Membership and Role Management
Using the Web Site Administration Tool
Many of the actions shown in this chapter can also be performed through the Web Site Administration Tool shown in Figure 8-21.
Figure 8-21
Although you can easily use this tool to perform all the actions for you, often you perform these actions through your own applications as well. It is important to know all the possibilities when programming an ASP.NET application.
The Web Site Administration Tool is detailed in Chapter 14.
261
Chapter 8
Summar y
This chapter covered two outstanding new additions to ASP.NET 2.0. These are probably my favorite new ASP.NET features. The membership and role management services that are now a part of ASP.NET make managing users and their roles almost trivial.
This chapter reviewed both the Membership and Roles APIs and the controls that also utilize these APIs. These new controls and APIs follow the same data provider models as the rest of ASP.NET 2.0. The examples were presented using Microsoft Access, but you can also use Microsoft SQL Server for the back-end storage.
Chapter 9, “Personalization,” builds on this chapter and shows you how to use SQL Server as the backend data store as well. The lessons you learn in the next chapter can also be applied here.
262
Personalization
Many Web applications must be customized to contain information that is specific to the end user who is presently viewing the page. In the past, the developer usually provided storage of personalization properties for end users viewing the page by means of cookies, the Session object, or the Application object. Cookies enabled storage of persistent items so that when the end user returned to a Web page, any settings related to him were retrieved. Cookies aren’t the best way to approach persistent user data storage, however, because they are not accepted by all computers, and also because a crafty end user can easily alter them.
As you saw in the previous chapter, ASP.NET 2.0’s membership and role management capabilities are ways for ASP.NET to conveniently store information about the user. How can you, as the developer, use the same mechanics to store custom information?
ASP.NET 2.0 provides you with a new and outstanding feature — Personalization. The ASP.NET Personalization engine provided with this latest release can make an automatic association between the end user viewing the page and any data points stored for that user. The personalization properties that are maintained on a per-user basis are stored on the server and not on the client. These items are conveniently placed in a data store of your choice (such as Microsoft’s SQL Server) and, therefore, the end user can access these personalization properties on later site visits.
This new feature is an ideal way to start creating highly customizable and user-specific sites without building any of the plumbing beforehand. The new Personalization feature is yet another way that the ASP.NET team is making the lives of developers easier by making them more productive.
The Personalization Model
The Personalization model provided with ASP.NET 2.0 is simple and, as with most items that come with ASP.NET, it is an extensible model as well. Figure 9-1 shows a simple diagram that outlines the new Personalization model.
Chapter 9
Server Controls
Web Parts
Interfaces
Profile API |
Control Personalization |
Data Stores
SQL Server 7.0/2000/Yukon |
Jet (Access) |
Custom |
Figure 9-1
From this diagram, you can see the three layers in this model. First, look at the middle layer of the Personalization model — the Personalization Services layer. This layer contains the Profile API. This new Profile API layer enables you to program your end user’s data points into one of the lower-layer data stores. Also included in this layer are the server control personalization capabilities, which are important for the Portal Framework and the use of Web Parts. The Portal Framework and Web Parts are discussed in Chapter 10.
Although controls are built into ASP.NET that utilize the new personalization capabilities for storing information about the page settings, you can also use this new engine to store your own data points. Just like Web Parts, these points can be used within your ASP.NET pages.
Below the Personalization Services layer, you find the two default personalization data providers — one for working with Microsoft’s SQL Server, and another for working with Microsoft Access Jet data stores. You are not limited to just these two data stores when applying the new personalization features of ASP.NET 2.0; you can also extend the model and create a custom data provider for the personalization engine.
Now that you have looked briefly at the personalization model, you can begin using it by creating some stored personalization properties that can be used later within your applications.
Creating Personalization Proper ties
The nice thing about creating custom personalization properties is that you can do so easily, and you gain a strongly typed access to the items you create. It is also possible to create personalization properties that are used only by authenticated users, and also some that anonymous users can utilize. These
264