It has been sometime since I wrote an article. I was away
learning more on IIS 7. In the meantime, I was also spending some time writing
samples in C# for ASP.NET. I like coding with C#. I think the language has a
lot of power and grace. Today, I am going to write about step-by-step
procedures to setup Forms Authentication using ASP.NET 2.0 Membership
Providers. In my opinion, the providers are one of the greatest features of ASP.NET
As you may know, forms authentication is especially useful
when you want to authenticate a user from the internet. In the previous
versions all of the coding against the authentication store needed to be done
by the developer himself. Microsoft has made this easier by providing
membership providers that allow you to authenticate against commonly used
authentication stores without any code. Keep in mind that these providers work
for most cases, but you could still extend these classes and write your own
The membership providers provide excellent abstraction for
the web application with the underlying authentication store. The providers
that are currently available are:
SqlMembershipProvider works against the Microsoft SQL Server
databases. ActiveDirectoryMembershipProvider works against Microsoft Windows
Active Directory and Active Directory Application Mode (ADAM). In this posting
I want to show you how to accomplish the following:
1. Setting up ActiveDirectoryMembershipProvider.
2. Using AuthorizationManager (Azman) with these providers.
3. Touch up on Active Directory Application Mode.
4. Setting up and using SqlMembershipProvider.
To best test your scenarios, it will be really good to have
a virtual setup of your own with a domain controller, a web server and a client
machine. I setup 4 virtual machines to test these scenarios: A domain
controller running Windows Server 2003 SP2, a web server running Windows Server
2003 SP2, Windows XP Pro SP2 and a Windows Server 2003 SP2 hosting SQL Server
2005 instance. I will mark out the places where you will need to make changes
for your environment.
Ingredients: We need some basic
ingredients to start that we can re-use. Also, I have tried to use as much
default settings and minimal code possible so that much of the work is done by
ASP.NET. I also explained the attributes that you can optionally configure. You
can download these from the download link to start with.
Besides this, we need to configure the membership providers
correctly to make this work. Configuring membership providers is easy. You need
a Membership provider, a role provider and a SQL Connection string that is
mapped to these providers. Besides these, there are a few attributes that are
common to almost all membership providers.