![]() Using Forms Authentication in ASP. NET MVC Applications. WEBINAR: On- demand webcast. How to Boost Database Development Productivity on Linux, Docker, and Kubernetes with Microsoft SQL Server 2. REGISTER > Introduction. Most of the real world web applications require security in. · To begin with, create a new ASP.NET MVC 3 Web Application using Visual Studio 2010. Choose the Empty project template. The Internet Application project. · When developing ASP.NET MVC applications, you sometimes require a little extra processing to be carried out before or after the action method execution. To. Osale ja tunne rõõmu oma tehtud tööst! Töötuba pakub Sulle toreda võimaluse valida endale ise sobilik harjutus ja teostada see sobivas tempos. As far as ASP. NET is. Forms Authentication is the most popular and common method of. ASP. NET web forms and server controls. Login and Create. User. Wizard) make it extremely easy to implement Forms. Authentication in web forms based websites. However, if you are developing an ASP. NET MVC web application you need. In this step- by- step tutorial you will. Forms Authentication in ASP. NET MVC web applications. You. will also learn to use membership features, role based security and profile. Enabling SQL Server Database for Membership, Roles and Profile Features. To begin with, create a new ASP. NET MVC 3 Web Application. Studio 2. 01. 0. Choose the Empty project template. The Internet. Application project template already includes controllers and views that make. Forms Authentication and membership features. Since we want to learn the. Empty project template. Also, make sure to select the. ASPX. Figure 1: An empty ASP. NET MVC3 Project. Once the ASP. NET MVC Web Application is created, open the ASP. NET. Configuration tool from the Project menu. This will open the Web Site. Administration Tool. Go to the Provider tab and click on "Select a single. On the next screen you will. Asp. Net. Sql. Provider. Click on Test if you wish to test, otherwise click Back. Figure 2: Select a single provider for all site management data. Now, switch to the Security tab and create two roles - . Administrator and Normal. User for testing purpose. Figure 3: Switch to the Security tab and create two roles. The above step adds a SQL Server database (ASPNETDB. App_Data folder of your web application, pre- configured with tables required. Figure 4: Adding a SQL Server database. If you wish to use an external SQL Server database you will. Just follow. the wizard presented by the tool and it will create the required tables in the. Configuring Forms Authentication in web. The next step is to configure your web application to enable. Open web. config and. Forms">. < forms login. Url="~/Membership/Login" timeout="2. Using the < authentication> section you set the. Forms and login URL to ~/Membership/Login. You will be. creating the Membership controller with Login action later. Next, configure Membership and Roles providers as shown. Provider="My. Membership. Provider">. B B B < providers>. B B B B B B B < add name="My. Membership. Provider". B B B B B B B B B type="System. Web. Security. Sql. Membership. Provider". B B B B B B B B B connection. String. Name="connstr" />. B B B < /providers>. Manager enabled="true" default. Provider="My. Roles. Provider">. B B B < providers>. B B B B B B B < add name="My. Roles. Provider". B B B B B B B B B type="System. Web. Security. Sql. Role. Provider". B B B B B B B B B connection. String. Name="connstr" />. B B B < /providers>. Manager> The < membership> section configures the membership. My. Membership. Provider) and the < role. Manager> section configures. My. Roles. Provider). The connection. String. Name specifies the. SQL server database storing the. Creating a New User. Now that you have configured your web application to use. In the sections. that follow we won't pay much attention to validating the data for the sake of. In a real world scenario, however, you will need to add those. Add a new controller class to the Controllers folder and. Membership. Controller. Add two actions viz. Create. User() and. Create. User(Create. User. Data obj) as shown below: [Http. Get]. public Action. Result Create. User(). B B B return View(). Action. Result Create. User(Create. User. Data data). B B B Membership. Create. Status status. B B B Membership. Create. User(data. User. ID,data. Password,data. Email,data. Question,data. Answer,true, out status). B B B B if (status == Membership. Create. Status. Success). B B B