I’m back to working on ASP.NET web applications again. Specifically I’ve been working with the ASP.NET 2.0 membership tools using a SQL Server 2005 database and so I’ve managed to build a list of pretty useful links and bits of knowledge that are handy to have when doing this.
Setting up a remote database for membership
By default, just quickly creating the ASP.NET application with the login controls on the website will cause the ASP.NET server to attempt to generate a database in the App_Data directory but I wanted to have the membership tables that ASP.NET will create be located on my database server with in my main database. This was a little bit trickier and there are a lot of different sites out there that propose ways of doing this but none of them seemed to work.
The simplest way I found was from the Discountasp.net forums. I am using Discountasp.net but when I run web application on my localhost and just connect to the Discountasp.net server, it works so I suspect this should work for all instances where you just need a simple remote membership database.
How to configure the ASP.NET 2.0 Membership/Roles Provider to use SQL 2000 or SQL 2005?
The information in this article applies to:
• ASP.NET 2.0
• MS SQL 2000
• MS SQL 2005
This article describes how to configure the ASP.NET 2.0 Membership/Roles provider to use SQL 2000 or SQL 2005.
The following steps create the full Application Services database schema on our SQL Server database.
Open the command prompt on your local computer, and navigate to: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727
Execute the command: aspnet_regsql.exe -S [DB Server Name] -U [DB login] -P [Password] -A all -d [Database name]
Currently, there is no management interface to manage the membership database besides using Visual Web Developer or creating your own application using the membership provider class.
Below is an example of how to configure Visual Web Developer to manage the membership database.
Create a web application in Visual Web Developer or Visual Studio 2005.
Open the web.config.
The default membership provider uses a connection string called "LocalSqlServer".
< add name="LocalSqlServer" connectionString="Data Source=<
DB_User>;Password=<DB_password>" providerName="System.Data.SqlClient" />
Save and close the web.config.
Go to Website menu, and run the ASP.NET Configuration tool. This will open the Web Site Administration tool.
In the Web Site Administration tool, go to the Security tab.
Click on "Select authentication type".
Select "From the internet". Click the Done button.
Create your admin roles and users.
Then create access rules.
Create a rule that applies to the "Anonymous users" with "Deny" permissions.
Create another rule that applies to the admin role you created with "Allow" permissions.
Your application is now ready to use the membership provider, and you can begin creating your login forms.
User logged in checked programmatically
You’ll need to check this a lot. Actually, it might be better to write your own methods to encapsulate this check but the easiest and fastest way to check if a user is logged in is to use the code.
The variable _loginPanel is a panel that contains the login form. If they’re logged in, it shouldn’t show up.
_loginPanel.Visible = false;
_loginPanel.Visible = true;
Get the UserID of the user
There is going to come a point where you’ll need to access the UserID and it’s better to use the UserID when referring to the user than to use the UserName because the UserID column is the primary key by default in the database that the membership tools generate and so searching is going to be faster.
MembershipUser newUser = Membership.GetUser(User.Identity.Name);
Response.Write("User key " + newUser.ProviderUserKey.ToString());
In order for this code to work though, the user must be logged in so you need to check to make sure the user is logged in before using this code otherwise you’ll receive an error.
Adding events after a user is created
When using the Create User control, there is an event on the CreateUserWizard called CreatedUser that fires after the new user has been saved to the database. This is handy if you need to add anything extra to the database after the user was generated.
protected void Page_Load(object sender, EventArgs e)
CreateUserWizard1.CreatedUser += _newUserCreated;
protected void _newUserCreated(object sender, EventArgs e)
CreateUserWizard userWizard = (CreateUserWizard)sender;
MembershipUser newUser = Membership.GetUser(userWizard.UserName);
Response.Write("User key" + newUser.ProviderUserKey.ToString());
Maintain scroll position when the user is created (On postback)
There are a couple of ways to do this. If you’re familiar with the AJAX libraries (formerly ATLAS) from Microsoft, it’s pretty easy to add an update panel so that only the User Creation control updates asynchronously but if you want a really fast way, adding the line
to the top line of your aspx page is probably the fastest method for doing this. So my code looks like this.
<%@ Page Language="C#" MasterPageFile="~/MasterPage.master" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" Title="Untitled Page" MaintainScrollPositionOnPostback="true" %>
Redirect after a user is created
One of the problems with the Create User control is that there are so many properties that all seem like they do the same thing. If you need to redirect the user to a members only page once they’ve registered, it’s pretty easy but the user must be authenticated which doesn’t happen when the CreateUserWizard.CreatedUser event is fired. But what happens is that a little lable replaces the original signup textboxes now alerting the user that they have successfully registered and there is a continue button. When the user presses this button, it then redirects them. I’m also assuming that clicking the button also signs the user into the site as well. So you need to set the CreateUserWizard property ContinueDestinationPageUrl to the page you want the user to be redirected to after they signup.