| ProfileSitecore APIBlogLists |  Tools  Help |
|
December 05 Pluggable DataEngine?Recently, we had a question on plugging a custom DataEngine into Sitecore:
While the DataEngine itself is not pluggable, the individual commands making up the engine is. That allows you to override any command in the engine. To illustrate what the engine actually does, here is the code for DataEngine.GetItem:
public Item GetItem(ID itemId, Language language, Version version) {
GetItemCommand command = Commands.GetItemPrototype.Clone(); command.Initialize(itemId, language, version);
return command.Execute();
} All methods look like this (with different command prototypes).
To override the behaviour of the GetItemCommand, all you need to do is to assign your own class to the GetItemPrototype property. In V5.3, you have to do this in code (in a hook, for instance). In V5.3.1 you will be able to do it directly from web.config.
For the hook, you can use something like this:
public class MyHook : IHook {
#region IHook implementation
public void Initialize() {
Database database = Factory.GetDatabase("master"); database.Engines.DataEngine.Commands.GetItemPrototype = new MyGetItemCommand(); } #endregion
} Set up the hook in web.config like this: <hooks>
<hook type="MyNamespace.MyHook, MyAssembly"/> ... </hooks> The command implementation should look something like this:
public class MyGetItemCommand : GetItemCommand {
protected override Item DoExecute() {
// Do your stuff here and return an item or null. // Optionally, you can call base.DoExecute(); } public override GetItemCommand Clone() {
MyGetItemCommand command = new MyGetItemCommand(); command.Engine = Engine;
return command;
} } There is a number of other methods you can override, but DoExecute is the one that does the actual work.
Note that if you override any of the event generating commands (such as SaveItem), the events will still be fired. If you wish to take over the event handling, you should also override the CanExecute and Executed methods.
Also, note that no security checking is performed at this level. The DataEngine is called from the ItemProvider (via ItemManager) which handles securit. If you wish to alter the way security is applied, this might be a better place to hook in (which can be done by using the ItemManager.Provider property).
XSLT securityIn V5.3 it is possible to completely disable security for all descendants of WebControl (including XslFile). Simply set the property 'DisableSecurity' to 'true' on the control. For XSLT files, we have created two new XSL controls that can be used to enable and disable security for specific sections in an XSLT file. An example is provided below: <xsl:template match="*" mode="main"> <h2>Security disabled</h2>
The <sc:disableSecurity> surrounds its containing statements with a After preprocessing, the code will look like this: <xsl:template match="*" mode="main"> November 27 <sc:image> enhancements in V5.3<sc:image> now supports the following attributes (bold indicates default values): field => The name of the image field (same as V5.2). select => The xpath to the item. (same as V5.2 with '.' as the default value). allowStretch => Allow stretching the image beyond its original size? Legal values: [true | false]. Same as the 'as' parameter for media URLs. backgroundColor => Background color for the border added when an image is strecthed beyond its original size (and allowStretch=false). Legal values: Color names (ie. red, blue, etc.) and HTML hex color codes (ie. CE55E2). Same as the 'bc' parameter for media URLs. database => The name of the database to pull the image from? Legal values are any of the defined database names. The default value is the content database of the current site (if no content database is defined, the regular site database is used). Same as the 'db' parameter for media URLs. disableMediaCache => Disable the media cache for this request? Legal values: [true | false]. If true, the image will always be retreived from the database, bypassing the media cache. Same as the 'dmc' parameter for media URLs. height => Height of the image to display. Legal values: Any positive integer. Same as the 'h' parameter for media URLs. language => Language of the image to display. Legal values: Any valid language name. Same as the 'la' parameter for media URLs. maxHeight => Maximum height of the image to display. Legal values: Any positive integer. Same as the 'mh' parameter for media URLs. maxWidth => Maximum width of the image to display. Legal values: Any positive integer. Same as the 'mw' parameter for media URLs. scale => Scale factor for the image to display. Legal values: Any positive floating point number (note that the decimal separator must always be a dot, as in 3.4). Same as the 'sc' parameter for media URLs. thumbnail => Request a thumbnail image? Legal values: [true | false]. This can be used for displaying representations of media types other than images (ie. pdf, flash, etc.). Same as the 'thn' parameter for media URLs. version => Version of the image to display. Legal values: Any positive integer. Same as the 'vs' parameter for media URLs. width => Width of the image to display. Legal values: Any positive integer. Same as the 'w' parameter for media URLs. Note that you can also use the shorthand names of these parameters (ie. w, h, thn, etc.).
