This example shows how to index a site that uses ASP.NET Membership (.NET2+) authentication.
For details on .NET1+ Forms Authentication and complete C# & VB.NET code, please see the "Forms Authentication Apps & Site" section of the Help documentation.
Our example contains a folder only accessible by logging in as Admin (Example3_ASPNETMembership/Secure). As we want to include the contents of the folder in our index we need to configure the spider to login and visit the first page to be crawled.
We will;
1. Add code to accept username and password
2. Configure Import start page
3. Import documents
To allow the crawler/indexer to login we need to modify the login page code to accept the username and password from GET request parameters. To do this we simply change the code to try authenticating from the form parameters as well;
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
'get any supplied username for the search engine
Dim user As String = Page.Request.Params("searchusername")
Dim pass As String = Page.Request.Params("searchpassword")
'if it wasn't a postback and we do have a username, then login the user
If (Not IsPostBack _
AndAlso ((Not (user) Is Nothing) _
AndAlso (Not (pass) Is Nothing))) Then
If Membership.ValidateUser(user, pass) Then
FormsAuthentication.RedirectFromLoginPage(user, False)
End If
ElseIf Not IsPostBack _
AndAlso Not Membership.GetUser() Is Nothing And Not Request.Params("ReturnUrl") Is Nothing Then
'not a postback and we didn't get any user info,
'so if the user is already logged in, redirect them as usual
FormsAuthentication.RedirectFromLoginPage(Membership.GetUser().UserName, False)
End If
End Sub
Then, in the Index Management tool, the Website Import start page is configured to start from the login page, using the username and password required.
Eg. Import start URL is set to;
http://localhost/login.aspx?searchusername=myUserName&searchpassword=myPassword
In our example we also need to specify the URL to visit after logging in. This is done by adding "&ReturnUrl=someURL.aspx" to make the spider visit 'someURL.aspx'.
And so our start URL is set to; http://localhost:49094/Company_Intranet/Example3_ASPNETMembership/login.aspx?searchusername=admin&searchpassword=admin1@&ReturnUrl=%2fCompany_Intranet%2fExample3_ASPNETMembership%2fSecure%2fAccounts.aspx
The spider/indexer will login with Username: admin Password: admin1@ and visit our Accounts.aspx page first.
By using the GET parameters, searchusername and searchpassword we allow the engine to strip the username and password from search results.
Once the start URL has been configured, click Import to being importing and indexing the documents.