Book Image

NHibernate 2 Beginner's Guide

By : Aaron Cure
Book Image

NHibernate 2 Beginner's Guide

By: Aaron Cure

Overview of this book

<p>NHibernate is an open source object-relational mapper, or simply put, a way to retrieve data from your database into standard .NET objects. Quite often we spend hours designing the database, only to go back and re-design a mechanism to access that data and then optimize that mechanism. This book will save you time on your project, providing all the information along with concrete examples about the use and optimization of NHibernate.<br /><br />This book is an approachable, detailed introduction to the NHibernate object-relational mapper and how to integrate it with your .NET projects. If you're tired of writing stored procedures or maintaining inline SQL, this is the book for you.<br /><br />Connecting to a database to retrieve data is a major part of nearly every project, from websites to desktop applications to distributed applications. Using the techniques presented in this book, you can access data in your own database with little or no code.<br /><br />This book covers the use of NHibernate from a first glance at retrieving data and developing access layers to more advanced topics such as optimization and Security and Membership providers. It will show you how to connect to multiple databases and speed up your web applications using strong caching tools. We also discuss the use of third-party tools for code generation and other tricks to make your development smoother, quicker, and more effective.</p>
Table of Contents (19 chapters)
NHibernate 2
Credits
About the Author
About the Reviewers
Preface
Index

Location security


One way to use our membership provider to control security is to add some configuration elements in the Web.config file. We can use the <location> element to specify the name of a directory or a page, and then use an <authorization> block to control access.

The <location> element is specified in the Web.config file, usually right after the </system.web> element as part of the <configuration> block. To control security, we have two major options, namely, "allow" and "deny". We can also specify if we want the security to apply to everyone (*), only anonymous users (?), or to specific users or roles.

If you look at the following <location> element, you will see that we are denying access to all unauthenticated (anonymous) users, that is, we only allow logged-in users to visit the SecurePage.aspx page.

<location path="/SecurePage.aspx">
  <system.web>
    <authorization>
      <deny users="?"/>
    </authorization...