TestThis is a test. December 06 Linking items and databasesThe following will apply to the release build of Sitecore 5.1.1
In Sitecore you can create special 'proxy' items that serve as links between different items. The items being linked may come from different databases.
For instance, say I have the following structure:
A
|-B |-C |-D |-E |-F Now I want to expose E and its children below B such that E can be found both below B and below C. The way to do it is:
E will now appear below B and its data and children will be shown when it is selected. The E below B is shown in a different color to signify that it is only a 'shadow' of the real E.
A
|-B |-E' |-F' |-C |-D |-E |-F All operations on the E shadow item (E') will be redirected to the real E. For instance if you change any data in E' and select Save then the data will be saved to E. E' has no data of its own.
Even the Delete operation works on the real E so be careful!
There are a few exceptions to the rule of redirection:
Linking across databasesTo make links between databases, follow the same instructions as above, but specify a database name in the 'Target database' field of the proxy item. When proxies are activated, the shadow items will be retrieved from the target database.
Please note that to protect the host database, all shadow items will be given unique (but static) IDs. Therefore you can link the same items multiple times in the same host database without ID collisions.
ChildrenIt is possible to exclude the children of a linked item by selecting 'Exclude children' on the proxy item.
API support for linked itemsThe shadow ID will be exposed in the Item.ID property. If you need the 'real' ID of an item, you can use:
Item.InnerData.Definition.ID
Also, there are some properties in the RuntimeSettings object that supports working with linked items. Note that the settings only applies when proxies are activated.
In a future version we will expose more of the 'shadow' API.
November 17 Cache statisticsThe following applies to Sitecore version 5.1.1.6 and later.
Often it can be quite interesting to see which Sitecore caches are active and how much data they contain.
For this purpose, I have built a (very simple!) tool located in:
/sitecore/admin/cache.aspx
As you might notice, our UI guru, Jakob, has not yet had a chance to work on the interface :-D
The tool simply displays all registered caches in Sitecore and a few simple statistics. It also permits you to clear all caches (which might sometimes be very useful).
The future plans for this tool is to get it integrated into the Sitecore shell (via the Control Panel). Also, it should be possible to clear individual caches and see more detailed statistics (hit rate and more). Clearing the HTML cacheThe following applies to Sitecore 5.1.1.6 and later.
Sometimes it is desirable to periodically clear the HTML cache for a web site. The site may include renderings which displays data that needs to be refreshed from time to time.
For this purpose, we have introduced a new scheduled task which clears the HTML cache periodically.
The task is called HtmlCacheClearAgent and it is disabled per default (its interval is set to 00:00:00).
Whenever it is run, it simply clears the HTML cache of all active sites.
As all other scheduled tasks, you can find its definition in web.config in the <scheduling> section.
In a later version of Sitecore we will provide a more granular cache clearing approach allowing you to specify cache timeouts on individual renderings.
For inspiration, I have included the source code of the HtmlCacheClearAgent below, so you can see how easy it is to build a scheduled task :-D
using Sitecore.Caching;
using Sitecore.Configuration; using Sitecore.Sites; namespace Sitecore.Tasks {
//=========================================================================== /// <summary>HtmlCacheClearAgent</summary> //=========================================================================== public class HtmlCacheClearAgent { #region Public methods
///-------------------------------------------------------------
/// <summary>Agent used for clearing HTML caches.</summary> ///------------------------------------------------------------- public void Run() { string[] names = Factory.GetSiteNames(); if (names != null) {
for(int n=0; n < names.Length; n++) { SiteContext site = Factory.GetSite(names[n]); if (site != null) {
HtmlCache cache = CacheManager.GetHtmlCache(site); if (cache != null) {
cache.Clear(); } } } } } #endregion } } November 04 Setting up a <database>A "database" in Sitecore speak is a named data store for Sitecore items.
