The ASP.NET version 2.0 membership feature provides secure credential storage for application users.
We Will Use The Following:
- Web Page Named Login.aspx and another Web Page Named CreateUser.aspx
- Login Control
- Create User Wizard Control
1- Configure Forms Authenticationin Web.config File
To configure forms authentication, set the <authentication> element's mode attribute to "Forms" and then configure your application's Web.config file as shown in the following example.
- loginUrl points to the login page. You should place this in a folder that requires Secure Sockets Layer (SSL) for access.
- protection is set to "All" to specify privacy and integrity for the forms authentication ticket.
- timeout is used to specify a limited session lifetime.
- name and path are set to unique values for the current application.
- requireSSL is set to "false". This configuration means that authentication cookie can be transmitted over channels that are not SSL-protected. If you are concerned about session hijacking, you should consider setting this to "true".
- slidingExpiration is set to "true" to enforce a sliding session lifetime. This means that the timeout is reset after each request to your application.
- defaultUrl is set to the Default.aspx page for the application.
- enableCrossAppRedirects is set to "false" to indicate that the application cannot redirect requests outside the application scope.
Add the following <authorization> element after the <authentication> element. This permits only authenticated users to access the application. The previously established loginUrl attribute of the <authentication> element will redirect unauthenticated requests to the Login.aspx page.
<deny users="?" />
<allow users="*" />
Configure the ActiveDirectoryMembershipProvider in Web.config File
Configure the ActiveDirectoryMembershipProvider in your application's Web.config file as shown in the following example.
There is An Important Point in this Case How I Can Get My Active Directory Connection String
Version=188.8.131.52, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
The Last Step:
- Drag and drop Login Control into the Login page.
- Drag and drop Create User Wizard Control into the CreateUser page.
Now Your Web Application or your Website Secured.