 |
 |
 |
Installation, First Steps and
Important Information (Version 1.1) |
|
|
|
My Web Pages Starter Kit is an ASP.NET 2.0 Content Management System. As
a web application it enables users to set up and maintain web sites through a browser
based administration interface.
The My Web Pages Starter Kit is composed of modules and is easily extensible.
Administrators can unpack it directly on the server and start building web sites.
Using Visual Studio or the Visual Studio Web Developer Express Edition, developers
can easily customize and extend the features of the CMS.
This document explains how to set up My Web Pages Starter Kit and gives you
hints on how to develop your own controls and extend the CMS.
For additional questions, news, releases and the project's news feed visit the My Web Pages Starter Kit project on Codeplex.com. |
|
|
|
1 Running it locally |
|
|
|
- |
Extract all files contained in the ZIP file to your hard drive |
- |
Launch Visual Studio 2005 or Visual Studio Web Developer Express |
- |
Select "File->Open Web Site" to open the Web Site |
- |
Hit F5 to launch the Web Site in your browser |
|
(You do not really need to run the web application locally if you don't want to
modify the kit. You may just unpack the files and publish them to your web host.
See section 2) |
|
|
|
|
2 Publishing to your web host |
|
|
|
- |
The My Web Pages Starter Kit requires an ASP.NET 2.0 hoster (Selection) |
- |
Upload the files
- Open a hosting account with a hoster who supports the Microsoft ASP.NET 2.0 web
technology
(Selection). In return the hoster will provide you the access data, which
you need to maintain your website in your role as a webmaster.
- Publish My Web Pages Starter Kit to your hoster by uploading all files (except
the App_Data folder) to your hoster. This is usually done with an ‘FTP Client’. In order to do so you need the
server name and your credentials for your account (username & password) from
your hoster.
Note: The App_Data folder is a special ASP.NET 2.0 folder and requires
special permissions (Windows 2000: write privileges for the "ASPNET" account / Windows
2003: write privileges for the "Network Service" account and the additional right
to read the attributes of the superior directories). If your hoster has already
created this folder, do not overwrite it as you will lose these special permissions.
If it does not exist, create it and ask your hoster to grant write access to the
ASPNET user. Without these access permissions the MWPSK code is unable to store
your information there.
- My Web Pages Starter Kit requires at least medium trust (Learn more). Usually the hoster has already set the medium trust
level in the machine.config file. Therefore this specification in the web.config
file is commented out. We recommend you to uncomment this setting in the web.config
file if you work with the My Web Pages Starter Kit locally to make sure that
your additional code is compliant with the medium trust restrictions.
|
- |
Launch your web browser and type in the URL of your My Web Pages Starter Kit
website. After a short delay, My Web Pages Starter Kit creates the initial
data files in your App_Code folder and it will show you a default homepage. |
- |
Change your administrator password by clicking on "Administration->User Management"
(Initial username is admin; initial password is: admin)
Log in as administrator (admin/yournewpassword) |
- |
Configure your web site by clicking on "Administration->CMS Setup"
- NOTE: As long as you did not specify a Smtp-Server or Mail Sender Address, all features
and controls that send emails (like Password Reset, Contact Form, etc.) will not
be available.
|
|
|
|
|
3 Architecture |
|
|
|
3.1 UI Layer |
|
|
|
ASPX Files are responsible for the rendering of the pages. User accessible pages
are in the root directory, administration pages in the "administration" folder.
Default.aspx handles the rendering of all customizable pages (i.e. those that can
contain your own content and controls). Additionally, specific ASPX pages exist
for website searches, Login and changing your password.