Databases are defined in web.config using the <database> element. Only databases defined below the main <databases> element are considered valid.
The bare minimum for a database definition is:
<database id="myDB" singleInstance="true" type="Sitecore.Data.Database, Sitecore.Kernel">
<param desc="name">$(id)</param> </database> This will define a database called 'myDB' that can be accessed from within the Sitecore API in the following way: Database database = Factory.GetDatabase("myDB");
MainUtil.Out("Got the database: " + database.Name); The code will output the message: Got the database: myDB
Note that all threads in the process will share a single instance of the database object due to the attribute 'singleInstance' on the <database> element. The database defined above will not contain any data as it has not yet been told where and how to retrieve its data. Data providersTo be able to retrieve data, the database must be associated with one or more data providers. A data provider is a vendor specific implementation of a class that reads and writes data to a persistent medium. Examples of these include SQL Server, Oracle and Firebird.
The following definition will associate the 'myDB' database with a SQL Server specific data provider.
<database id="myDB" singleInstance="true" type="Sitecore.Data.Database, Sitecore.Kernel">
<param desc="name">$(id)</param> <dataProviders hint="list:AddDataProvider"> <dataProvider type="Sitecore.Data.DataProviders.SqlServerDataProvider, Sitecore.SqlServer"> <param ref="connections/$(id)"/> </dataProvider> </dataProviders> </database> Usually the actual data provider configuration is kept in the <dataProviders> main section which is then referenced in the database definition. For example:
<database id="myDB" singleInstance="true" type="Sitecore.Data.Database, Sitecore.Kernel">
<param desc="name">$(id)</param> <dataProviders hint="list:AddDataProvider"> <dataProvider ref="dataProviders/sqlserver" param1="$(id)"/> </dataProviders> </database> The definition of the referenced data provider is:
<!-- DATA PROVIDERS -->
<dataProviders> <sqlserver type="Sitecore.Data.DataProviders.SqlServerDataProvider, Sitecore.SqlServer"> <param ref="connections/$(1)"/> </sqlserver> ...
</dataProviders> The syntax '$(1)' refers the the 'param1' attribute in the reference. In turn, the '$(id)' in the 'param1' attribute refers to the 'id' attribute on the <database> element. The end result is that the value 'connections/$(1)' will be expanded to 'connections/myDB'.
The possible sub elements of the <dataProvider> element depends on the type of data provider. For instance, the TemplateFileResolver supports a boolean property called AbortChain. To modify this value, you could write the following in web.config:
<!-- DATA PROVIDERS -->
<dataProviders> <templatefile type="Sitecore.Data.DataProviders.TemplateFileResolver, Sitecore.Kernel"> <param desc="template file">$(1)</param> <abortChain>true</abortChain> </templatefile> ...
</dataProviders> A common feature for all data providers is disabling and enabling specific methods and method groups. This is mostly used when chaining data providers. For an explanation, please read:
http://spaces.msn.com/members/sitecore/Blog/cns!1pM0Pk8tFprM9V5rOXWTq0KQ!115.entry
Also, for a general description of data providers, see: ShadowsIf a database should support linked items, it must be assigned a 'Shadow provider'. This is done using the ShadowProvider property:
<database id="myDB" singleInstance="true" type="Sitecore.Data.Database, Sitecore.Kernel">
<param desc="name">$(id)</param> ... <shadowProvider type="Sitecore.Data.$(database).$(database)ShadowProvider, Sitecore.$(database)"> <param desc="connection" ref="connections/$(id)"></param> </shadowProvider> <securityEnabled>true</securityEnabled> </database> If for some reason you want to assign a shadow provider but do not want it to be active, you can disable all linked items in the database using the ProxiesEnabled property:
<database id="myDB" singleInstance="true" type="Sitecore.Data.Database, Sitecore.Kernel">
<param desc="name">$(id)</param> ... <shadowProvider type="Sitecore.Data.$(database).$(database)ShadowProvider, Sitecore.$(database)"> <param desc="connection" ref="connections/$(id)"></param> </shadowProvider> <proxiesEnabled>false</proxiesEnabled> </database> ArchivesA database may be associated with one or more archives. The association is done through the <archives> element:
<database id="myDB" singleInstance="true" type="Sitecore.Data.Database, Sitecore.Kernel">
<param desc="name">$(id)</param> ... <archives hint="list:AddArchive"> <archive path="archives/archive[@id='archive']"/> <archive path="archives/archive[@id='recyclebin']"/> </archives> </database> The actual archive definitions are usually located below the <archives> main section.
