O'Reilly logo

Secrets of Real World ASP.NET Dynamic Data Web Sites by Craig Shoemaker

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

1.6. Secure the Scaffolding

The scaffolding exposed by Dynamic Data is a set of very powerful screens. Effectively you are granting full create, read, update, and delete (CRUD) capabilities to anyone who navigates to these pages. Obviously there are many techniques available to restrict the behavior of the scaffolding, but many times the "admin screens" that Dynamic Data provides are necessary at least to site developers and administrators. Therefore, securing the scaffolding early in the development cycle is advised.

There are two obvious methods available to secure these pages. Many developers choose to create a Dynamic Data site separate from the production application that points to the database to provide "admin" screens. Project-level ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required