IIS authentication and authorization
Authentication: - prove genuinenessAuthorization: - process of granting approval or permission on resources.
web.config
unknown user.
‘Admin.aspx’ pages.
---------------------
Authentication: - prove genuineness
Authorization: - process of granting approval or permission on resources.
from:codeproject
-----------------------------
In order to do custom authentication you need to need to just replace “FormsAuthentication.Authenticate” statement with your validation. For instance in the below code we have used
‘clsUser’> Collapse | Copy Code
clsUser objUser = new clsUser();
if (objUser.IsValid(txtUser.Text,txtPass.Text))
{
FormsAuthentication.RedirectFromLoginPage(txtUser.Text, true);
}
-----Asp.net ASP.NET membership and roles
1、Run aspnet_regsql.exe from ‘C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727’ folder. Enter SQL Server credentials and run the exe. This will install all the necessary stored
procedures and tables as shown in figure ‘Object created by aspnet_regsql.exe’
2.Specify the connection string in the ‘web.config’ file where your ASP.NET roles tables and stored procedures are created.
3.Specify the ASP.NET membership provider and connect the same with the connection string provided in the previous step.
------------------
4.We also need to specify the role provider and connect the same with the connection string provided in the previous session.
------------------------------
5.Now you can user the "Membership"> Membership.CreateUser("aa01","sss"); //create a user in table dbo.aspnet_Users, (ApplictionId UserName LoweredUserName)
user(0)="aa01";
Roles.CreateRole("Developer");
Roles.AddUsersToRole(user,"Developer");// Table aspnet_Users(UserName) , aspnet_User..(UserId,RoleId),aspnet_Roles(RoleName);
Forms Authentication using Single Sign on
Many time we would like to implement single sign on across multiple sites. This can be done using forms authentication. You can implement forms authentication in both the websites
with same machine key. Once the validation is done in one website a cookie text file will be created. When that user goes to the other website the same cookie file will used to ensure
that the user is proper or not.
Please note you need to have same machine key in both the web.config files of your web application.
Collapse | Copy Code
You can see a very detail article on Single sign at http://msdn.microsoft.com/en-us/library/ms972971.aspx . You can also download the code from http://download.microsoft.com/
download/B/7/8/B78D1CED-2275-4AEE-B0BE-0DEA1A2A9581/MSDNEnterpriseSecurity.msi
The above discusses how a internal intranet and internet application login through one single sign-on facility.
页:
[1]