Blasting XML out to a page.

Discussion:

Eric Wild

2004-10-06 02:32:54 UTC

Hey all,
I've been messing aroud with this and can't seen to get it right. I just
want to make the XML file display as it would if I had double clicked on the
file. I've used:

Response.Clear()
Response.ContentType = "text/XML"
'Response.ContentType = "text/plain"
'Response.ContentEncoding = System.Text.Encoding.UTF8
Response.WriteFile(fileName)

Some of the lines are commented, but I've tried various combinations.
When I just call:

Response.WriteFile(fileName)

I get in the browser:

Cannot have a DOCTYPE declaration outside of a prolog. Error processing
resource 'http://localhost/Test/Test/fileXML.aspx'. Line 16, Position 11

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
----------^

The error happens periodically, and on different XML at different lines in
the XML document.
Any Help?

Eric Wild

===================================
This list is hosted by DevelopMentor® http://www.develop.com
NEW! ASP.NET courses you may be interested in:

Guerrilla ASP.NET, 8 November 2004, in Los Angeles
http://www.develop.com/courses/gaspdotnetls

Guerrilla ASP.NET, 13 December 2004, in Boston
http://www.develop.com/courses/gaspdotnetls

View archives and manage your subscription(s) at http://discuss.develop.com

Stephen G. Maczko

2007-03-13 23:30:40 UTC

Permalink

Stacey Levine

2007-03-14 12:26:01 UTC

Permalink

Mark Aurit

2007-03-14 16:57:40 UTC

Permalink

I have a web service that interrogates the corporate active directory;
it uses the domain acccount (via IIS Windows Integrated Security) as
the "key".

Now I need to abstract it a level higher for the non-MS
browsers/platforms (or a level lower, depending on where you stand in
the religious wars :-); in that case they need to supply both the domain
account AND password that Im to verify against AD.

I believe one way is to pass the account and the password as parameters
to Directory entry and try ... catch it.

Can anyone provide any help on this? Thanks much!

// current "pseudo code" in working web service
public void GetAccount(string <domain account to lookup>,string <ldap
server>)
{
string ldapDomain="LDAP://"+<ldap server>;
System.DirectoryServices.DirectoryEntry adEntry = new
System.DirectoryServices.DirectoryEntry(ldapDomain);

System.DirectoryServices.DirectorySearcher adSearcher = new
System.DirectoryServices.DirectorySearcher(adEntry);

adSearcher.Filter = ("(anr="+<domain to lookup>+")");
System.DirectoryServices.SearchResult adResult=adSearcher.FindOne();
}

--
====================
Mark Aurit
***@gmail.com

===================================
This list is hosted by DevelopMentor® http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

Mark Aurit

2007-03-15 14:00:28 UTC

Permalink

Yes, adding the account/pw parameters to DictionaryEntry did the trick.

Mark Aurit wrote:
> I have a web service that interrogates the corporate active directory;
> it uses the domain acccount (via IIS Windows Integrated Security) as
> the "key".
>
> Now I need to abstract it a level higher for the non-MS
> browsers/platforms (or a level lower, depending on where you stand in
> the religious wars :-); in that case they need to supply both the domain
> account AND password that Im to verify against AD.
>
> I believe one way is to pass the account and the password as parameters
> to Directory entry and try ... catch it.
>
> Can anyone provide any help on this? Thanks much!
>
> // current "pseudo code" in working web service
> public void GetAccount(string <domain account to lookup>,string <ldap
> server>)
> {
> string ldapDomain="LDAP://"+<ldap server>;
> System.DirectoryServices.DirectoryEntry adEntry = new
> System.DirectoryServices.DirectoryEntry(ldapDomain);
>
> System.DirectoryServices.DirectorySearcher adSearcher = new
> System.DirectoryServices.DirectorySearcher(adEntry);
>
> adSearcher.Filter = ("(anr="+<domain to lookup>+")");
> System.DirectoryServices.SearchResult adResult=adSearcher.FindOne();
> }
>
> --
> ====================
> Mark Aurit
> ***@gmail.com
>
> ===================================
> This list is hosted by DevelopMentor® http://www.develop.com
>
> View archives and manage your subscription(s) at
> http://discuss.develop.com
>

--
====================
Mark Aurit
***@gmail.com

===================================
This list is hosted by DevelopMentor® http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

Lizet Pena de Sola

2007-03-21 15:00:11 UTC

Permalink

Efran Cobisi

2007-03-21 15:10:59 UTC

Permalink

Hello Lizet,

Afaik, setting the cache control of your http response to no-store would
do the trick. You could use the following line of code [C#] before
issuing the last redirect:

