"ASP.NET Membership builds on the success of the Forms authentication model from ASP.NET 1.x. ASP.NET Forms authentication provides a convenient way to incorporate a login form into your ASP.NET application and validate users against a database or other data store." The ASP.NET Membership system has been extended to include other credential stores, such as windows authentication and Active Directory. The membership provider connects to the configuration file element <membership>, a child of <system.web>, to configure the default provider, the list of providers, and the settings that each provider uses.
ASP.NET membership that incorporates authentication, authorization, membership and roles into a series of subsystems and providers that you can use to easily allow for personalization and secure access to your websites. There is an excellent overview of membership in the Learn section discussing migration from classic ASP.
- ASP.NET 2.0 Membership, Roles, Forms Authentication, and Security Resources by Scott Guthrie....
- How to add a Login, Roles and Profile system to an ASP.NET 2.0 app in only 24 lines of code by Scott Guthrie...
- Examining ASP.NET 2.0's Membership, Role and Profile - A multi-part series on Membership, Role and Profile by famous Scott Mitchell
- Part 1 - learn about how the membership features make providing user accounts on your website a breeze. This article covers the basics of membership, including why it is needed, along with a look at the
SqlMembershipProvider and the security Web controls.
- Part 2 - master how to create roles and assign users to roles. This article shows how to setup roles, using role-based authorization, and displaying output on a page depending upon the visitor's roles.
- Part 3 - see how to add the membership-related schemas to an existing database using the ASP.NET SQL Server Registration Tool (
- Part 4 - improve the login experience by showing more informative messages for users who log on with invalid credentials; also, see how to keep a log of invalid login attempts.
- Part 5 - learn how to customize the Login control. Adjust its appearance using properties and templates; customize the authentication logic to include a CAPTCHA.
- Part 6 - capture additional user-specific information using the Profile system. Learn about the built-in
- Part 7 - the Membership, Roles, and Profile systems are all build using the provider model, which allows for their implementations to be highly customized. Learn how to create a custom Profile provider that persists user-specific settings to XML files.
- Part 8 - learn how to use the Microsoft Access-based providers for the Membership, Roles, and Profile systems. With these providers, you can use an Access database instead of SQL Server.
- Part 9 - when working with Membership, you have the option of using .NET's APIs or working directly with the specified provider. This article examines the pros and cons of both approaches and examines the SqlMembershipProvider in more detail.
- An Extended Look at the Profile Object - Part1
- An Extended Look at the Profile Object - Part 2
- An Extended Look at the Profile Object - Part 3
- Introduction to Membership
Revision number 7, Friday, July 04, 2008 10:49:41 AM by bmains
You must Login to comment.
Wed, Jul 20, 2011 5:59 AM
Your video links are dead
Mon, Feb 4, 2008 8:00 AM
Here are a few good tutorial articles that provide a good conceptual overview of how the new membership and role management system works.Check out ScottGu's post on ASP.NET 2.0 Membership, Roles, Forms Authentication, and Security Resources Blogs Scott
Thu, Feb 14, 2008 3:35 AM
Profile The Profile provider stores information on a user defined by the profile properties in the web.config. By default the properties are storedin an XML blob in a SQL Express database but a custom profile provider can be written to allow storage in an
Wed, May 20, 2009 7:14 AM
Creating a custom membership provider
When working with an ASP.NET site that requires some sort of user authentication (almost every time, I'd say), we often need to establish our own logic, and use our own database instead of the one provided by ASP.NET (with our own data model or stuff)