Tải bản đầy đủ - 0 (trang)
Chapter 13. Adding and Managing Users and Roles

Chapter 13. Adding and Managing Users and Roles

Tải bản đầy đủ - 0trang

Chapter13.AddingandManagingUsers

andRoles

INTHISCHAPTER

UsersandRoles186

ConfiguringAuthentication186

AddingNewUsers188

EnablingandAddingRoles190

ConfiguringAccessRules193

WhatHappensUndertheHood?194

Checkpoint196



UsersandRoles

Whenyouaredevelopingamembershipsystemforaweb

application,you'lloftenrestrictaccesstoparticularpages(or

theentirewebsite),toparticularusers,ortooneormore

groups(orroles)ofusers.

Auserisavisitortoyourwebsitewithaknownidentitywhois

identifiedbyausername.InthecontextofanASP.NET

membershipwebsite,ausernamecanbeprovidedbyanetwork

administrator(forexample,aWindowsloginusername),orit

canbeausernamedefinedintheASP.NETmembership

databaseandapplicableonlytotheASP.NETwebsite.

Aroleisagroupofoneormoreuserswithanexplicitidentity.

ArolecanbeaWindowsgroup,oritcanbearoledefinedonly

intheASP.NETmembershipdatabase.

TocontrolaccesstoyourwebsiteusingASP.NETmembership,

theASP.NETapplicationmustidentifytheuserbyusernameina

processknownasauthentication.



ConfiguringAuthentication

WhenusingASP.NETmembershipfeatures,themostcommon

typeofauthenticationisASP.NETformsauthentication.Forms

authenticationiswell-suitedtoauthenticatingusersaccessing

yourwebsiteovertheInternet.

FormoreinformationonASP.NETforms

authentication,see"UnderstandingForms

Authentication,"p.102.

Herearesomeofthereasonswhyusingformsauthenticationis

recommendedforanInternetsite:

Userinformationisstoredinadatabaseanduserscan

createtheirownaccountseasilyifnecessary.

Userscanchangeorretrievelostpasswordseasily.

Youcancreatealoginwebpagethatsharesthelookand

feelwiththerestofyourwebsite.

ASP.NETprovidesfullfunctionalityforauthenticationand

authorizinguserswithoutwritinganyadditionalcode.

Note

It'spossibletouseWindowsauthenticationwith

ASP.NETmembership,butdoingsoismostcommonin

intranetenvironments.

FormoreinformationonusingWindowsauthentication

withASP.NETmembershipfeatures,checkoutScott

Guthrie'sblogpostat

weblogs.asp.net/scottgu/archive/2006/07/12/Recipe_3A00_Enabling-Windows-Authentication-within-an-IntranetASP.NET-Web-application.aspx.



Thefollowingstepsshowyouhowtoconfigureforms

authenticationforyourwebsite.Openthewebsiteyoucreated

inChapter8.Toconfiguretheauthenticationforthewebsite,

followthesesteps:

1. ClicktheASP.NETConfigurationbuttonatthetopofthe

SolutionExplorer,asshowninFigure13.1.



Figure13.1.TheASP.NETConfigurationbutton

providesaneasymeansoflaunchingthe

ASP.NETconfigurationwebsite.



2. IntheASP.NETWebSiteAdministrationTool,clickthe

Securitytab.

3. ClicktheSelectAuthenticationTypelink,asshowninFigure

13.2.



Figure13.2.TheSelectAuthenticationType

linkallowsyoutochoosebetween

authenticationtypesforyourwebsite.



[Viewfullsizeimage]



4. ChoosetheFromtheInternetoptionasshowninFigure

13.3,andthenclickDone.



Figure13.3.WhenyouselecttheFromthe

Internetoption,yourwebapplicationis

configuredforASP.NETformsauthentication.

[Viewfullsizeimage]



WhenyouchoosetheFromtheInternetoption,theWebSite

AdministrationToolconfiguresyourapplicationtouseASP.NET

formsauthentication.Bydefault,allusersareallowedtoaccess

anyportionofthewebsite.Therefore,eventhoughthewebsite

isnowconfiguredtouseformsauthentication,nooneis

requiredtologintoviewthesite.Laterinthischapter,you'll

configureaportionofthewebsiteasamembers-onlysection

thatwillrequireuserstologin.



AddingNewUsers

WhenusingASP.NETmembershipwithformsauthentication,

youcanaddnewuserstothesitewiththeWebSite

AdministrationTool.Whenyouadduserstothesite,

informationisaddedtothemembershipdatabasesothatthe

usercanlogintothewebsitewiththeusernameandpassword

thatyouassign.