There are two magical names in connection with archives. The archive named 'archive' is used when archiving items in a database, and the one named 'recyclebin' is used when deleting items. If an archive name 'recyclebin' is available when deleting an item, the item is moved to the 'recyclebin' archive rather than being physically deleted.
IndexesA database may be associated with one or more indexes. The association is done through the <indexes> element:
<database id="myDB" singleInstance="true" type="Sitecore.Data.Database, Sitecore.Kernel">
<param desc="name">$(id)</param> ... <indexes hint="list:AddIndex"> <index path="indexes/index[@id='system']"/> </indexes> </database> The actual index definitions are usually located below the <indexes> main section.
Note that the name 'system' is magic. This is the index used when searching for data in the content editor.
Linked itemsIf a database supports 'linked items', it must be associated with a linked items provider:
<database id="myDB" singleInstance="true" type="Sitecore.Data.Database, Sitecore.Kernel">
<param desc="name">$(id)</param> ... <linkedItemsProvider hint="defer" type="Sitecore.Data.LinkedItems.SqlLinkedItems, Sitecore.SqlServer"> <param desc="database">$(id)</param> <param desc="connection to linked items db" ref="connections/$(id)" /> <param desc="cache size">300KB</param> </linkedItemsProvider> </database> The linked items provider keeps track of linked items and databases and the properties you can set depend on the specific implementation.
For a description of linked items see:
SecurityBy default, security is always enabled on a database. This means that access to individual items in the database is checked against the current users credentials. If a user does not have the appropriate rights, the action is denied.
Sometimes it makes sense to skip these checks. To do that, the property 'SecurityEnabled' can be used:
<database id="myDB" singleInstance="true" type="Sitecore.Data.Database, Sitecore.Kernel">
<param desc="name">$(id)</param> ... <securityEnabled>false</securityEnabled> </database> Also, a database may be marked as read-only to disable all modifications to the database regardless of access rights:
<database id="myDB" singleInstance="true" type="Sitecore.Data.Database, Sitecore.Kernel">
<param desc="name">$(id)</param> ... <readOnly>true</readOnly> </database> Currently, this setting will only affect the Sitecore client application. It is not used by the API, but this will propably change in a future version.
WorkflowsIf a database supports workflows, a 'workflow provider' must be configured. A workflow provider is responsible for matching workflows to items. It is configured using the <workflowProvider> element:
<database id="myDB" singleInstance="true" type="Sitecore.Data.Database, Sitecore.Kernel">
<param desc="name">$(id)</param> ... <workflowProvider hint="defer" type="Sitecore.Workflows.Simple.WorkflowProvider, Sitecore.Kernel"> <param desc="database">$(id)</param> <param desc="history store" ref="workflowHistoryStores/sqlServer" param1="$(id)" /> </workflowProvider> </database> A specific workflow provider implementation must currently implement the IWorkflowProvider interface. The properties you can set on the workflow provider depends on the specific implementation.
October 31 Firebird configurationFrom version 5.1.1.x Sitecore now supports having data in Firebird databases.
All necessary DLL files, databases etc. are included in the Sitecore standard distribution.
By default, Sitecore is configured to use SQL Server as its data store. By editing web.config, this can be changed to Firebird.
