| Home | Site Map | Contact Us |
6 CATEGORIES
 Introduction
 Ashtaanga Yoga
 Shatkriya
 Relaxation Techniques
 Tips for Interview
 Common Interview Questions
 Resume Tips
 Company Profiles
 Jobs Availability
 Companies list
 Introduction
 Indian Market
 World Market
  What is .Net?
  Why .Net?
  Frameworks
 ASP.Net Introduction
 App. Development In ASP.Net
 Introduction to C#.Net
 Coding Standards
 Introduction to ADO.Net
 Application Deployment
 Find Your Location
 Downloads
 Watch Online Videos
 Watch Online TV
 Games
.Net-> Application Deployment

STEPS TO Develop Applicaion in ASP.net
 

Step 1. Create a Web Application with a Logon Page

This procedure creates a simple C# Web application that contains a logon page that allows a user to enter a username and password.

To create a Web application with a logon page

  1. Start Visual Studio .NET and create a new C# ASP.NET Web application called FormsAuthSQL.
  2. Use Solution Explorer to rename WebForm1.aspx to Logon.aspx
  3. Add the controls listed in Table 1 to Logon.aspx to create a simple logon form.

Table 1: Logon.aspx controls

Control Type

Text

ID

Label

User Name:

-

Label

Password

-

Text Box

-

txtUserName

Text Box

-

txtPassword

Button

Register

btnRegister

Button

Logon

btnLogon

Label

-

lblMessage

Your Web page should resemble the one illustrated in Figure 1.

Figure 1. Logon page Web form

  1. Set the TextMode property of the txtPassword to Password.

Step 2. Configure the Web Application for Forms Authentication

This procedure edits the application's Web.config file to configure the application for Forms authentication.

To configure the Web application for Forms authentication

  1. Use Solution Explorer to open Web.config.
  2. Locate the <authentication> element and change the mode attribute to Forms.
  3. Add the following <forms> element as a child of the <authentication> element and set the loginUrl, name, timeout, and path attributes as follows.

4.  <authentication mode="Forms">

5.    <forms loginUrl="logon.aspx" name="sqlAuthCookie" timeout="60"

6.      path="/">

7.    </forms>

8.  </authentication>

  1. Add the following <authorization> element beneath the <authentication> element. This will allow only authenticated users to access the application. The previously established loginUrl attribute of the <authentication> element will redirect unauthenticated requests to the logon.aspx page.

10.<authorization>

11.  <deny users="?" />

12.  <allow users="*" />

13.</authorization>

Step 3. Develop Functions to Generate a Hash and Salt value

This procedure adds two utility methods to your Web application; one to generate a random salt value, and one to create a hash based on a supplied password and salt value.

To develop functions to generate a hash and salt value

  1. Open Logon.aspx.cs and add the following using statements to the top of the file beneath the existing using statements.

2.  using System.Security.Cryptography;

3.  using System.Web.Security;

  1. Add the following static method to the WebForm1 class to generate a random salt value and return it as a Base 64 encoded string.

5.  private static string CreateSalt(int size)

6.  {

7.    // Generate a cryptographic random number using the cryptographic

8.    // service provider

9.    RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();

10.  byte[] buff = new byte[size];

11.  rng.GetBytes(buff);

12.  // Return a Base64 string representation of the random number

13.  return Convert.ToBase64String(buff);

14.}

  1. Add the following static method to generate a hash value based on a supplied password and salt value.

16.private static string CreatePasswordHash(string pwd, string salt)

17.{

18.  string saltAndPwd = String.Concat(pwd, salt);

19.  string hashedPwd =

20.        FormsAuthentication.HashPasswordForStoringInConfigFile(

21.                                             saltAndPwd, "SHA1");

22.  hashedPwd = String.Concat(hashedPwd, salt);

23.  return hashedPwd;

24.}

Step 4. Create a User Account Database

This procedure creates a new user account database in SQL Server that contains a single users table and a stored procedure used to query the user database.

To create a user account database

  1. On the Microsoft SQL Server programs menu, click Query Analyzer, and then connect to your local SQL Server.
  2. Enter the following SQL script. Note that you must replace "LocalMachine" with your own computer name towards the end of the script.

3.  USE master

4.  GO

5.  -- create a database for the security information

6.  IF EXISTS (SELECT * FROM   master..sysdatabases WHERE  name =

7.  'UserAccounts')

8.    DROP DATABASE UserAccounts

9.  GO

10.CREATE DATABASE UserAccounts

11.GO

12.USE UserAccounts

13.GO

14.CREATE TABLE [Users] (

15.  [UserName] [varchar] (20) NOT NULL ,

16.  [PasswordHash] [varchar] (40) NOT NULL ,

17.  CONSTRAINT [PK_Users] PRIMARY KEY  CLUSTERED

18.  (

19.    [UserName]

20.  )  ON [PRIMARY]

21.) ON [PRIMARY]

22.GO

23.-- create stored procedure to register user details

24.CREATE PROCEDURE RegisterUser

25.@userName varchar(20),

26.@passwordHash varchar(40)

27.AS

28.INSERT INTO Users VALUES(@userName, @passwordHash)

29.GO

30.-- create stored procedure to retrieve user details

31.CREATE PROCEDURE LookupUser

32.@userName varchar(20)

33.AS

34.SELECT PasswordHash

35.FROM Users

36.WHERE UserName = @userName

37.GO

38.-- Add a login for the local ASPNET account

39.-- In the following statements, replace LocalMachine with your

40.-- local machine name

41.exec sp_grantlogin [LocalMachine\ASPNET]

42.-- Add a database login for the UserAccounts database for the ASPNET

43.  account

44.exec sp_grantdbaccess [LocalMachine\ASPNET]

45.-- Grant execute permissions to the LookupUser and RegisterUser

46.-- stored procs

47.grant execute on LookupUser to [LocalMachine\ASPNET]

48.grant execute on RegisterUser to [LocalMachine\ASPNET]

  1. Run the query to create the UserAccounts database.
  2. Exit Query Manager.
Continue >>>