ASP.NET LoginView Confusion
https://stackoverflow.com/questions/9024269
-
19-04-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPergunta
We have a web page that was created in Visual Studio 2008 by a former employee that allows visitors to log in.
Recently, one of our Marketing people took a class on web design. During the class, this person produced a pretty web site as part of the class project for Visual Studio 2010.
It has now been dumped on me to make it work, and I don't know how the existing website worked. I have both flavors of Visual Studio, so that is not a problem.
Right now, I am trying to find out how our previous web designer implemented the LoginView control.
Somehow, entries in the Web.config file affect where the LoginView control goes to authenticate accounts.
To keep the code as short and "to the point" as possible, I am going to cut out as much as I can that does not look necessary.
Our Web.config file has this entry:
<configuration>
<system.web>
<membership defaultProvider="CustomizedProvider">
<providers>
<clear/>
<add name="CustomizedProvider" type="System.Web.Security.SqlMembershipProvider" requiresUniqueEmail="false" connectionStringName="SqlASPNETDB" applicationName="JP2CODE" enablePasswordRetrieval="True" enablePasswordReset="True" passwordFormat="Clear" requiresQuestionAndAnswer="False" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0"/>
</providers>
</membership>
<profile>
<providers>
<clear />
<add name="ProfileProvider" applicationName="JP2CODE" connectionStringName="SqlASPNETDB" type="System.Web.Profile.SqlProfileProvider"/>
</providers>
</profile>
<roleManager enabled="true" defaultProvider="CustomRoleProvider">
<providers>
<clear/>
<add connectionStringName="SqlASPNETDB" applicationName="JP2CODE" name="CustomRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
</roleManager>
<webParts>
<personalization defaultProvider="SqlPersonalizationProvider">
<providers>
<add name="SqlPersonalizationProvider" type="System.Web.UI.WebControls.WebParts.SqlPersonalizationProvider" connectionStringName="SqlASPNETDB" applicationName="JP2CODE"/>
</providers>
<authorization>
<allow verbs="enterSharedScope" users="test,?"/>
</authorization>
</personalization>
</webParts>
</system.web>
</configuration>
Note: I modified the applicationName field so that do not unknowingly give away some security info.
So, do I copy this Web.config file information directly into the new project? Our Marketing person's web project has many custom entries in the Web.config file that I do not really understand, and I do not want to be responsible for breaking it.
Would I need to create a new PublicKeyToken if I change the applicationName?
In the EXISTING Master page, the login routine is contained within an asp:Login tag:
<asp:Login ID="Login1" BackColor="#e7e0c5" Width="170px" VisibleWhenLoggedIn="False"
runat="server" FailureText='Invalid UserName/Password.'>
<LayoutTemplate>
<div style="width:181px;">
<asp:Label ID="UserNameLabel" runat="server" AssociatedControlID="UserName">Login ID:</asp:Label>
<asp:TextBox ID="UserName" runat="server" Width="150px"></asp:TextBox><br />
<asp:RequiredFieldValidator ID="UserNameRequired" runat="server" ControlToValidate="UserName" ErrorMessage="Required<br />" ValidationGroup="ctl00$Login1">*</asp:RequiredFieldValidator>
<asp:Label ID="PasswordLabel" runat="server" AssociatedControlID="Password">Password:</asp:Label>
<asp:TextBox ID="Password" runat="server" TextMode="Password" Width="150px"></asp:TextBox><br />
<asp:RequiredFieldValidator ID="PasswordRequired" runat="server" ControlToValidate="Password" ErrorMessage="Required<br />" ValidationGroup="ctl00$Login1">*</asp:RequiredFieldValidator>
<asp:CheckBox ID="RememberMe" runat="server" Text="Remember" />
<asp:Button ID="LoginButton" runat="server" CommandName="Login" Text="Log In" ValidationGroup="ctl00$Login1" /><br />
<asp:Literal ID="FailureText" runat="server" EnableViewState="False"></asp:Literal>
</div>
</LayoutTemplate>
</asp:Login>
I am not sure what ValidationGroup="ctl00$Login1" is, or whether I can use that in the new version.
In the PROTOTYPE Master page given to me by Marketing, the login routine is very different. I am not sure how to make it work, or if the Marketing person inserted things that will not work. It is a little more spread out:
<div style="width:181px;">
<asp:LoginName ID="LoginName1" runat="server" FormatString="Welcome {0}!" />
<asp:LoginView ID="LoginView2" runat="server">
<LoggedInTemplate>
<asp:LinkButton ID="LinkButton1" Font-Underline="true" PostBackUrl="~/ManageProfile.aspx" runat="server">Manage Profile</asp:LinkButton>
</LoggedInTemplate>
</asp:LoginView>
<asp:LoginStatus ID="LoginStatus1" Font-Underline="true" LoginText="" LogoutAction="Refresh" runat="server" />
</div>
<h3>Log In</h3>
<asp:LoginView ID="LoginView1" runat="server">
<AnonymousTemplate>
<asp:Login ID="Login1" BackColor="#E7E0C5" Width="170px" VisibleWhenLoggedIn="false"
runat="server" FailureText='Invalid UserName/Password.' >
</asp:Login>
</AnonymousTemplate>
<LoggedInTemplate>
Welcome <asp:LoginName ID="LoginName1" runat="server" /><br /><br />
<asp:LoginStatus ID="LoginStatus1" runat="server" /><br />
<asp:HyperLink ID="HyperLink1" runat="server" NavigateUrl="~/ManageProfile.aspx">Manage Profile</asp:HyperLink>
</LoggedInTemplate>
</asp:LoginView>
This new version has some different fields. Do I implement those or are these the default controls used when a custom login is not used?
Solução
You've been tasked to replace the existing site (asp.net 3.5) with a new one (asp.net 4.0 -- possibly).
Unfortunately, this is easier said then done. Assuming the new application is not highly decoupled, you are going to have to do some refactoring to get it functional. The amount of refactoring depends on how the dev for the new site implemented data access, among other things.
What you should do:
At this point, you should focus on pointing the new application to the server where your membership and profile providers are stored, then on authentication.
When you get passed that, then you do some good old integration testing on your box to identify issues and start working through them.
Answers to your questions:
So, do I copy this Web.config file information directly into the new project?
I would not recommend it. Very carefully, copy over each of the elements from the original to the new one. The ones you should be primarily concerned with are the connectionStrings, authentication, membership and profile provider elements. These are the ones you want to port from the old to the new. There may be some others though -- start with those.
Would I need to create a new PublicKeyToken if I change the applicationName?
Don't change the applicationName. Your membership provider uses that in the database. If you change it in the config file, then you will need to change it in the db.
I am not sure what ValidationGroup="ctl00$Login1" is, or whether I can use that in the new version.
Don't concern yourself with this right now, just use the implementation of the new application (since its so awesome!).
This new version has some different fields. Do I implement those or are these the default controls used when a custom login is not used?
The Login controls in the newer version are displaying the Users name and their status once they are logged in. The Login controls have templates to render different layouts for anonymous users (ones who have not logged in) and logged in users. It looks like they have two sets, pointing to the same page. One is possibly executing some different code on the server depending on which Manage Profile link is clicked.
Just leave them in place for now.
The links from this post may help you work through some of this stuff.
Hope this helps.