The following changes are necessary:
1) Set up connection stringsA Firebird connection string has the form:
Database={database file};User=SYSDBA;Password=masterkey;ServerType=1;Dialect=3;
Thus a valid connection string would be:
Database=c:\data\sc51Web.fdb;User=SYSDBA;Password=masterkey;ServerType=1;Dialect=3;
The path to the database may be relative to the web site root. Example:
Database=/data/sc51Web.fdb;User=SYSDBA;Password=masterkey;ServerType=1;Dialect=3;
The databases of the distribution is located in the /data folder per default.
The connection strnig should be entered in the <connections> section of web.config.
Replace SqlServer reference with Firebird in web.configThe <sitecore> element in web.config contains an attribute called 'database' that controls which kind of database Sitecore is runnning on. To use Firebird as the database engine, the <sitecore> tag should be edited to look like this:
<sitecore database="Firebird">
Save web.config and start Sitecore. You should now be running on Firebird.
October 19 Virtual usersThe following applies to Sitecore 5.1.0.8 and later.
It is possible to create user objects in memory that do not physically exist in the security database. The user objects can be assigned administrative rights, roles etc. and can be used for login.
Once a virtual user has been logged in, it is used by the system as if it was a 'real' user. Thus, API code that has special security needs can use virtual users to accomplish these.
An example of creating a virtual user:
ID myUserID = ID.NewID;
string myUserName = "Virt"; UserItem myUser = Context.Domain.BuildVirtualUser(myUserID, myUserName);
myUser.IsAdministrator = true;
Context.Domain.Login(myUser);
Item item = GetSomeProtectedItem(...);
...
Sometimes, you may not want to actually log the virtual user in. If you only need the user in a specific context, you can use the SecuritySwitcher class: ID myUserID = ID.NewID;
string myUserName = "Virt"; UserItem myUser = Context.Domain.BuildVirtualUser(myUserID, myUserName);
myUser.IsAdministrator = true;
using (new SecuritySwitcher(myUser)) {
Item item = GetSomeProtectedItem(...); ... } The security switcher causes Context.User to change to myUser inside the using block. After leaving the block, Context.User is restored to its previous value. October 10 Extranet loginNote: The following applies to Sitecore 5.1.0.7 and later. To provide login functionality on a web site, you can use the loginPage attribute on the site definition. For instance, <site In this case the loginPage points directly to a physical ASPX file. In case you want to point to an item instead, please remember to grant read access to Everyone on that item. Now, whenever an anonymous user requests a protected page, he is redirected to the login page. By contrast, if a logged-in user requests a page that he does not have access to, he is redirected to the 'no access' page and given the option to log in as another user (via a link at the bottom of the page). Require login for allIf you require that all visitors to the site must log in, you can use the requireLogin attribute like this: <site The configuration above will cause all requests by anonymous users to be redirected to the login page. Misc. considerationsIf you specify a domain without supplying a login page, unauthorised requests will be redirected to the value of Settings.NoAccessUrl (default: /sitecore/noaccess.aspx). This page will simply inform the user that the request failed due to missing access rights. If you set requireLogin="true" without specifying a login page, an error message will be shown telling that no login page has been specified in the configuration.
October 03 The problem with ChildrenAn often overlooked fact is that accessing the property Children of Sitecore.Data.Items.Item is a very expensive operation. The reason is that the list of children is retreived from the data layer every time the property is accessed. Basically the implementation goes like this: public ChildList Children { This is done to ensure that the list of children is always up to date. Therefore, to improve performance of your code, you should access Children as few times as possible. For instance, the following code is not very effective: Item item = GetSomeItem(); for(int n=0; n < item.Children.Count; n++) { If the child count is 10, then the list of children will be reloaded at 20 times! The code should instead be written: ChildList children = item.Children; for(int n=0; n < children.Count; n++) { In retrospect, the Children property should not have been a property at all. It should have been a method with the name GetChildren(). That would have indicated the performance overhead. But alas, that's way too late now...
