Code: http://www.codeproject.com/KB/aspnet/CustomMembershipProviders.aspx
Video: http://www.asp.net/general/videos/how-do-i-create-a-custom-membership-provider
Implementing a Membership Provider http://msdn.microsoft.com/en-us/library/f1kyba5e.aspx
Implementing a Role Provider: http://msdn.microsoft.com/en-us/library/8fw7xh74.aspx
Let's start:
Step 1: Create a class inherits MembershipProvider
Step 2: Add Compulsory variables/property
Step 3: Implement Core methods
Initialize method: get attribute from web.config
CreateUser method: validation, insert into custom data source and return a MembershipUser
ValidateUser method:
ResetPassword method:
others : GetXX/UpateXX...
Step 4: Configuration
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="ApplicationServices"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
Note: use machine key to encryption and decryption some important data
Generate a machine key: http://aspnetresources.com/tools/machineKey
How to utilize machine key:
http://www.rich-rogers.com/blog/archive/asp.net-c-sharp-encrypt-hash-using-machinekey-values
http://msdn.microsoft.com/en-us/library/dtkwfdky.aspx
using System.Text;
using System.Web.Security;
namespace MyLibrary
{
internal static class Crypto
{
internal static string Encrypt(string text)
{
if (!string.IsNullOrEmpty(text))
{
return MachineKey.Encode(Encoding.Unicode.GetBytes(text),
MachineKeyProtection.All);
}
else
{
return null;
}
}
internal static string Decrypt(string text)
{
if (!string.IsNullOrEmpty(text))
{
return Encoding.Unicode.GetString(MachineKey.Decode(text,
MachineKeyProtection.All));
}
else
{
return null;
}
}
}
}