How To Use ASP.NET Forms Auth with SQL Server on Windows Azure

This post is a quick step through of creating a Windows Azure cloud project that authenticates using ASP.NET Forms Authentication with SQL Server as the user store.

The core steps are very much the same as my previous post How To Use ASP.NET Forms Auth with Azure Tables.   The key difference is step 7 and step 8, which specify the connection to SQL Server.

Summary of Steps
Here are the steps at a glance:

• Step 1. Create a New Cloud Service Project.
• Step 2. Add a Login Page.
• Step 3. Create a Way for New Users to Register
• Step 4. Configure ASP.NET to use Forms Authentication
• Step 5. Configure ASP.NET to restrict Anonymous Users
• Step 6. Set up the SQL Membership Database
• Step 7. Add the SQL Connection String
• Step 8. Configure ASP.NET to Use the SQL Membership Provider
• Step 9. Add Test Code to Page_Load to Show the Forms Authentication Details
• Step 10. test registering a new user and logging in to the application

Here we go …

Step 1. Create a New Cloud Service Project.
In this step, you create a new cloud service project in Visual Studio:

1. Start Visual Studio, from the menu select  “File” then click “New’ and then click ‘Project”
2. In the “New Project’ dialog box, expand ‘Visual C#’ (or Visual Basic, if you are using it) in the ‘Project Types’ section, and select “Cloud Service”.
3. In the ‘Templates’ section choose “Windows Azure Cloud Service” template, set the location, Name it as FormsAuthSample and click the “Ok” button.
4. In the “New Cloud Service Project” dialog box, select “ASP.NET Web Role”, and click the “>” button to add it to the solution.  Then click the “Ok” button.  This will create a sample cloud Web Application, which is ready to be hosted in the cloud with all required configuration files etc.
5. Run and verify that it works fine.

Step 2. Add a Login Page.
Use Solution Explorer to add a new Web form named Login.aspx to the WebRole1 site.

Step 3. Create a Way for New Users to Register
Add the following two lines into the Login.aspx <form> tag

    <asp:Login runat="server" />
    <asp:CreateUserWizard runat="server"></asp:CreateUserWizard>

It should resemble the following:

    <form id="form1" runat="server">
    <div>
    <asp:Login runat="server" />
    <asp:CreateUserWizard runat="server"></asp:CreateUserWizard>
    </div>
    </form>

Step 4. Configure ASP.NET to use Forms Authentication
In Web.config, add the following line insde the <system.web> tag:
        <authentication mode="Forms" />

Step 5. Configure ASP.NET to restrict Anonymous Users
In Web.config, add the following line inside the <system.web> tag:

      <authorization>
        <deny users="?" />
        <allow users="*" />
      </authorization>

Note – The preceding configuration allows only authenticated users to access the application. The "?" indicates unauthenticated users and the "*" indicates all users. By denying unauthenticated users, any requests made by unauthenticated users are redirected to the login page. The loginUrl attribute of the <forms> element determines the name of the login page. The default setting of this attribute is Login.aspx.

Step 6. Set up the SQL Membership Database
In this step, you configure the SQL data store for membership.  This is accomplished through the use of the aspnet_regsql.exe utility.  Details on aspnet_regsql.exe can be found at: https://msdn.microsoft.com/en-us/library/ms229862(VS.80).aspx

Step 7. Add the SQL Connection String
In Web.config, add the connection string to the connectionStrings tag using the <add> tag as follows:

  <connectionStrings>
    <add name="MyLocalSQLServer" connectionString="Initial Catalog=aspnetdb;Data Source=MyServerName;Integrated Security=SSPI"/>
  </connectionStrings>

Step 8. Configure ASP.NET to Use the SQL Membership Provider
In this step, you configure the Web application to use the SQL Membership Provider.

In Web.config, add the following lines inside the <system.web> tag:

    <membership defaultProvider="MySqlMembershipProvider" >
      <providers>
        <clear/>
        <add name="MySqlMembershipProvider"
             connectionStringName="MyLocalSQLServer"
             applicationName="MyAppName"
             type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
      </providers>
    </membership>

Step 9. Add Test Code to Page_Load to Show the Forms Authentication Details
Add a using statement to Default.aspx.cs in your WebRole1 project to add a reference to  System.Web.Security.
Add the following code to Page Load of Default.aspx.cs in WebRole1:
protected void Page_Load(object sender, EventArgs e)
{ 
    Response.Write("Hello, " + Server.HtmlEncode(User.Identity.Name) + "<br />");
}

Step 10. test registering a new user and logging in to the application

1. Run the project by using the F5 key (this runs the project in Debug mode.)
2. Create a new user.  On your first visit, you need to create a new user (e.g. “bob”.)  Note that the password rules by default are alphanumeric plus one non- alphanumeric (for example, "password!")
3. Login to the application.  Sign in with your new username and password pair.

The Web application should return something along the following lines:

Hello, waldo

Share your feedback or results in the comments.  We’re path paving along with you.

My Related Posts

• How To Use ASP.NET Forms Auth with Roles in Azure Tables
• How To Use ASP.NET Forms Auth with Azure Tables
• Getting Started with Windows Azure
• VMs for Web and Worker Roles in Windows Azure
• Windows Azure Platform at a Glance
• Visual Model of Cloud Computing
• Software as a Service (SaaS), Platform at a Service (PaaS), and Infrastructure as a Service (IaaS)
• Cloud Defined