How To Implement Forms-Based Authentication in Your ASP.NET Application by Using C#.NET

How To Implement Forms-Based Authentication in Your ASP.NET Application by Using C#.NET

This article refers to the following Microsoft .NET Framework Class Library namespaces:

• System.Data.SqlClient
• System.Web.Security

IN THIS TASK

• SUMMARY
• • Requirements
  • Create an ASP.NET Application Using Visual C# .NET
  • Configure the Security Settings in the Web.config File
  • Create a Sample Database Table to Store Users Details
  • Create a Logon.aspx Page
  • Code the Event Handler So That It Validates the User Credentials
  • Create a Default.aspx Page
  • Additional Notes
• REFERENCES

ummary

---

This article demonstrates how to implement forms-based authentication by using a database to store the users.

Requirements

The following list outlines the recommended hardware, software, network infrastructure, and service packs that you need:

• Microsoft Visual Studio .NET
• Microsoft Internet Information Services (IIS) version 5.0 or later
• Microsoft SQL Server

Create an ASP.NET Application Using C# .NET

1. Open Visual Studio .NET.
2. Create a new ASP.NET Web application, and specify the name and location.

Configure the Security Settings in the Web.config File

This section demonstrates how to add and modify the <authentication> and <authorization> configuration sections to configure the ASP.NET application to use forms-based authentication.

1. In Solution Explorer, open the Web.config file.
2. Change the authentication mode to Forms.
3. Insert the <Forms> tag, and fill the appropriate attributes. (For more information about these attributes, refer to the MSDN documentation or the QuickStart documentation that is listed in the
   REFERENCES section.) Copy the following code, and then click Paste as HTML on the
   Edit menu to paste the code in the <authentication> section of the file:

   <authentication mode="Forms">
      <forms name=".ASPXFORMSDEMO" loginUrl="logon.aspx" 
      protection="All" path="/" timeout="30" />
   </authentication> 
   

4. Deny access to the anonymous user in the <authorization> section as follows:

   <authorization>
      <deny users ="?" />
      <allow users = "*" />
   </authorization>

 

作者:Chuck Lu    GitHub