Ok this question might sound a bit weird, let me try to explain what I am trying to achieve here.
I need:
- some mostly static pages: home page, about us, etc. the usual suspects
- a full complex rails web app
The web app being the heart of the system will have a lot of stuff, including user authentication (with devise by the way). The application will have a standard navigation menu with possible actions changing depending on user status (login or not, admin or not, etc).
Until now, nothing out of the ordinary.
However for unrelated reason, I MUST have the entry point of the whole system be the home page that will be hosted on another server (ergh).
So now, since my home page and other static pages will be on server A and all the application will be on server B how can I maintain contact between the 2 ?
Meaning: keep my navigation menu dynamic even on my static pages, have a sign-in / sign-up form on my static server but registering an account on the "real" application server ?
They can share the same database, no pb there.
Any pointers on how to do this ? I would really like not to put some iframes on the static site...
Thanks !
Alex
For the signin/signup stuff, you can have your forms action going to B and redirecting to A.
To display the right stuff in the menus you can make a jsonp call(as Chris said) to fetch either the entire header or specific parts of the header that are dynamic.
If you are just looking to include the users name, you can also simply store their name in a cookie and then use javascript to display it in the header.
If there's no cookie display a link to login/signup.
edit: For the jsonp calls take a look at a javascript framework to make the call client side, I personally use jQuery http://api.jquery.com/jQuery.ajax (and look at the jsonp options).
Thinking out loud...
Can you dynamically build the menus using javascript/AJAX in the static code? Perhaps that could query server B (via jsonp) to determine the options...
Its going to have do some "funky" (tm) stuff to track whether there is a user session or not... and linking them...
Related
In Rails, Is it possible to prevent HTTP requests that come from the Browser's address bar ? And only allow navigation through links made within the app ?
I really looking for preventing a user to simply type his destination in the browser and only uses the links provided.
I know It maybe sounds silly. But I'm kind of trying to give a different UX than any regular website.
Is this approach possible? And If yes, How?
And what is the possible disadvantages or deficits that may cause?
For completeness, Yes.
The previous responder is right, this sounds like a bad idea, but it is possible. I imagine it similar to how authentication work. Set a secret value in the session on the first page, ask for it it on the second page the user reaches, if they don't match user didn't use your navigation. Refresh as quickly as needed (every page, for example).
Drawbacks? It's weird, that's not how webpages work. A clicked link (or GET request) is not different than a URL typed in the browser. What do you mean by "different UX than any regular website", the more details we have the easier we can help.
No*.
You can make it harder for a user to guess the correct URL by using obfuscation or use sessions to make the application stateful. But technically a GET request sent by clicking a link or by typing the url in the browser are identical to the server. The former is a form of security by obscurity.
The whole basically violates the core tenants of what a RESTful application does. In REST a resource should be omnipotent - requesting the same resource should provide the same response no matter how the user got there.
If you find that an action should not be able to be performed by typing the address into the browser you are most likely using the HTTP verbs wrong (using GET where you should be using POST, PUT or DELETE) or have a poor authorization system.
I am being asked if I can setup a way to - on the fly - dynamically do a URL rewrite.
My experience with URL rewriting has been primarily using essentially static web.config files where I knew ahead of time what the conditions were I was supporting. But in this case, I'm working with a partner who is sending me data about their clients and when a user of my site gets sent to one of those pages, they'd like me to rewrite the URL so that it looks like their client's URL and not mine.
Example: the search my site for Jim's auto shop, when I display my (their) content about Jim's auto shop, the URL wouldn't appear to be on my site, it would show "www.JimsAutoShop.com" when it's really on "wwww.mysite.com/JimsAutoShop"
I suppose every time our partner pushes we data where this is needed, I could rewrite the web.config file adding a section for that case, but I really don't know that that's a good idea. is there a way to essentially do this dynamically via code, where when I query my db from a search and see I need to mask the URL, I could do that?
