Asp.Net Membership and Roles Tutorial
Author
Matt KruskampOverview
I was originally going to just post the information needed for my reference, but I decided that I had to reference many things all the time, so I will just post a tutorial. For those people using ASP.NET often on a large amount of projects have no doubt-ably come across ASP.NET 2.0’s custom roles and membership tools. These tools allow you to use a lot of prefabricated tools written by the Microsoft developers in order to perform menial tasks like authentication and role assignment. The problem is that this system is so flexible, it is hard to get a lot of documentation about using all of the features, and searchers are usually pointed to specific information. This tutorial is going to be short and sweet and demonstrate what I feel would be the most common and useful usage for the membership and role system.
Our task: A custom authentication system implementing users and roles. Our technologies: ASP.NET 2.0 written in C# (Visual Studio) using a SqlServer 2005 database.
Setting up the database
Originally, I was under the assumption that unless I wrote my own custom membership and role classes, I would be required to use the ASPNETDB on SqlExpress (I later found out that a lot of people were under the same assumption). Well I have no intention of writing unnecessary code, and I found out that there is a tool that will set up a remote database according to the specifications of Microsoft’s default membership and role providers. so…
- Run the Visual Studio Command Prompt
- Type aspnet_regsql and press enter
- Go through the wizard provided to set up your database
This will set up your database with all of the stored procedures and tables required. Very fast eh? Onward…
Setting up the website
- Create a new ASP.NET website or open up the existing site.
- Create a new or open up your web.config files
Use the following in your web.config under the
<connectionStrings>
<add name=“TestConnection"
connectionString="your connection string here”/>
</connectionStrings>
This section is the connection string for your SqlServer2005 server that you previously configured. It will be used by our membership and roles declarations below. Add the following too your web.config file under the <system.web> section
<roleManager enabled=“true” defaultProvider=“MyTestRoleProvider”>
<providers>
<clear />
<add connectionStringName=“TestConnection"
applicationName=”/ApplicationName"
name=“MyTestRoleProvider” type=“System.Web.Security.SqlRoleProvider” />
</providers>
</roleManager>
<membership defaultProvider=“MyTestMembershipProvider"
userIsOnlineTimeWindow="20"
hashAlgorithmType="MD5”>
<providers>
<clear />
<add name=“MyTestMembershipProvider”
enablePasswordRetrieval=“false”
enablePasswordReset=“true”
requiresQuestionAndAnswer=“true”
applicationName=“/ApplicationName”
requiresUniqueEmail=“true”
passwordFormat=“Hashed”
maxInvalidPasswordAttempts=“5”
minRequiredPasswordLength=“6”
minRequiredNonalphanumericCharacters=“0”
passwordAttemptWindow=“10”
passwordStrengthRegularExpression=“"
connectionStringName="TestConnection”
type=“System.Web.Security.SqlMembershipProvider” />
</providers>
</membership>
<authentication mode=“Forms” />
A little explaination of the above. This section configures your asp.net to handle your new Sql connection with custom membership and roles. The
Now you can use all of the authentication controls within asp.net using SqlServer2005 as well as the nifty ASP.net Web Site Administration Tool.
Happy Coding.
Comments
Related Articles
All articlesThe pixel mine
I'm currently the Co-Founder / CTO with an amazing team at Rentler. We build property management software for independant landlords and their renters using a plethora of technologies.
View work
