Software Engineering, Project Management, and Effectiveness
This post is a quick step through of creating a Windows Azure cloud project that authenticates using ASP.NET Forms Authentication with SQL Server as the user store.
The core steps are very much the same as my previous post How To Use ASP.NET Forms Auth with Azure Tables. The key difference is step 7 and step 8, which specify the connection to SQL Server.
Summary of Steps Here are the steps at a glance:
Here we go …
Step 1. Create a New Cloud Service Project. In this step, you create a new cloud service project in Visual Studio:
Step 2. Add a Login Page. Use Solution Explorer to add a new Web form named Login.aspx to the WebRole1 site.
Step 3. Create a Way for New Users to Register Add the following two lines into the Login.aspx <form> tag
<asp:Login runat="server" /> <asp:CreateUserWizard runat="server"></asp:CreateUserWizard>
It should resemble the following:
<form id="form1" runat="server"> <div> <asp:Login runat="server" /> <asp:CreateUserWizard runat="server"></asp:CreateUserWizard> </div> </form>
Step 4. Configure ASP.NET to use Forms Authentication In Web.config, add the following line insde the <system.web> tag: <authentication mode="Forms" />
Step 5. Configure ASP.NET to restrict Anonymous Users In Web.config, add the following line inside the <system.web> tag:
<authorization> <deny users="?" /> <allow users="*" /> </authorization>
Note – The preceding configuration allows only authenticated users to access the application. The "?" indicates unauthenticated users and the "*" indicates all users. By denying unauthenticated users, any requests made by unauthenticated users are redirected to the login page. The loginUrl attribute of the <forms> element determines the name of the login page. The default setting of this attribute is Login.aspx.
Step 6. Set up the SQL Membership Database In this step, you configure the SQL data store for membership. This is accomplished through the use of the aspnet_regsql.exe utility. Details on aspnet_regsql.exe can be found at: http://msdn.microsoft.com/en-us/library/ms229862(VS.80).aspx
Step 7. Add the SQL Connection String In Web.config, add the connection string to the connectionStrings tag using the <add> tag as follows:
<connectionStrings> <add name="MyLocalSQLServer" connectionString="Initial Catalog=aspnetdb;Data Source=MyServerName;Integrated Security=SSPI"/> </connectionStrings>
Step 8. Configure ASP.NET to Use the SQL Membership Provider In this step, you configure the Web application to use the SQL Membership Provider.
In Web.config, add the following lines inside the <system.web> tag:
<membership defaultProvider="MySqlMembershipProvider" > <providers> <clear/> <add name="MySqlMembershipProvider" connectionStringName="MyLocalSQLServer" applicationName="MyAppName" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership>
Step 9. Add Test Code to Page_Load to Show the Forms Authentication Details Add a using statement to Default.aspx.cs in your WebRole1 project to add a reference to System.Web.Security. Add the following code to Page Load of Default.aspx.cs in WebRole1: protected void Page_Load(object sender, EventArgs e) { Response.Write("Hello, " + Server.HtmlEncode(User.Identity.Name) + "<br />"); }
Step 10. test registering a new user and logging in to the application
The Web application should return something along the following lines:
Hello, waldo
Share your feedback or results in the comments. We’re path paving along with you.
My Related Posts
In my previous post, How To Use ASP.NET Forms Auth to Azure Tables, we walked through creating a simple Web page that authenticates using ASP.NET Forms Authentication and stores the users in Azure Tables using the sample Azure Table Storage provider for ASP.NET.
In this post, we extend that sample to include Roles Authentication, where the roles are stored in Azure Tables. Normally, I'm not a fan of extending samples, but in this case, it's simple enough that I don't want to repeat my previous post here.
Before you begin, create the sample in How To Use ASP.NET Forms Auth to Azure Tables, if you haven't already.
