ASP.NET Managing Membership and Roles Page - 2

The Programming Interface

The Properties:  A number of classes and interfaces have been defined in the membership class to encapsulate the logic for creating and managing users and for authenticating users on the basis of credentials input. The ApplicationName property gets and sets an optional string to identify the application. Defaults to the application’s metabase path. The EnablePasswordReset property returns true if the provider supports password reset. EnablePasswordRetrieval returns true if the provider supports password retrieval. Provider returns the instance of the currently configured provider. Providers returns the collection of all registered providers. RequiresQuestionAndAnswer returns true if the provider requires a password question/answer when retrieving or resetting the password. UserIsOnlineTimeWindow specifies the time window in minutes, during which the user is considered to be online.

The Methods:

A number of methods have also been made available in the Membership class which can be manipulated and customized by the developer. The CreateUser method creates a new user and fails if the user already exists. It returns a MembershipUser object that represents any information about the user. DeleteUser, deletes the user corresponding to the specified name. FindUsersByEmail returns a collection of membership users whose email address corresponds to the specified email. FindUsersByName as the name suggests finds the users corresponding to the name specified. GeneratePassword generates the random password of the specified path.

GetAllUsers returns a collection of all users. GetNumberOfUsersOnline returns the number of users currently online. GetUser retrieves the membership data of the user specified. GetUserNameByEmail obtains the user name that corresponds to the specified email if email is a unique identifier in the database. UpdateUser takes a MembershipUser object and updates information stored for the user. ValidateUser authenticates a user using supplied credentials. The UsersOnlineTimeWindow has a default value of 15 minutes. If the user has performed any activity in that 15 minutes he is considered online, else he is treated as offline by the applicaton.

Setting up the Membership

The membership API relies on a data store. The membership model supports a variety of storage media as long as the membership data provider exists. ASP.NET has two built in membership providers—one for the Access database and the other for the SQL server database. The membership database can be set up using the Web Application Administration Tool in Visual Studio 2005.

In the Login application we created navigate to the Website menu option and click on ASP.NET Configuration. Click on the security tab.

The wizard allows the developer create the membership database. This is Microsoft Access by default and users and roles can be added to it.

Ads

The Membership Provider

The membership provider model is extensible and extremely compact. Any database can be integrated with the Membership API by creating a custom provider for it. For instance if an Oracle database is to be linked with the Membership API the developer has to create a class that inherits from the MembershipProvider class, which in turn inherits from the Provider class. The code would read something like this:

public class OracleMembershipProvider:MembershipProvider
{
//implements all abstract members of the class and if needed defines //the custom functionality.
……
}

The Web.config file will also have to be tweaked to recognize this provider by specifying in the
< providers > section the name of the provider. Now the API is ready to instantiate the class and use it through the implemented interfaces.