C# – Sharing profile and roles information between web applications

asp.netcnetrolesSecurity

Q1 Book says that we can choose to share profile information between web application by having profile providers use the same ApplicationName value. But would it also be ok for applications to share roles, or would that represent a security risk?

If ProfileManager.AutomaticSaveEnabled is set to True, then when change is made to any profile data, the ProfileModule will update tables in a database accordingly. When dealing with properties containing simple types, ProfileModule checks IsDirty to determine whether property has changed.

A) Assume Profile.Name already contains value “Irene”, when the program issues the following statement:

Profile.Name = "Irene";

Will Name property be marked as dirty even though same value has been assigned to it?

B) If ProfileManager.AutomaticSaveEnabled is set to True and if property containing complex type is set to read-only, then I assume ProfileManager will realize that and thus won’t try connect with database in order to save this property?

thanx

Best Answer

1) If you're happy with a user having the same roles on both sites, then it's not a problem, and provides simplified management. If you want the users to have different roles on each site, then there's something to be said for seperating it out.

2) Can't say I've tried either scenario, sorry.

This is the style that Microsoft tends to use in their examples.

It appears that the guidance in this area may have changed, as StyleCop now enforces the use of the C# specific aliases.

C# – the difference between const and readonly in C#

Apart from the apparent difference of

having to declare the value at the time of a definition for a const VS readonly values can be computed dynamically but need to be assigned before the constructor exits.. after that it is frozen.
const's are implicitly static. You use a ClassName.ConstantName notation to access them.

There is a subtle difference. Consider a class defined in AssemblyA.

public class Const_V_Readonly
{
  public const int I_CONST_VALUE = 2;
  public readonly int I_RO_VALUE;
  public Const_V_Readonly()
  {
     I_RO_VALUE = 3;
  }
}

AssemblyB references AssemblyA and uses these values in code. When this is compiled:

in the case of the const value, it is like a find-replace. The value 2 is 'baked into' the AssemblyB's IL. This means that if tomorrow I update I_CONST_VALUE to 20, AssemblyB would still have 2 till I recompile it.
in the case of the readonly value, it is like a ref to a memory location. The value is not baked into AssemblyB's IL. This means that if the memory location is updated, AssemblyB gets the new value without recompilation. So if I_RO_VALUE is updated to 30, you only need to build AssemblyA and all clients do not need to be recompiled.

So if you are confident that the value of the constant won't change, use a const.

public const int CM_IN_A_METER = 100;

But if you have a constant that may change (e.g. w.r.t. precision).. or when in doubt, use a readonly.

public readonly float PI = 3.14;

Update: Aku needs to get a mention because he pointed this out first. Also I need to plug where I learned this: Effective C# - Bill Wagner

Best Answer

Related Solutions

C# – the difference between String and string in C#

This is the style that Microsoft tends to use in their examples.

C# – the difference between const and readonly in C#

Related Topic