I am maintaining an existing asp.net website. I do not completely understand the project because another developer just handed it to me. Project is not neat. .NET version is 4 and MVC version is 4 as well. Now, I need to completely disable the membership system of the project. I found a lot of article and some changes need to be done in web.config.
I added this lines in web.config
<system.web>
<membership>
<providers>
<clear/>
</providers>
</membership>
When I run application, it throws this error.
So then I tried this instead
<membership>
<providers>
<clear />
</providers>
</membership>
<roleManager enabled="false">
<providers>
<clear />
</providers>
</roleManager>
<profile>
<providers>
<clear />
</providers>
</profile>
Then I gave me this error
How can I completely disable membership in asp.net?
Removing Membership Provider is easy. You just comment out the following 3 tags inside web.config
<system.web>
<!--<membership>...</membership>-->
<!--<roleManager enabled="true">...</roleManager>-->
<!--<profile>...</profile>-->
</system.web>
The main question is after removing, how do you plan to authenticate and authorize a user.
If you do not need authentication and allow anonymous access, you'll still need to remove [Authorize] attribute on each controller and action methods, or global filter.
Related
I am trying to build a very basic website using ASP.NET to allow users access the private information by logging into the company Active Directory. Any help is really appreciated.
You will want to set up configuration in the web.config file to tell the ASP.Net app to use forms authentication:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" cookieless="UseCookies" />
</authentication>
Then you will need to create a membership provider that will connect to AD for authentication. Fortunately Microsoft has provided an AD membership provider out of the box, so you can use that. If you set it as the defaultProvider, ASP.Net will automatically use it for authentication.
<membership defaultProvider="AspNetActiveDirectoryMembershipProvider">
<providers>
<add name="AspNetActiveDirectoryMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="<domainName>\administrator"
connectionPassword="password"/>
</providers>
</membership>
Finally, you will need to set up a connection string to connect to your domain controller:
<connectionStrings>
<add name="ADService" connectionString="LDAP://myCompany.com/DC=myCompany,DC=com"/>
</connectionStrings>
Look here for a good reference with more details.
I'm trying to plan a series of websites that all share many of the resources such as css/jscript/images/content etc. For this reason I wanted to run all of the websites under the same application and IIS profile, but depending on the URL being used change the masterpage and theme/skin.
The ASP.NET membership database seems as if it was designed with this goal in mind because it allows you to setup multiple applications, however I believe the purpose for which this was built was to allow applications to be run under virtual directories/folders, not on separate URLs.
Is it possible to map a url to a particular application?
Thanks in advance
Al
Yes it is possible to do this. In your configuration, use the applicationName for your providers. This way, all of the data will be saved in the same database, but kept separate by the Application Id that you will find in most of the tables.
One possibility for your shared resources can be to put them in just one location and you can point to that location from your other site by using a full url to the file in the first location.
Another possibility is to host one app in a virtual directory in the same domain, although you can get into some interesting issues with web.config inheritance doing this. It would help if you show your intended domain naming for the two applications.
In one application:
web.config 1:
<roleManager enabled="true">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" applicationName="/ApplicationOne"
...add other properties here as standard
/>
</providers>
</roleManager>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" applicationName="/ApplicationOne"
...add other properties here as standard
/>
</providers>
</membership>
In your other application:
web.config 2:
<roleManager enabled="true">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" applicationName="/ApplicationTwo"
...add other properties here as standard
/>
</providers>
</roleManager>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" applicationName="/ApplicationTwo"
... add other properties here as standard
/>
</providers>
</membership>
The easiest solution would be to include the style sheet depending on what URL the page is being executed on, using:
Request.ServerVariables("SERVER_NAME")
IE (pseudo):
if Request.ServerVariables("SERVER_NAME") = "http://www.domain1.com" then
include stylesheet1
else
include stylesheet2
end if
You would need to find a function to extract the domain name from the URL so it works well.
I'm new to User Roles Management. I was reading my Wrox Programming book on asp.net 3.5 user role management...but it was hard to follow along, as I do not have a local server set up to test on (I do...but...thats a separate question), but rather currently test on a remote server (where the website is hosted, theres not enough hits where I can get away with testing on a live server).
Any ways...Where do I begin in user role management. I'm not necessarily asking to be given a 30 pg hard description, but more of a summary. My GoDaddy hosting account seems to offer asp.net schemea SQL database set up for user role management, but I have yet to learn how to integrate it into my development.
Any input would be appreciated.
I would open up Visual Studio, create a new ASP.NET Web Application project, and click the "Configure ASP.NET" button on the top-right hand corner of the Solution Explorer. If you navigate to the Security section, you can start creating Users and Roles. The tool basically describes exactly how they work to you.
