Forms Authentication in ASP.NET 2.0
How to ...
- Set Authentication in web.config
Create an authentication element under System.Web and set its mode attribute to Forms.
The default- and login-page will be created later on. DefaultUrl returns the configured or default URL for the page to return after the request has been successfully authenticated. LoginUrl returns the configured or default URL for the Login page. This matches the loginUrl configuration attribute. - Set Authorization in web.config
Create an authorization element under System.Web and set its attributes.
Only users that belong to the Administrator-role are allowed. All other users will not have access. You can also set this info (authentication and authorization) in the ASP.NET Web Site Administration Tool. - Create Login.aspx
When users request any page from the Web site and if they have not previously been authenticated, they are redirected to a page named Login.aspx. This file name has already been specified earlier in the Web.config file (loginUrl).
To create this page, I've used the Login Control (ASP.NET 2.0). It takes input from the user and validates the username and password entered, confirms authentication or denies it. If authentication was successful, the user will be redirected to the default URL (default.aspx). - Create Default.aspx
Create a webpage with info that can only be accessed after authentication of the user. - Configure database to store information for ASP.NET application services [Membership]
I won't explain this into detail. More info about this in a previous post and at http://weblogs.asp.net/scottgu/archive/2005/08/25/423703.aspx - Create new user and assign Aministrator-role to user
The Web Site Administration Tool will help you to do this ...
If you wanted this functionality in ASP.NET 1.x you had to write a lot of code. All this functionality is now available with the new ASP.NET 2.0 Login Controls.