How to: Specify ASP.NET Membership, Security, and Session-State Requirements for Applications Hosted on IIS Web Servers

  • Article

The Distributed System Designers provide a set of three predefined constraints for IIS Web servers that are related to hosting ASP.NET applications. These constraints compile common ASP.NET settings into a set of constraint dialog boxes, which you can use to quickly specify requirements for Web applications hosted on that server. The following constraints are provided:

  • ASP.NET Membership - Specify membership and role management requirements.

  • ASP.NET Security - Specify authentication modes required for the Web server. For example, Forms, Windows, or Passport authentication.

  • ASP.NET Session State - Specify session state requirements for the Web server. For example, InProc.

To constrain authentication protocols on hosted Web applications

  1. Select an IIS Web server.

  2. View the Settings and Constraints Editor.

  3. Select the ASP.NETWebApplication check box under the Application Constraints node. Doing so allows ASP.NET Web applications to be hosted on the logical server.

    To prevent Web applications from being hosted, simply clear the check box.

  4. Select the ASP.NET Security check box.

    Under Allowed Security Modes, select the authentication mode(s) allowed on the IIS Web server.

    The security mode options are mutually exclusive. By selecting None for the authentication provider, you are specifying that users are not authenticated or that you plan to develop custom authentication code. If you also selected Forms, you might be indicating that the hosted application can either have custom authentication, or Forms security. If Forms is selected, options in the Forms Authentication section of the constraint dialog box are enabled. For more information, see ASP.NET Authentication.

To constrain membership providers on hosted Web applications

  1. Select the ASP.NETWebApplication check box under the Constraints node. Doing so allows ASP.NET Web applications to be hosted on the logical server.

  2. Select the ASP.NET Membership check box.

  3. Under Role Management Providers and Membership Providers, select the appropriate provider(s) for the IIS Web server.

    With a specific provider selected, you can set additional options to the right of the provider lists. For more information, see Managing Users by Using Membership and Managing Authorization Using Roles.

To constrain ASP.NET Session State on hosted Web applications

  1. Select the ASP.NETWebApplication check box under the Constraints node. Doing so allows ASP.NET Web applications to be hosted on the logical server.

  2. Select the ASP.NET Session State check box.

  3. Select the appropriate settings.

  4. You can specify additional constraints on Web applications using the user-defined constraints feature. For more information, see How to: Author User Defined Constraints.

See Also

Tasks

How to: Enable Pre-defined Constraints