Menu

• Home
• IP-Phone Pages
• ASP.Net Pages
  
  • Part 1
  • Login Control w/SQL
  • ASP/SQL Setup
  • ASP.Net 'web.config'
  • ASP.Net 'roles'
  • Building Login Control Pages
  • Administering the Site
  • Testing the Control
  • Recap
  • Part 2
  • Part 2 Overview
  • Master Page(s)
  • The Login Control
  • Create a User
  • Retrieve Password
  • Find Username
  • Part 2 Zip files
• MS SQL Pages
• Linux Pages
• Javascript Tips
• Jtech's Misc. Tips
• Robert
• Test Captcha
• ViewState

Here is where we will set up roles and users for our ASP.Net Login Control.

ASP.Net Framework has a great utility for Administrering your website but it's only available from with Visual Web Developer (or Visual Studio). - So start up VWD & Open the website's 'htppdocs' folder of the site you're working on.

If you're using the same files in our '.zip' package, you'll be able to follow along to the letter with the following.

Open up the file 'sample.aspx'.

If you are not in 'Design' mode, click the box saying 'Design'. - This box is located just above the 'Error List'. You should be able to see the 'Login View' control as a box with the 'title' greyed out and the message 'You are not logged in' showing. Mouse-over to where it says 'LoginView1' and a tiny box with a right arrow should appear (you may have to wait a second or two). - When your tiny box & arrow does appear, click on it.

Several things happen at this point.

1.) - ASP.Net fires up a mini-web server on your local computer.

2.) - ASP.Net fires up your browser to connect to this mini-web server.

3.) - ASP.Net tries to connect to your SQL database (depending on the settings in your 'web.config' file specified by the 'Login Control' in the web page.

4.) - ASP.Net will show you the 'Web Site Administration Tool' with some information about your Application name, Current user name, and info on what you have in the SQL database.

If ASP.Net cannot connect to the SQL database for some reason, you'll not see what I've described in item 4 (above). - Instead you'll see a 'Connection Error Message'. - Don't even try to continue if you get this message.

If you cannot connect. - You need to check to see if the connection string in 'web.config' matches up with the settings in your SQL database for user login, password, default database, etc. - Additionally, your 'Login Control' in your .aspx page must have a matching connection string with what's in your 'web.config file'.

BUT - If you've managed to the SQL server. - Congrats! - A lot of folks have problems making it this far (myself included).

If you do manage to connect to your SQL server, you'll see something like this: - Note: the red box shows the name of the user that logged into the server when it booted up. For obvious reasons, I don't want to 'give away the farm' on this page. - Thus the red box.

In the next step, we'll configure a couple of 'roles'. - Click on either the link for 'Security' or the 'Security' tab at the top of the page.

The Web Site Admin Tool 'home page' will show you tht you have no roles defined at this time. - Click on the link, 'Create or Manage roles'.

You'll be presented with a page for 'roles'. - Click on the link to add a new 'role.

Do the same thing again again, but this time, create a role for 'administration'.

After you've created your roles, click on the 'Security' tab. we'll set up users next.

The next screen will show you that we hav zero users. - Click on 'Create User' to create a user.

The first user we'll create is: 'pvt_user'.

In the 'Create User' box, enter the User Name ('pvt_user'), Password ('asp_password') - twice, and an E-mail address. - For now, you can just add a bogus E-mail. - It won't be used for anything but it's still required.

In the 'Roles' section check the box next to 'private_access' then click on 'Create User'.

You can see tht your user has been created and that it belong's to the 'private_access' role. - Click 'Continue'.

Now create a user for 'admin'. - Do this the same as you did for 'pvt_user' but this time, assign this user to BOTH roles.

Note: you MUST use a different E-mail address for each user you create. - This will come into play when we set up 'password retrieval' for users. - We'll do this in a later series of these pages.

As before, you'll see this user has been created but this user now belongs to both roles. - Click 'Continue'. - You can exit the 'Admin Tool' now, you're finished with it (for now).

Setting up 'User Access'. You can 'try' to set up user access with the 'Site Admin' utility but I've found this to be slightly cumbersome and it doesn't seem to work right (for me anyway). - Since the 'access' rules it creates are NOT stored in SQL, we can do this manually in VWD.

User 'Access' is performed by merely setting up additional 'web.config' files in the sub directories where we want allow (or disallow) access.

More than one 'web.config'?

Sure, why not? - While we have our main web.config in the server's root, sub directories can have web.config files too. - These 'secondary' web.config files are read AFTER the 'main' web.config and can further add items for the server to use. - They can also modify (or 'tweak') items set up in the 'main' web.config file.

Here's what the 'web.config' files look like for both folders '/private/' and '/private/admin/:

'/private/' folder	'/private/admin/' folder

As you can see, these files are not big. - You should probably be able to figure out how these files can change the access privledges for these two folders.

This completes our set up. - Let's move on to the testing phase to see if everything works okay.