转载自:http://msdn2.microsoft.com/en-us/library/f1kyba5e.aspx
ASP.NET membership is designed to enable you to easily use a number of different membership providers for your ASP.NET applications. You can use the supplied membership providers that are included with the .NET Framework, or you can implement your own providers.
There are two primary reasons for creating a custom membership provider.
-
You need to store membership information in a data source that is not supported by the membership providers included with the .NET Framework, such as a FoxPro database, an Oracle database, or other data sources.
-
You need to manage membership information using a database schema that is different from the database schema used by the providers that ship with the .NET Framework. A common example of this would be membership data that already exists in a SQL Server database for a company or Web site.
To implement a membership provider, you create a class that inherits the Sample Membership Provider Implementation.
|
Member |
Description |
|---|---|
|
Initialize method |
Takes, as input, the name of the provider and a NameValueCollection of configuration settings. Used to set property values for the provider instance including implementation-specific values and options specified in the configuration file (Machine.config or Web.config) supplied in the configuration. |
Required MembershipProvider Members
|
Member |
Description |
|---|---|
|
EnablePasswordReset property |
A Boolean value specified in the configuration file (Web.config). The ResetPassword method to overwrite their current password with a new, randomly generated password. This property is read-only. |
|
EnablePasswordRetrieval property |
A Boolean value specified in the configuration file (Web.config). The GetPassword method. This property is read-only. |
|
RequiresQuestionAndAnswer property |
A Boolean value specified in the configuration file (Web.config). The ResetPassword method. This property is read-only. |
|
RequiresUniqueEmail property |
A Boolean value specified in the configuration file (Web.config). The DuplicateEmail. This property is read-only. |
|
PasswordFormat property |
A MembershipPasswordFormat value specified in the configuration file (Web.config). You can use the machineKey Element (ASP.NET Settings Schema) in your configuration. This property is read-only. |
|
MaxInvalidPasswordAttempts property |
An Integer value specified in the configuration file (Web.config). The MaxInvalidPasswordAttempts is reached, the counter that tracks the number of invalid attempts is reset to zero. If the false, invalid password answer attempts are not tracked. Invalid password and password answer attempts are tracked in the ResetPassword methods. This property is read-only. |
|
PasswordAttemptWindow property |
An Integer value specified in the configuration file (Web.config). For a description, see the description of the MaxInvalidPasswordAttempts property. This property is read-only. |
|
ApplicationName property |
The name of the application using the membership information specified in the configuration file (Web.config). The ApplicationName later in this topic for more information. This property is read/write and defaults to the ApplicationPath if not specified explicitly. |
|
CreateUser method |
Takes, as input, the name of a new user, a password, and an e-mail address and inserts a new user for the application into the data source. The MembershipCreateStatus value that indicates whether the user was successfully created, or a reason that the user was not successfully created. |
|
UpdateUser method |
Takes, as input, a MembershipUser object populated with user information and updates the data source with the supplied values. |
|
DeleteUser method |
Takes, as input, the name of a user and deletes that user's information from the data source. The Boolean parameter is included to indicate whether related information for the user, such as role or profile information is also deleted. |
|
ValidateUser method |
Takes, as input, a user name and a password and verifies that the values match those in the data source. The false. |
|
GetUser method |
Takes, as input, a unique user identifier and a Boolean value indicating whether to update the Nothing in Visual Basic). |
|
GetUser method |
Takes, as input, a user name and a Boolean value indicating whether to update the Nothing in Visual Basic). |
|
GetAllUsers method |
Returns a MembershipUser objects for all of the users in the data source. The results returned by totalRecords would be set to 13. |
|
GetNumberOfUsersOnline method |
Returns an integer value that is the count of all the users in the data source where the UserIsOnlineTimeWindow property is an integer value specifying the number of minutes to use when determining whether a user is online. |
|
ResetPassword method |
Takes, as input, a user name and a password answer and generates a new, random password for the specified user. The Membership class. The MembershipPasswordException is thrown. |
|
GetPassword method |
Takes, as input, a user name and a password answer and retrieves the password for that user from the data source and returns the password as a string. ProviderException is thrown. The MembershipPasswordException is thrown. |
|
GetUserNameByEmail method |
Takes, as input, an e-mail address and returns the first user name from the data source where the e-mail address matches the supplied email parameter value. If no user name is found with a matching e-mail address, an empty string is returned. If multiple user names are found that match a particular e-mail address, only the first user name found is returned. |
|
ChangePassword method |
Takes, as input, a user name, a current password, and a new password, and updates the password in the data source if the supplied user name and current password are valid. The false. |
|
Takes, as input, a user name, a password, a password question, and a password answer, and updates the password question and answer in the data source if the supplied user name and password are valid. The false. If the supplied user name and password are not valid, false is returned. |
|
|
FindUsersByName method |
Returns a list of membership users where the user name contains a match of the supplied usernameToMatch for the configured
The results returned by totalRecords would be set to 13. |
|
FindUsersByEmail method |
Returns a list of membership users where the user name contains a match of the supplied emailToMatch for the configured
The results returned by totalRecords would be set to 13. |
|
UnlockUser method |
Takes, as input, a user name, and updates the field in the data source that stores the false. |
Membership providers store user information uniquely for each application. This enables multiple ASP.NET applications to use the same data source without running into a conflict if duplicate user names are created. Alternatively, multiple ASP.NET applications can use the same user data source by specifying the same ApplicationName.
Because membership providers store user information uniquely for each application, you will need to ensure that your data schema includes the application name and that queries and updates also include the application name. For example, the following command is used to retrieve a user name from a database, based on the e-mail address, and ensures that the ApplicationName is included in the query.
SELECT Username FROM MyUserTable WHERE Email = 'someone@example.com' AND ApplicationName = 'MyApplication'
You may need to extend the membership provider interfaces with additional functionality not provided by the Membership class.
An example of this could be a LockUser method that sets the Provider property, which exposes the default membership provider for an application, as a custom-provider type in order to call the custom LockUser method.
As MyCustomProvider = CType(Membership.Provider, MyCustomProvider) p.LockUser(username)
MyCustomProvider p = (MyCustomProvider)Membership.Provider; p.LockUser(username);
For each membership provider specified in the configuration for an application, ASP.NET instantiates a single membership provider instance that is used for all of the requests served by an Initialize method is called.