A My Web Pages Starter Kit page can contain so-called sections, which are
UserControls (learn
more) derived from SectionControlBaseClass. For a control to be able to
be used in My Web Pages Starter Kit, it must meet the following criteria:
- Inherit your control from
My Web Pages Starter Kit.Controls.SectionControlBaseClass
- Together with your section control, you should always create a class that contains
the business logic and the data for the particular section (also see below, Data
Access Layer).
|
|
|
|
3.2 Business Logic |
|
|
|
Standard classes: Keep in mind not to use them as data objects, and don't embed
layout/UI code into them. |
|
|
|
3.3 Data Access Layer |
|
|
|
ASP.NET 2.0 in Medium Trust mode (and thus My Web Pages Starter Kit) is allowed
to write files in App_Data. The generic class "Persistable" simplifies the data
access.
In order to make a new section (let's call it MySection ) that persist
its data, you must derive your class from Section<T> , where
<T> is MySection.MySectionData
Your class declaration should then start as follows:
class MySection : Section<MySection.MySectionData>
The MySectionData -Class must be an inner class of MySection .
All the fields you want to be persistent must be put into that inner class as public
members. In your MySection -class you can then access all the members
of the inner class by using the _data -member inherited from Section<T> .
If you create an instance of your section and pass a unique identifier to the constructor,
the data corresponding to that id is automatically loaded out of the App_Data folder
and you can access it by using the _data -member.
If at some point in your code, you want changed values to be persisted back into
the App_Data folder, you can call the SaveData() method of your section
(inherited from Section<T> ).
A good starting point for developing your own sections is the HtmlContent section
delivered with My Web Pages Starter Kit as it shows you the most basic principles
in very few lines of code.
|
|
|
|
4 Things to remember for security reasons |
|
|
|
4.1 Webmaster |
|
|
|
As a webmaster, you should remember the following important things:
- Please change the 'admin' password as a first action after deployment of your
My Web Pages Starter Kit Website.
- Log in as admin and set the smpt server (you get this from your hoster) and set
your email address for the admin account.
- Subscribe to the My Web Pages Starter Kit newsfeed, as it may provide critical
security notifications.
- Evaluate safety of the shared hosting environment before selecting My Web Pages
Starter Kit and a hosting environment and an account type
- Don't store personal information on a website in shared hosting environment, as
for example:
- personal data of other people
- health information
- credit card information
- Evaluate whether a shared hosting infrastructure is safe enough for your purpose.
- Evaluate whether unencrypted communication is reasonable (usernames, passwords)
- Backup your data on a regular base by downloading the content of the App_Data folder
via FTP.
- Assign clear responsibilities for maintenance of your homepage:
- Who receives security issue notifications?
- Who does regular backups?
|
|
|
|
4.2 Developer |
|
|
|
As a developer, you should remember the following important things:
- Do not modify the way passwords are hashed.
- Do not extend the software in a way, which encourages storage of sensitive information,
which is not protected enough in shared hosting environments, as there are:
- personal data of other people
- health information
- credit card information
- Consider security best practice when extending and modifying the kit.
- Make sure you have subscribed the My Web Pages Starter Kit newsfeed to receive
the latest news in case of a security issue.
- Keep track on the people for whom you have changed/extended/deployed My Web Pages
Starter Kit and which you may want to notify them if a security issue appears
- Make sure you always have a copy of your source code, as you may need to test or
integrate changes based on security fixes in the future.
|
|
|
|
5 Configuring IIS for the Silverlight gallery |
|
|
|
As long as XAML is not defined as a MIME type in IIS, the Silverlight plug-in can not be loaded correctly. To be able to display the Silverlight gallery,
please configure your IIS as follows: (These steps are not necessary if you use
IIS 7.0 or higher, since the XAML MIME type is already defined in this version.)
- Choose your website in IIS
- Open the context menu and choose "Properties"
- Select the register "HTTP-Header"
- Click on the button labeled "MIME Types..."
- If .xaml is not yet listed as a type, choose "New"
- Enter the following description:
Extension: |
|
.xaml |
MIME type: |
|
application/xaml+xml |
- Click "Ok", then choose "Apply"
Learn more
|
|
|
|