Tuesday, June 23, 2009

How To: Use Active Directory Membership Provider in ASP.NET

The ASP.NET version 2.0 membership feature provides secure credential storage for application users.

We Will Use The Following:

- Web Page Named Login.aspx and another Web Page Named CreateUser.aspx

- Login Control

- Create User Wizard Control


1- Configure Forms Authenticationin Web.config File

To configure forms authentication, set the <authentication> element's mode attribute to "Forms" and then configure your application's Web.config file as shown in the following example.

<authentication mode="Forms">
    <forms loginUrl="Login.aspx" 












  • loginUrl points to the login page. You should place this in a folder that requires Secure Sockets Layer (SSL) for access.

  • protection is set to "All" to specify privacy and integrity for the forms authentication ticket.

  • timeout is used to specify a limited session lifetime.

  • name and path are set to unique values for the current application.

  • requireSSL is set to "false". This configuration means that authentication cookie can be transmitted over channels that are not SSL-protected. If you are concerned about session hijacking, you should consider setting this to "true".

  • slidingExpiration is set to "true" to enforce a sliding session lifetime. This means that the timeout is reset after each request to your application.

  • defaultUrl is set to the Default.aspx page for the application.

  • cookieless is set to "UseCookies" to specify that the application uses cookies to send the authentication ticket to the client.

  • enableCrossAppRedirects is set to "false" to indicate that the application cannot redirect requests outside the application scope.

Add the following <authorization> element after the <authentication> element. This permits only authenticated users to access the application. The previously established loginUrl attribute of the <authentication> element will redirect unauthenticated requests to the Login.aspx page.


<deny users="?" />

<allow users="*" />


Configure the ActiveDirectoryMembershipProvider in Web.config File

Configure the ActiveDirectoryMembershipProvider in your application's Web.config file as shown in the following example.

There is An Important Point in this Case How I Can Get My Active Directory Connection String

Please Visit:


<add name="ADConnectionString"


"LDAP://domain.testing.com/CN=Users,DC=domain,DC=testing,DC=com" />




<membership defaultProvider="MembershipADProvider">


<add name="MembershipADProvider"


Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"








The Last Step:

-      Drag and drop Login Control into the Login page.

-      Drag and drop Create User Wizard Control into the CreateUser page.

Now Your Web Application or your Website Secured.

No comments:

Post a Comment