ASP.NET 3.5 Basic User Account Management
(Page 1 of 4 )
User account management is an important topic in ASP.NET 3.5 web development. Since websites will be deployed on the Internet, where users need to interact, user account management is essential to provide the website's required functionality (involving user interaction). This article will show you the basics of using the ASP.NET 3.5 membership system.
Examples of the functionality that a user account management system can provide are the following:
Registering users for the website. If your website accepts some form of membership, then you will need to define that in ASP.NET's user management system.
Providing security to administrative folders. Of course this is necessary, since the website will be deployed on the Internet. Without user management, any user can access administrative folders. These folders are meant to be accessed only by the website's administrators.
Limiting access to public users. Public and anonymous users are the same. So if your website offers some benefits for the members (registered users) such as free access to downloadable materials, then you need to restrict unregistered, anonymous users from accessing those folders.
Overview of ASP.NET 3.5 Membership System
To manage user-related accounts, you need to enable the ASP.NET 3.5 membership system. This is done at the website development stage, where the website administrators and initial sets of users are defined.
Understanding ASP.NET 3.5's membership system is simple. The overall functionality/features of this membership system can be visualized in the hierarchy chart below:
To enable the ASP.NET membership system, you need to select two types of authentication. For Internet/ website applications, you need to choose Internet- based authentication using web forms. Windows-based authentication is commonly used in corporate LAN/intranet applications.
This article will focus only on the ASP.NET 3.5 user account management applied to Internet/web applications. If you are looking for an in-depth tutorial on Windows-based authentication in ASP.NET 3.5, you can refer to this tutorial: http://www.wrox.com/WileyCDA/Section/ASP-NET-3-5-Windows-Based-Authentication.id-310905.html
Once you have enabled your website to accept Internet-based authentication, you need to add users and categorize them according to “roles.” The three most common types of roles are the administrator, registered users and public/anonymous.
Roles are used in defining the access rights for every user of the website. For example, in the hierarchy chart above, the administrator can access all of the website's files and folders, whereas the registered users can only access folders meant for them. The public users (non-registered members of the website) are only allowed to access the normal web pages designed for browsing and information purposes.
As in web forums, administrators can control all of the files, and the registered members can post, reply or create new threads, while the public users are only allowed to read the thread posts. For public users to have access rights in creating threads or replying to any post, they will need to become registered users of the forum.
Next: Enabling ASP.NET membership in the development phase >>
More ASP.NET Articles
More By Codex-M
