Hi,
this is Satalaj here I will configure ASP.net web application to use Membership providers.
After reading this article. You will be able to perform following tasks. To speed up the performance of membership provider
don't forget to read Omar Al Zabir's post here
http://omaralzabir.com/optimize_asp_net_membership_stored_procedures_for_greater_speed_and_scalability/
it will help you to look work on Sql hints like nolock, readpast etc. and you will succesfully resolve the issues regarding tablelocks or transaction dead locks.
1. Setup Asp.net Membership provider Data base using MS SQL server 2005.
2. Create user
3. Create Role Add user in Role
4. Provider Role base security to your application.
5. Redirecting authorized users to see his web section to which he is authorized to see
6. Password recovery control and configuration.
7. Single Sign in / single login / single signin
8. For Single sign on using asp.net follow this link on
code projects and
4 guys from rolla
For NLB network load balancing refer
west-wind
1. Open
ASPnet_RegSQL.exe and Run
$:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
Note** $ is your root driver where windows is installed
Alternatively you can open .net command prompt and run aspnet_regSQL
1.1 Opened wizard will guide you through the rest of setup.
Select your DB where you would like to install
wizard tool will generate ASP.net membership provider Tables ,views and stpred procedures automatically in your DB.
2. Create new Asp.net web site using C# language as a code behind
Add Web.Config file your web application it will look like this as shown below
<?xmlversion="1.0"?>
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<compilationdebug="false" />
<authenticationmode="Windows" />
</system.web>
</configuration>
2.
Configure Membership provider in web.config
First we will add connection string to the Database where we have created ASpnet Database and tell
the provider to use that using connectionStringName.
<connectionStrings>
<addname="aspnetdbConnectionString"
connectionString="Data Source=;Initial Catalog=;Persist Security Info=True;User ID=;Password="
providerName="System.Data.SqlClient"
/>
</connectionStrings>
2.1 Use Forms authentication
<authenticationmode="Forms"
>
</authentication>
2.2 Set Forms authentication Cookie namd , Redirect to Login path and Default path
<compilationdebug="false"
/>
<authenticationmode="Forms"
>
<formsdefaultUrl="default.aspx"
name="myform"
timeout="5"
loginUrl="~/login.aspx"
slidingExpiration="true"
>
</forms>
</authentication>
2.3
Add Membership tag in web.config.
Take a closer look at bold words
<membershipdefaultProvider="xyzMembershipProvider">
<providers>
<clear/>
<addname="xyzMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
applicationName="/myApp"
connectionStringName="aspnetdbConnectionString"/>
</providers>
</membership>
Don;t forget to add applicationName attribute in your membershipprovider otherwise it will generate GUID in aspnet_Applications
table
Note**: Now your web application is ready to use Bult in login Controls
Drag and drop
1.Create user Wizard
2. Login status
3. Login control to see how it works.
Now we will programmatically create the user and Roles. we will add user in to role.
Here is code snippet. It will help you while migrating your exsting user management system to ASP.net provider based membership management
protected
void Button1_Click(object sender,
EventArgs e)
{
MembershipCreateStatus status;
MembershipUser user =
Membership.CreateUser("Satalaj","P@ssw0rd","satalajmore-aspnet@yahoo.co.in","Who am I ?","Satalaj",true,out
status);
switch(status)
{
case
MembershipCreateStatus.DuplicateUserName:
Response.Write("User already exists in system. please select diffrent name and try again");
break;
case
MembershipCreateStatus.DuplicateEmail :
Response.Write("Duplicate Email");
break;
case
MembershipCreateStatus.Success :
Response.Write("User has been created successfuly");
break;
}
}
3. Create Role if Role dosen;t exists in to the system
protected void Button2_Click(object sender,
EventArgs e)
{
if(!Roles.RoleExists("Editor"))
{
Roles.CreateRole("Editor");
}
}
3.1 Add user into Editor Role if he Is not in that role.
protected
void Button3_Click(object sender,
EventArgs e)
{
if(!Roles.IsUserInRole("satalaj","Editor"))
{
Roles.AddUserToRole("satalaj","Editor");
}
}
4. How to prevent anonymous users from accessing Folder contents of Editor.
Now we will add New folder called editor and we will authorize only users who are in Editor role to view the contents of that folder
To do that Add below web.config file into editor folder
Note** Whatever you pot inside this Editor folder that will be available to only loged in users
to do that we added web.config file in it as shown below.
