Use WAST to remotely manage the user and role of asp.net

I believe that everyone in the development of ASP.net programs have used the ASP.net configuration this menu. When you click on this menu, Visual Studio will start a webserver, and then a page called asp.net Web Admin tool will help you manage the user and role of the entire ASP.net program. such as creating new users, deleting users, creating new roles, assigning roles, and so on. With this tool, we can easily manage membership and role during development. However, when ASP.net programs are publish to IIS, what do you use to manage them? Many people use the development of their own modules to manage, and some people will use some open source modules for management. However, functionality and stability are likely to be better than. NET's own administrative Tools (WAST) are poor. We know we use wast through Visual Studio at development time, but we don't know how to use this module directly. This essay will discuss with you how to take this powerful function for yourself:)

First of all introduce some basic dongdong, if you are familiar with, then please skip directly.

When you install the. NET Framework, in the "C:\Windows\Microsoft.NET\Framework\v2.0.50727" The directory automatically creates a folder named Asp.netwebadminfiles, which contains a website for managing membership and role. When you use VS, the VS will start a new webserver in webserver to start the website. Also note that accessing this website requires attaching two query String-applicationphysicalpath (application physical path) and ApplicationUrl ( Application in IIS directory), such as:

Http://localhost/asp.netwebadminfiles/default.aspx?applicationphysicalpath=c:\inetpub\wwwroot\job\&applicationurl=/job

Also, Wast is not allowed for remote access by default. such as: Http://serverIP/blabla

Well, after introducing some notes about WAST, we can use it in our own ASP.net program. The following two scenarios are mainly described:

1 perform membership and role management on the IIS server.

2) in the external network access.

The first situation is not difficult, it takes only two simple steps:

1 in order to use WAST, we can publish it in a application in the default site, application point to the original directory of Wast or the copy directory. Then, for local access only, we set it to Windows Integrated authentication (which requires disable anonymous authentication). Also note that the identity of the application pool specified for WAST requires permission to read and write application database files, such as the db file in the App_Data directory. Otherwise, there will be an access denied error.

2 Our ASP.net program is also publish in another application of the default site, and adding a URL to the Link,link that accesses wast in a page is the example we just gave. Or you can access it directly in IE using that link.

Now we can use WAST on local IIS. But you still can't make remote access through HTTP://SERVERIP/BLABLA. The above is just to maintain your site from the admin point of view on IIS server. If you need to access wast from the outside, you need to modify its source code so that we can access it via HTTP://SERVERIP/BLABLA (please make a backup before modifying it:)).

Second scenario:

1 Open the Wast web.config file, delete the impersonate and authorization definitions, and modify Windows validation to forms authentication because we need to access it from the outside.

2 Open the Wast WebAdminPage.cs file under the App_Code folder, Ctrl+f search to the IF (!application. Context.Request.IsLocal) and change it to if (false).

3 Deploy Wast to a application in IIS and set it to forms authentication. It is also necessary to note that the identity of the application pool specified for WAST requires permission to read and write application database files, such as the db file in the App_Data directory. Otherwise, there will be an access denied error.

4 Deploy the ASP.net program in another application of IIS.

5 The main problem now is that WAST is not authenticated, and any anonymous user can access it through HTTP://SERVERIP/BLABLA. In the Forms validation program, it is not difficult to solve the problem, you can try it yourself.

6 can now go to the test is not OK.