Cache sizesIn Sitecore 5.1 we go from having one large cache (mapping to the ASP.NET cache) to using multiple custom caches. The caches are all accessed through a common class, the CacheManager. This class has a lot of methods used for adding/removing data and performing other cache related functions. Database cachesThe credential cache stores information about user rights. For instance, when it has been determined that a specific user can or can not read a given item, this information is stored in the credential cache. Subsequent read requests can then be granted without requiring a full security scan for the user again. The data cache stores data read from the data provider(s). The data is stored in a format that makes it very fast to access. Specifically, the cache contains objects of the type DataManager.DataContainer. The path mapping cache stores information about previously resolved paths. For instance, if the system has already determined that the path "/sitecore/content/home" maps to the ID {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} it stores this information. The next time someone requests an item using the same path, the item can be retrieved very fast using the cached ID. Site cachesThe html cache stores the html output of renderings that have been set to Cacheable. The xsl cache is used for storing compiled XSLT files in memory. This relieves the system from the need to recompile the XSLT's every time they are needed. Also, it helps keep memory consumption down when using inline code in XSLT's (as these can not be unloaded due to a limitation in .Net). The registry cache is used by the Sitecore Client to store various user settings and would not normally be used by other applications. The viewState cache is also an interal cache used by the Sitecore Client. Cache sizesCache sizes can be set up either on a specific site or database definition or it can be specified in the <cacheSizes> section. The values set directly on a site or a database will always take precedence over the values set in <cacheSizes>. The <cacheSizes> section should pretty much be self-explanatory. An example is shown below. <cacheSizes> The valid cache names for the <databases> element are: data The valid cache names for the <sites> element are: html To set a cache size directly on a site, use an attribute named xxxCacheSize where xxx is the name of the cache. For instance, to set the size of the html cache on the web site use: <site name="website" The size can be specified in bytes (no postfix), kilobytes (KB) or megabytes (MB). Spaces and dots are allowed in the value string, so the following is also valid: <site name="website" To set a cache size directly on a database, you must use the properties on the database object (as the database object is constructed by Sitecore.Factory using only reflection). To set the size of the data cache on the "master" database you can use: <database id="master" ...> Note that the size must be specified in bytes (as the type of the MaxSize property is long). Disable cachingBy settting a size of 0 (zero) on a cache, the cache in question will be disabled. For instance, to disable html caching on the web site: <site name="website" To disable all caching whatsoever in the system, the global setting "Caching.Enabled" can be used like this: <setting name="Caching.Enabled" value="false" /> This setting is mostly for diagnostic purposes. As a side note, individual data providers may also prevent their data from being cached by using the CacheOptions property on the DataProvider base class. For an example of this, see the file system data provider, which is defined like this in web.config: <filesystem
Automatic publishing in workflowsIncluded in Sitecore 5.1 is a new workflow action that will publish an item when it completes its workflow. The type string of the action is: Sitecore.Workflows.Simple.PublishAction, Sitecore.Kernel By attaching an action of this type to the 'Done' state of a workflow, the item will be published automatically on completion of its workflow. If you use the standard Action template, you can control the deepness of the publishing operation by using a parameter called deep. To enable deep publishing (ie. publish the item and all of its descendants) enter the following in the Parameters field: deep=1 To disable deep publishing (ie. publish only the item itself), just leave the field blank or enter the following in the Parameters field: deep=0 To make the action more user friendly, you can create a custom template that consists of the following fields: Type string (field type=text) Deep (field type=checkbox) After creating the action using the new template, enter the type string as shown above and use the checkbox to control publishing deepness. Dynamic rolesIt is now possible to temporarily make a user administrator and/or assign roles dynamically to the user.