Tech wise, i do not have access to IIS, I'm on a shared server running IIS and my primary application stack is Coldfusion10. Thanks
I don't believe this is possible. By the time your server side language gets the code, everything has been processed on the web server. There is nothing to rewrite. You could technically do this with Javascript but it would just be visually, it wouldn't actually be changing the URL. (Not sure you could visually change the domain, but I don't see why not. I've done it before with other parts of the URL). Here is how you would do that essentially: https://developer.mozilla.org/en-US/docs/Web/API/History_API
If this needs to be done though, the web.config route is the way to go. I had an application where when data was updated using certain forms in the app, I would grab the web.config and edit one of the rewrite maps.
But I'm not so sure that is what you need. If you want the domain www.JimsAutoShop.com to just pull files form your server, just edit the DNS to point to your server. Rewriting/Redirecting isn't needed. That is how sites are supposed to work.
I'm working on ASP.NET MVC project with C#.
Ok so I have a layout view where I put my partial view which contains just a div that displays notification messages.
Now from some view I have a button that generate a report in 5 minutes in async manner. While the report being generated I need to allow the user to use other areas of the website.
My action method, once the report is generated successfully, simply returns a string "Success", o/w "Fail".
What I want to do is assign that returned string to the div of the partial view which is on the layout page. So this way the user can see the notification from wherever he is within the website.
How can I do this? Thanks.
There's a number of different things going on here. First, you want the server to update the user with the "success" or "fail" status. This requires 1) using web sockets to create a persistent connection between the client and server, allowing the server to talk to the client without requiring the client to first send a request, or 2) long-polling, which is means the client continuously sending requests at a defined interval to see if the server has any updates.
Long-polling (with AJAX) was the only way to achieve this before the advent of web sockets, which are relatively new, and not universally supported. In particular, IIS8+ is required on the server side, and client side, you need a modern browser, which is really any except IE 9 and below. If you can't run the site on IIS8+ or you need to support legacy versions of IE, then you're stuck with long-polling.
However, with either approach, you're tied to a single page. If the user navigates away, web socket connections are closed and long-polling stops. If the user is still on your site, the next page would need to re-establish all this functionality to keep it working. That's not really difficult - just something to be aware of. It just means that you'll need some universal script running on page load across your site for this.
Now as far as replacing the content of your "partial view" goes. You shouldn't look at it that way. I encourage you to read my post: There's no such thing as a "partial view" client-side, where I get into more detail. The TL;DR version is that all of this updating of the client is happening client-side, and at that point, all you have is the browser DOM. There's no concept of a "partial view". If you want to replace a part of the DOM, you must select it and manipulate it. That's all done with JavaScript and it's all on you. There's no easy "replace this partial view" button.
I have a new big project with ASP MVC 4 and I will need to build in the future a lots of tiny web application that contains:
A Banner ( like Google banner in black , for authentication, notifications , search …… etc. )
A body that must access the banner info and knows if the user is authenticated or not.
Let me explain, if we look at :
Google play (subdomain )
Google Map (subdomain )
Google Translate (subdomain )
Google Gmail (subdomain )
Youtube ( different domain )
We will notice that it’s exactly the same banner for all its subdomains and even different domain (youtube ), and they have just the content that changes, and if I’m already authenticated in google play I do not need to authenticate again in Gmail or YouTube .
I want to do the same thing with my websites :
here a link to explain in images: http://www.use.com/ba3e6c12424c7696be7f
My Questions or just need for confirmation:
1- It is possible to host a banner and websites in different domains and still not authenticate again in every websites? I ‘am thinking about YouTube domain and google domain which is possible. How can I get the same experience?
2 -I assume it’s very easy with subdomains without the need of OAuth 2 for authentication just the normal ASP MVC 4 simple membership will do the job, am ‘I right?
