Site Search:
Sign in | Join | Help
4Penny.net

ASP.NET

Notes, Tricks and Tips on ASP.NET Coding

How To Set Up ASP.NET 2.0 Forms Authentication

Here is a walk through for setting up Forms Authentication in ASP.NET 2.0

1. Set up a SQL Server database for the project.

2. Run C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe. This will open a wizard and create the database structure in your database

3. Go back to the database and grant access to the user account that will be used by the site. I grant access to 'data writer', 'data reader', and any of the 'asp' roles at the bottom of the list that I need.

4. Insert the following code into the web.config file system.web section:

<authentication mode="Forms"> <forms loginUrl="login.aspx" name=".myAppName" timeout="10080" defaultUrl="default.aspx" protection="All" path="/" requireSSL="false" slidingExpiration="true" enableCrossAppRedirects="false" cookieless="UseDeviceProfile" domain=""> </forms> </authentication>
<roleManager enabled="true" defaultProvider="RoleProvider" cacheRolesInCookie="true" cookieName="HPRotatorRoleCookie" cookiePath="/" cookieProtection="None" cookieSlidingExpiration="true" createPersistentCookie="true"> <providers> <add name="RoleProvider" applicationName="myAppName" type="System.Web.Security.SqlRoleProvider" connectionStringName="myConnString" /> </providers> </roleManager> <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15"> <providers> <clear/> <add name="SqlProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="myConnString" applicationName="myAppName" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" minRequiredPasswordLength="4" minRequiredNonalphanumericCharacters="0" passwordFormat="Hashed"/> </providers> </membership>

also add this in the conneciton string section:

<connectionStrings>
<add name="connectionStringName" connectionString="Data Source=myServer;User Id=myUser;Password=myPassword;Initial Catalog=myDatabase" providerName="System.Data.SqlClient" />
</connectionStrings>

This code will allow role-based access to a directory:
<location path="associates"> <system.web> <authorization> <allow roles="associate"/> <deny users="*"/> </authorization> <customErrors mode="Off"/> </system.web> </location>


5. Set the the users in the site by going to Website > ASP.NET Configuration. Add users as needed, and add those users to roles as needed.
Published Jan 11 2007, 08:20 PM by Steve Gray
Filed under:

Comments

No Comments

Leave a Comment

(required)  
(optional)
(required)  
Add

About Steve Gray

Steve is a seasoned (translate: old) developer in VB and ASP.NET. He spends most of his time in Dynamics GP, writing custom mods for consulting firms. Crystal reports, eConnect, VS Tools for Dynamics... anything that comes along.