How To: Use Forms Authentication with Azure Table Storage

Objectives

  • Use the TableStorageMembershipProvider with forms authentication.
  • Set up the Table Storage membership data store.
  • Restrict the forms authentication cookie to HTTPS connections.
  • Use the membership feature to enforce password complexity rules.

Summary

ASP.NET provides a membership feature that you can use with forms authentication. The membership feature provides an abstraction for the underlying data store used to maintain user credentials such as user names and passwords, and it provides an API that allows you to easily validate user credentials and manage the user data store. ASP.NET supports SQL Server and Active Directory providers, for this how to you would have to use your own providers for Azure Table Storage data store.

This How To shows you how to develop a simple Web site that uses forms authentication with the Table Storage membership provider. This provider uses an underlying Table Storage Service as its user store.

Contents

  • Pre-Requisites
  • Summary of Steps
  • Step 1. Create a New Cloud Service Project.
  • Step 2. Add References to AspProvider Project for the Azure Table Storage Provider
  • Step 3. Add a Login Page
  • Step 4. Create a Way for New Users to Register
  • Step 5. Configure ASP.NET to use Forms Authentication
  • Step 6. Configure ASP.NET to Restrict Anonymous Users
  • Step 7. Configure ASP.NET to Use the Azure Table Storage Provider
  • Step 8. Configure the ASP.NET Membership Provider
  • Step 9. Add Test Code to Page_Load to Show the Forms Authentication Details
  • Step 10. Test Registering a New User and Logging in to the Application

Pre-Requisites

  1. Windows Azure SDK
  2. Windows Azure Tools for Visual Studio 2008
  3. Azure Samples – http://code.msdn.microsoft.com/download?ProjectName=windowsazuresamples&DownloadId=8221

Summary of Steps

Here are the steps at a glance:
  • Step 1. Create a New Cloud Service Project.
  • Step 2. Add References to AspProvider Project for the Azure Table Storage Provider
  • Step 3. Add a Login Page
  • Step 4. Create a Way for New Users to Register
  • Step 5. Configure ASP.NET to use Forms Authentication
  • Step 6. Configure ASP.NET to Restrict Anonymous Users
  • Step 7. Configure ASP.NET to Use the Azure Table Storage Provider
  • Step 8. Configure the ASP.NET Membership Provider
  • Step 9. Add Test Code to Page_Load to Show the Forms Authentication Details
  • Step 10. Test Registering a New User and Logging in to the Application

Step 1. Create a New Cloud Service Project.

In this step, you create a new cloud service project in Visual Studio:
1. Start Visual Studio, from the menu select “File” then click “New’ and then click ‘Project”
2. In the “New Project’ dialog box, expand ‘Visual C#’ (or Visual Basic, if you are using it) in the ‘Project Types’ section, and select “Cloud Service”.
3. In the ‘Templates’ section choose “Windows Azure Cloud Service” template, set the location, Name it as FormsAuthSample and click the “Ok” button.
4. In the “New Cloud Service Project” dialog box, select “ASP.NET Web Role”, and click the “>” button to add it to the solution. Then click the “Ok” button. This will create a sample cloud Web Application, which is ready to be hosted in the cloud with all required configuration files etc.
5. Run and verify that it works fine.

Step 2. Add a Reference to the AspProvider Project for the Azure Table Storage Provider

We didn’t see a Table Storage Membership provider for ASP.NET out of box, but there are samples available for download:
1. Unzip the WindowsAzure-AdditionalSamples.zip to some know location. You can http://code.msdn.microsoft.com/windowsazuresamples. (Note - if you followed my previous post, http://blogs.msdn.com/jmeier/archive/2010/03/16/getting-started-with-windows-azure.aspx you should already have these samples.)
2. Right click on the ‘FormsAuthSample” solution and choose Add -> Existing Project
3. Browse to the location where you have extracted the samples, and select ASPProviders.proj from \\Samples\AspProviders\Lib folder. This will add the ASPProviders project to your solution.
4. Add the reference to this project to your solution. To do this, expand the WebRole1 node in the solution explorer, and right-click on References.
5. Select Add Reference
6. Select the Projects tab
7. Select AspProviders, and click “Ok”

Step 3. Add a Login Page.

Use Solution Explorer to add a new Web form named Login.aspx to the WebRole1 site.

