Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
BOOK: ASP.NET 3.5 Enterprise Application Development with Visual Studio 2008: Problem Design Solutio
This is the forum to discuss the Wrox book ASP.NET 3.5 Enterprise Application Development with Visual Studio 2008: Problem Design Solution by Vincent Varallo; ISBN: 9780470396865
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: ASP.NET 3.5 Enterprise Application Development with Visual Studio 2008: Problem Design Solutio section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old June 2nd, 2009, 01:15 PM
ocn ocn is offline
Authorized User
 
Join Date: Jun 2009
Posts: 15
Thanks: 5
Thanked 0 Times in 0 Posts
Default Form Based Authentication instead of Windows authentication

I understand the framework in the book is designed for Windows authentication. I would like to create a login page, allows users to update their profiles, and reset their password in case they forget.

Could someone please give me some insights if I would like to use a form authentication rather than Windows authentication? What would I need to change in web.config or ENTUserAccount? Could I implement the framework with ASP.NET Membership?

I truly appreciate if you can provide me your suggestions.
  #2 (permalink)  
Old June 2nd, 2009, 04:07 PM
Authorized User
 
Join Date: Dec 2008
Posts: 29
Thanks: 1
Thanked 5 Times in 5 Posts
Default

You could find some info here:

http://www.15seconds.com/Issue/050203.htm

Mod: I hope I didn't break the site rule for posting a link here.
  #3 (permalink)  
Old June 5th, 2009, 04:40 PM
ocn ocn is offline
Authorized User
 
Join Date: Jun 2009
Posts: 15
Thanks: 5
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by AspNew View Post
You could find some info here:

http://www.15seconds.com/Issue/050203.htm

Mod: I hope I didn't break the site rule for posting a link here.
Thanks so much for the link, AspNew. Indeed, it is useful.

I have another question if you can help me. If I use the mixed authentication, users still can't change their profiles. How would I allow them to change their profiles?
  #4 (permalink)  
Old June 11th, 2009, 02:14 PM
Authorized User
 
Join Date: Dec 2008
Posts: 29
Thanks: 1
Thanked 5 Times in 5 Posts
Default

hi ocn, sorry I haven't been on-line lately.

Although I didn't quite understand your question, and as far as I know, the mixed authentication question is valid only for the SQL Server, and I would appreciate if you could clarify what did you mean by changing the users' profiles.
The Following User Says Thank You to AspNew For This Useful Post:
ocn (June 13th, 2009)
  #5 (permalink)  
Old June 13th, 2009, 01:17 PM
ocn ocn is offline
Authorized User
 
Join Date: Jun 2009
Posts: 15
Thanks: 5
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by AspNew View Post
hi ocn, sorry I haven't been on-line lately.

Although I didn't quite understand your question, and as far as I know, the mixed authentication question is valid only for the SQL Server, and I would appreciate if you could clarify what did you mean by changing the users' profiles.
AspNew,

Thank you for your reply.

Since I am new to ASP.NET, I am still learning as much as I can. I am working a small project with an approval process. I think it is similar to HRPaidTimeOff in the book. The approval system allows students to submit their course registration requests to their advisers. Then, the advisers will approve or disapprove their students' requests. If the request is approval, it will be sent to registrar office.

I want to use a form authentication instead of Windows authentication. The administrator will create a default account for each user. The users are able to change or resent their own passwords update their email addresses.

I hope you see my point. If you have any suggestions, please share with me.

Thank you!
  #6 (permalink)  
Old June 14th, 2009, 01:05 PM
Authorized User
 
Join Date: Dec 2008
Posts: 29
Thanks: 1
Thanked 5 Times in 5 Posts
Default

A website could be Windows or Form authenticate, but not both at the same time, so you would have to change the underlining authentication method.

The book "ASP.NET 2.0 Website Programming: Problem - Design - Solution"
Marco Bellinaso has a very good design (and codes) using the Form method. You could download the code from this site to take a look.

If you could wait, I think the 3.5 version book is coming out pretty soon.
The Following User Says Thank You to AspNew For This Useful Post:
ocn (June 30th, 2009)
  #7 (permalink)  
Old January 7th, 2010, 10:08 PM
Authorized User
Points: 128, Level: 2
Points: 128, Level: 2 Points: 128, Level: 2 Points: 128, Level: 2
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Nov 2009
Posts: 31
Thanks: 3
Thanked 0 Times in 0 Posts
Default

Hi everyone,
I am also facing the same problem of changing the windows based security in to forms based security. The main goal is to make this site available over the internet (not the local intranet). For this I may need to provide a login screen and defiantly need form based security. It would Have been better if the author made it configurable or at least give any suggestion to switching it on form based . Any way over all good design and I have decided to use it .
Did anyone implement form based security?
Can any one highlight the places need to be changed in application to migrating it to form windows based authentication to form based?
Kindly hep me...
Thanks,
  #8 (permalink)  
Old January 8th, 2010, 02:40 PM
ocn ocn is offline
Authorized User
 
Join Date: Jun 2009
Posts: 15
Thanks: 5
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by hasanboby View Post
Hi everyone,
I am also facing the same problem of changing the windows based security in to forms based security. The main goal is to make this site available over the internet (not the local intranet). For this I may need to provide a login screen and defiantly need form based security. It would Have been better if the author made it configurable or at least give any suggestion to switching it on form based . Any way over all good design and I have decided to use it .
Did anyone implement form based security?
Can any one highlight the places need to be changed in application to migrating it to form windows based authentication to form based?
Kindly hep me...
Thanks,
Here is what I have implemented in one of my web applications. Please note I did not use ASP.NET Membership Provider.

1) Extend the ENTUserAccount table to store passwords for users (creating a new password column).
2) Create a login page
3) Follow the same approach/pattern described in the book. However, you need to write your custom methods for hashing the password, validating user credentials, etc.
4) You need to add/modify stored procedures to handle CRUD your user table.
5) Modify the properties of your user BLL and DAL class
6) Modify the mapping methods

I started with one table first using the same approach mentioned in the book. Then, I extended the Role table and UserRole table.

Hope this helps.
  #9 (permalink)  
Old January 8th, 2010, 07:28 PM
Authorized User
Points: 128, Level: 2
Points: 128, Level: 2 Points: 128, Level: 2 Points: 128, Level: 2
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Nov 2009
Posts: 31
Thanks: 3
Thanked 0 Times in 0 Posts
Default Tree Disappears when anonymous access On

Thanks a lot...
This really helped me,
One more thing, did you face any problem with tree control?
When I enable anonymous access, my tree disappears.
I think when using Form based authentication we requires to enable anonymous access until unless we are using impersonation in IIS.
What are your IIS settings with respect to:
Basic authentication and anonymous access?
Thanks again,
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem with Form based Authentication shujamughal ASP.NET 2.0 Professional 3 May 25th, 2007 05:34 AM
Form-based Authentication Error lionstudio JSP Basics 2 August 4th, 2006 09:05 AM
Form based authentication.... avanishp General .NET 2 June 17th, 2005 03:11 AM
Form based authentication with WLS7 jcgarciap J2EE 1 March 9th, 2005 01:15 PM
form-based authentication using a database waru BOOK: Beginning ASP.NET 1.0 2 May 28th, 2004 10:37 PM



All times are GMT -4. The time now is 02:42 AM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.