Running Your Secure Site
You will now run the site to verify that the security you configured in the previous
lesson is working as expected.
1. In the Solution Explorer,
select Login.aspx. Press F5
to run the application.
2. Log in as "marys" with the wrong password. Notice that the Login
control displays an appropriate message.
3. Now log in as "marys" using the correct password: "Pa$$word!". When authenticated you are taken to authors.aspx. Notice the LoginView control displays
the message you specified for a logged-in user, and the LoginStatus
control displays a Log Out link.
4. In the navigation menu select Home | Admin. Notice that you
are redirected back to the Log In page.
Recall that Mary is the user who is not a member of the Administrator role. Because of this she is denied access, which
by default prompts the user to log in as a different user. In the real
world you would obviously want to display a message telling the user that access
has been denied.
Also notice the ReturnUrl querystring parameter. This parameter is automatically
added to the login.aspx URL when a user unsuccessfuly attempts to enter a secure
area. When present, the ReturnUrl value overrides the Login control's DestinationPageUrl
property, as you will see when you log in now as "johns".
5. Log in as "johns" with the same password.
John is a member of the Administrator role, so he was given access to the secure area.
This series of lessons has shown you how easy it is to configure security for your ASP.NET application.
The new suite of login controls, as well as the Web Site Administration Tool and built-in SQL Express provider,
make setting up a robust security mechanism easier than ever before. And you did this all without any manual coding.
Powered By ASP.NET v2.0