Download presentation
Presentation is loading. Please wait.
Published byMarilynn Phelps Modified over 9 years ago
1
Membership in ASP.Net...if only Presented by: Patrick Hynds President, CriticalSites Microsoft Regional Director
2
Agenda Membership Provider Model Custom Providers –SOA based membership example –Making a custom provider do what the standard ones won’t (Demo)
3
Membership API Included Membership providers –SQL Server (and SQL Express) –Active Directory (Windows) –Access (kind of…) Installs as a Visual Studio 2005 VSI template Custom Membership providers –Oracle –MySQL –SQLLite3 –Others + whatever you write yourself… Membership Service
4
Service for managing users and credentials –Declarative access via Web Site Admin Tool –Programmatic access via Membership and MembershipUser classes Membership class provides base services MembershipUser class represents users and provides additional services Provider-based for flexible data storage
5
Membership Service (cont.) Vastly simplifies forms authentication –Provides logic for validating user names and passwords, creating accounts, and more –Provides data store for storing credentials, e- mail addresses, and other membership data
6
Membership Schema Membership API Membership Data SQL Server Other Data Stores Membership Providers Active Directory LoginLoginStatusLoginViewOther Controls MembershipMembershipUser SqlMembershipProvider ActiveDirectory- MembershipProvider Other Providers
7
LoginView...
8
The Membership Class Provides static methods for performing key membership tasks –Creating and deleting users –Retrieving information about users –Generating random passwords –Validating logins Also includes read-only static properties for acquiring data about provider settings
9
The MembershipUser Class Represents individual users registered in the membership data store Includes numerous properties for getting and setting user info Includes methods for retrieving, changing, and resetting passwords Returned by Membership methods such as GetUser and CreateUser
10
Configuring the SQL Membership Provider
11
Provider Model Enable new functionality in a transparent fashion Enable extensibility for –Web services –Browser based “Atlas” clients –Smart clients Application services as pluggable building blocks Decoupled via configuration Use structural classes for your own features
12
Provider Model Feature Lifecycle Feature config. Static feature class Provider instances
13
Provider Configuration Membership providers support a number of configuration settings –How should passwords be stored (cleartext, hashed, encrypted)? –Should password recovery be enabled? –Must each user have a unique e-mail address? Exposed as properties of provider class Initialized from CONFIG files
14
public class QuotationsConfiguration : ConfigurationSection { [ConfigurationProperty("providers")] [ConfigurationProperty("providers")] public ProviderSettingsCollection Providers public ProviderSettingsCollection Providers { get; get; } [ConfigurationProperty("defaultProvider", [ConfigurationProperty("defaultProvider", DefaultValue = "StaticQuotationProvider")] DefaultValue = "StaticQuotationProvider")] public string DefaultProvider public string DefaultProvider { get; get; set; set; }} Provider Model Feature Configuration
15
When to Build a Provider Physical 3-tier deployments –May not allow web server to connect directly to SQL Server Schema isn’t working for you Your data isn’t in a supported format or repository You need that killer feature that isn’t provided by existing providers
16
Projecting Membership Design Issues Authenticating to the web service –Not all methods should be public Serialization of MembershipUser –Read-only properties don’t serialize WebMethod parameter constraints –Collection types and [out] parameters Selecting from multiple providers –Choosing a non-default provider
17
Projecting Membership 3-Tier Flow Web server Webservice provider Webservice server.asmx Membership wrapper SQL provider Application code
18
Projecting Membership Authenticated Flow Internet client Application Webservice server.asmx Membership wrapper SQL provider.asmx Formsuth wrapper “login” Returns forms ticket pass ticket w/ each request Validate ticket and roles
19
Creating a Custom Membership Provider
20
Summary Rewrite or enhance features Project current features onto other platforms via web services or other methods Use the provider infrastructure for your own features Don’t screw it up, you can always make life worse – especially in security
21
Resources Custom Membership Providers Oracle Provider –Supports Membership, Roles and Personalization –Included in the PetShop sample –http://msdn.microsoft.com/library/default.asp? url=/library/en-us/dnbda/html/bdasamppet4.asp Access Database Provider –Supports Membership, Roles and Personalization –Installs as a Visual Studio 2005 VSI template –http://msdn.microsoft.com/vstudio/eula.aspx?id=96713 a8e-b8d4-4d6e-bb8f-027e6c8e15d8
22
Resources Custom Membership Providers (cont.) MySQL Provider –Support for ASP.NET Membership and Roles –http://www.codeproject.com/aspnet/ MySQLMembershipProvider.asp SQLLite3 –Supports Membership and Roles –http://www.eggheadcafe.com/articles/ 20051119.asp
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.