Authorization

Once your users have been authenticated, you can focus on authorizing what resources you would like them to have access to. The following sample shows access being granted to "jkieley" and "jstegman," while everyone else is denied access.

<authorization>   <allow users="NORTHAMERICA\jkieley, REDMOND\jstegman"/>   <deny users="*"/></authorization>

Impersonation

As a refresher, impersonation refers to the process whereby an object executes code under the identity of the entity on whose behalf it is performing. In ASP, impersonation will allow your code to run on the behalf of an authenticated user. Alternately, your users can run anonymously under a special identity. By default, ASP .NET does not do per-request impersonation. This is different from ASP. If you rely on this capability, you will need to enable this in your web.config file as follows:

<identity>   <impersonation enable = "true"/></identity>

Data Access

Another key area you may need to focus on for your migration efforts is that of data access. With the introduction of ADO .NET, you now have a powerful new way to get at your data. Since data access is a large topic in itself, it goes beyond the scope of this article. For the most part, you can continue to use ADO as you have in the past, but I highly recommend taking a look at ADO .NET as a means to improve your data access methods within your ASP .NET application.

Preparation for ASP .NET

Now that you have been exposed to most of the issues you are likely to encounter, you may be wondering what things you can do today to be better prepared for them when you finally move to ASP .NET. Quite a few things can be done that will make the process smoother. Many of these suggestions will be beneficial to your ASP code even if you do not move to ASP .NET until sometime in the future.

Use Option Explicit

This has always been a good idea but still not everyone uses it. By enforcing variables to be declared in ASP by using Option Explicit, you will at least have a handle of where everything is defined and how your variables are being used. Once you move to ASP .NET, I suggest using Option Strict. Option Explicit will be the default in Visual Basic .NET but by using the more enforcing Option Strict, you will ensure all of your variables are declared as the correct data type. Doing this definitely requires a bit of extra work but, in the long run, you will discover that is was well worth it.

Avoid Using Default Properties

As we discussed, default properties are no longer allowed. Accessing your properties explicitly isn't really that hard to do anyway. It will make your code more readable and also save you time in porting in the future.

Use Parentheses and the Call Keyword

Use parentheses and Call statements wherever possible, as detailed earlier in this article. In ASP .NET you will be forced to use parentheses. Using the Call statement today will help you add a bit of discipline that will better prepare you for the future.

Avoid Nested Include Files

This may be easier said than done but, if possible, you should avoid nesting your include files. To clarify what I mean by this, you should try to eliminate any areas where you have include files that include other include files. What tends to happen over time is that your code ends up relying on a global variable that is defined in an include file somewhere else, and you are getting access to it only because you have included another file that includes the one you really need.
When you migrate to ASP .NET, you will most likely be moving your global variables and routines into class libraries, in which case, it is much easier to do if you have a clear pic