How to use Active Directory Membership Provider in ASP.NET
The ASP.NET membership feature provides secure credential storage for application users.
We will use The following:
- Web page named Login.aspx and another web page named CreateUser.aspx
- Login Control.
- Create User Wizard Control.
1- Configure Forms Authentication in Web.config file.
To configure forms authentication, set the <authentication> element’s mode attribute to “Forms” and then configure your application’s Web.config file as shown in the following example:
<authentication mode="Forms"> <forms loginUrl="Login.aspx" protection="All" timeout="30" name="AppNameCookie" path="/FormsAuth" requireSSL="false" slidingExpiration="true" defaultUrl="default.aspx" cookieless="UseCookies" enableCrossAppRedirects="false"/> </authentication>
- loginUrl points to the login page. You should place this in a folder that requires Secure Sockets Layer (SSL) for access.
- protection is set to “All” to specify privacy and integrity for the forms authentication ticket.
- timeout is used to specify a limited session lifetime.
- name and path are set to unique values for the current application.
- requireSSL is set to “false”. This configuration means that authentication cookie can be transmitted over channels that are not SSL-protected. If you are concerned about session hijacking, you should consider setting this to “true”.
- slidingExpiration is set to “true” to enforce a sliding session lifetime. This means that the timeout is reset after each request to your application. defaultUrl is set to the Default.aspx page for the application.
- enableCrossAppRedirects is set to “false” to indicate that the application cannot redirect requests outside the application scope.
Add the following <authorization> element after the element. This permits only authenticated users to access the application. The previously established loginUrl attribute of the element will redirect unauthenticated requests to the Login.aspx page.
<authorization> <deny users="?" /> <allow users="*" /> </authorization>
Configure the ActiveDirectoryMembershipProvider in Web.config file.
Configure the ActiveDirectoryMembershipProvider in your application’s Web.config file as shown in the following example.
There is an important point in this case How can get my Active Directory connection string.
There is another post is talking about How to get Active Directory connection string you can find it here:https://www.nilebits.com/blog/2012/02/how-to-get-active-directory-connection-string-in-c-net/
<connectionStrings> <add name="ADConnectionString" connectionString="LDAP://domain.testing.com/CN=Users,DC=domain,DC=testing,DC=com" /> </connectionStrings> <system.web> ... <membership defaultProvider="MembershipADProvider"> <providers> <add name="MembershipADProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider,System.Web, Version=22.214.171.124, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADConnectionString" connectionUsername="<domainName>\administrator" connectionPassword="password"/> </providers> </membership> ... </system.web>
- Drag and drop Login Control into the Login page.
- Drag and drop Create User Wizard Control into the CreateUser page.
Now your Web Application or your Website is secured.