asp.net
This article is referenced to Microsoft. NET class library in the following namespaces:
System.Data.SqlClient
System.Web.Security
-------------------------------
Task:
Summary:
1. Requirements
2. Create a asp.net application with visual c#.net
3. Configuring security settings in Web.config files
4. Create a database table sample to store user data
5. Create a Logon.aspx page
6. Writing event-handling code to authenticate user identity
7. Create a Default.aspx page
8. Additional hints
Summary
This article demonstrates how to implement a form based validation by storing user information in a database.
(i) Request
The following tools are required to implement
1. Microsoft Visual Studio.NET
2. Microsoft Internet Information Services (IIS) version 5.0 or update
3. Microsoft SQL Server
(b) in C #. NET Create asp.net application
1. Open Visual Studio.NET
2. Create a new ASP.net Web application and specify a name and path.
(iii) Configuring security settings in Web.config files
This section demonstrates how to configure a ASP.net application to implement form-based validation by adding and modifying the <authentication> and <authorization> nodes.
1. In the Solution window, open the Web.config file.
2. Change the authentication mode to forms (Note: default is Windows)
3. Insert <Forms> label, and fill in the appropriate properties. (Please link to the MSDN documentation or QuickStart document listed at the end of the article to see the properties) copy the following code, and then paste it into the <authentication> section:
<authentication mode= "Forms" >
<form name= ". Aspxformsdemo "loginurl=" logon.aspx "protection=" All "path="/"timeout="/>
</authentication>
(Note: If loginurl is not specified, the default is Default.aspx)
4. Deny anonymous access by joining the following node:
<authentication>
<deny users= "?" />
<allow users= "*"/>
</authentication>
(iv) Create a database table sample to store user data
This section demonstrates how to create a sample database that holds user names, passwords, and user roles. If you want to implement role-based security, it is necessary to add a field in the database that holds the user role.
1. Open Notepad.
2. Copy the following script to Notepad and save:
if exists (select * from sysobjects where id =
OBJECT_ID (N ' [dbo].[ Users] and OBJECTPROPERTY (ID, N ' isusertable ') = 1)
drop table [dbo]. [Users]
Go
CREATE TABLE [dbo]. [Users] (
[Uname] [varchar] () not NULL,
[PWD] [varchar] (a) Not NULL,
[Userrole] [varchar] (a) Not NULL,
) on [PRIMARY]
Go
ALTER TABLE [dbo]. [Users] With NOCHECK ADD
CONSTRAINT [pk_users] PRIMARY KEY nonclustered
(
[Uname]
) on [PRIMARY]
Go
INSERT into Users values (' User1 ', ' user1 ', ' Manager ')
INSERT into Users values (' user2 ', ' user2 ', ' Admin ')
INSERT into Users values (' User3 ', ' user3 ', ' User ')
Go
3. Open Microsoft SQL Server, open Query Analyzer, select the pubs database in the database list, and then paste the script above to run. A sample user table that will be used in this sample program is created in the pubs database.