Summary of Steps Here are the steps at a glance to add Roles authorization:
Step 1. Configure roleManager Settings in web.config Add the following to Web.config, to point the roleManager to the Azure Table Storage:
<roleManager enabled="true"> <providers> <add applicationName="FormsAzTables" name="TableStorageRoleProvider" type="Microsoft.Samples.ServiceHosting.AspProviders.TableStorageRoleProvider" /> </providers> </roleManager>
Step 2. Add Test Code to Page_Load to Show the Roles Authorization Add the following test code to Page_Load in default.aspx.cs:
Response.Write("<br/>Is in Users: " + (Roles.IsUserInRole("Users") ? "true": "false") ); if (!Roles.RoleExists("Users")) Roles.CreateRole("Users");
if (!Roles.IsUserInRole("Users")) Roles.AddUserToRole(User.Identity.Name, "Users");
Step 3. Test Your Repro Press F5 to start with debugging. You should see something like the following output:
Hello, bob TicketName: bob Cookie Path: / Ticket Expiration: 3/22/2010 11:50:02 AM Expired: False Persistent: False IssueDate: 3/22/2010 11:20:02 AM UserData: Version: 2 Is in Users: true
The first time you run this, Is in Users should return false, but the second time you run this, it should return true.
One of the most important patterns in Getting Results is the Monday Vision, Daily Outcomes, and Friday Reflection pattern. It’s a simple way to get meaningful results each day and each week. It’s how I avoid getting overwhelmed and how I drive results for myself, the teams I lead, and the people I mentor.
What makes the results meaningful is that each week, on Mondays, you’re stepping back and looking across what matters in your life. This means taking a look at your life hot spots (mind, body, emotions, career, financial, relationships, and fun.) It also means taking a look at the activities and projects you are juggling at work and in your personal life. It’s a quick way to see the forest from the trees. This is how you carve out meaningful results for the week. You can see the end in mind, and when you know the goals, you can pace yourself better, prioritize easier, and focus more effectively.
Each day, you can create stories for your results. Using The Rule of 3, you limit yourself to 3 stories (you can always bite off more, but use 3 to focus and concentrate your time and energy.) To guide yourself, you simply ask, “What are my 3 best results for today?” The Rule of 3 has been around for a long time. Marketing uses it. The military uses it. You can use it in your everyday life to avoid overwhelm, organize your time and energy, and simplify your life, while improving your results.
On Friday’s, this is your time to reflect and check the score. Simply ask yourself what are 3 things going well and what are 3 things to improve. This is a chance to celebrate your victories and to learn your personal success patterns and personal anti-patterns. It’s also a great way to improve your rhythm of results. If things aren’t getting done, you need to ask yourself, why? Are you biting off too much, or are you getting distracted. If you’re getting things done, but not getting the results you want, you have to ask yourself, are you working on the right things? Are you spending the right time and the right energy, or does it feel more like you’re just going through the motions. Use your own reflection and insights as a way to learn and improve. The beauty is, you get a new chance at results, each day and each week. You can test what you learn, apply your learning, and improve as you go.
This is the path of continuous growth. It’s this path that will help you improve in any dimension of your work or life.
To compact this concept and make it easy to visualize and remember, I created a new cheat sheet:
Enjoy!
While ramping up for Windows Azure, we're getting our feet wet with some basic application scenarios. This is a quick step through of wiring up ASP.NET Forms Authentication to use Azure Table Storage for the user store.
It’s longer than I like but I wanted to err on the side of being explicit. It’s nice to know that when you’re going down a path that somebody else has been there and done that and you’re not on your own. While your path may vary, at least you know this is one path that at least a few of our team members went down while creating repros for Azure authentication scenarios with ASP.NET.
Stepping back, the big thing to know is that we didn’t find a Table Storage Membership provider for ASP.NET out of the box, but we found one in the additional C# samples. You’ll see this in step 7. Now, let’s start paving some paths …
Step 2. Add a Reference to the AspProvider Project for the Azure Table Storage Provider We didn’t see a Table Storage Membership provider for ASP.NET out of box, but there are samples available for download:
Step 3. Add a Login Page. Use Solution Explorer to add a new Web form named Login.aspx to the WebRole1 site.
