Asp.net built-in login control permission management-how to access the address-navigation and other information

(1) Logon
Many new functions and controls are added in Asp.net 2.0. Among them, the New Login control makes the web application design more handy. What is a login control? This is the user registration, login, and password that we usually use in Web applications. Different pages are displayed based on different permissions after logon, now we can use the provided controls in Asp.net 2.0.
In Asp.net 2.0, a new membership framework is introduced to facilitate user creation and management, as well as password protection for pages in Web applications. The new framework includes new features for processing authentication and authorization, which can meet the needs of web site administrators and developers at the same time. The web site administrator can use the new web site management tool to create new users and roles, and control access to pages in Web applications. A web site management tool is a set of pre-compiled ASP. NET pages. Users with no programming skills can use it to configure web applications. With the membership API, programmers can easily use the Drag Control Method and use a small amount of code to fully manage users and role permissions, you can also customize the extension.
1. Create a website project
2. ASP. NET Configuration
Security Settings are divided into three parts: users, roles, and rules.
Login authentication can be configured based on forms and windows.
3. Use the logon Control
Note: After a user logs on, the "exit" prompt is displayed, which is implemented through the loginstatus control. In the control attributes, there are two attributes: logoutaction and logoutpageurl. You can set that only the current page is refreshed, redirected to a page, or redirected to the logon page when logging out.
How to set the loginpageurl (login page), when running the program, when you press the login link displayed by this control, it is always transferred to the login under the root folder. aspx, while the actual login file is in/login. aspx. How can this problem be solved?
After checking the information, the original logon URL is set in Web. config. If you use form to verify logon, the default web. config is written as follows:
<System. Web>
<Authentication mode = "forms"/>
</System. Web>
You need to modify it as follows:
<System. Web>
<Authentication mode = "forms">
<Forms loginurl = "~ /Member/login. aspx "> </Forms>
</Authentication>
</System. Web>
(2) site navigation
1. Three navigation controls
Menu: displays the structure of the site using a menu.
Treeview: displays the structure of a site using an expandable tree
Sitemappath: used to display the location of an end user relative to the site structure
2. xml file for Web. sitemap navigation
<? XML version = "1.0" encoding = "UTF-8"?>
<Sitemap xmlns = "http://schemas.microsoft.com/AspNet/SiteMap-File-1.0">
<Sitemapnode Title = "Homepage" url = "sitemaptest. aspx">
<Sitemapnode Title = "product" roles = "*">
<Sitemapnode Title = "Windows" url = "sitemaptest. aspx? Id = Windows "/>
<Sitemapnode Title = "office" url = "sitemaptest. aspx? Id = Office "/>
<Sitemapnode Title = "mobile devices" url = "sitemaptest. aspx? Id = Mobile "/>
<Sitemapnode Title = "Business Solutions" url = "sitemaptest. aspx? Id = Business "/>
<Sitemapnode Title = "servers" url = "sitemaptest. aspx? Id = servers "/>
<Sitemapnode Title = "Developer Tools" url = "sitemaptest. aspx? Id = Tools "/>
<Sitemapnode Title = "games and Xbox" url = "sitemaptest. aspx? Id = games "/>
<Sitemapnode Title = "all products" url = "sitemaptest. aspx? Id = all "/>
</Sitemapnode>
<Sitemapnode Title = "resource" roles = "*">
<Sitemapnode Title = "supported" roles = "*">
<Sitemapnode Title = "Change Password" url = "~ /Login/changepassword. aspx "/>
<Sitemapnode Title = "Knowledge Base" url = "sitemaptest. aspx? Id = knowledge "/>
</Sitemapnode>
<Sitemapnode Title = "downloads" url = "sitemaptest. aspx? Id = downloads "/>
<Sitemapnode Title = "Windows Update" url = "sitemaptest. aspx? Id = windowsupdate "/>
<Sitemapnode Title = "Office Update" url = "sitemaptest. aspx? Id = officeupdate "/>
<Sitemapnode Title = "Learning Tools">
<Sitemapnode Title = "Training & amp; Certification" url = "sitemaptest. aspx? Id = training "/>
<Sitemapnode Title = "books" url = "sitemaptest. aspx? Id = books "/>
<Sitemapnode Title = "events & amp; webcasts" url = "sitemaptest. aspx? Id = events "/>
<Sitemapnode Title = "patterns & amp; practices" url = "sitemaptest. aspx? Id = patterns "/>
</Sitemapnode>
<Sitemapnode Title = "Community" url = "sitemaptest. aspx? Id = community "/>
<Sitemapnode Title = "security" url = "sitemaptest. aspx? Id = Security "/>
</Sitemapnode>
<Sitemapnode Title = "RSS" roles = "*">
<Sitemapnode Title = "" url = "sitemaptest. aspx? Id = relations "/>
<Sitemapnode Title = "rsssite" url = "~ /RSS/rsssite. aspx "/>
<Sitemapnode Title = "Careers" url = "sitemaptest. aspx? Id = careers "/>
<Sitemapnode Title = "about this site" url = "sitemaptest. aspx? Id = about "/>
</Sitemapnode>
</Sitemapnode>
</Sitemap>
The Web. sitemap file must contain the root node sitemap. A site map consists of a series of associated sitemapnode objects. These sitemapnodes are associated in a hierarchical manner. This level contains a single root node-it is the only node in the layer without a parent node, representing the home page. Under the parent sitemapnode node, there can be several sub-sitemapnode nodes, which represent the sub-topics of the website in a hierarchical structure (pay attention to the inclusion relationship between the sub-nodes in the previous example ).
