Start learning with our library of video tutorials taught by experts. Get started
Viewers: in countries Watching now:
Thousands of businesses have used Microsoft ASP.NET to build professional, dynamic websites. In this course, web developer David Gassner demonstrates the tools needed to build and deploy a dynamic site using ASP.NET 3.5 or 4.5. Covering everything from installing and configuring Visual Web Developer 2008 or Visual Studio Express 2012 for Web and SQL Server Express to creating web form pages, this course is designed to give beginning and intermediate developers hands-on experience.
When you use the Login components, it results in creating an SQL server database named automatically ASPNETDB.MDF and the security framework uses the underlying SQL server engine that's installed on the local machine to connect to that database, populate it with tables and then start adding user information. The tables are named automatically. They each have a prefix of ASP.NET_ and then a suffix that describes the purpose. When you create a new user, records are added automatically to two of these tables and as an ASP.NET administrator, it's important to know about these tables and understand a little bit about their structure.
First of all, the aspnet_Users table contains primary information about each user. I'll go to the Database Explorer, to the Tables list, locate the aspnet_Users table, right-click and select Show Table Data and you will see that when I created the new user that a record was created in this table with the user name. Notice that the user name is populated twice; once however you have typed it and then once as the lowercase version. It's the lowercase version that's used to compare when you login.
This means that the user name itself is non-case-sensitive while the password is case-sensitive. There are other columns in this table, but you will notice that there is no storage here of the user's password. That information and other useful bits of information are in a linked table called aspnet_Membership. I will open the data for that table as well and show you that there is also one record here linked to the record in the user's table. The password is stored in the Password column and it's stored in a hash-encoded form that can only be used to compare and not to retrieve.
Once again, there are other columns here used for various conditions. There is the email address, the lowercase version of the email address, the password question and the hashed version of the password answer. If you want to remove a user from the authentication model, first go to the aspnet_Membership table and remove the record there, then go to the Users table and remove the record there. If you try to remove the record from the Users table first, you will find you are not able to because there is a database constraints to put in place automatically that makes sure that you don't orphan records in the linked membership table.
Other tables in the database structure are used for row-based security and for sharing user information across applications. Those details are beyond the scope of this tutorial, but if you want to learn more about the database structure, read the ASP.NET documentation about the security system. This architecture and the components that I'm using are a part of ASP.NET 3.5 and were not available in earlier versions of the framework. In earlier versions, to implement this sort of authentication, there was a certain amount of programming that you had to do and in 3.5, it's all been fairly automated. So, in the chapter so far, I started off by creating the Login component on a page of its own and then I created the Create New User wizard on a page of its own and linked them together.
In the remaining steps, I'll show you how to configure the website so that when a user tries to visit a particular page, access is denied and the user instead is sent over to the Login form.
Find answers to the most frequently asked questions about ASP.NET Essential Training.
Here are the FAQs that matched your search "":
Sorry, there are no matches for your search ""—to search again, type in another word or phrase and click search.
Access exercise files from a button right under the course name.
Search within course videos and transcripts, and jump right to the results.
Remove icons showing you already watched videos if you want to start over.
Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.
Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.