Step 4. Create a Way for New Users to Register

Add the following two lines into the Login.aspx <form> tag
    <asp:Login runat="server" /> 
    <asp:CreateUserWizard runat="server"></asp:CreateUserWizard> 


It should resemble the following:

    <form id="form1" runat="server"> 
    <div> 
    <asp:Login runat="server" /> 
    <asp:CreateUserWizard runat="server"></asp:CreateUserWizard> 
    </div> 
    </form> 

Step 5. Configure ASP.NET to use Forms Authentication

In Web.config, add the following line inside the <system.web> tag:
<authentication mode="Forms" />

Step 6. Configure ASP.NET to restrict Anonymous Users

In Web.config, add the following line inside the <system.web> tag:

      <authorization> 
        <deny users="?" /> 
        <allow users="*" /> 
      </authorization> 


Note – The preceding configuration allows only authenticated users to access the application. The "?" indicates unauthenticated users and the "*" indicates all users. By denying unauthenticated users, any requests made by unauthenticated users are redirected to the login page. The loginUrl attribute of the <forms> element determines the name of the login page. The default setting of this attribute is Login.aspx.

Step 7. Configure ASP.NET to Use the Azure Table Storage Provider

In this step, you configure the Web application to use the AspProviders.TableStorageMembershipProvider.

In Web.config, add the following lines inside the <system.web> tag:
      <membership defaultProvider="TableStorageMembershipProvider" userIsOnlineTimeWindow = "20"> 
        <providers> 
          <clear/> 
          <add name="TableStorageMembershipProvider" type="Microsoft.Samples.ServiceHosting.AspProviders.TableStorageMembershipProvider" 
          applicationName="AspProvidersDemo" 
    />
</providers> 
    </membership>

Step 8. Configure the ASP.NET Membership Provider

In Web.config, add the following code to the <appSettings> tag as follows:

  <appSettings> 
    <!-- account configuration --> 
    <add key = "TableStorageEndpoint" value="http://127.0.0.1:10002/devstoreaccount1"/> 
    <add key = "AccountName" value="devstoreaccount1"/> 
    <add key = "AccountSharedKey" value="Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw=="/> 
  </appSettings> 


Note: that we don’t have a lot of details on the AccountSharedKey, but we saw Jim Nakashima uses this value, so it’s good enough for now, until we know more.

Step 9. Add Test Code to Page_Load to Show the Forms Authentication Details

1. Add a using statement to Default.aspx.cs in your WebRole1 project to add a reference to System.Web.Security.
2. Add the following code to Page Load of Default.aspx.cs in WebRole1:

protected void Page_Load(object sender, EventArgs e) 
{ 
  Response.Write("Hello, " + Server.HtmlEncode(User.Identity.Name)); 

  FormsIdentity id = (FormsIdentity)User.Identity; 
  FormsAuthenticationTicket ticket = id.Ticket; 

  // optional - but if you use this add a reference to System.Web.Security 
  Response.Write("<p/>TicketName: " + ticket.Name ); 
  Response.Write("<br/>Cookie Path: " + ticket.CookiePath); 
  Response.Write("<br/>Ticket Expiration: " +  
                  ticket.Expiration.ToString()); 
  Response.Write("<br/>Expired: " + ticket.Expired.ToString()); 
  Response.Write("<br/>Persistent: " + ticket.IsPersistent.ToString()); 
  Response.Write("<br/>IssueDate: " + ticket.IssueDate.ToString()); 
  Response.Write("<br/>UserData: " + ticket.UserData); 
  Response.Write("<br/>Version: " + ticket.Version.ToString()); 
} 

Step 10. test registering a new user and logging in to the application

1. Run the project by using the F5 key (this runs the project in Debug mode.)
2. Create a new user. On your first visit, you need to create a new user (e.g. “bob”.) Note that the password rules by default are alphanumeric plus one non-alphanumeric (for example, "password!")
3. Login to the application. Sign in with your new username and password pair.

The Web application should return something along the following lines:

Hello, bob
TicketName: bob
Cookie Path: /
Ticket Expiration: 3/17/2010 3:04:40 PM
Expired: False
Persistent: False
IssueDate: 3/17/2010 2:34:40 PM
UserData:
Version: 2

Additional Information

<<TBD>>

Last edited May 21, 2010 at 4:53 PM by paulenfield, version 5

Comments

No comments yet.