Even in the days of ASP.NET 1.0/1.1, as a developer you might have spent a lot of time creating login / authentication modules and pages. You spent a lot of time designing and coding pages for user management. Till the last version you have to write and implement a login framework, authenticate users against a database, written code to react to the currently logged-in user. But with the Inception of ASP.NET 2.0, you will have some great tools available to help implementing such framework.
Figure 1 - The Master Page DesignWe will start now clicking the ASP.NET Configuration button. The button is placed at the upper right corner of the Solution Explorer (see Figure 2).
On clicking the button we are taken into the configuration page (see Figure 3), which is opened in the Internet Explorer
Now click the security link. The security configuration page will appear (see Figure 4). We need to do a couple of things as your site is enabled to support only windows authentication.
Click Select authentication type link.
Select From Internet option and click the done button (see Figure 5). Now you are back to the earlier page. Here click Enable Roles. As soon as you click the link, you will see that Create or Manage Role link gets activated. Click the link to create couple of roles. One as administrators and another as users. Now click the back button to come to the Home Page.
Now let us create some users. Say one user as admin and password …anything of your choice, and put under administrators role. Remember Password length is minimum: 7 and one Non-alphanumeric characters required, i.e. characters like @, $, ! etc…..special characters.
At this point you can close the site and return back to the project. Now refresh the solution explorer. There you will find that one folder named App_Data has been automatically created and contains one SQL Database.
. That database contains the user name and password that you have created and will be creating in the future through ASP.NET Configuration tool or through your APP. The password stored in the database are encrypted by one-way Hash algorithm. The Site will be very much secured site and as a developer you don’t have to do much.
Now lets go back to our project and we will be using some special server controls shown in the LOGIN tab of the toolbox (see Figure 6). Open the default.aspx in the design. Drag and drop the LoginView control in the content place holder and the crate hyperlink of Login.aspx and CreateUser.aspx by simply drag and drop the two pages. The page should look like the Figure 7.
Now click the Smart tag in the control and select LoggedIn Template. Then write: "Welcome and drag and drop the LoginName control."
Now create a hyperlink to ChangePassword.aspx by simply dragging and dropping the control onto the form.
Now open the login.aspx and set up a login form. Drag and drop the login control from the toolbox. At this point you can run the app and see the outcome. Now lets create another page named ForgotPass.aspx. This page will help the user to retrieve the password. Now drag and drop the Password Recovery control from the toolbox. Now go back to the login page and open the property of the login control. Find the property named PasswordRecoveryText and type in “Forgot Password” and then select the PasswordRecoveryURL property and point to the ForgotPass.aspx. We will need to change some property and also need to go back to the ASP.NET Configuration page to make the Password Recovery works later.
Now open up the ChangePassword.aspx page and drag and drop the changePassword control form the toolbox (see Figure 8). That’s it. Your change password component is up and running.
Now let us work on the create user page. Open it and drag and drop CreateUserWizard Control (see Figure 9).
Figure 9 - The CreateUserWizard Control
Now run the app to see that without writing a single line of code how your role and membership of a site is ready.Before we conclude, there are some changes to made in the ASP.NET Configuration page to enable password recovery system to work properly.Open that page again and select Application Tab. There you will see configure e-mail settings. Click that and put in your SMTP server details.
Then close the configuration page and open the Password Recovery Page. In the property of the Password Recovery Control enter in the details as shown in Figure 10. (Change according to your Mail Definition). Now you are up and running.
No comments:
Post a Comment