Security - Forms Authentication

Slides:

Advertisements

Similar presentations

Editorial roles Members of a Manila site can be assigned an editorial role if you want to grant them access to write stories or modify the appearance of.

Advertisements

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.

Presentation Heading – font Arial

DNR-322L & DNR-326.

Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.

Copyright ®xSpring Pte Ltd, All rights reserved Versions AuthorDateDescription 1.0NBL2012/05First version. Modified from Enterprise edition.

Authenticating Users in an ASP.NET Application. Web Site Administration Tool From VS 2008, click Website/ ASP.Net Configuration to open Web Site Administration.

Website Security ISYS 512. Cookies Data in Cookies System.Web Which web site set the cookie Expiration date –DateTime data type –TimeSpan data type One.

Chapter 7 Managing Data Sources. ASP.NET 2.0, Third Edition2.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Working with SharePoint Document Libraries. What are document libraries? Document libraries are collections of files that you can share with team members.

Fuddle Baris Tevfik Matt Lee David Cheung Ben Paolillo.

CONFIGURING WINDOWS SERVER MIS 424 Professor Sandvig.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Copyright © 2007, SAS Institute Inc. All rights reserved. SAS Activity-Based Management Survey Kit (ASK): User Management & Security.

Forms Authentication, Users, Roles, Membership Svetlin Nakov Telerik Corporation

Tutorial 10 Adding Spry Elements and Database Functionality Dreamweaver CS3 Tutorial 101.

Copyright ®xSpring Pte Ltd, All rights reserved Versions DateVersionDescriptionAuthor May First version. Modified from Enterprise edition.NBL.

DocuShare Training Welcome to DocuShare Training.

Web Based Inventory Site Building Room Asset Number Category Type Description Serial Number Manufacturer Model Vendor Name Acquired Date P O Number Budget.

Copyright 2000 eMation SECURITY - Controlling Data Access with

Web Programming: Client/Server Applications Server sends the web pages to the client. –built into Visual Studio for development purposes Client displays.

Dr. Mustafa Cem Kasapbaşı Security in ASP.NET. Determining Security Requirements Restricted File Types.

ASP.NET The Clock Project. The ASP.NET Clock Project The ASP.NET Clock Project is the topic of Chapter 23. By completing the clock project, you will learn.

Database Handling, Sessions, and AJAX. Post Back ASP.NET Functionality The IsPostBack method in ASP.NET is similar to the BlackBerry.refresh method –IsPostBack.

Module 11: Securing a Microsoft ASP.NET Web Application.

Slide 1 ASP Authentication There are basically three authentication modes Windows Passport Forms There are others through WCF You choose an authentication.

BIT 285: ( Web) Application Programming Lecture 15: Tuesday, February 24, 2015 Microsoft Azure Instructor: Craig Duckett.

What is Web Site Administration Tool ? WAT Allow you to Configure Web Site With Simple Interface –Manage Users –Manage Roles –Manage Access Rules.

Chapter 10: Rights, User, and Group Administration.

Packaging for Voracity Solutions Control Panel David Turner.

Configure the Server –Login to the Web-Based Server Manager Username “admin” Password – your password –You can change the.

MEMBERSHIP AND IDENTITY Active server pages (ASP.NET) 1 Chapter-4.

Web Access. Overview  Purpose  Prerequisites  Install Components  Enable Virtual Directories  IIS Configuration & Security  Troubleshooting.

Module 5 : Security I Jong S. Bok

Configuring and Deploying Web Applications Lesson 7.

1 CS 3870/CS 5870: Note 14. Prog5 Due 10 PM Wednesday, Oct 21 Authentication and Authorization 2.

1 Connecting to a Database Server. 2 We all have accounts, with a single database each, on a Microsoft SQL Server on the USF network: allman.forest.usf.edu.

Configuring a Membership Site Configure your Web site for membership Create folders for members-only content Prevent anonymous users from accessing members-only.

Working with ASP.NET Controls What is ASP.NET Using server controls in your pages Allowing users to create their own accounts Creating a login page Letting.

Entity Framework Database Connection with ASP Notes from started/getting-started-with-ef-using-mvc/creating-an-

COMP3121 E-Commerce Technologies Richard Henson University of Worcester December 2009.

Using the Personal Image Photo Library

Nithyamoorthy S Core Mind Technologies

Security In your webSite.

Unit 7 Learning Objectives

Authentication and Authorisation in ASP.Net

ASP .NET MVC Authorization Training Videos

Using E-Business Suite Attachments

CONTENT MANAGEMENT SYSTEM CSIR-NISCAIR, New Delhi

Data Virtualization Tutorial… OAuth Example using Google Sheets

CNIT131 Internet Basics & Beginning HTML

Create Virtual Directory Windows 8 - IIS 8.5

Part 1 of 2 Creating SQL Database and Binding to GridView

Jon Galloway | Tech Evangelist Christopher Harrison | Head Geek

LMS: Contractor Sign In

Security mechanisms and vulnerabilities in .NET

02 | Developing ASP.NET MVC 4 Models

What Is Sharepoint? Mohsen Ashkboos

Web Development in Microsoft Visual Studio 2013

Configuring Internet-related services

Creating and Linking New Pages

Unemployment Insurance Agency Michigan Web Account Manager

To the ETS – Accounts Setup and Preferences Online Training Course

LMS: Contractor Sign In

Complete exercise 8-11 in the workbook.

Warranty screenshots.

Presentation transcript:

Security - Forms Authentication By Dr Derek Peacock Most web sites have to restrict access to certain pages to specified users or groups of users. Microsoft’s Membership Framework looks after such authentication.

Web.config Alternative is Windows mode SQL Server File Type By default security is built in to a ASP.NET Web Forms application or an ASP.NET MVC application, and the settings are already in the root level web.config file. Forms mode is best used with internet applications and Windows mode for intranet applications. In forms mode the use must enter a username and password to access the pages where access is limited to authorised users. By default usernames and passwords will be stored in a local SQL Server LocalDb database file stored in the App_Data folder. This database is automatically created when the first user registers. All these settings can be changed. Project Name DateTime

Initialise the Database To create the SQL Server database to store user names and passwords, run your application and select Register. By default passwords need to be 6 or more characters.

Login Once registered, the users name replaces the register link in the top right hand corner of the web page. To login again once log offed click on the Log In link.

Data Validation The register and login pages have built in data validation

Accessing the Database File Show all files For some reason the new database file is not automatically part of the project. This means the file is not displayed in the solution explorer, unless you display all files. You may need to refresh files first. To view the contents of the SQL Server database file, you need to view the SQL Object Inspector.

Membership Settings The membership security system can be configured in various ways. The standard settings are shown above. The only one I would be tempted to change for sure is that I believe each user should have a unique email address in order to avoid confusion.

Setting Up Roles In order to assign different roles to different users, go to Project => ASP.NET Configuration, and then select security.

Enable Roles Before you can create roles, roles need to be enabled and then different roles such as admin and client can be created and added.

Roles Added Once roles have been added then you can click Manage to assign a role to a user.

Roles Assigned Once roles have been created, they can be assigned to chosen users, or all users. Enabling roles is a setting written into the web.config file.

Database Content The membership database has been greatly simplified in Visual Studio 2012 compared to earlier versions. It is however easier to use the ASP.NET configuration pages, although descriptions for roles could be entered directly.