Step 4. Create a Way for New Users to Register Add the following two lines into the Login.aspx <form> tag
Step 5. Configure ASP.NET to use Forms Authentication In Web.config, add the following line insde the <system.web> tag: <authentication mode="Forms" />
Step 6. Configure ASP.NET to restrict Anonymous Users In Web.config, add the following line inside the <system.web> tag:
Step 7. Configure ASP.NET to Use the Azure Table Storage Provider In this step, you configure the Web application to use the AspProviders.TableStorageMembershipProvider.
<membership defaultProvider="TableStorageMembershipProvider" userIsOnlineTimeWindow = "20"> <providers> <clear/>
<add name="TableStorageMembershipProvider" type="Microsoft.Samples.ServiceHosting.AspProviders.TableStorageMembershipProvider" applicationName="AspProvidersDemo" />
</providers> </membership>
Step 8. Configure the ASP.NET Membership Provider In Web.config, add the following code to the <appSettings> tag as follows:
<appSettings> <!-- account configuration --> <add key = "TableStorageEndpoint" value="http://127.0.0.1:10002/devstoreaccount1"/> <add key = "AccountName" value="devstoreaccount1"/> <add key = "AccountSharedKey" value="Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw=="/> </appSettings>
Note that we don’t have a lot of details on the AccountSharedKey, but we saw Jim Nakashima uses this value, so it’s good enough for now, until we know more.
Step 9. Add Test Code to Page_Load to Show the Forms Authentication Details
protected void Page_Load(object sender, EventArgs e) { Response.Write("Hello, " + Server.HtmlEncode(User.Identity.Name));
FormsIdentity id = (FormsIdentity)User.Identity; FormsAuthenticationTicket ticket = id.Ticket;
// optional - but if you use this add a reference to System.Web.Security Response.Write("<p/>TicketName: " + ticket.Name ); Response.Write("<br/>Cookie Path: " + ticket.CookiePath); Response.Write("<br/>Ticket Expiration: " + ticket.Expiration.ToString()); Response.Write("<br/>Expired: " + ticket.Expired.ToString()); Response.Write("<br/>Persistent: " + ticket.IsPersistent.ToString()); Response.Write("<br/>IssueDate: " + ticket.IssueDate.ToString()); Response.Write("<br/>UserData: " + ticket.UserData); Response.Write("<br/>Version: " + ticket.Version.ToString()); }
Hello, bob TicketName: bob Cookie Path: / Ticket Expiration: 3/17/2010 3:04:40 PM Expired: False Persistent: False IssueDate: 3/17/2010 2:34:40 PM UserData: Version: 2
While ramping for Windows Azure, we created a quick set of steps to get other team members quickly started with Azure. The goal is tight – get Azure running on your local box and be able to explore and run the Azure SDK samples.
Installing the Azure SDK and the Visual Studio Tools for Azure Here’s a quick set of steps to install the VS tools for Azure and Azure SDK:
Installing the Azure SDK Samples You need to unpack the samples:
Installing the Additional Azure SDK Samples The additional samples include a sample ASP.NET provider for Azure Table Storage. Our team is using this to test ASP.NET Forms Authentication with Azure Table Storage.
Additional Resources Here are some key places to visit:
I created a simple view of the Getting Results Knowledge Base for my latest book, Getting Results the Agile Way, which is a personal results system for work and life. The Knowledge Base provides simple job aids including Cheat Sheets, Checklists, How Tos, Guidelines, and Templates.
If you want a quick visual overview of Getting Results, then explore the Visuals for Getting Results collection, which is a simple set of figures and diagrams.
I would also recommend you browse the Guidelines for Getting Results. The guidelines are a very tight set of "what to do," "why," and "how" summaries for getting results. What's special about this set is that I reviewed them with several folks inside and outside of Microsoft that have focused on personal productivity and team productivity for many years. You might just find the gem that's a game changer for you.
If you want a jump start for learning the system, see Getting Started with Agile Results.
The book is going to edit soon, so your feedback would be appreciated. (Making changes gets tougher when the book is in edit.)
Why invest in prescriptive guidance or “Blue Books” for Microsoft platform impact? While the answer is obvious to many, it’s not as obvious to others, so I’ll attempt to paint the picture here.