The modifications are performed on a UserItem object before logging in, and they are not persisted to the security database. They are only persisted as long as the user is logged in. When the user logs out, or his session expires, the modifications are lost. For example, to login the user 'editor' with administrative rights, you can use the following approach: Domain domain = Sitecore.Context.Domain; UserItem user = domain.GetUser("editor"); user.RuntimeSettings.IsAdministrator = true; domain.Login(user); After this code is run, the current user will be 'editor', and he will have administrative rights. To add roles dynamically, use the following: Domain domain = Sitecore.Context.Domain; UserItem user = domain.GetUser("editor"); RoleItem role = domain.GetRole("webmasters"); user.RuntimeSettings.AddRole(role.ID); domain.Login(user); The 'editor' user will now be logged in as a member of the 'webmasters' role. You can check this by using the IsInRole() method on the user: bool ok = user.IsInRole(role.ID);
Role assignments can also be removed dynamically. Normally, the 'editor' user is a member of the 'editors' role. Use the following code to temporarily remove that membership: Domain domain = Sitecore.Context.Domain; UserItem user = domain.GetUser("editor"); RoleItem role = domain.GetRole("editors"); user.RuntimeSettings.RemoveRole(role.ID); domain.Login(user); Now the 'editor' is logged in without the 'editors' membership. Note that modifications to a users admin and roles status must be done prior to logging in. If you wish to change the assignments after login, you must re-login the user. The following code shows an example: string userName = "editor"; string password = "secret"; Domain domain = Sitecore.Context.Domain; domain.Login(userName, password); UserItem editorUser = domain.CurrentUser; editorUser.RuntimeSettings.IsAdministrator = true; domain.Login(editorUser); In the example above the user is first logged in using a user name and password, and then the resulting user instance is modified and logged in again. The reason you need to login again is that the runtime state of the user is only persisted during login. Therefore, if you do not login, the dynamic settings will disappear when the current page request ends. The dynamic user state is persisted to the client data store that we use instead of session variables. The client data store makes it possible to maintain state data across page requests (even on server farms). But that's another story... Password hashingThe passwords stored in the Sitecore user database are hashed using the MD5 algorithm. Lately MD5 has come under attack and as a consequence, we have now made the algorithm used by Sitecore configurable by way of a setting in web.config.
The setting is called: HashEncryptionProvider and the valid values are: MD5 SHA1 SHA256 SHA384 SHA512 An example of use: <setting name="HashEncryptionProvider" value="MD5" /> Remember that if this setting is changed on an existing installation, the old passwords will no longer work. September 28 Cool Sitecore blogFor those of you who hasn't already checked out my links to the right, I would definitely recommend that you visit Alexeys blog.
It has a lot of very useful articles and code samples. For example, this one discusses how to plug NVelocity into the Sitecore workflow engine. Very cool stuff!
He even made a custom build of NVelocity to make it easier to integrate. DataProvider method enabling/disablingA <dataProvider> tag in web.config now accepts one or more <enable> or <disable> child tags. These can be used for turning specific methods on or off. The special method name '*' applies to all methods. Example 1 - Disable all methods except GetItem and GetChildren: <dataProvider ...> <disable>*</disable> <enable>GetItem</enable> <enable>GetChildren</enable> </dataProvider> Example 2 - Disable the single method ChangeTemplate: <dataProvider ...> <disable>ChangeTemplate</disable> </dataProvider> To make working with groups of methods easier, a list of method groups have been added to the dataProviders/methodGroups section of web.config. These can be altered to suit specific cases. Also, new groups can be added. The tags used when working with groups are <enableGroup> and <disableGroup>. Example 3 - Disable all methods related to publishing: <dataProvider ...> <disableGroup>publishing</disableGroup> </dataProvider> Example 4 - Enable only methods related to reading items: <dataProvider ...> <disable>*</disable> <enableGroup>read</enableGroup> </dataProvider> September 26 HTML Editor customizationSeptember 23 WelcomeWelcome to the Sitecore API.In this blog, I will post various articles, code snippets and FAQs related to the Sitecore API.
The focus will be on Sitecore version 5.1 and later.
For those of you who doesn't know Sitecore, it is a content management system built for the .Net platform. To learn more, please visit our website.
I work at Sitecore as a developer and my primary responsibilty is the low-level APIs. My postings will therefore primarily concern the backend API of Sitecore and not so much the UI technology (Sheer).
For postings about Sheer, I suggest you check out Jakobs weblog.
|
|
|
