Setting Up Your Web Site for Membership : Membership « Authentication Authorization « ASP.NET Tutorial






Adding an <authentication> Element to the web.config File
 
<?xml version="1.0" encoding="utf-8"?>
<configuration>
    <system.web>
        <authentication mode="Forms" />
    </system.web>
</configuration>
 

Adding a <forms> Element to the web.config File

 
<?xml version="1.0" encoding="utf-8"?>
<configuration>
    <system.web>
        <authentication mode="Forms">
           <forms name=".ASPXAUTH"
                  loginUrl="login.aspx"
                  protection="All"
                  timeout="30"
                  path="/"
                  requireSSL="false"
                  slidingExpiration="true"
                  cookieless="useDeviceProfile" />
        </authentication>
    </system.web>
</configuration>
 

name:              the name used for the cookie
loginUrl:          page location to which the HTTP request is redirected for login
protection:        protection applied to the cookie. 
                   The possible settings include All, None, Encryption, and Validation. 
timeout:           amount of time (in minutes) after which the cookie expires. 
                   The default value is 30 minutes.
path:              Specifies the path for cookies issued by the application.
requireSSL:        whether you require that credentials be sent over an encrypted wire (SSL) instead of clear text.
slidingExpiration: whether the timeout of the cookie is on a sliding scale. 
cookieless:        how the cookies are handled by ASP.NET. 
                   The possible values include useDeviceProfile, useCookies, auto, and useUri. 
                   The default value is useDeviceProfile. 
                   

Using the CreateUserWizard Server Control
 
<%@ Page Language="VB" %>
    
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>Creating Users</title>
</head>
<body>
    <form id="form1" runat="server">
        <asp:CreateUserWizard ID="CreateUserWizard1" Runat="server"
         BorderWidth="1px" BorderColor="#FFDFAD" BorderStyle="Solid"
         BackColor="#FFFBD6" Font-Names="Verdana">
            <TitleTextStyle Font-Bold="True" BackColor="#990000"
             ForeColor="White"></TitleTextStyle>
        </asp:CreateUserWizard>
    </form>
</body>
</html>








21.11.Membership
21.11.1.Using ASP.NET Membership
21.11.2.Setting Up Your Web Site for Membership
21.11.3.Using the Membership Application Programming Interface
21.11.4.Use the methods of the Membership class to create custom Login controls.
21.11.5.Configure how passwords are stored by setting the passwordFormat attribute in the web configuration file.
21.11.6.Disable this requirement when using the SqlMembershipProvider.
21.11.7.Locking Out Bad Users
21.11.8.After a user has been locked out, you must call the MembershipUser.UnlockUser() method to re-enable the user account.
21.11.9.The web configuration file used to set up the XmlMembershipProvider
21.11.10.Creating users programmatically (C#)
21.11.11.Creating users programmatically (VB)
21.11.12.Membership provider settings in the machine.config file
21.11.13.Denying unauthenticated users