In addition to the membership and role management APIs, ASP.NET from version 2.0 onward offers several server controls that make programming security-related aspects of a Web application easier than ever: Login, LoginName, LoginStatus, LoginView, PasswordRecovery, ChangePassword, and CreateUserWizard. These are composite controls, and they provide a rich, customizable user interface. They encapsulate a large part of the boilerplate code and markup you would otherwise have to write repeatedly for each Web application you developed. Figure 17-12 offers a comprehensive view of the membership platform and illustrates the role of the login controls.
Figure 17-12. The big picture of ASP.NET membership and login controls.