Several ASP.NET application services rely on a provider to manage storing and retrieving data from a data source. Each provider is specific to the data source. ASP.NET includes a SQL Server provider for the following ASP.NET features:
- Membership (the SqlMembershipProvider class).
- Role management (the SqlRoleProvider class).
- Profile (the SqlProfileProvider class).
- Web Parts personalization (the SqlPersonalizationProvider class).
- Web events (the SqlWebEventProvider class).
The above features are we need to define in asp.net 'Web.config' file.
Web.config is the main settings and configuration file for an ASP.NET web application. The file is an XML document that defines configuration information regarding the web application.This file stores the information about how the web application will act. The web.config file contains information that controls module loading, security configuration, session state configuration, and application language and compilation settings. Web.config files can also contain application specific items such as database connection strings.
<configuration>
<connectionstrings>
<add name="ApplicationServices"
connectionstring="data source=localhost;Integrated Security=True;Initial Catalog=aspnetdb" providername="System.Data.SqlClient" />
</connectionstrings>
<system.web>
<compilation debug="false" targetframework="4.0" />
<authentication mode="[Windows|Forms|Passport|None]">
</authentication>
<membership defaultprovider="name of membership provider what you've created.">
<providers>"part for membership provider properties." </providers>
</membership>
<profile>
<providers>"part for profile provider properties." </providers>
</profile>
<rolemanager enabled="false">
<providers>"part for role provider properties." </providers>
</rolemanager>
</system.web>
<system.webserver>
<modules runallmanagedmodulesforallrequests="true" />
</system.webserver>
</configuration>
Configuring SQL Server Provider by Web.config file.
SQL Membership Provider:
ASP.NET membership gives you a built-in way to validate and store user credentials. ASP.NET membership therefore helps you manage user authentication in your Web sites. You can use ASP.NET membership with ASP.NET forms authentication by using with the ASP.NET login controls to create a complete system for authenticating users.
ASP.NET membership supports facilities for:
- Create a new users and passwords.
- Storing membership information (user names, passwords, and supporting data)
- Authenticating users who visit your site.
- Managing passwords, which includes creating, changing, and resetting them .
<providers>
<add name="AspSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="datasource connection name"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
SQL Role Provider:
ASP.NET role management helps you to manage authorization, allowing you to specify which resources various users in your application are allowed to access. Role management lets you treat groups of users as a unit by assigning users to roles such as manager, sales, member, and so on. The primary purpose of establishing roles is to give you an easy way to manage access rules for groups of users. You create users and then assign the users to roles (in Windows, to groups). A typical use is to then create a set of pages that you want to restrict to certain users.
<providers>
<clear />
<add connectionStringName="ApplicationServices"
applicationName="/"
name="AspSqlRoleProvider"
type="System.Web.Security.SqlRoleProvider" />
</providers>
</roleManager>
No comments:
Post a Comment