How many times have you written a page or control to authenticate a user? You know you have to put a couple of textboxes in for username and password, a submit button, maybe a call to a sql server or wherever to authenticate the user. ASP.NET 2.0 has a ton of new control to simply user authentication. The cool thing is that it has controls to handle login, logout, displaying different content to authenticated users (or users in different roles), and even controls to create new users.
As I have said before ASP.NET 2.0 is provider based. This means that the implementation of Profile, Personalization, and Membership is not coded into the controls but into a provider. You can then build your own custom providers to do whatever you want.
ASP.NET has some built in membership providers out of the box. This is typically configured in the web.config and would look something like this.
<membership defaultProvider="QuickStartMembershipSqlProvider" 
    <providers> <add name="QuickStartMembershipSqlProvider" 
    type="System.Web.Security.SqlMembershipProvider, System.Web, 
Version=, Culture=neutral, 
Once you have a provider set up, creating a login page is as simple as dropping a login control onto a page.
<asp:Login id="LoginControl" runat="server" DestinationPageUrl="/index.aspx" />
That is all that is required to authenticate a user. The control supportsseveral parameters to specify styles, etc. In the future, I will talk about some of the additional controls available to handle login as well.

Read the complete post at