Here's the first place I'd go:
http://www.asp.net/Learn/Security/
Check out tutorials 9 through 11.
You can use SqlRoleProviders and SqlMembershipProviders with the .NET default management, or you can write your own providers.
http://www.odetocode.com/Articles/427.aspx
http://msdn.microsoft.com/en-us/library/aa478949.aspx
Then these are used in conjunction with asp .net forms authentication.
<authentication mode="Forms">
<forms name=".ASPXFORMSAUTH" loginUrl="~/Common/Login.aspx" timeout="450" />
</authentication>
<authorization>
<deny users="?" />
<allow roles="Admin" />
</authorization>
The configuration of all of this is via the web.config your membership and roles may be similar to this if you use the out of the box aspnetdb.
<membership defaultProvider="IDTSqlMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<clear />
<add
name="IDTSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="SqlMembershipConnectionString"
applicationName="ConsumerSynergy"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="true"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="20"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="IDTSqlRoleProvider" cacheRolesInCookie="true" cookieProtection="All">
<providers>
<clear/>
<add
name="IDTSqlRoleProvider"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="SqlMembershipConnectionString"
applicationName="ConsumerSynergy"/>
</providers>
</roleManager>
My personal favorite about roles.
Examining ASP.NET's Membership, Roles, and Profile - Part 2
https://web.archive.org/web/20210417083524/https://www.4guysfromrolla.com/articles/121405-1.aspx
Can I specify a different database than ASPNETDB using SqlMembershipProvider? I am developing a site on a shared host, and have to restrict my data schema to a single provided database.
I was roundly scolded last time I suggested rolling my own authentication code.
Alternatively, is there some other packaged authentication system I could drop in and configure to use an arbitrary database and tables from asp.net?
You can install the ASP.Net Membership Schema to any SQL database by using the aspnet_regsql command line tool.
You can also specify any connection string you'd like for your membership provider. Simply add something like this to your membership declaration in your web.config file:
<connectionStrings>
<add name="MyConnectionString" connectionString="Database=MyDatabase;Server=xxx;User=xxx;Pwd=xxx;" providerName="System.Data.SqlClient"/>
</connectionStrings>
<membership defaultProvider="MyProvider">
<providers>
<add connectionStringName="MyConnectionString" applicationName="/Test"
description="MyProvider" name="MyProvider" type="SqlMembershipProvider" />
</providers>
</membership>
The previous answer is largely correct, but I had a problem until I fully qualified the "Type" value to be "System.Web.Security.SqlMembershipProvider".
<membership defaultProvider="MyProvider">
<providers>
<add connectionStringName="MyProvider"
applicationName="/Test"
description="MyProvider"
name="MyProvider"
type="System.Web.Security.SqlMembershipProvider" />
</providers>
</membership>
Very simple question actually:
I currently have IIS anonymous access disabled, users are automatically logged on using their Windows login. However calling User.IsInRole("Role name") returns false. I double-checked User.Identity.Name() and the "Role name" and it should return true.
I currently have this in my Web.Config:
UPDATE
I was calling User.IsInRole("Role name") where I should call User.IsInRole("DOMAIN\Role name")
However I still like to know if the <membership> entry is needed at all?
What should I change? (and is the <membership> entry needed at all?)
<authentication mode="Windows">
<forms
name=".ADAuthCookie"
timeout="10" />
</authentication>
<membership defaultProvider="ADMembershipProvider">
<providers>
<clear/>
<add
name="ADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="XXX\specialAdUser"
connectionPassword="xx"
/>
</providers>
</membership>
<roleManager enabled="true" defaultProvider="WindowsProvider">
<providers>
<clear />
<add name="WindowsProvider" type="System.Web.Security.WindowsTokenRoleProvider" />
</providers>
</roleManager>
If you use Windows authentication IsInRole will work with no extra configuration, as long as you remember to prefix the role with the domain, i.e. DOMAIN\groupName.
In addition you can role (pun intended) your own and use Windows auth against, for example, a SQL Role Provider, where you don't want your AD littered with custom roles for your application.
So no, you don't need the provider configuration at all.
The membership provider here isn't going to help. The ActiveDirectoryMembershipProvider seems to best(only?) fit with Forms authentication.
BlogEngine.NET has an Active Directory role provider.
Pretty sure the only thing you need in there is the roleManager group (along with the base authentication mode='windows' setting)
Out of the box, there's no role provider to use Active Directory directly. You can use the role table in the ASP.NET membership- and role-system, or you can use Authorization Manager (AzMan).
There's an article on CodeProject which shows the implementation of a role provider which works against the Active Directory - with full source code. Maybe this helps?
Marc