« PHP Tutorial – Lesson 6 HTML Forms are our friends! PHP Tutorial – Lesson 7 You must choose! » ASP .NET 2.0 Integrated Authentication – Configure your database… Just a quick note to those who are testing the waters in the new .NET 2.0 framework. My initial reaction is that it is GREAT. Many new features exist and many old features have been reworked slightly so that the programmer can be more efficient. On great new feature is the ability to use an existing security schema provided by Microsoft. This can save you countless hours. Previous to .NET, you had to roll your own authorization/authentication solution (generally using session variables). Starting with the first incarnation of .NET, Microsoft gave us the ability to plug in our own authentication code and mark a user object as logged in and populate the roles (groups) that the user belonged to. From that point, you could setup your config files or your code to automate authorization to different areas. This simplified the process greatly. The only down side was finer grained control (to specific records) was often required. This worked great to keep non admin users out of the admin section, but if you wanted admins with varying rights, you were still stuck writing a large amount of code to facilitate this. With the new release of .NET, you can use a pre-defined database schema as a starting point for your applications security. I don’t know if SQL Express comes with these tables and such already defined, but if you want to add these features to your application, you will probly need to run the aspnet_regsql.exe program (located in C:\Windows\Microsoft.Net\Framework\v2.0.50727 on my machine). When you run this command, you can point to the database you would like to setup. Note that you can use one data base for ALL users for ALL applications if you so choose. Personally, I like to keep different apps seperate as it makes the distribution easier (I write code for many clients and push the final products to their servers at a later date). The aspnet_regsql.exe program adds many tables and stored procedures to your database which allow you to keep a list of users, their roles (groups), and other custom listings to be added later by you. With this, you have a great staring point for a secure permission based application. Just remember to run aspnet_regsql.exe. I found this out the hard way after downloading one of the new starter kits for ASP.NET 2.0. The starter kit uses the integrated security and kept complaining about not being able to find aspnet_??? stored procedure. My first guess was that the app was built for SQLExpress (2k5) and I was using SQL 2000, but it turns out that it works just fine with 2000, you just have run the aspnet_regsql.exe program. Ray Pulsipher Owner Computer Magic And Software Design This entry was posted on Wednesday, January 4th, 2006 at 4:59 pm and is filed under ASP.NET, Configuration. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed. Comments are closed.

Article Search Pages Web Hosting with Computer Magic WPDelayCron Archives February 2014 May 2011 September 2010 December 2009 September 2009 April 2009 March 2009 January 2009 December 2008 November 2008 August 2008 June 2008 May 2008 November 2007 September 2007 August 2007 July 2007 June 2007 December 2006 November 2006 October 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 Categories *nix (6) AJAX (6) Apache (4) ASP.NET (8) Boot Linux from USB Hard drive (3) CMTK (1) Configuration (2) CPanel (2) Database (8) DOT NET (6) E-mail (1) Humor (2) IIS (2) Java Script (2) JSON (JavaScript Object Notation) (1) MS SQL (2) MySQL (10) PHP (4) PHP Class (15) Products (1) Python (1) Python.NET (1) Quick Scan (1) Report Viewer (1) Ruby (1) Server Admin (6) Student Loans (1) Tech Rambling (18) Uncategorized (11) Win Foms (3) windows (2) XML (1)