Building Secure ASP.NET Applications was the first “blue book” at Microsoft, but it was Improving Web Application Security that really made people take notice (it was downloaded more than 800,000 times in its first six months and it changed how many people in the industry thought about security and it changed their approach. It’s also the guide that helped many customers switch from Java to .NET.) An interesting note about Building Secure is that the Forms Authentication approach was baked into the Whidbey platform (ASP.NET 2.0.)
Blue Books Shape Platform SuccessBlue Books have played a strategic role in both shaping the platform and driving exponential customer success on the platform. They’ve helped us find and share platform best practices, create mental models and conceptual frameworks, and create systems and approaches that scale success and create powerful ecosystems. They’ve also helped us spring up offerings for our field, reduce support costs, and win competitive assessments.
Ultimately, Blue Books give us a strategic look at platform pain points as well as competitive analysis, and a consolidated set of success patterns to run with.
From patents to methodologies to better ways for better days, “Blue Books” have been the definitive way for improving platform success in a sustainable way – a durable backdrop that provides continuity of the platform over time.
Benefits at a GlanceHere is a quick rundown of some of the key ways that Blue Books have helped Microsoft and customers win time and again:
The list goes on, but the essence is that these playbooks help customers make the most of the platform by sharing the know-how through prescriptive architectural guidance.
End-to-End Application Scenarios and SolutionsHere’s an example of an application scenario. We use application scenarios to show how to solve end-to-end problems. It’s effectively a baseline architecture based on successful solutions. Here is an example from our WCF Security Guide:
Scenario
Solution
We share them as sketches like on a whiteboard so they are easy to follow.
Methodologies and MethodsMethodologies, frameworks and approaches are nice ways to wrap up and package a set of related activities that you can use a baseline for your process or to overlay on what you already do. Methods are step-by-step techniques for producing effective results and they are a powerful way to share expertise. Methodologies and methods are how we create exponential results and amplify our impact.
Example Methodology – Agile Security Engineering
Example Method – Threat Modeling Technique
Conceptual Frameworks and Mental ModelsWe use mental models, conceptual frameworks, and information models to learn and share the problem space.
Example Conceptual Framework for Web Security
Example Mental Model for Application Architecture
Hot SpotsHot Spots are basically heat maps of pain points and opportunities. We use them as a lens to help us see customer pain points and opportunities, and to prioritize our investments. They also help us identify, organize, and share scenarios. Hot Spots also help us organize and share principles, patterns, practices, and anti-patterns for key engineering decisions. Hot Spots are a powerful tool for product planning and for building prescriptive guidance, platform, and tools.
Example of Security Hot Spots
Example of Architecture Hot Spots
Scenarios Organized by Architecture Hot Spots
Competitive WinsOur Blue Books have consistently been used for winning competitive assessments or at least making significant impact in key areas. Whether there’s a gap in the tools or a gap in the platform, prescriptive guidance can smooth it out by creating a success path for customers.
Example of beating IBM in Every Category Around Guidance
You can find a deeper rundown on the competitive assessments in my previous posts.
The Bottom Line on Blue BooksThe bottom line for me is that Blue Books have helped shape platforms and tools and to create glide-paths for customers through mental models, methodologies, and methods. They’ve been a powerful way to share success patterns, help paint the bigger picture, and connect the dots across platform, tools, and guidance.
The adoption and usage has accelerated over the years to the point where just about any customer in the application development space that works with the Microsoft platform is familiar with either patterns & practices for the Microsoft Blue Books.
Blue Books have been the freemium offering from Microsoft that have paved the way for premium experiences.
The Getting Results Facebook Fan Page is now available. It’s for my latest book, Getting Results the Agile Way.
Getting Results is my first non-technical book and it’s all about making you great. You’ll learn the super skills for working on the right things, the right way, at the right time, with the right energy … unleashing your best. Oh, and did I mention, you can read it all for free? It’s all free in HTML. You can learn the secrets of how I drive myself, coach other teams at Microsoft, and lead distributed teams around the World for more than 10 years for world-class results. It’s spreading fast … people are adopting it … and people are writing stories to me about how it’s changing their lives. Who knew success would be so contagious … and everybody wants some of that :)
It’s all about getting results in work and life. It’s the best of the best success patterns for making the most of what you’ve got, playing to your strengths, mastering your time, and living your values.
