Beginning ASP.NET 2
.0.pdf
Membership and Identity
Figure 4-2
3.Pop out the Common Tasks menu again by clicking the small arrow in the top right and select LoggedInTemplate from the drop-down list, then type You are logged in in the box. This will ensure that the page will tell you when you’re logged in or not.
4.Drag a LoginStatus control onto the page underneath the LoginView control, as shown in Figure 4-3. This control will give you a hyperlink to either log in or log out, depending on whether or not you’re currently logged in.
Figure 4-3
109
Chapter 4
5.The next step is to create a login page, so right-click the root of the web site in the Solution Explorer and select Add New Item. In the dialog that appears, depicted in Figure 4-4, select Web Form and call it Login.aspx.
Figure 4-4
6.In the newly created page, drag a Login control onto the page from the Login section of the Toolbox, as shown in Figure 4-5.
Figure 4-5
110
Membership and Identity
7.In the flyout that appears, you have the option of administering the web site. At this stage, you have the framework ready to roll, but you’ll need to configure the site by adding some user accounts before the site will work, so click the Administer Website link in the flyout to launch the ASP.NET Web Application Configuration Tool, which is covered in the next Try It Out example.
How It Works
These controls are really quite powerful, and although you’re not quite at the stage of running the example, you can feel confident that you’re only a few steps away from having a fully functional (if a little simplistic) application for trying out login functionality. These controls are a new addition to this edition of ASP.NET; previously, you would have had to add text boxes, buttons, and write lines of VB.NET or C# code to handle the login process, to display messages relating to whether or not you are logged on, and to change the view of the page depending on the current user. At this stage, all you’ve had to do is drag and drop a couple of controls onto a page, and you’ll be pleased to know that this is all you need to do to get the framework
of an application together.
So, first take a look at the controls that were added to the pages, starting with the Default.aspx page.
Viewing the source on Default.aspx will display the following code:
<asp:LoginView ID=”LoginView1” Runat=”server”> <LoggedInTemplate>
You are logged in </LoggedInTemplate> <AnonymousTemplate>
You are not logged in. </AnonymousTemplate>
</asp:LoginView>
<asp:LoginStatus ID=”LoginStatus1” Runat=”server” />
You can see that two controls are defined in the code: a LoginView control for displaying login information and a LoginStatus control that can be used to control the login and logout processes. Note that if you configured your site as in this example, you will not see the anonymous template message because anonymous users are denied access to the site (and are redirected straight to the login page).
In the Login.aspx page, you will see the following code has been added:
<asp:Login ID=”Login1” Runat=”server”>
</asp:Login>
Barely any code at all! Everything has been pre-written, so you don’t see any text boxes, you don’t see any validation code — you just see a single line of code. ASP.NET 2.0 has tools available so that you can actually create complex controls like this yourself, but that’s a bit beyond this chapter.
Try It Out |
Personalized Site: User Account Configuration |
Once you click the administration link in Step 7 of the previous Try It Out, the web page shown in Figure 4-6 will be displayed (note that the port number used will be different whenever you launch this for the first time).
111
Chapter 4
Figure 4-6
1.Click the Security link to take you to the Security settings administration tab, shown in Figure 4-7.
Figure 4-7
112
Membership and Identity
2.In this page you will see a hyperlink that enables you to launch the Security Setup Wizard. Click this link to proceed to the first stage in the wizard, as depicted in Figure 4-8.
Figure 4-8
3.Click Next to skip past the first page, and you’ll arrive at the screen shown in Figure 4-9. Select the From the Internet radio button to enable both anonymous users and users who have to log in via the Web.
113
Chapter 4
Figure 4-9
Click Next to continue to the next screen, displayed in Figure 4-10.
114
Membership and Identity
Figure 4-10
You can skip straight past this step and click Next to continue — the default provider will enable all of the required functionality without additional work. In the next screen, you are asked if you want to define any roles for the web site. In this example, you can skip this step — you will be defining roles later in this chapter. Keep the checkbox unchecked and click Next.
4.When you reach the next screen, shown in Figure 4-11, you will be prompted to enter some details for a user.
115
Chapter 4
Figure 4-11
5.As shown in Figure 4-12, enter some details for a user of the site — these could be your name, my name, anyone’s name! Just make sure you don’t forget the password you enter — you’ll need this later on. Clicking the Create User button shows a confirmation prompt, at which point you can click Continue to create another user. At this stage, you should create two users — one standard user and one that you’ll use later as the administrator of the site.
Later, you’ll be able to give these users appropriate access permissions for the site. Note that you don’t get the option to make these users members of any roles at this stage — this is done later in the setup process. Click Next to continue.
116
Membership and Identity
Figure 4-12
6.The next step is to define the accessibility levels for the site, defining who is able to see the content of the site, and who is denied access. At this stage, you can add permissions to users directly. Later on, you will add those users to groups and assign rights and permissions to entire groups of people. As illustrated in Figure 4-13, you need to grant the Allow permission to each user individually, and deny access to all anonymous users. To set permissions for a user, select the User radio button, enter the username in the box next to the radio button, select Allow, and click Add This Rule. To deny access to anonymous users, select the Anonymous Users radio button, click Deny in the Permission section, and click Add This Rule.
Once you click Next, you should see that you have completed the wizard, which means that you should now have a web site with some user profiles and some access rights restrictions. All that remains is to try out the pages!
117
Chapter 4
Figure 4-13
7.Back in VWD, press Ctrl+F5 to run the Default.aspx page — you should see the screen shown in Figure 4-14.
Figure 4-14
118