Creating a project and configuring it to use the ASP.NET membership provider

Setting up the ASP.NET project

Ensure you have created the project using the following procedure:

1. Click File - New Project
2. Use the ASP.NET Web Application template, with ASP.NET version 4.6
3. Choose the empty template
   • Check the tick box to add folders and core references for web forms
   • Don't use host in the cloud
4. Once the project is created ensure you add a jQuery Script Resource using these instructions, before continuing
5. Open the web.config file, within the <system.web> section add:

   <authentication mode="Forms"></authentication>
   <roleManager enabled="true"></roleManager>

6. You will then need to setup the database and configure its connection to the database (see other pages on this weeks notes)

Securing a folder

Add a web.config file to the folder within your website that you wish to secure. See below for example contents of a web.config file which restricts access to users that are logged in (by denying access to anonymous users)

<?xml version="1.0"?>
<configuration>
    <system.web>
        <authorization>
            <deny users="?"/>
        </authorization>
    </system.web>
</configuration>

See page 632 of the Professional ASP.NET 4 (or page 736 of the v4.5 book) book for further examples of how to set access rules.

Read Chapter 15 of the v4 book or chapter 19 of the v4.5 book for further information on how to secure elements of a website.

---