3. Data Source sitemapdatasource Control
Sitemapdatasource automatically finds an XML file named Web. sitemap in the project.
(3) permission management
A common security requirement for a website: a specific page only allows access by some members or other authenticated users. ASP. NET role management provides a method to restrict access to web files based on security roles. The site map security adjustment provides a method based on the same security role to hide the navigation links in the site map.
1. ASP. NET Website Configuration
1) Providers
You can use SQL Server 2005 (default), 2000, and Access database to store user information.
To use SQL Server 2000 database storage information:
A. Use the Enterprise Manager of SQL Server to create a database, for example, zyh;
B. Use aspnet_regsql (C: windowsmicrosoft.netframeworkv2.0.50215aspnet_regsql.exe) to create a database. Except for selecting "zyh" in the database drop-down box in step 1 of the Creation wizard, the default settings are used for all other steps. In this way, SQL Server 2000 creates a complete database containing user tables and stored procedures.
C. open IIS in the management tool, find the virtual directory newtest, right-click it, and then left-click the menu item "properties" and "ASP. net tab and edit configuration button. In connection string manager of the General tab, click "localsqlserver" and click "edit, change [connection parameters] to the database connection string that can be connected to the database zyh, for example, "Data Source = .; initial catalog = zyh; persist Security info = true; user id = sa; Password = 12345 ". After that, click OK and go to the IIS management tools interface.
D. Return to the web page of the website management tool and click "Security Theme ." Link and other related links.
2) security setting options are divided into three parts: users, roles, and rules.
The rule sets the permission for the role to access folders in the project.
3) Application configuration
You can set an SMTP server for users to retrieve their passwords by email.
2. Create a logon page
3. Enable role management in the web. config file
<System. Web>
<Sitemap defaultprovider = "xmlsitemapprovider" enabled = "true">
<Providers>
<Add name = "xmlsitemapprovider"
Description = "Default sitemap provider ."
Type = "system. Web. xmlsitemapprovider"
Sitemapfile = "Web. sitemap"
Securitytrimmingenabled = "true"/>
</Providers>
</Sitemap>
<Rolemanager enabled = "true"/>
<Authentication mode = "forms">
<Forms loginurl = "~ /Login. aspx "> </Forms>
</Authentication>
<Compilation DEBUG = "true">
<Assemblies>
<Add Assembly = "system. Data. oracleclient, version = 2.0.0.0, culture = neutral, publickeytoken = b77a5c561934e089"/>
</Assemblies>
</Compilation>
</System. Web>
<System.net>
<Mailsettings>
<SMTP from = "wangyihust@163.com">
<Network host = "smtp.163.com" Password = "passwordmodify" username = "wangyihust"/>
</SMTP>
</Mailsettings>
</System.net>
4. Add role permissions to the Web. sitemap file to display or hide related pages.
<Sitemapnode Title = "RSS" roles = "*">
<Sitemapnode Title = "" url = "sitemaptest. aspx? Id = relations "/>
<Sitemapnode Title = "rsssite" url = "~ /RSS/rsssite. aspx "/>
<Sitemapnode Title = "Careers" url = "sitemaptest. aspx? Id = careers "/>
<Sitemapnode Title = "about this site" url = "sitemaptest. aspx? Id = about "/>
</Sitemapnode>
Roles = "*" indicates that all users can see the following page. However, in the rule, users of certain roles can be refused to view the following pages (through directory permission control ).