Membership Provider


In this tutorial we will see how to use a SQL database to allow visitors to authenticate on our site. For this we will use a Membership Provider .

First create the database using aspnet_regsql.exe which by default is located in the folder “C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727”. At launch, this utility opens a configuration window.

Configure it step by step to create the database “aspnetdb”.

Once the database is created you will see it in SQL Server .

We will create a user who will be master of this new database and serve as a login to our application.

Create the user and give him the database “aspnetdb” by default.

Let’s give him also the role of dbowner .

Once the admin account of the database created, we will add users. For this, we will create a web application management.

Once the application is created, we will add to web.config 3 elements:

1) The connexion string :

 
<connectionStrings>     
<add name="TutoConnectionString" connectionString="Votre connectionstring" providerName="System.Data.SqlClient" />   
</connectionStrings> 

FYI, Visual Studio contains an utility that can build our string .In the Tools tab , choose Connect to database .

Select Microsoft SQL Server.

In the Add Connection window , select our server, inform our login and password and select the aspnetdb database .

If we want to test the connection, the button “Test Connection” is designed for this purpose.

To recover our connection, click on Advanced and retrieve the data source .

2) The membership provider :

In the tag system.web , add the following:s :

 
<membership defaultProvider="TutoMembershipProvider">      
 <providers>         
<add name="TutoMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web,Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
connectionStringName="TutoConnectionString" 
enablePasswordRetrieval="false" 
enablePasswordReset="true" 
requiresQuestionAndAnswer="false" 
applicationName="/" 
requiresUniqueEmail="false" 
passwordFormat="Hashed" 
maxInvalidPasswordAttempts="5" 
minRequiredPasswordLength="1" 
minRequiredNonalphanumericCharacters="0" 
passwordAttemptWindow="10" 
passwordStrengthRegularExpression="" />      
 </providers>     
</membership> 

Those settings are used to establish a level of security passwords. For this tutorial we will do the minimum (length of 1, no regular expression or non-alphanumeric needed).

 minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordStrengthRegularExpression="" 

3) The role provider :

 
<roleManager enabled="true" defaultProvider="TutoRoleProvider">      
<providers>         
<add name="TutoRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="TutoConnectionString"
applicationName="/" />       
</providers>     
</roleManager>
 

These items added to the web.config we can now add users to our database. To do this we will go through the ASP. NET Configuration Visual Studio which is located in the Project tab .


The first operation we must realize is happening in the “Security” tab.

Here we will change the authentication type that is basically in Windows to move it in form .

By selecting “From Internet” we can now add users in the database. After clicking “finish” let’s get back in the Security tab.

By clicking “Create User”, we can add a user to our database.

Once the data is stored, check that the box “Active User” is checked and click on “Create User”.

Our database configuration is now over. Now let’s go for the SharePoint part!

For this tutorial, we will be careful and start from scratch. We will first create the web application that will serve as a side “extranet” that will be accessible via the classic windows authentication .

Leave all default settings (as you see I just specified the port to 2000 and the name of the database to WSS_Content_2000).

Once the application is created, create a new site collection based on a Publishing template.

Here we are before a classic publishing site accessible via the classic windows authentication

We will now create our website which will be accessible by outsiders. Begin by extending our web application.



Be sure to select the Web application that we just created and set the area on “Internet”. When all information is filled in, click “OK”.

Now that our applications are defined, we still need to modify the web.config . Changes made to web.config of the two web applications are identical.

Do a search on:

 </SharePoint> 

We come across a block of code like:

 
</SharePoint>   
<system.web>    
 <securityPolicy>      
 <trustLevel name="WSS_Medium" policyFile="C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\config\wss_mediumtrust.config" />       
<trustLevel name="WSS_Minimal" policyFile="C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\config\wss_minimaltrust.config" />     
</securityPolicy>     
<httpHandlers> 

Add the three elements we have already added to our web application, namely the connection string , the membership and the role provider so that our code looks like this.

 
</SharePoint>   
<connectionStrings>     
<add name="TutoConnectionString"  connectionString="Votre connectionstring" providerName="System.Data.SqlClient" />   
</connectionStrings>  
<system.web>     
<membership defaultProvider="TutoMembershipProvider">       
<providers>         
<add name="TutoMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web,Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"              
connectionStringName="TutoConnectionString"              
enablePasswordRetrieval="false"              
enablePasswordReset="true"              
requiresQuestionAndAnswer="false"              
applicationName="/"              
requiresUniqueEmail="false"              
passwordFormat="Hashed"              
maxInvalidPasswordAttempts="5"              
minRequiredPasswordLength="1"              
minRequiredNonalphanumericCharacters="0"              
passwordAttemptWindow="10"              
passwordStrengthRegularExpression="" />       
</providers>     
</membership>     
<roleManager enabled="true" defaultProvider="TutoRoleProvider">       
<providers>         
<add connectionStringName="TutoConnectionString" applicationName="/" name="TutoRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />       
</providers>     
</roleManager>     
<securityPolicy>       
<trustLevel name="WSS_Medium" policyFile="C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\config\wss_mediumtrust.config" />       
<trustLevel name="WSS_Minimal" policyFile="C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\config\wss_minimaltrust.config" />     
</securityPolicy> 

Now we must change the authentication provider in the central administration.

Select the “Internet” zone.

On this screen, we will inform the type of authentication on “forms” and the name of our membership provider and role manager .

Once this is filled, we still have a thing to do: give our users the right to log on our website. To do this, go through the extranet site and add “josephine” to our members:

Add the name « josephine » :

After clicking the people picker , waiting a few seconds for “Josephine” to be underlined!

We see that “Josephine” is one of our members. It is now time to test the account by going to the web portal.

We can notice that access to our site is restricted. Introduce the login and the password of “josephine”.

After we clicked Sign In we find ourselves identified as “Josephine” on our website.

Here, you can now give access to external users to your site.

Christopher.

Article originally posted on 05/05/2010 on Areaprog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s