Fly-Over Login Window vs. Dedicated Login Page
If custom membership and role providers are enabled for a project then the application is configured to expose the page with the name Home to anonymous users. A link on a membership bar allows activating the fly-over Login window.
Developers can re-design the page Home by removing the standard user controls and adding the custom ones. Standard user controls display a site map and login instructions.
Additional pages can be exposed to end users if their Roles property is set to “?”.
For example, create a new page MySiteMap, set its Roles property to “?” (do not copy the double quotes). Activate User Controls tab in Project Explorer, right-click the user control node TableOfContents and choose “Copy”. “Paste” the user control on the new page. Right-click the page and choose “View in Browser”.
The new page will be visible to anonymous users along with Home page.
A dedicated login page can “greet” users when they access the web app.
Select the project on the start page of application generator, choose Settings, and proceed to Authentication and Membership. Choose Login Window section and enable a dedicated login page instead of a fly-over login window. Click Finish button.
Select Refresh action to ensure that the dedicated login page is included in the application design. Do not choose any data controllers in Refresh Dialog and simply proceed to refresh the project by clicking on Refresh button.
Generate the project. A dedicated page will be displayed asking users to sign in.
If you need to change the layout of the login page, then activate Project Designer. Select User Controls tab in Project Explorer. Right-click Login user control node and select “Edit in Visual Studio” option in context menu.
Visual Studio will start and display the definition of the user control. The user control is configured to be generated “First Time Only”. Any changes done in Visual Studio will persist between sessions of code generation.
Notice that the pages available to anonymous users are still accessible if the URL of the page is known.
For example, an anonymous user can access MySiteMap page created above by entering the URL directly in the address bar of a web browser without being required to sign in.
An attempt to access a protected page will redirect an anonymous user to the dedicated login page.