Kiwi MVC.NET : Authentication Layer, introduction Part2

14 May
2009

I know it is a bit weird to begin a CMS application by implementing a Membership system but the simple raison why I start up with that is because I needed for my work (as you can see in my previous post ).

Too often, I saw developers rewriting their own membership system in place to use what the framework (no matter which one) can offer.

It is the main raison why I choose to implement the ASP.NET Membership system in Kiwi. It has a lot of interesting functionalities but on the other hand it is like riding a big monster. Thus, I am going to use it as pluggableas as I can do.

The User Object :

Today, creating an object called User is being strange. If you want to choose the OOP way, a user is often too generic. If you developed an e-commerce, you will certainly choose customer in place of user. But a customer and an admin can login in your system, so are-you going to create two objects? One called “customer” and the other called “vip”? That sounds weird no?

Here is my point of view. A membership system is for me an additional layer you can implement (or not). It is not the hearth of your application; it is just a security layer. That why I am going to use it without any “User” object. I saw 3 mains services that a Membership system could offer :

authentication (who is this guy)
personalization (what the guy like)
authorization (what the guy can do)

Sql membership :

We saw in one of my previous post that ASP.NET has 2 differents way to manage the membership layer. There we saw the active directory membership provider. Today, we will use the SqlMembershipProvider.

First, to use Sql membership you need a sql server with a database up. Therefore, I went to the Microsoft website to download Sql Server 2008 express and I installed it.

I create an empty db called Kiwi.

Then in the folder “C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727″, I execute the aspnet_regsql.exe and provide the right information to allow the connection to the database. Finish the setup and let’s take a look on the database called Kiwi:

kiwi_part2_1

Now, I configure the Webconfig to use the SqlMemberShipProvider with my application.
Here is the connection string I added to my webconfig file:

kiwi_part2_2

To test if everything works well,

Change the name of the connection string under membership to make the connection with your db.

kiwi_part2_3

Now make a test, go to the ASP.NET configuration when you are on your MVC.WEB in your website.

kiwi_part2_4

You will enter in the Web Site Administation Tool :

kiwi_part2_5

If you click on Security you will access a page where you can manage the users, the roles and the access rules.
For the test, click on the “Create User” link and create one :
kiwi_part2_6

Create the user and go to the server explorer on your Visual Studio. If you do not have a connection to your db yet in server explorer, add it.

kiwi_part2_7

On the table aspnet_Users, right-click on Show Table Data and you will see the user you created above.

kiwi_part2_8

Cool stuff isn’t it ?
Now we have a db called Kiwi with some tables created by the .NET framwork.
The web application can connect to the Kiwi database and you are now able to manage user with the ASP.NET administation tools.

In the next post : I will begin to code with the Test driven design approach. I will create the different layer we need in our repository to make the authentication working.

Bookmark It