Use these guidelines to optimize your application development with custom pages.
This page contains the following information:
- Use helper classes
- Secure custom pages as necessary
- Authorize users for operations
- Avoid using underscores to begin file names
- Don't use restricted file types for custom pages
Use the helper classes so that you program to an interface. This interface provides functionality for returning a database context and connecting to the Services API. These helper classes are in Relativity API Helpers available when you reference the Relativity.API.dll in your projects. Codes samples for custom pages illustrate how to establish this connection with the helper classes. For more information, see Basic concepts for custom pages and Using Relativity API Helpers.
Set up security for custom pages if you're including sensitive data. Consider storing this information in a database or in a Relativity Dynamic Object (RDO), so that you can control the security on these items.
Note: You set the security on the custom pages. A custom page verifies that the user is logged in to Relativity and has access to the application, but it doesn't validate any of the user's permissions.
Relativity automatically verifies that user is authenticated prior to displaying the custom page. However, you must authorize the user within the context of a custom page for operations, such as creating, updating, and deleting data.
File names that begin with an underscore aren't deleted when you upgrade an application with custom pages. For example, the file called _filename.aspx won't be deleted, but it is overwritten if contained in the new package used for upgrade.
Don't use these restricted file types for custom page development:
- .exe (Executable program file)
- .com (MS-DOS program file)
- .pif (Shortcut to MS-DOS program file)
- .bat (Batch file)
- .scr (Screen saver file)
The instance setting called CustomPageRestrictedFileTypes determines which file types can't be uploaded to Relativity. See the