Later you will store these values in the profile of a user.Also notice that the various fields have the same name as the respective properties of Create User Data class. NET MVC framework to correctly map the form fields with the properties.Figure 8: Add one of the users to Administrator role In order to authenticate existing users, you will add two actions in Membership Controller.These actions are shown below: Just like the Create User() action the Login() action also has two versions - one for GET requests and the other for POST requests. The later version of the Login() action accepts a parameter of type Login Data.If you run the Index action after modifying the [Authorize] attribute to include the Roles property, you will be redirected to the Login page again if the current user does not belong to the Administrator role. NET Profile features allow you to capture user specific information and then render a personalized experience in web pages.In order to store and retrieve profile information for the users, you must configure the profile provider and profile properties in the web.config file.Implementing role based security is a matter of setting the Roles property of the [Authorize] attribute.The Roles property specifies a list of roles eligible to invoke the action under consideration.
Since we want to learn the process step-by-step we are going to develop our example from the ground up and hence we will go with the Empty project template. Figure 4: Adding a SQL Server database If you wish to use an external SQL Server database you will need to configure it using the aspnet_command line tool. Click on Test if you wish to test, otherwise click Back and close the tool. On the next screen you will see Asp Net Sql Provider.I would highly recommend Webucator as a primary training opportunity.Most of the real world web applications require security in one form or another. NET is concerned Forms Authentication is the most popular and common method of protecting your website from unauthorized access. NET web forms and server controls (such as Login and Create User Wizard) make it extremely easy to implement Forms Authentication in web forms based websites. NET MVC web application you need to take care of some steps on your own. Figure 2: Select a single provider for all site management data Now, switch to the Security tab and create two roles - Administrator and Normal User for testing purpose.