Introduction to login controls in ASP. NET 2.0

Many new functions and controls are added in Asp.net 2.0. Among them, the New Login control makes the web application design more handy. What is a login control? This is the user registration, login, and password that we usually use in Web applications. Different pages are displayed based on different permissions after logon, now we can use the provided controls in Asp.net 2.0. There are many login controls in ASP. NET 2.0, which encapsulate a series of functions for system login in most web applications. This article will briefly introduce their main functions.

First, in Asp.net 2.0, a new membership framework is introduced to facilitate the creation and management of users and password protection for pages in Web applications. The new framework includes new features for processing authentication and authorization, which can meet the needs of web site administrators and developers at the same time. The web site administrator can use the new web site management tool to create new users and roles, and control access to pages in Web applications. A web site management tool is a set of pre-compiled ASP. NET pages. Users with no programming skills can use it to configure web applications. With the membership API, programmers can easily use the Drag Control Method and use a small amount of code to fully manage users and role permissions, you can also customize the extension.

The membership framework contains two default user verification programs: the default accessmembershipprovider and sqlmembershipprovider. If you want to store member identity information in the Microsoft SQL Server database, you can configure the application to use sqlmembershipprovider. If you want to use the ACCESS database, use accessmembershipprovider. You can also create a custom membership provider. For example, if you want to store member identity information in an XML file or an Oracle database and want to create your own member identity Provider, You need to implement all the methods and attributes of the abstract class membershipprovider. In this article, the ACCESS database is used as an example to describe, so accessmembershipprovider is used.

We can use the Web Site Security Configuration tool that comes with Asp.net 2.0 to automatically create a database that stores user role identities without programming. For example, you need to create an Access database that stores user names, passwords, password prompts, user emails, and other information. This can be achieved through the Web Site Security Configuration tool. The procedure is as follows:

1) Use Visual Studio express 2005 to create a web site named dorknozzle and use VB.. NET language. Click ASP in the website menu of Visual Studio Express. net configuration, a new page window will pop up, with the security option selected, such:

2) security settings are divided into three parts: users, roles, and rules. Because this is the first configuration, select "to configure security step by step, use the security setup wizard" and click "Next" on the page that appears to go to the next step.

In step 2, you can select the verification type. For example, if your site is published on the internet or Intranet, click Next to go to the next step. The system will prompt you to use aspnetaccessprovider and click Next, the system will ask if you want to create a role-based application. If you want to use a role in the application, you must check the ticket. If you do not select this option, continue to the next step.

3) at this time, the system will ask us to enter the information of the created user, such as the user name, password, email, and other information. After entering the information, click Next to go to the next step.

4) The system will allow you to set detailed rules for a user, such as allowing a user to drive or refuse to use a role. This article will ignore the need, and continue to select next for the next step. At this time, the initial configuration of the system is completed.

At this time, accessmembershipprovider will automatically create an access data file for aspnetdb under the Data Directory of the current project, open it, and you will find that related tables, such as the aspnet_users table, are automatically generated, stores basic user information, the aspnet_membership table, and the user's encrypted password and other information.

After completing the above steps, we will start to understand and use the login control in Asp.net 2.0. These controls are in the login logging Group of the toolkit. There are seven login, loginview, passwordrecovery, loginstatus, loginname, createuserwizard, and changepassword controls. The following describes them one by one:

　Login Control

Drag a login control to the form, and you will find that the logon window is almost the same. In the Properties window of the control, the destinationpageurl attribute is more important, this attribute specifies the page to jump to after login, while failuretext indicates the text prompted after logon failure, createusertext indicates the text prompted for creating a new user, and passwordrecoverytext indicates the text prompted for the password, passwordrecoveryurl indicates the link to implement the password prompt recovery function. In addition, you can set many of its attributes, such as displaying the user name, Password text, and the text of the login button passwordrecoveryurl, you can give it a try. The login box after the initial attribute setting is as follows:

　　Loginname and loginstatus controls

In the General login module, after a user successfully logs in, the user's current login identity will be displayed, for example, the "Welcome XXX user login" prompt, and "logout (Exit) "prompt, at this time, we can use the loginname and loginstatus controls to achieve, in the index. on the ASPX page, add

<Form runat = "server"> Welcome <asp: loginname id = "lnuser" runat = "server"/>, your login was successful! <Br/> <Asp: loginstatus id = "lsuser" runat = "server"/> </Form>

After a user logs in, the following information is displayed:

　　Loginview Control

Another 10-minute useful control is loginview. It displays different post-login content based on different user roles. For example, after logging on as an administrator, you want to see the personnel information of all departments, but only the personnel of a certain department can see the information of only the department. The loginview control can do this. In this example, if you want the system to display the information to anonymous visitors, you want them to register users. If you have logged on to the system, the text that welcomes them to access again is displayed. The anonymoustemplate template and loggedintemplate template of the loginview control are used. The anonymoustemplate template is used to display the prompt information for anonymous users. The loggedintemplate template is used to display the prompt information for logged-in users. The Code is as follows:

<Asp: loginview id = "lvdorknozzle" runat = "server"> <Loggedintemplate> Welcome <asp: loginname id = "lnuser" runat = "server"/> </Loggedintemplate> <Anonymoustemplate> Welcome to the dorknozzle site! <Br/> Please click on the new user link to register on our site. </Anonymoustemplate> </ASP: loginview>

Run as follows:

Createuserwizard Control With this control, you can easily guide users to register step by step. Drag it to the design form, such: Of course, you can set more attributes, such as headertemplate, startnavigationtemplate, and finishnavigationtemplate, for specific settings, refer to online help. This control allows users to send emails after successful registration, for example: <Asp: createuserwizard id = "createuserwizard1" runat = "server"> <Maildefinition Bodyfilename = "newuseremail.txt" From = "welcome@dorknozzle.com" Subject = "welcome to the dorknozzle site! "/> </ASP: createuserwizard> You need to configure the email in the web. config file, for example: <Configuration> <System. Web> <Authentication mode = "forms"/> <Smtpmail servername = "localhost"/> </System. Web> </Configuration> 　　Passwordrecovery password restoration control This control allows you to easily restore the password prompt and email the password to the user. The Code is as follows: <Asp: passwordrecovery id = "prforgotpass" runat = "server"> </ASP: passwordrecovery> The implementation is shown in: After you enter the user name, you need to enter the password to restore the answer, for example: In the control, set and email the restored password to the user. <Asp: passwordrecovery id = "prforgotpass" runat = "server"> <Maildefinition Bodyfilename = "forgotpassword.txt" From = "helpdesk@dorknozzle.com" Subject = "Word has it, you forgot your password? "/> </ASP: passwordrecovery> 　　Changepassword You can easily change the password by changing the password control, including a maildefinition attribute. If the value is assigned to the maildefinition attribute, the changepassword control automatically sends an email to the user when the password is successfully changed. 　　 　　Directly use the membership API Sometimes, a higher level of control (higher than the control level provided by the web site management tool or login Control) needs to be performed on the member identity. In these cases, you can directly use the membership API. The membership API is made public through the membership class. The membership class allows you to do the following: Create a new user, change the password, and search for users matching a specific condition. Behind the scenes, the login control uses these methods to interact with the configured membership provider. Some important methods of the membership class are listed below: Createuser-allows you to create new users. Deleteuser-allows you to delete existing users. Findusersbyemail-enables you to retrieve a set of users that match a specific email address. Findusersbyname-enables you to retrieve user sets that match a specific user name. Generatepassword-enables you to generate random passwords. Getallusers-enables you to retrieve all users stored in the membership provider. Getnumberofusersonline-enables you to return the number of users currently accessing Web applications. Getuser-enables you to retrieve the member identity information associated with the current user, or enables you to retrieve the member identity information associated with a user who has provided the user name. Getusernamebyemail-enables you to retrieve the user name of a user with a specific email address. Updateuser-enables you to update information of a specific user. Validateuser-enables you to authenticate a user based on the membership identity Provider. Finally, we use this API to implement slightly more complex functions. In index. aspx, add a label control to display the number of online users. The Code is as follows: Number of users online: <Asp: Label id = "lblnumusersonline" runat = "server"/> In the page-load event, add the following code: Sub page_load (S as object, e as eventargs) handles mybase. Load Lblnumusersonline. Text = _ Membership. getnumberofusersonline (). tostring () End sub The number of online users is displayed. In addition, we add a gridview to display the online status of all users, whether certain permissions and related information are allowed. <Asp: gridview id = "gvusers" runat = "server" autogeneratecolumns = "false"> <Columns> <Asp: boundfield headertext = "username" datafield = "username"/> <Asp: boundfield headertext = "is online? "Datafield =" isonline "/> <Asp: boundfield headertext = "is approved? "Datafield =" isapproved "/> <Asp: boundfield headertext = "email" datafield = "email"/> </Columns> </ASP: gridview> And bind the gridview: Gvusers. datasource = membership. getallusers (); Gvusers. databind (); The final running result is as follows: 　　Summary: This article describes the simple usage of the newly added logon control series in Asp.net 2.0 and the simple use of the newly added membership API, for more information, see msdn or the official version.

Address: http://dev.csdn.net/Develop/article/28/75533.shtm