<?xmlversion="1.0"?>
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<authorization>
<denyusers="?"/>
<allowroles="Editor"/>
</authorization>
</system.web>
</configuration>
5. Login user and redirect logged in user to his authorized section based on his roles
protected
void Button4_Click(object sender,
EventArgs e)
{
if(Membership.ValidateUser("satalaj",P@ssw0rd))
{
FormsAuthentication.SetAuthCookie("satalaj",true);
if(Roles.IsUserInRole("satalaj","Editor"))
{
Response.Redirect("~/Editor/manageArticles.aspx");
}
}
}
Put some .pdf file init say sat.pdf is located in Editor and try to access in browser
http://yourapplication/Editor/sat.pdf
if you are authonticated and your role is Editor then you will be able to access this sat.pdf
Now clear cookes and try to authonticate without login
you will be redirected to login page.
Next we will see hot to configure password recovery control. and email configuration.
To Configure your Password recovery control add below tag in your web.config.
<system.net>
<mailSettings>
<smtpfrom="satalaj@sat.com">
<networkhost="smtp.server.address.com"port="25"userName="mysmtpUserName@smtp.com"password="password"/>
</smtp>
</mailSettings>
</system.net>
Drag and drop Pasword recovery control into your web.config
If you want to configure smtp.gmail.com with password recovery control then follow steps given
by me here http://forums.asp.net/t/1250771.aspx?PageIndex=1
After configuring your email settings take a look at web.config it should look like below one
<?xmlversion="1.0"?>
<configuration>
<appSettings/>
<connectionStrings>
<addname="aspnetdbConnectionString"
connectionString="Data Source=;Initial Catalog=;Persist Security Info=True;User ID=;Password="
providerName="System.Data.SqlClient"/>
</connectionStrings> <system.web>
<compilationdebug="true"/>
<authenticationmode="Forms">
</authentication>
<membershipdefaultProvider="xyzMembershipProvider">
<providers>
<clear/>
<addname="xyzMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
applicationName="/myApp"
connectionStringName="aspnetdbConnectionString"/>
</providers>
</membership>
<roleManagerenabled="true"defaultProvider="xxxRoleManagerProvider">
<providers>
<addname="xxxRoleManagerProvider"
type="System.Web.Security.SqlRoleProvider"
applicationName="/myApp"
connectionStringName="aspnetdbConnectionString"/>
</providers>
</roleManager>
</system.web> <system.net>
<mailSettings>
<smtpfrom="satalaj@sat.com">
<networkhost="smtp.server.address.com"port="25"userName="mysmtpUserName@smtp.com"password="password"/>
</smtp>
</mailSettings>
</system.net>
</configuration>
For more information about the tags and code visit
http://msdn.microsoft.com/en-us/library/ms998347.aspx
7. Single sign in
If you want two users not to sign in using same creadentials then it can be avoided using below code
MembershipUser user =
Membership.GetUser(
login1.UserName);
if (user.IsOnline)
{
//cancel login...redirect to not allowed page
}
In web.config membership tag add attribute
userIsOnlineTimeWindow= 1 .
If the
LastActivityDate for a user is greater than the current date and time minus the UserIsOnlineTimeWindow value in minutes, then the user is considered online.
e.g.
<membership defaultProvider="SqlProvider
" userIsOnlineTimeWindow="1">
<providers>
<add name="SqlProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="SqlServices"
enablePasswordRetrieval="true"
enablePasswordReset="false"
requiresQuestionAndAnswer="true"
passwordFormat="Encrypted"
applicationName="MyApplication" />
</providers>
</membership>
http://msdn.microsoft.com/en-us/library/system.web.security.membership.userisonlinetimewindow.aspx
For more information about the tags and attributes visit
http://msdn.microsoft.com/en-us/library/ms998347.aspx
.
