Login Controls Video Highlights
Evaluate Visual Studio |
IntroductionWelcome to this video overview showing the differences between the latest Web design tools available from Microsoft and Macromedia, namely, Microsoft’s Visual Studio 2005 and Macromedia’s Dreamweaver, Version 8. Adding security to a Web site requires some way for users to be authenticated. For many Internet and some Intranet sites, this means supplying a common user name and password box and a link or a button to get logged in to the system. Further logic is usually put into place to change passwords, retrieve forgotten passwords, and so forth. Writing this code by hand is a mundane task and prone to error, and the last thing you want is a logon system with bugs. So to assist with this process, login controls offer a great aid to the developer. Dreamweaver SectionThe ASP.NET login controls are specific to Microsoft .NET Framework and are not supported by Dreamweaver Version 8. Visual Studio 2005 SectionASP.NET 2.0 login controls provide a complete login solution to your ASP.NET 2.0 Web application that requires no programming. By default, login controls integrate with ASP.NET membership to help automate the authentication process for your Web site. The next video in this series will discuss the membership system further. The Visual Studio 2005 login control tool creates a user interface for user authentication with simple drag and drop. The login control contains text boxes for the user name and password and a check box that allows the user to indicate where they want the server to enable automatic authentication for the next time they visit the site, and a log in button to send the login information to the server. The login control also provides easy access to a number of optional UI elements that support additional functions. These include:
By referencing the events of the login control, you can further specify custom actions that occur when login succeeds. In addition, the login control has properties for customized display. The login control can be used in different ways. As a part of the main or home page, as part of a master page that conveniently appears on each page on the site, as part of a reusable User Control, or on a separate dedicated login page. If you use the Login control with ASP.NET Membership, you do not need to write code to perform authentication. However, if you want to create your own authentication logic, you can handle the login control's Authenticate event and have complete control over the user authentication process. In addition to the Login control, there are other controls related to user authentication. The LoginStatus control displays a login link for users who have not been authenticated … and a logout link for those who have. The LoginView control allows you to display different information to anonymous versus logged-in users. The control displays one of two templates: the AnonymousTemplate or the LoggedInTemplate. In the templates, you can add markup and other controls that display information appropriate for anonymous users and authenticated users, respectively. The AnonymousTemplate is the perfect place to put the login control since that is what is shown before someone has logged in. … and the LoggedInTemplate is the perfect place to put the LoginStatus control. The logout link control resets the current user's identity to be anonymous. The LoginName control displays a user's login name if the user has been authenticated by the ASP.NET Membership system. Alternatively, if your site uses integrated Windows Authentication, the control will display the user's Windows account name. The PasswordRecovery control allows user passwords to be retrieved or reset based on the e-mail address that was used when the account was created. This control sends the user an e-mail message containing either their password (if passwords have not been hashed), or a temporary randomly-generated password (if passwords have been hashed). You can also configure membership to include a security question that the user must answer to recover a password. If you do this, the PasswordRecovery control asks the question and checks the answer before resetting or recovering the password. The PasswordRecovery control requires your application to forward e-mail messages to an SMTP server or Simple Mail Transfer Protocol server. You can customize the text and format of the e-mail message sent to the user by setting the MailDefinition property. The CreateUserWizard control collects information from potential users. By default, CreateUserWizard adds the new user to the ASP.NET Membership system. When used, this CreateUserWizard control gathers the following information:
This information is stored in the Membership system and used to authenticate users and recover user passwords, if necessary. As its name implies, the ChangePassword control allows users to change their password. The user must first supply the original password and then create and confirm the new password. The control also includes support for sending an e-mail message about the password change. The ChangePassword control includes two templates: first the ChangePasswordTemplate, which displays the user interface used to gather the data that’s required to change the user’s password. And second the SuccessTemplate, which defines the user interface that is displayed after a password has been successfully changed. The ChangePassword control works with both authenticated and non-authenticated users. If a user has not been authenticated, the control prompts the user for a login name. And then if the user is authenticated, the control populates the text box with the user's login name. ConclusionThis video describes how login controls can simplify design when a Web site requires security. |