Tip

Asyou'llseeinthenextchapter,youcanalsocreatea

webpagewhereuserscansignthemselvesupwithan

accountforyourwebsite.

Nowyoucantryaddinganewusertothewebsite.Fornow,

you'lljustaddtheuseraccount.Laterinthischapter,you'll

createsomerolesandconfigureaspecificportionofthe

websitethatonlyregistereduserscanaccess.

1. Openthewebapplicationyou'vebeenworkingon

throughoutthisbook.



Note

Ifyouhaven'tcompletedthewebsiteupto

thispoint,youcandownloadthewebsite

fromwww.quepublishing.com.

2. OpentheWebSiteAdministrationToolandclicktheSecurity

tab.

3. ClicktheCreateUserlinkasshowninFigure13.4.



Figure13.4.ClicktheCreateUserlinktocreate

anewuserforyourwebsite.

[Viewfullsizeimage]



4. Entertheinformationforyournewuserintotheform(use

yourownfirstnamefortheusername)andclickCreate

UserasshowninFigure13.5.



Figure13.5.FillintheformandclickCreate

Usertocreateanewuser.

[Viewfullsizeimage]



Tip

IfyougetanerrorwhenworkingwiththeWebSite

AdministrationTool,tryclosingyourbrowserand

relaunchingtheWebSiteAdministrationToolfrom

SolutionExplorer.



Tip

Onethingyoumayhavenoticedisthatthemembership

providerhasprettytoughpasswordrequirements.You

canchangetherequirementsifyouwish.There'sa

goodblogpostonthatat

weblogs.asp.net/owscott/archive/2005/05/11/406550.aspx.



EnablingandAddingRoles

Mostsitesthatauthenticateusersbeforeallowingaccessdon't

giveeveryonethesamelevelofaccess.Forexample,basic

usersmightbeabletoreadinformation,whereassomeother

usersmightbeabletomodifydata.Youmightalsowantto

havesomepagesthatonlysomeusersareallowedtoaccess.

Forexample,ifyouhaveapagethatallowsforreviewingand

editinguseraccountinformation,youwouldwanttotightly

controlwhocanaccessthatpage.Youcouldmanuallyassign

accessrightstoyoursiteeachtimeyoucreateanewuser,but

thatcanquicklybecomecumbersomebecauseyou'dhaveto

manuallysetaccessrightstoeveryresource.

Creatingrolesforyourusersisamuchmoreeffectivewayto

manageaccesstoyourwebsite.Aroleisanamedgroupof

users.Afteryoucreateauser,youcanassignhimorhertoone

ormoreroles.Youcanthengrantordenyaccesstoafileor

folderofyourwebsitebasedontherole.

Note

Whenanewusersisaddedtoyourwebsite,heorshe

isnotaddedtoanyparticularrolebydefault.Tomakea

useramemberofarole,theusermustbeexplicitly

addedtotherole.

You'llcreatetworolesforyourwebsite;UsersandEditors.

Userswillbeabletoaccessthewebsiteandreaddatafromthe

database.Editorswillalsobeabletoreaddata,butthey'llalso

beabletoaccessthepagesthatallowforeditingthedata.



EnablingRoles

Beforeyoucanaddnewrolestoyourwebsite,youneedto

enableroles.Todothat,followthesesteps:



1. OpenthewebsiteinVisualWebDeveloperifyouhaven't

alreadyopenedit.

2. OpentheWebSiteAdministrationToolandclicktheSecurity

tab.

3. ClicktheEnableRoleslinkasshowninFigure13.6.



Figure13.6.TheEnableRoleslinkadds

informationtoyourwebconfigurationfileso

thatyoucantakeadvantageofthispowerful

feature.

[Viewfullsizeimage]



WhenyouclicktheEnableRoleslink,theCreateorManage

Roleslinkactivatessothatyoucancreatesomenewrolesfor

yourwebsite.



CreatingRoles



Next,you'llcreatetheUserandEditorrolesasdescribed

previously.

1. ClicktheCreateandManageRoleslinkthatactivatedwhen

youenabledroles.

2. TypeUsersfortherolenameandclickAddRole,asshown

inFigure13.7.



Figure13.7.EntertherolenameandclickAdd

Roletocreatetherole.

[Viewfullsizeimage]



3. TypeEditorsforthesecondrolenameandclickAddRole.

Youshouldnowseebothnewroleslisted,asshowninFigure

13.8.

Figure13.8.Eachroleislistedinatable,alongwithlinks



Tài liệu bạn tìm kiếm đã sẵn sàng tải về

Chapter 13. Adding and Managing Users and Roles

Tải bản đầy đủ ngay(0 tr)

×