Context.Response.Cache.SetNoStore();

HTH,

Efran Cobisi
http://www.cobisi.com

Lizet Pena de Sola wrote:
> Hi all,
> I'm reviewing a web project that uses Forms authentication.
> After the authentication process we create an encrypted ticket, create
> the cookie that will be used by the FormsAuthentication provider and
> redirect to the requested page:
> Dim isCookiePersistent As Boolean = False
> Dim authTicket As New FormsAuthenticationTicket(1, UserName,
> DateTime.Now, DateTime.Now.AddMinutes(60), isCookiePersistent, UserData)
>
> Dim encryptedTicket As String =
> FormsAuthentication.Encrypt(authTicket)
>
> Dim authCookie As New
> HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
>
> If (isCookiePersistent) Then
> authCookie.Expires = authTicket.Expiration
> End If
>
>
> Context.Response.Cookies.Add(authCookie)
> FormsAuthentication.RedirectFromLoginPage(UserName, False)
>
>
>
> During user log out we clear the session, call the
> FormsAuthentication.SignOut() and redirect the user to the login page.
>
> We have, however, an odd behavior. After the user has logged out of the
> application, he can, by clicking the back button on the same browser
> windows, navigate to the previous pages he opened. These pages are in
> the secure area. These pages are not requested to the server, these
> requests do not hit the server so I presume the user sees cached pages
> in the client.
>
> Any suggestion on how to avoid this is more than welcome,
>
>
>
> Lizet
>
> ===================================
> This list is hosted by DevelopMentor® http://www.develop.com
>
> View archives and manage your subscription(s) at http://discuss.develop.com
>

===================================
This list is hosted by DevelopMentor® http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

Lizet Pena de Sola

2007-03-21 15:14:25 UTC

Permalink

I found the exact same answer on this article, Preventing Review of Secured Pages, and I'm about to give it a try. I thought this was the default behavior, naïve of me...
http://aspalliance.com/694

-----Original Message-----
From: Discussion of building .NET applications targeted for the Web [mailto:DOTNET-***@DISCUSS.DEVELOP.COM] On Behalf Of Efran Cobisi
Sent: Wednesday, March 21, 2007 11:11 AM
To: DOTNET-***@DISCUSS.DEVELOP.COM
Subject: Re: [DOTNET-WEB] Forms Authentication and cached pages

Hello Lizet,

Afaik, setting the cache control of your http response to no-store would
do the trick. You could use the following line of code [C#] before
issuing the last redirect:

Context.Response.Cache.SetNoStore();

HTH,

Efran Cobisi
http://www.cobisi.com

Lizet Pena de Sola wrote:
> Hi all,
> I'm reviewing a web project that uses Forms authentication.
> After the authentication process we create an encrypted ticket, create
> the cookie that will be used by the FormsAuthentication provider and
> redirect to the requested page:
> Dim isCookiePersistent As Boolean = False
> Dim authTicket As New FormsAuthenticationTicket(1, UserName,
> DateTime.Now, DateTime.Now.AddMinutes(60), isCookiePersistent, UserData)
>
> Dim encryptedTicket As String =
> FormsAuthentication.Encrypt(authTicket)
>
> Dim authCookie As New
> HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
>
> If (isCookiePersistent) Then
> authCookie.Expires = authTicket.Expiration
> End If
>
>
> Context.Response.Cookies.Add(authCookie)
> FormsAuthentication.RedirectFromLoginPage(UserName, False)
>
>
>
> During user log out we clear the session, call the
> FormsAuthentication.SignOut() and redirect the user to the login page.
>
> We have, however, an odd behavior. After the user has logged out of the
> application, he can, by clicking the back button on the same browser
> windows, navigate to the previous pages he opened. These pages are in
> the secure area. These pages are not requested to the server, these
> requests do not hit the server so I presume the user sees cached pages
> in the client.
>
> Any suggestion on how to avoid this is more than welcome,
>
>
>
> Lizet
>
> ===================================
> This list is hosted by DevelopMentor® http://www.develop.com
>
> View archives and manage your subscription(s) at http://discuss.develop.com
>

===================================
This list is hosted by DevelopMentor® http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

===================================
This list is hosted by DevelopMentor® http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

Lizet Pena de Sola

2007-03-21 17:03:22 UTC

Permalink

Lizet Pena de Sola

2007-03-27 17:34:29 UTC

Permalink

Efran Cobisi

2007-04-02 07:42:28 UTC

Permalink

Hi Lizet,

It seems IE does not store the file in its temporary Internet files
folder whenever the server specifies the "no-store" http cache directive
(yes, in my opinion this is a bug) [1]; as a consequence, it cannot feed
Acrobat/Excel or whatever external application with the output of your page.
I suggest you to remove this cache header whenever you need to send to
the client a file to be opened this way.

