Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP.NET 1.0 and 1.1 > BOOK: ASP.NET Website Programming Problem-Design-Solution
Password Reminder
Register
| FAQ | Members List | Search | Today's Posts | Mark Forums Read
BOOK: ASP.NET Website Programming Problem-Design-Solution
This is the forum to discuss the Wrox book ASP.NET Website Programming: Problem - Design - Solution, Visual Basic .NET Edition by Marco Bellinaso, Kevin Hoffman; ISBN: 9780764543869
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: ASP.NET Website Programming Problem-Design-Solution section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old June 26th, 2004, 02:46 PM
Registered User
 
Join Date: Jun 2004
Location: , , Singapore.
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default PhileIdentity - System.InvalidCastException

Does anyone have a solution to the casting issue in the Site Header with the following line of code:

PhileIdentity id = (PhileIdentity)Context.User.Identity;

This line of code produces the following error:
System.InvalidCastException: Specified cast is not valid.

I have no really no idea how to solve it....can anyone offer help on this please?

Thanks in advance


Terence Tham
  #2 (permalink)  
Old June 26th, 2004, 03:37 PM
Friend of Wrox
 
Join Date: Jun 2003
Location: Harrisburg, PA, USA.
Posts: 1,998
Thanks: 0
Thanked 3 Times in 3 Posts
Default

Hey,

Are you setting the PhilePrincipal object to the Context.User before accessing the PhileIdentity object?

Brian
  #3 (permalink)  
Old June 26th, 2004, 04:35 PM
Registered User
 
Join Date: Jun 2004
Location: , , Singapore.
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks Brian, i managed to solve the problem

For the guys out there with similar problem...the default.aspx have to inherit the PhilePage class, then the cast exeception problem will be solved...

Thanks

Terence Tham
  #4 (permalink)  
Old June 28th, 2004, 04:39 AM
Friend of Wrox
 
Join Date: Jun 2003
Location: Atlanta, Georgia, USA.
Posts: 917
Thanks: 0
Thanked 0 Times in 0 Posts
Default

This is a common problem, so I thought I'd elaborate on this some more to help other people.

First, each page needs to descend from the base page. This ensures that the Identity and Principle context will be set right.
Wrox.ThePhile.Web.PhilePage.

Secondly, the normally collapsed region "Web Form Designer generated code" that you see at the end of your code-behind file needs to have an override of the base page's OnInit method, and it has to call the base page's OnInit BEFORE it executes InitializeComponent.

In C# (comments removed to save space):

#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
  base.OnInit(e); // MUST COME FIRST!!!
  InitializeComponent();
}
private void InitializeComponent()
{
  this.Load += new System.EventHandler(this.Page_Load);
}
#endregion

And the MOST important item that most people forget to do (including the authors of the book): EVERY single page that requires special security permissions MUST have these lines of code right at the beginning of Page_Load:

private void Page_Load(object sender, EventArgs e)
{
  if (!Context.User.Identity.IsAuthenticated ||
  !((PhilePrincipal)Context.User).HasPermission(
         (int)FilesPermissions.AdministerFiles))
  {
   // if not, redirect to the Login page
   Response.Redirect("/Modules/Users/Login.aspx?ShowError=true",
     true);
  }

This value above: "FilesPermissions.AdministerFiles" is defined in enums.cs. This is the new value I set up to give Forms security to the FileManager. Many newbies to ThePhile don't understand the very big security risk when deploying ThePhile to a commercially-hosted website. The FileManager was designed to use Windows authorization, which is NOT available in a hosted site. If you fail to convert all of the pages of FileManager to use Forms authorization, then you aren't just giving your car away to an intruder, but you're also giving him the keys!

For other modules that use other security enumerations, you just need to replace "FilesPermissions.AdministerFiles" with the specific permission you want to test for.

Anyone who doesn't understand these items needs to study this subject more before deploying a web site. Even if you can use Windows authorization on the FileManager (which I recommend against), you still need to use this Forms authorization on EVERY sensitive page that can be accessed from the web - not just the main admin page of each module.

Windows authorization can only be used to control access to computers in your local network domain. Windows auth can NOT be used accross the Internet - you have to use Forms authorization in this case.

I hate to keep talking about FileManager here, but it's very important that people get this. The authors of ThePhile set up Windows authorization on the FileManager using NTFS security (p. 129 in the C# book). This is NOT done in code! If you deploy the code, but you forget to set the NTFS security restrictions (or if you can't set this because it's a hosted site), then there will be NO access control on the most critical module of the whole application. This is why I strongly advise people to use Forms authorization on this module - after all, Forms auth is being used on all the other admin modules!!!

Eric
  #5 (permalink)  
Old April 21st, 2006, 12:17 AM
Registered User
 
Join Date: Nov 2005
Location: Akron, Ohio, USA.
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via AIM to JRMotz
Default

I don't understand y mine is working. I'm getting the same errors but i've checked all suggestions that were given and my code is correct so far. Anything else ...
  #6 (permalink)  
Old September 25th, 2006, 10:23 AM
Registered User
 
Join Date: Sep 2006
Location: , , .
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I am trying to use this model in a Visual Studio 2005 project. The problem I am running into is I am getting an invalidcastexception when trying to cast the principal to my custom principal. I got this error in the past with VS 2003 and I fixed it using englere suggestion with moving the OnInit call before InitializeComponent. I don't know what I should do in VS 2005 because it doesn't use the InitializeComponent method anymore. Any suggestions??

  #7 (permalink)  
Old September 25th, 2006, 02:27 PM
Registered User
 
Join Date: Sep 2006
Location: , , .
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Ok, I have solved my problem. First, the AutoEventWireup attribute on aspx pages is set to true by default in VS 2005 and it should be set to false. This was causing the Page_Load of the page to get called before the Page_Load of the base page.

 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
System.InvalidCastException; System.Reflection.Tar Jophie BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 2 January 16th, 2008 03:29 PM
System.InvalidCastException: Specified cast is not scslarry BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 6 January 18th, 2007 07:34 PM
System.InvalidCastException: QueryInterface for sweta .NET Web Services 5 June 8th, 2006 02:32 AM
'System.InvalidCastException' Problem! Please help CyberGeek ADO.NET 0 March 19th, 2006 03:14 PM
System.InvalidCastException: Specified cast is not chiefg BOOK: ASP.NET Website Programming Problem-Design-Solution 2 March 2nd, 2004 01:29 PM



All times are GMT -4. The time now is 10:53 AM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.