I’m a fan of sharing know-how rapidly, effectively, and unselfishly … so all the secrets are in the guide, no holds barred. You get the distillation of trial and tribulation, deliberate practice, and synthesis of the best of the best methods for getting results. Get the system on your side and like Bruce Lee said, “absorb what is useful.”
Maybe you’ll be the next rags to riches story. Maybe you’ll become the new hero at work who moves mountains and makes things happen. Maybe you’ll just find more joy in your day to day. Either way … best wishes on uncorking yourself and may the full force of Agile Results be with you.
If it’s not for you, maybe you know somebody who needs a lift up in life. Share it with them. I’m teaching my friends and family and all who care the skills to go the distance in an ever-changing world.
“Are you getting results? …”
Over Christmas break, I committed to finishing the writing for a book that I expect to change a lot of people's lives. It's my first non-technical book. The working title is, Getting Results the Agile Way. It's all about getting results in work and life. It's the playbook I wish somebody had given me long ago for finding work/life balance, managing time, playing to my strengths, and making the most of what I've got.
Why Getting Results The world is a tough place. Between layoffs, the economy, and simply the unknown, a lot of people are having a really tough time in their lives. There are constantly new challenges at a pace that's tough to keep up. Worse, I don't think you learn a lot of these skills in school or on the job, except through the school of hard knocks.
This is my playbook for you. For more than 10 years at Microsoft I've tested and evaluated ways to get results. I've had to find things that not only work for me, but that could work for the people I mentor inside and outside the company, as well as for large teams around the world. I'm a big believer that everybody can get great results if they have the right know-how.
What Sorts of Problems Does It Tackle The book is a system and a playbook for some of these common challenges:
It helps with a lot of things because mostly it gets you spending the right time, on the right things, with the right energy, the right way. This is the key to your best results.
My Story When I first joined Microsoft, it was sink or swim. I saw a lot of people fail. Among the chaos, I also saw many people thrive. I wanted to know their secrets. I started with people on my team, but the next thing you know I was studying success patterns around the company. If somebody was known for getting results, I hunted them down and studied their ways.
I learned so many simple things that actually worked. For example, instead of managing time, the real key is managing your energy. I'd rather have four power hours, than a week of just going through the motions. The secret of work life balance is setting up your own artificial boundaries, whether it's "dinner on the table at 5:30" or "no work on the weekends." Finding your passion can be as simple as connecting to your values. For example, I use metaphors to make my project an epic adventure and I have the team create the movie poster of what great results will look like. How's that for wanting to show up and give your best every day knowing you're working on blockbuster results?
What is Agile Results? You'll hear me talk about Agile Results quite a bit. It's the name I gave the system that serves as the foundation for the Getting Results guide. Agile is all about responding to change. It's agility in action. It's all about making progress while the world changes under your feet.
My Agile Results system borrows the best principles, patterns, and practices across a variety of disciplines from sports, positive psychology, personal productivity, Agile development, Scrum, project management, time management, leadership skills, and strengths-based development. It's more than a mash up -- I've tested and honed the system to work for individuals and teams while refining it over years of deliberate practice. To me, great results for the team, always starts with unleashing an individual’s best. Having fun is contagious and getting results spreads like a wild fire.
Agile Results in a Nutshell Here is the Agile Results system at a glance:
How to Get Started Getting started is really easy. If you write down 3 results you want for today, you're doing Agile Results. Is there more to it? … Sure, but take it at your own pace. Here’s a one-page guide for getting started with Agile Results.
How To Follow Along for the Ride You can read Getting Results for free online in HTML. I’ll continue to shape the guide over the next several weeks based on feedback. I’ll also be making March a focus on getting results so if you’ve been looking for a jumpstart for your life, this is a great month to make it happen. I’ll be sharing nuggets for getting results at my effectiveness blog, Sources of Insight.
If you're not getting the results you want in your life, you just need the skills. Use my guide to stuff your bag of tricks with some new tools that will change your game and help you unleash your best.