相关推荐
Updated for ASP.NET 4.5, this introductory book is filled with helpful examples and contains a user-friendly, step-by-step format. Written by popular author and Microsoft ASP.NET MVP Imar Spaanjaars, ...
Updated for ASP.NET 4.5, this introductory book is filled with helpful examples and contains a user-friendly, step-by-step format. Written by popular author and Microsoft ASP.NET MVP Imar Spaanjaars, ...
Use the ASP.NET MVC Framework to improve agility, testability, speed to market, and extensibility Retrofit existing ASP.NET applications with Ajax and build pure client-side Ajax web applications ...
Step by Step Oracle GoldenGate Installation and Configure Guide(一步步教你安装和配置OGG操作指南):安装前的准备、源和目标端的安装、进程配置、DDL复制支持、GOLDENGATE优化、监控GOLDENGATE、GOLDENGATE...
A new property is available to T4 files from the ASP.NET MVC T4 host that specifies the version of the .NET Framework that is used by the application. This allows T4 templates to generate code and ...
ASP.NET SignalR is the new solution to real-time communication between servers and clients in .NET. Use it to push new data to a web page or mobile device as soon as it becomes available, whether it's...
asp.net C# 解决"用户被禁用问题“,”2、:“禁止在SQL Server中生成用户实例。请使用sp_configure''user instances enabled''生成用户实例”。
This book shows you how to make use of ASP.NET's features and create a functional Content Management System quickly and conveniently. You will learn how to build your site and see the different ways ...
How to configure windows iis with asp.net
ASP.NET SignalR is the new solution to real-time communication between servers and clients in .NET. Use it to push new data to a web page or mobile device as soon as it becomes available, whether it’...
If you have previous programming experience but are new to Azure, this book is the tutorial that delivers the step-by-step guidance and coding exercises you need to master core topics and techniques....
By the end of the book, you will be able to make impressive SPAs using ASP.NET Web API and Angular 2. This book focuses about blending/connecting together the two topic technologies: ASP.NET WebAPI ...
By the end of the book, you will be able to make impressive SPAs using ASP.NET Web API and Angular 2. This book focuses about blending/connecting together the two topic technologies: ASP.NET WebAPI ...
nable AAA on R1 and configure AAA authentication for console login to use the local database. Step 4. Configure the line console to use the defined AAA authentication method. Enable AAA on R1 and ...
.NET Core 已经热了好一阵子,1.1版本发布后其可用性也越来越高,开源、组件化、跨平台、性能优秀、社区...我们先来看看.net core中对identity的实现,在Startup.cs的Configure中配置Cookie认证的相关属性 public vo
Startup类相信大家都比较熟悉,在我们使用ASP.NET Core开发过程中经常用到的类,我们通常使用它进行IOC服务注册,配置中间件信息等。虽然它不是必须的,但是将这些操作统一在Startup中做处理,会在实际开发中带来许多...
如果需要帮助,请与Gitter上的社区聊天:如何将WordPress添加到ASP.NET Core应用程序中将WordPress用作ASP.NET Core中间件。 添加一个软件包,将所有WordPress都称为.NET Standard程序集,而无需PHP。 如果需要帮助...
AspNet.Hosting.Extensions是ASP.NET Core 1.0主机扩展的集合,引入了隔离的管道支持,并允许在任何ASP.NET Core应用程序中使用OWIN / Katana中间件。 最新的每晚版本可以在上。 开始吧 app . Isolate ( map => { ...
Eazfuscator.NET is a confusing software for .NET platform.... With this software you can protect and configure .NET code. .NET 6.0 support Visual Studio 2022 support Unity 2021.2 support
How to configure an Anybus PROFIBUS Slave module with a Siemens Step7 PLC Below you find an overview of the system configuration that is escribed in this document. In this case the Anybus Slave ...