application authenticates the request (using application-specific logic), ASP.NET issues a cookie that contains the credentials or a key for reacquiring the client identity. Subsequent requests are issued with the cookie in the request headers, which means that subsequent authentications are unnecessary.
Passport Authentication. This is a centralized authentication service provided by Microsoft that offers a single logon facility and membership services for participating sites. ASP.NET, in conjunction with the Microsoft® Passport software development kit (SDK), provides similar functionality as Forms Authentication to Passport users.
Windows Authentication. This provider utilizes the authentication capabilities of IIS. After IIS completes its authentication, ASP.NET uses the authenticated identity's token to authorize access.
To enable a specified authentication provider for an ASP.NET application, you must create an entry in the application's configuration file as follows:
// web.config file
In addition to authentication, ASP.NET provides an impersonation mechanism to establish the application thread's security token. Obtaining the correct token relies upon you configuring IIS authentication, ASP.NET authentication providers, and ASP.NET impersonation settings appropriately.
Authentication using Windows accounts
If you plan to authenticate users using accounts maintained by a Microsoft Windows NT® domain controller or within Microsoft Windows® 2000 Active Directory™, you should use IIS Authentication coupled with the Windows Provider for ASP.NET, as illustrated in Figure 2. By using this approach, you do not need to write any specific authentication code. When authentication happens using this method, ASP.NET constructs and attaches a Windows Principal object to the application context based on the authenticated user. As a result, the ASP.NET thread can run as the authenticated user and can obtain the user's group membership.
In some cases, you may want to bypass IIS authentication and implement a custom solution. This is also possible with ASP.NET. For example, you can write a custom ISAPI filter that checks the user's credentials against Active Directory and the creation of the Windows Principal object would be performed manually. There are other methods besides this one that will work, but they all require more code than using the .NET provider directly.
Authentication using non-Windows accounts
If you are planning to authenticate users at the application level, and the users do not have Windows accounts, you will typically configure IIS to use Anonymous authentication. In this configuration, consider the following .NET authentication modules:
None: Use when you are not authenticating users at all, or developing custom authentication code.
Forms: Use when you want to provide users with a logon page.
Passport: Use when you are using Passport services.
Impersonation and delegation
With impersonation, ASP.NET applications can optionally execute with the identity of the client on whose behalf they're operating. Impersonation is usually performed for resource access control. You should carefully consider whether or not impersonation is required, as it consumes additional server resources. Delegation is a more powerful form of impersonation and allows remote resources to be accessed by the server process while acting as the client.
If impersonation is enabled, ASP.NET will receive the token to impersonate from IIS. You have more granular control of impersonation in a Web application when using ASP.NET in comparison to traditional Active Server Pages (ASP). This is controlled by specifying a value in the application's Web.config file.
You have the following three options when specifying the required impersonation setting:
Impersonation enabled. In this instance, ASP.NET will impersonate the token passed to it by IIS, which will either be an authenticated user or the anonymous Internet user account.
Impersonation enabled, with a specific impersonation identity specified. In this instance, ASP.NET will impersonate the token generated using the configured identity. In this case the client token, if applicable, is not used.
Impersonation is disabled. This is the default setting for backward compatibility with ASP. In this instance, the ASP.NET thread will run using the process token of the application worker process, which by default is the IIS system account, regardless of which combination of IIS and ASP.NET authentication have been used.
If the application resides on a UNC share, ASP.NET will always impersonate the IIS UNC token to access that share unless a configured account is used. If an explicitly configured account is provided, ASP.NET will use that account in preference to the IIS UNC token.
How to prevent users from Logging off
(1).Open Startmenu->Run type regedit and press ok to open registry editor
(2).In hierarchical structure at left side, navigate to registry entry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
(3).Right click on the Right Pane > New > Dword Value & name it as StartMenuLogoff
(4).Double Clcik on it & set the value to 0 to enable the logoff option,and to 1 to disable it.
Restart your Computer.
(2).In hierarchical structure at left side, navigate to registry entry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
(3).Right click on the Right Pane > New > Dword Value & name it as StartMenuLogoff
(4).Double Clcik on it & set the value to 0 to enable the logoff option,and to 1 to disable it.
Restart your Computer.
How to put restriction on everything in windows
1).Open Startmenu->Run type regedit and press ok to open registry editor
(2).In hierarchical structure at left side, navigate to registry entry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
3).Right click on the Right Pane > New > Dword Value & name it as following key:
"NoDeletePrinter"
"NoAddPrinter"
"NoRun"
"NoFind"
"NoDrives"
4).Double Click on it & set the value 0.
Restart your Computer.
(2).In hierarchical structure at left side, navigate to registry entry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
3).Right click on the Right Pane > New > Dword Value & name it as following key:
"NoDeletePrinter"
"NoAddPrinter"
"NoRun"
"NoFind"
"NoDrives"
4).Double Click on it & set the value 0.
Restart your Computer.
How to rename muliple file simaltaneously
If you have a lot of Picture or Files of same type you can rename them simultaneously and also in series in which they are shoot or modified.
(1). Set all the Files or Pictures in series in which they are modified or shoot.
(2). Select last Picture or File then hold the Shift key and select first Picture or Files.
(3). Consequently all Picture and Files will be selected automatically.
(4). Press F2 for Rename and give your desired name and press Enter.
(1). Set all the Files or Pictures in series in which they are modified or shoot.
(2). Select last Picture or File then hold the Shift key and select first Picture or Files.
(3). Consequently all Picture and Files will be selected automatically.
(4). Press F2 for Rename and give your desired name and press Enter.
How to find a coloumn name from database
SELECT name FROM sysobjects WHERE id IN ( SELECT id FROM syscolumns WHERE name like '%PART_OF_NAME%' )
Subscribe to:
Comments (Atom)