Query regarding Asp.net membership

Question

My requirement is to 1)create a role and add user to that particular role. 2)I have a directory Admin which contains a aspx page which can be access by admin only 3)so i want to redirect user to login page if he tries to access any of the aspx page into a folder.

to implement this

i have use Asp.net membership for creating a user and role and various functionality for making a login form. The question is each time i require to open asp.net configuration to create a new user and assigning that user to a particular role. if i deploy my website on live site. so how can i add user now.

i am listing my web config file

<configuration>
  <connectionStrings>
    <add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=true;Initial Catalog=Web24;" providerName="System.Data.SqlClient"/>
  </connectionStrings>
  <system.web>
    <compilation debug="true" targetFramework="4.0"/>
    <authentication mode="Forms">
      <forms loginUrl="~/WebForm1.aspx" timeout="2880"/>
    </authentication>
    <membership>
      <providers>
        <clear/>
        <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/>
      </providers>
    </membership>
    <profile>
      <providers>
        <clear/>
        <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
      </providers>
    </profile>
    <roleManager enabled="true">
      <providers>
        <clear/>
        <add connectionStringName="ApplicationServices" applicationName="/" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider"/>
        <add applicationName="/" name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider"/>
      </providers>
    </roleManager>

  </system.web>
  <location path="Admin">
    <system.web>
    <authorization>
      <deny users="?" />
      <!--Deny all Anonymous (not logged in) users-->
      <allow roles="Admin"/>
      <!--Permit users in these roles-->
      <deny users="*"/>
      <!--Deny all users-->
    </authorization>
    </system.web>
  </location>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
</configuration>

if it is not possible with Asp.net membership then what other method should i follow to cover my requirement.Thanks for any assistance.

Answer 1

You can create a page for admin from where he can add users something like

aspx

 <tr>
        <td>
            Username:</td>
        <td>
            <asp:TextBox ID="txtUserName" runat="server"></asp:TextBox>
        </td>
    </tr>
    <tr>
        <td>
            Password:</td>
        <td>
            <asp:TextBox ID="txtUserPass" runat="server" TextMode="Password"></asp:TextBox>
        </td>
    </tr>

  <tr>
        <td valign=top>
            Roles:</td>
        <td>
            <asp:CheckBoxList ID="cblRoles" runat="server">
                <asp:ListItem>Admin</asp:ListItem>
                <asp:ListItem>Role 1</asp:ListItem>
                <asp:ListItem>Role 2</asp:ListItem>
            </asp:CheckBoxList></td>
    </tr>
    <tr>
        <td>
            &nbsp;</td>
        <td>
            <asp:Button ID="btnSave" runat="server" Text="Save" onclick="btnSave_Click" />
        </td>
    </tr>

aspx.cs

 protected void btnSave_Click(object sender, EventArgs e)
    {
        MembershipCreateStatus createStatus;
        MembershipUser newUser = Membership.CreateUser(txtUserName.Text, txtUserPass.Text, null, null, null, true, out createStatus);

        if (newUser != null)
        {
          foreach (ListItem li in cblRoles.Items)
            {
                if (li.Selected)
                {
                    Roles.AddUserToRole(txtUserName.Text, li.Value.ToString());
                }
            }
         }
    }

Answer 2

you can use this in the create user form. its possible to add the username and password through this code

try it. if u have any doubt write to me.

Membership.CreateUser("Username", "Password");
            Roles.AddUserToRole("username", "RoleName");