3- Assuming I choose ASP MVC 4 simple membership with subdomains , how can I organize my projects so I don’t have duplicated code for my banner in every project if i want the same experience as google banner ?
a) First idea is to build the banner, put it in an assembly and Render It with an HTML helper, is that a good option? )
b) Do I still have the same experience if I host every subdomain in a different server?
c) Can I choose to host the banner in subdomain1 and load It in a website in subdomain 2 with JavaScript? (do I still have the same experience)
4- Assuming I have to give every website in different domains (not subdomains), how can I manage the architecture? I just need some clues.
5- If I’m wrong on everything, can you guide me to have the exact same experience with complete different domains, or different subdomains with an elegant solution ?
Thank you in advance, and sorry for my bad English (third language).
You really have two separate questions here. First, how to include a bit of HTML in multiple projects. There's really a myriad of possibilities here. If all of your sites are in the same solution in Visual Studio, the easiest method is to simply pick one project to hold the partial view for the banner and then link to it in your other projects. You do this by right-clicking somewhere in your project in the Solution Explorer and choosing Add -> Existing Item..., find the file in the other solution, but instead of "Add" to confirm, click the arrow next to it, to expand the dropdown and choose "Add As Link".
Alternately, or if one or more of your sites is not in the same solution or is in another language altogether, then your best bet is probably just to save the snippet of HTML as a flat file, somewhere each site will have access to. Then, you just read in from this file and display it.
Your second question is more complicated: how to share authentication. If all of the sites are on the same domain (subdomains), then you can just simply set the cookie on the domain itself, and all subdomains will receive the cookie and have access to the authentication status. If you have sites on different domains, though, it gets exponentially more complex. You either have to implement something like OAuth, which is awkward if all the sites belong together (i.e. OAuth is only really used to authenticate with third-parties, no one really uses this to share auth between related but different domains.) Or, you basically create a server that provides authentication for the other sites.
It's a kind of complex setup, but you've seen it in action on places like Google-owned properties. When you go to login, it takes you to accounts.google.com, and then you're redirected to the originating site after logging in. Essentially, what's happening is that technically the only place you're "logged in" at is accounts.google.com. If one of the sites in the family needs authentication, it redirects you to accounts.google.com. At which point, if you have a auth cookie already, it's sent and accounts.google.com restores your authenticated session, it then redirects back to the original site, with some token that identifies that you are logged in. Going into all the details and how to actually set this up is far beyond the scope of what can reasonably be done here on StackOverflow, but this is a really good reference and starting point. Part 1 describes the theory. The next installment details how to set it up.
Ok, I'm a newbie to ASP.NET web apps... and web apps in general. I'm just doing a bit of a play app for an internal tool at work.
given this tutorial...
http://www.asp.net/learn/mvc-videos/video-395.aspx
The example basically has a global tasklist.
So if I wanted to do the same thing, but now I want to maintain tasks for projects. So I now select a project and I get the task list for that project. How do I keep the context of what project I have selected as I interact with the tasks? Do I encode it into the link somehow? or do you keep it in some kind of session data? or some other way?
As it sounds like you are having multiple projects with a number of tasks each, it would be best practise to let the project be set in the URL. This would require a route such as "/projects/{project}/tasks". It follows the RESTful URL principle (i.e. the URL describes the content).
Using session state will not work if a user possibly have different projects open in multiple browser windows. Let's say I am logging into your system and a selecting two projects opening in two tabs. First the session is set to the project of the first opened tab, but as soon the second tab has loaded, the session will be overwritten to this project. If I then do anything in the first tab, it will be recorded for the second project.
I use:
Session state for state that should last for multiple requests, e.g. when using wizards. I'd be careful not to put too much data here though as it can lead to scalability problems.
TempData for scenarios where you only want the state to be available for the next request (e.g. when you are redirecting to another action and you want that action to have access to the state, but you don't want it to hang around after that)
Hidden form fields [input type="hidden"] for state that pertains to the form data and that I want the the controller to know about, but I don't want that data displayed. Also can be used to push state to the client so as not to overburden server resources.
ok, From what I can tell, the best option seems to be to save it into the Session data
RESTful URLs, hidden fields, and session cookies are your friends.