Step 3: Select the User Table (Database Security)

In order for Iron Speed Designer to add role-based security to your application, it must know which database tables contain login information as well as user roles.

Use the Application Security Wizard to set up page-based and control-based access control in your application.

Creating User Accounts in your Database

Role-based security is predicated on your application’s ability to know who the user is so that appropriate page access can be granted. This requires users to sign into the application, which in turn requires your database to contain user name and password information for users.

If you are implementing role-based security, Iron Speed Designer requires one table in your database to be designated as a “User Table”. The User Table contains a list of all of your application’s users and can be any table in your application. Within this table, you must have three important fields from which Iron Speed Designer builds the sign in mechanism in your application:

Any table in your database can be a User Table; there is no restriction on which table may be designated as a User Table or what other fields it needs to have other than those listed above.

Field	Type
UserID	Integer
...
FirstName	String
LastName	String
UserName	String
Password	String
Address	String
Emailaddress	String
...

An example table designated as a User Table. This table contains normal account information, including First Name, Last Name, and Address, as well as the required sign in information (shown highlighted). Emailaddress is required to include a Forgot Password link on the Sign In page. The Emailaddress field only applies to Database security and not any other security type.

Selecting the User Table

In the Application Security Wizard, make these selections:

Field	Description
Server Database Table, View or Query	The table in your database containing the user name and password information. Note: Only a subset of the tables and database views in your database are visible in the User Table field. By default, only those tables used by Application Wizard (for creating pages) are available in the Application Security Wizard. To make other tables appear in this dropdown list, check the "Include table/view in application" option for each table desired in Databases for each additional table you wish to appear.
User Name field	The User Name is the text string entered by an application user on the Sign In page. This can be any field in your User Table, including a first name, last name, or email address.
Password field	The Password is a text string entered by an application user on the Sign In page. This can be any field in your User Table. The User Name and Password together uniquely identify a user account in the User Table and are sufficient to authenticate a user and sign them in.
User ID field	The User ID field is the unique record identifier corresponding to a record in the User Table for a particular user account.
Email field	The Email field is a text string giving the email address to be used for a particular user account. This field is optional. If it is specified, then the Sign In page will include a link for Users to request that User Name and Password be sent to them by email. With Email specified, additional configuration is require to the ForgotUser.aspx page to configure or remove the recaptcha control, as explained in Step 7: Configure the ForgotUser.aspx page. In addition, you must follow the steps in the section Configuring an Email Server Connection

As a matter of convenience, you may wish to set the Display Foreign Key As property for the Roles Table so that text descriptions of the roles are displayed in your application rather than the Role ID values.