by May 8, 2004 0 comments



One of the best things about ASP.Net is the automation of mundane tasks such as Web-page building and creating dynamic pages. For instance, the Validator controls quickly let you create client and/or server-side validation form elements without having to write even a single line of code. ASP.Net 2.0, which is a part of the upcoming Visual Studio.Net 2005 (earlier codenamed Whidbey), takes this concept to the next level. There are now a number of controls, classes and namespaces that let you manage your website in a better way. One of these is a set of security controls.

Let’s see what a website that contains restricted pages entails. First, the pages within the site must disallow anonymous access into the site so that when a user comes directly to a page, he is shown as ‘not logged in’ and is, therefore, asked to do so. The user should be able to register and then log in, thereby gaining access to the website’s pages and performing some standard tasks, such as logoff, change password and view/edit profile.

For site after site, a Web developer continues to write code and make the same sort of pages. However, with ASP.Net 2.0 and VS.Net 2005, this chore becomes a breeze-thanks to the new security controls in ASP.Net. There are many controls under this category. Let’s take a look at how to create a site with these controls that do most of the above without having to write any code at all!

First open VS.Net Whidbey and create a new website. In the Solution Explorer, add a new Web.Config file and open it for editing. Within the <system.web> element, add the following line.

<authentication mode=”Forms” />

Save the file and open the default.aspx file in this. Write some welcome text to the file and from the toolbox drop in the control called LoginStatus on the page. This will show you a link saying Login. Create a new page called Login.ASPX and drop the control called Login into this page. This uses a new control called <asp:login>. When this is dropped in the page, you immediately get username and password fields, a login button and appropriate labels. The ability for the user to save his password for the page is also built in. 

If you enter values in the CreateUserText and CreateUserURL properties of this control, you can create a ‘Register new user text’ that points to the URL you specify in the second property. The control can be customized by changing its visual properties or selecting autoformat templates. If you wish to also give a page to the user that allows him to retrieve his password if forgotten, you can point him to such a page by entering values in the PasswordRecoveryText and PasswordRecoveryURL properties. For instance, you can enter ‘Forgot your password? Click here’ and ‘getpass.aspx’ in these.

The next step is to create the user registration page. For this create a new new ASPX page by the same name that you gave in the CreateUserURL property. Drop the CreateUser control onto this page and turn on/off the fields you wish to store. Do note, however, that the PDC build of Whidbey does not yet have this control. 

Create the forgot password page by the name you specified in the login control. Drop the control called Password Recovery into this and customize it. Finally, create a welcome page for logged in users and personalize it easily using the Login Name control. This control simply outputs the name of the user who is logged in currently. 

Direct Hit!
Applies to:
.
Net developers
USP: Automates repetitive tasks of Web development

Once all this is done, it becomes quite easy to work with it. Run the app in your browser and test out the features of the controls. Each control is also highly customizable as well as skinnable using the ASP.Net skinning techniques (for more on skinning, read Developing Skins for Web Pages, page 81, PCQuest, April 2004).

So, here’s to creating a complete website registration and login module without writing a single line of code at all! Next month we’ll take a look at personalizing the pages for your Web users.

Vinod Unny Enterprise InfoTech

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

Your data will be safe!Your e-mail address will not be published. Also other data will not be shared with third person.