Realization of provider in asp.net Whidbey

asp.net
"Whidbey" is the next version of the Microsoft Tools suite. According to Microsoft's plan, it will be launched by the end of 2004.
ASP.net 2.0 (codename Whidbey) provides a very powerful and easy-to-use framework model for user authentication, role management, etc. through the provider model. Whidbey provides a asp.net configuration tool that makes it easy to configure user information databases, manage roles, and so on, and then work with new security controls, with little code to implement user authentication and role management capabilities. For specific use of these controls and configuration tools, refer to this article: securing ASP.net applications with more streamlined code

However, in the Whidbey of the PDC preview version, the functionality of this configuration tool is not perfect. From what I've used, it can now only create and connect to its own demo Access database, and cannot connect to the SQL Server database for expansion. Therefore, in order to be able to connect SQL Server, we must provide our own providers. The portal database connecting IBuySpy is used to illustrate how to implement a membership Provider.

In order to figure out how to implement our own membership Provider, it's important to look at how Whidbey's default membership Provider is done. In the Machine.config configuration file, Whidbey uses a configuration similar to the following:

<membership defaultprovider= "AspNetAccessProvider" userisonlinetimewindow= "15"
<providers>
<add name= "AspNetSqlProvider"
Type= "System.Web.Security.SqlMembershipProvider, system.web, version=1.2.3400.0, Culture=neutral, publickeytoken= b03f5f7f11d50a3a "Connectionstringname=" LocalSqlServer "
Enablepasswordretrieval= "false"
Enablepasswordreset= "true"
Requiresquestionandanswer= "false"
Applicationname= "/"
Requiresuniqueemail= "false"
Passwordformat= "Hashed"
Description= "Stores and retrieves membership data from the local Microsoft SQL Server database"
/>

<add name= "AspNetAccessProvider"
Type= "System.Web.Security.AccessMembershipProvider, system.web, version=1.2.3400.0, Culture=neutral, PUBLICKEYTOKEN=B03F5F7F11D50A3A "
Connectionstringname= "Accessfilename"
Enablepasswordretrieval= "false"
Enablepasswordreset= "true"
Requiresquestionandanswer= "false"
Applicationname= "/"
Requiresuniqueemail= "false"
Passwordformat= "Hashed"
Description= "Stores and retrieves membership data from the local Microsoft Access database File"
/>

</providers>
</membership>

For a more detailed explanation of this configuration file, refer to the "A" at ASP.net v. 2.0.
As you can see, Whidbey uses SqlMembershipProvider or AccessMembershipProvider for user authentication and management by default. These two provider implement the Iprovider and Imembershipprovider interfaces, which are also necessary for each membershipprovider, where Iprovider is responsible for provider initialization, And Imembershipprovider realizes the main function of MembershipProvider. They are defined as follows:

Namespace System.Configuration.Provider
{
public interface Iprovider
{
public string Name {get;}
public void Initialize (string name,
System.Collections.Specialized.NameValueCollection config);
}
}

Namespace System.Web.Security
{
public interface Imembershipprovider
{
public bool ChangePassword (string name, String oldpwd, string newpwd);
public bool Changepasswordquestionandanswer (string name, string password,
String newpwdquestion, String newpwdanswer);
Public System.Web.Security.MembershipUser CreateUser (string Username, string password, string email,out System.Web.Security.MembershipCreateStatus status);
public bool DeleteUser (string name);
Public System.Web.Security.MembershipUserCollection getallusers ();
public int getnumberofusersonline ();
public string GetPassword (string name, string answer);
Public System.Web.Security.MembershipUser GetUser (string Name,bool userisonline);
public string Getusernamebyemail (string email);
public string ResetPassword (string name, string answer);
public void UpdateUser (System.Web.Security.MembershipUser user);
public bool ValidateUser (string name, string password);
public string ApplicationName {get; set;}
public bool enablePasswordReset {get;}
public bool enablePasswordRetrieval {get;}
public bool requiresQuestionAndAnswer {get;}
}
}

Now it's time to make our own MembershipProvider:

public class Mymembershipprovider:iprovider, Imembershipprovider
{
......
}

Verification functionality is required:

public bool ValidateUser (string name, string password)
{
String connectstr = configurationsettings.connectionstrings["Portaldata"];
SqlConnection myconnection = new SqlConnection (CONNECTSTR);
SqlCommand mycommand = new SqlCommand ("Userlogin", MyConnection);
myCommand.CommandType = CommandType.StoredProcedure;

Add Parameters to SPROC
SqlParameter parameteremail = new SqlParameter ("@Email", SqlDbType.NVarChar, 100);
Parameteremail.value = name;
MYCOMMAND.PARAMETERS.ADD (Parameteremail);

SqlParameter Parameterpassword = new SqlParameter ("@Password", SqlDbType.NVarChar, 20);
Parameterpassword.value = password;
MYCOMMAND.PARAMETERS.ADD (Parameterpassword);

SqlParameter parameterusername = new SqlParameter ("@UserName", SqlDbType.NVarChar, 100);
Parameterusername.direction = ParameterDirection.Output;
MYCOMMAND.PARAMETERS.ADD (Parameterusername);

The Open the database connection and execute the command
Myconnection.open ();
Mycommand.executenonquery ();
Myconnection.close ();
if ((Parameterusername.value!= null) && (Parameterusername.value!= System.DBNull.Value))
return true;
return false;
}



You can now configure ConnectionString in Web.config:

<connectionStrings>

<add name= "Bugdepotdata" connectionstring= "Data source= (local); Trusted_connection=true;database=portal "/>

</connectionStrings>

In this way, a simple membershipprovider of our own is basically done. Next you need to configure Web.config so that controls that require provider services can recognize it:

<membership>
<providers>
<add name= "Mymembershipprovider" type= "Mymembershipprovider" appname= "/"
</providers>
</membership>

This setting is a reference to Machine.config, where the value of the Type property is such a string:

Type= "ProviderType, Assembly, Version, Culture, PublicKeyToken"

Since our mymembershipprovider is placed in the/code directory and not in a separate assembly, it is only necessary to point out providertype.

In this way, a provider with a validation function is complete, and a new security control, such as the login control, can now be placed on the page. and specifies that its membershipproperty is mymembershipprovider (or you can also set the membership Defaultprovider property to Mymembershipprovider). Open forms validation and try to make it to a successful landing?