No role based control are already inculded in the 3.5 framework, but there are membership controls for almost every authentication and authorization scenario, already built in the 3.5 framework, which allows to create controls fast, with little to no code. Using these will allow other .net developpers to quickly understand (and maintain as necessary) your security controls since they are common knowledge. They are easy to modify and also customizablelook and feel. They are rich server controls, so integrate other smaller controls. They integrate seamlessly with existing security feature like
LoginStatus: displays a link to logout if you're logged in, take to the specified page, it's possible to set the text of the link, and an event occurs before he attemps to login our or log, and also one event after. Available from the toolbox in the login section. The smart tag in design mode allows to toggle from login and logout.
Login: takes data from a user that isent authenticated, confirms or denies, has 4 events, Authenticate, LoggingIn, LoggedIn, and LoginError. Use the smart tag in design mode to autoformat, or convert to template to move the embeded controls around. If you change the IDs, the controls wont work anymore. It's possible to change the button to an image button from the properties window of the Login control.
LoginView: displays different pannels for anonymous and authenticaed users, use smart tag to configure each view, can also create those panels to be role specific. Events: ViewChanged, ViewChanging. The format string for the logged in user always replaces the {0} by the username. Tipicaly, a anonymous panel would contain a link saying forgot your password that would be configured to point to the password recovery page containing the corresponding control.
LoginName: Simply displays the name of the authenticated user. ChangePassword: Password recovery text, password recovery url, it contains mutliple templates including the one for success and the one for failure to change password.PasswordREcovery: asks the password recovery question, can mail the password to the user. In order to send mails, the smtp settings have to be configured, since it requires to be able to connect to a smtp mail server to be able to send emails. Provide ip, port, and from name, and have to specify how authentication is done to send the e mail. NTML would use the current credentials, and basic is if your mail server requires to provide a user name and password when sending an email, or use none if the mail server is local. An confirmation code is emailed, loging in should offer the change password link,
CreateUserWizard: Allows user to create a user account, the dev is allows to personalized the steps of this wizard, and templated for easy modification. It not only creates the user on submit but automticaly logs the user in on the same submit request. the redirect page is specified int eh properties of this control.
Comments
Post a Comment