B B B B View. Bag. Status. Message = "User created successfully!". B B B B B B B View. Bag. Status. Message = "Error creating user account!". B B B return View("Create. User. Status"). }Notice that the first Create. User() action is marked with. Http. Get] attribute indicating that it is intended to be used with GET. It just displays Create. User view for entering new user information. The other version of Create. User() action accepts a parameter. Create. User. Data and is marked with [Http. Post] attribute. This version. POST requests. The Create. User. Data class is a custom model. POST data and looks like this: public class Create. User. Data. B B B public string First. Name { get; set; }. B B B public string Last. Name { get; set; }. B B B public string User. ID { get; set; }. B B B public string Password { get; set; }. B B B public string Email { get; set; }. B B B public string Question { get; set; }. B B B public string Answer { get; set; }. As you can see, the Create. User. Data class simply contains a. The First. Name and Last. Name properties will be used with. The remaining properties viz. User. ID, Password, Email. Question and Answer are used by ASP. NET membership features. The second version. Create. User() action uses the ASP. NET Membership object to create a new user. The Create. User() method of the Membership object accepts user information, such. The output parameter is of enumeration type. Membership. Create. Status. The code checks this status value and accordingly. Status. Message in the View. Bag. Finally, the Create. User. Status view. Now, add the Create. User view by right clicking on. Create. User() action and then selecting Add View option. Figure 5: Add Create. User view. Key- in the following HTML markup into the Create. User view: < form method="post" action="Create. User">. < h. Register< /h. 1>. First Name : < /td>. First. Name" type="text" /> < /td>. Last Name : < /td>. Last. Name" type="text" /> < /td>. User ID : < /td>. User. Id" type="text" /> < /td>. Password : < /td>. Password" type="password" /> < /td>. Confirm Password : < /td>. Confirm. Password" type="password" /> < /td>. Email : < /td>. Email" type="text" /> < /td>. Security Question : < /td>. Question" type="text" /> < /td>. Security Answer : < /td>. Answer" type="text" /> < /td>. Submit" type="submit" value="Submit" /> < /td>. The Create. User view basically renders an HTML form as shown. Figure 6: The Create. User view renders an HTML form. Note that though we are not making use of First Name and. Last Name values in the Create. User action we still accept these values. Later. you will store these values in the profile of a user. Also notice that the. Create. User. Data class. This allows the ASP. NET MVC framework to correctly map. Also, add Create. User. Status view and key- in the following. View. Bag. Status. Message %> < /strong>. Html. Action. Link("Register another","Create. User") %>. & nbsp; Or& nbsp. Html. Action. Link("Log- in","Login") %>. Notice how the above markup makes use of the Status. Message. member of the View. Bag. The Create. User. Status view additionally renders to action. Create. User action (GET version) and the other pointing. Login action. At runtime the Create. User. Status view looks like this : Figure 7: User created successfully. Before you go ahead, run the web application; navigate to. Membership/Create. User and create two users for testing purposes (say user. Add one of the users to Administrator role using the Web Site. Administration Tool. Figure 8: Add one of the users to Administrator role. Authenticating Existing Users. In order to authenticate existing users, you will add two. Membership. Controller. These actions are shown below: [Http. Get]. public Action. Result Login(). B B B return View(). Action. Result Login(Login. Data data). B B B if (Membership. Validate. User(data. User. ID, data. Password)). B B B B B B B bool flag = (data. Remember. Me == "on" ? B B B B B B B Forms. Authentication. Set. Auth. Cookie(data. User. ID,flag). B B B B B B B return Redirect. To. Action("Index", "Article"). B B B B B B B View. Bag. Error. Message = "Invalid User. ID or Password!". B B B B B B B return View(). Just like the Create. User() action the Login() action also. GET requests and the other for POST requests. The. former one simply returns the Login view. The later version of the Login(). Login. Data. The Login. Data class is a custom.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
November 2017
Categories |