[1] http://support.microsoft.com/kb/243717/en-us

HTH,

Efran Cobisi
http://www.cobisi.com

Lizet Pena de Sola wrote:
> We had an interesting side effect though. We generate PDF reports and
> excel reports on the fly. After setting up that http header directive,
> the reports stopped to work. IE wouldn't recognize the file name and
> gave error when the user tried to open or save the report...
> interesting.
>
> -----Original Message-----
> From: Discussion of building .NET applications targeted for the Web
> [mailto:DOTNET-***@DISCUSS.DEVELOP.COM] On Behalf Of Pena, Lizet
> (Consultant)
> Sent: Wednesday, March 21, 2007 1:03 PM
> To: DOTNET-***@DISCUSS.DEVELOP.COM
> Subject: Re: [DOTNET-WEB] Forms Authentication and cached pages
>
> Hello Efran,
> We put this directive in the base class we use to inherit the pages
> from, on the Init() event and the pages are no longer cached on the
> client.
> Thanks for the help,
> Lizet
>
> -----Original Message-----
> From: Discussion of building .NET applications targeted for the Web
> [mailto:DOTNET-***@DISCUSS.DEVELOP.COM] On Behalf Of Efran Cobisi
> Sent: Wednesday, March 21, 2007 11:11 AM
> To: DOTNET-***@DISCUSS.DEVELOP.COM
> Subject: Re: [DOTNET-WEB] Forms Authentication and cached pages
>
> Hello Lizet,
>
> Afaik, setting the cache control of your http response to no-store would
> do the trick. You could use the following line of code [C#] before
> issuing the last redirect:
>
> Context.Response.Cache.SetNoStore();
>
> HTH,
>
> Efran Cobisi
> http://www.cobisi.com
>
> Lizet Pena de Sola wrote:
>
>> Hi all,
>> I'm reviewing a web project that uses Forms authentication.
>> After the authentication process we create an encrypted ticket, create
>> the cookie that will be used by the FormsAuthentication provider and
>> redirect to the requested page:
>> Dim isCookiePersistent As Boolean = False
>> Dim authTicket As New FormsAuthenticationTicket(1, UserName,
>> DateTime.Now, DateTime.Now.AddMinutes(60), isCookiePersistent,
>>
> UserData)
>
>> Dim encryptedTicket As String =
>> FormsAuthentication.Encrypt(authTicket)
>>
>> Dim authCookie As New
>> HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
>>
>> If (isCookiePersistent) Then
>> authCookie.Expires = authTicket.Expiration
>> End If
>>
>>
>> Context.Response.Cookies.Add(authCookie)
>> FormsAuthentication.RedirectFromLoginPage(UserName, False)
>>
>>
>>
>> During user log out we clear the session, call the
>> FormsAuthentication.SignOut() and redirect the user to the login page.
>>
>> We have, however, an odd behavior. After the user has logged out of
>>
> the
>
>> application, he can, by clicking the back button on the same browser
>> windows, navigate to the previous pages he opened. These pages are in
>> the secure area. These pages are not requested to the server, these
>> requests do not hit the server so I presume the user sees cached pages
>> in the client.
>>
>> Any suggestion on how to avoid this is more than welcome,
>>
>>
>>
>> Lizet
>>
>> ===================================
>> This list is hosted by DevelopMentor(r) http://www.develop.com
>>
>> View archives and manage your subscription(s) at
>>
> http://discuss.develop.com
>
>
> ===================================
> This list is hosted by DevelopMentor(r) http://www.develop.com
>
> View archives and manage your subscription(s) at
> http://discuss.develop.com
>
> ===================================
> This list is hosted by DevelopMentor(r) http://www.develop.com
>
> View archives and manage your subscription(s) at
> http://discuss.develop.com
>
> ===================================
> This list is hosted by DevelopMentor® http://www.develop.com
>
> View archives and manage your subscription(s) at http://discuss.develop.com
>

===================================
This list is hosted by DevelopMentor® http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

Lizet Pena de Sola

2007-04-02 12:55:33 UTC

Permalink

Continue reading on narkive:

Search results for 'Blasting XML out to a page.' (Questions and Answers)

replies

Am i progressing slowly/poorly - World of Warcraft?

started 2009-01-12 15:55:10 UTC

video & online games