1 / 7

ASP.NET Authentication and Authorization Controls

Learn how ASP.NET framework enables access control based on usernames and passwords, with features like user authentication and authorization. Explore the CreateUserWizard control for managing user accounts and passwords.

kumiko
Download Presentation

ASP.NET Authentication and Authorization Controls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Forms Authority Database Store • Username and Passwords: • ASP.NET framework allows you to control access to pages, classes, or methods based on username and passwords. • Also provides server side controls for common functions, like resetting passwords etc. • Authentication • The process that determines the identity of the user. • Authorization • If the authenticated user is authorized to do certain actions. • CreateUserWizard control. • ASP.NET fucntion see next page.

  2. Forms Authority Database Store • CreateUserWizardcontrol: • <%@ Page Language="C#" %> • <!DOCTYPE html • PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" • "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> • <html xmlns="http://www.w3.org/1999/xhtml" > • <head runat="server"> • <title>Login</title> • </head> • <body> • <form id="form1" runat="server"> • <div> • <asp:Login ID="Login1" runat="server"> • </asp:Login> • </div> • <div> • <p>Forgotten your password?</p> • <asp:PasswordRecovery ID="PasswordRecovery1" runat="server"> • </asp:PasswordRecovery> • </div> • <div> • <p>Not registered?</p> • <asp:CreateUserWizard ID="CreateUserWizard1" runat="server"> • <WizardSteps> • <asp:CreateUserWizardStep ID="CreateUserWizardStep1" runat="server"> • </asp:CreateUserWizardStep> • <asp:CompleteWizardStep ID="CompleteWizardStep1" runat="server"> • </asp:CompleteWizardStep> • </WizardSteps> • </asp:CreateUserWizard> • </div> • </form> • </body> • </html>

  3. Forms Authority Database Store • CreateUserWizard control: • Created Login • Logged in • Back Button Back

  4. Forms Authority Database Store • CreateUserWizard control: • Retrieve password

  5. Forms Authority Database Store • Username and Passwords: • If you are not prompted to login this indicates that you still have a authentication cookie. • Database store • Show Table • A lot of customization • Sending of emails • Extra wizard setup • Auto-generation of passwords

  6. Forms Authority Database Store • Username and Passwords: • User Table • Passwords stored as salted hash. • Web.config - Membership settings • <system,web> • <membership> • <providers> • <add name="AspNetSqlMembershipProvider" • connectionStringName="LocalSqlServer" • enablePasswordRetrieval="false" • enablePasswordReset="true" • requireQuestionAndAnswer="false" • Etc. • /> • </providers> • </membership> • </system.web>

  7. Forms Authority Database Store QUESTIONS?

More Related