Now that we have the configuration in place for securing our site properly, we want to be able to actually log into the site:
Let's add the security handler that we just configured. Right-click on the web project and navigate to Add | New item. Select Web and then select Generic Handler. Give it the name
SecurityHandler.ashx
:We will, for simplicity, be hardcoding our users, passwords, and roles. At the top of the
SecurityHandler.ashx
file, add the following:Dictionary<string, string> _usersAndPassword = new Dictionary<string, string> { { "SomeCreator", "1234" }, { "SomeChatter", "1234" } }; Dictionary<string, string[]> _usersAndRoles = new Dictionary<string, string[]> { { "SomeCreator", new[] { "Creator" } } };
Let's go ahead and add the simple authentication methods for dealing with the users. The authentication will result in a
FormsAuthentication
cookie that we will generate in theAuthenticateUser
method that follows. The cookie will...