Unable to connect to the remote server DNG - ASP.NET Membership

Skip to: site menu | section menu | main content

DotNetGenerics.com

Anything and everything about Microsoft .NET technology ...
Currently viewing: Skip Navigation LinksDotNetGenerics.com » Articles » ASP.NET Membership

DotNetGenerics.com - Anything and everything about Microsoft .NET technology ...

Menu:

You have not logged in.

Advt:

Links:

Malaika Consultants LLC
Microsoft .NET
ASP.NET
MSDN
Microsoft SQL Server
C#.NET
VB.NET
Visual Studio.NET

Email: Contact Us

ASP.NET Membership

.NET 2.0

Step-by-step process to get the ASP.Net membership provider up and running and using the user security related controls


ASP.NET has the membership provider built-in as well as provides us with login and user security related web controls. Here is how to proceed to use them :

IIS settings

  • Right click on the virtual directory for your application in IIS and click "Properties". Select the "ASP.NET" tab. Select ASP.NET version as 2.0.xxxxxx (See screenshot here)
  • Click the "Edit Configuration" button
  • Enter your SQL server connectionstring in the "General" tab (see screenshot here) by using the "Add..." button.
  • Select the "Authentication" tab (see screenshot here). Select Authentication Mode as "Forms", change the HTTP Cookie name if desired (default is ".ASPXAUTH"), Login URL (default is login.aspx) and cookie timeout (default is 30 minutes)
  • Select the Membership provider class as AspNetSqlMembershipProvider
Setting these properties will add a connectionStrings block in the web.config as well as set the authentication to forms.

If you like to create your custom membership provider check out this article from DotNetBips.

Create membership tables

To create membership tables in the sql server database specified above use the "Visual Studio 2005 Command prompt" (or in case you are not using VS.NET 2005, open a DOS window and change the present working directory to the one where .NET framework 2.0 is installed --it is usually [C:]\[WINDOWS]\Microsoft.NET\Framework\v2.0.[50727] , replacing the [] with your machine-specific settings) and type the command aspnet_regsql. This will open the wizard to setup sql server for the membership (see screenshot here). Follow the wizard step and your database will have the tables, stored procedures etc required by the AspNetSqlMembershipProvider

Add user security related web controls

If you open View->Toolbox in VS.NET you will see several new controls grouped together as "Login" (see screenshot here)

  • Login
    Drag this control on a web form and you will have the login box for letting the user log in. (See screenshot here). You can set various properties (screenshot) like whether you want the "Login In" to be button or link, where you want to redirect the user after a successful login, as well as the urls for Create user and forgot password functionality. Set the membership provider as AspNetSqlMembershipProvider

  • PasswordRecovery
    Drag this control on a web form and you will have the functionality to email the user his/her password, if they forget it(see screenshot here). Use the MailDefinition to set the properties of the email that is sent to the user, like from address, subject etc.
    Add the <mailSettings> block in <system.net> block in the web.config file.
    for e.g.
    <system.net>
       <mailSettings>
          <smtp from="from@test.com">
             <network host="127.0.0.1"
                password="" userName="" />
          </smtp>
       </mailSettings>
    </system.net>


  • CreateUserWizard
    Drag this control on a web form and you will have the functionality to enable the users to create an account(see screenshot here).You can add various steps in this wizard including custom steps.

  • ChangePassword
    Drag this control on a web form and you will have the functionality to enable the users to change their(see screenshot here).

  • LoginView
    This control allows for 2 templates : <LoggedInTemplate> which can be used to customize the message if user is logged in and <AnonymousTemplate> which can be used to customize the message if user is not logged in.
    For e.g. you can have the following on your web form to let the user know whether they are logged in or not

    <asp:LoginView ID="LoginView1" runat="server">
       <LoggedInTemplate>
          You are logged in as
             <asp:LoginName ID="LoginName1" runat="server" />
       </LoggedInTemplate>
       <AnonymousTemplate>
          You have not logged in.
       </AnonymousTemplate>
    </asp:LoginView>


  • LoginName
    This control displays the user name the user is logged in as. See example in the LoginView control above.

ASP.NET Configuration

Use the "ASP.NET Configuration" button in the Solution Explorer of VS.NET to configure the security settings. Once the website opens, select the "Security" tab.

  • Select authentication type to "From the Internet". This will set "Forms Authentication" in the web.config. This has the same effect as changing it in IIS as seen above.
  • Use the "Create User" link to create new users.
  • To protect a particular folder under the forms authentication, use the "Create Access Rule" link and deny access to Anonymous users for any folder(see screenshot here). This will add a new web.config under this folder which will just contain the following block :

    <configuration>
       <system.web>
          <authorization>
             <deny users="?" />
          </authorization>
       </system.web>
    </configuration>

    This basically means deny anonymous users (denoted by the "?") access to this folder. So if a user is not authenticated and tries to reach anything in this folder, he/she will be presented with the login box.

Download the code here

Comments:

senthil @ 2/13/2008 6:26:52 AM

that is great explanation. so clear, please explan me about Profiles in membership

siva @ 4/3/2007 7:57:40 AM

Very useful explanation. thank u

siva @ 4/3/2007 7:57:27 AM

Very useful explanation. thank u

siva @ 4/3/2007 7:57:18 AM

Very useful explanation. thank u

ozgurbilisim @ 3/21/2007 10:56:08 AM

that is great explanation. so clear, so simple.. thanx

Login to add your comments