Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member
When you use the Login components, it results in creating an SQL server database named automatically ASPNETDB.MDF and the security framework uses the underlying SQL server engine that's installed on the local machine to connect to that database, populate it with tables and then start adding user information. The tables are named automatically. They each have a prefix of ASP.NET_ and then a suffix that describes the purpose. When you create a new user, records are added automatically to two of these tables and as an ASP.NET administrator, it's important to know about these tables and understand a little bit about their structure.
First of all, the aspnet_Users table contains primary information about each user. I'll go to the Database Explorer, to the Tables list, locate the aspnet_Users table, right-click and select Show Table Data and you will see that when I created the new user that a record was created in this table with the user name. Notice that the user name is populated twice; once however you have typed it and then once as the lowercase version. It's the lowercase version that's used to compare when you login.
This means that the user name itself is non-case-sensitive while the password is case-sensitive. There are other columns in this table, but you will notice that there is no storage here of the user's password. That information and other useful bits of information are in a linked table called aspnet_Membership. I will open the data for that table as well and show you that there is also one record here linked to the record in the user's table. The password is stored in the Password column and it's stored in a hash-encoded form that can only be used to compare and not to retrieve.
Once again, there are other columns here used for various conditions. There is the email address, the lowercase version of the email address, the password question and the hashed version of the password answer. If you want to remove a user from the authentication model, first go to the aspnet_Membership table and remove the record there, then go to the Users table and remove the record there. If you try to remove the record from the Users table first, you will find you are not able to because there is a database constraints to put in place automatically that makes sure that you don't orphan records in the linked membership table.
Other tables in the database structure are used for row-based security and for sharing user information across applications. Those details are beyond the scope of this tutorial, but if you want to learn more about the database structure, read the ASP.NET documentation about the security system. This architecture and the components that I'm using are a part of ASP.NET 3.5 and were not available in earlier versions of the framework. In earlier versions, to implement this sort of authentication, there was a certain amount of programming that you had to do and in 3.5, it's all been fairly automated. So, in the chapter so far, I started off by creating the Login component on a page of its own and then I created the Create New User wizard on a page of its own and linked them together.
In the remaining steps, I'll show you how to configure the website so that when a user tries to visit a particular page, access is denied and the user instead is sent over to the Login form.
Get unlimited access to all courses for just $25/month.Become a member
82 Video lessons · 97204 Viewers
61 Video lessons · 84490 Viewers
71 Video lessons · 68700 Viewers
56 Video lessons · 101178 Viewers
Access exercise files from a button right under the course name.
Search within course videos and transcripts, and jump right to the results.
Remove icons showing you already watched videos if you want to start over.
Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.
Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.
Your file was successfully uploaded.