Custom Form-Based Authentication in ASP.NET
page 1 of 7
Published: 14 Dec 2005
Unedited - Community Contributed
If you have built a web application with classic ASP or even .NET 1.1, you know the amount of effort that went into creating form-based authentication. You pretty much had to do accomplish every tedious task such as building the login form and performing validation just to name a couple. If you wanted to utilize role-based management in an application, you had to write even more code! With the release of .NET 2.0 these days are behind us. Join Steven as he explains how to take advantage of these features in ASP.NET 2.0.
by Steven Swafford
Average Rating: 
Views (Total / Last 10 Days): 34472/ 70


[Download Sample Code]

Have you ever been in a position where you were required to integrate authentication into your Web application? If the Web application is for the intranet, this is typically a simple process: just enable Windows authentication within IIS. More often than not this is typically not a luxury that we have in the case of more common internet Web applications, and when you take into account the volume of potential users of internet Web applications, custom form-based authentication is the only scalable solution.

For those of you who wrote code in classic ASP, accomplishing such a task was at times overwhelming. Then along came .NET 1.x, which of course makes such a task simpler; however, there was still much to accomplish when it came to form-based authentication. With the recent RTM of .NET 2.0 and the combination of Visual Studio .NET 2005, these days are over. With little or no effort you can accomplish form-based authentication in no time.

The purpose of this article is to introduce the simplicity of the following:

  1. Membership Management
  2. Preparing Your SQL Server Database
  3. Security Server Controls
  4. Role Management

Figure 1: Simple Authentication State Diagram

As you can see in the above diagram, when a user enters the application, two possible courses of action occur.

  1. The user is authenticated, so the requested content is returned.
  2. The user is not authenticated and is sent to a registration form. Once the registration process is successful, then and only then is the requested content returned.

View Entire Article

User Comments

No comments posted yet.

Product Spotlight
Product Spotlight 

Community Advice: ASP | SQL | XML | Regular Expressions | Windows

©Copyright 1998-2024  |  Page Processed at 2024-04-23 12:48:20 AM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search