I need to insert a few new roles in icCube.
The doc mention I can monitor roles in the WEB user interface, but I could not find this option on the menus.
It mention I can also do it by editing the file icCubeRoles.icc-roles. However this file contains two roles: anonymous and standards, while the roles shown in the WEB interface when adding/editing a user are anonymous and standard.
This is a feature available in the Enterprise edition only. If you are using the Community edition and woud like to evaluate this feature please contact icCube directly to request an evaluation license.
Related
In a .net 5 MVC project that uses Identity for authentication, is there a built in option to manage the roles (crud) and user <> role relationships (add and removed roles to a user)?
I have found some tutorials that could work:
https://www.c-sharpcorner.com/article/adding-role-authorization-to-a-asp-net-mvc-core-application/
https://www.yogihosting.com/aspnet-core-identity-roles/
But before I go recreating the wheel, I just wanted to be sure there isn't some functionality contained within the framework that I am missing.
Edit: Just to clarify, my question is regarding giving user roles e.g. Admin, manager, staff.
I've always used identity and always had to create my own logic for creating and assigning roles to users. But keep thinking there must be a standard way to do this.
A few options. One is just the admin UI and the other is a web framework with admin UI
https://github.com/mguinness/IdentityManagerUI
https://docs.aspnetzero.com/en/aspnet-core-angular/latest/Features-Angular-Role-Management
for different roles in multiple groups
https://github.com/rogwool/two
Might have been better with a GroupId key in AspNetUserRoles
I am creating a sort of intranet system in ASP.NET that requires me to hide/show/disable/enable certain things depending on the logged on user's role. So far I have been using ASP.NET Membership (what I learned in school) however I am running into problems with having to customize things. We need usernames and passwords but we also need to add custom fields like first name, last name, clearance level (which will be used to set the user's role when they are added) and some arbitrary descriptive fields like employee title and office location.
We're using Microsoft Access (OleDB Connection in ASP) for the bulk of our database needs and we have an employee table that stores all the info we need (like names and clearance levels). I wanted to find a way to link records in those tables to the user that was set up through ASP. We need to be able to create, edit and delete users not through the web configuration tool but through the site we're creating (it will be managed by someone not familiar with ASP). Since ASP Membership uses SQL Server, it is becoming complex for me to try and find a way to connect the user tables generated by ASP and the employee tables created for the project.
I have now read online that there are two other versions of this kind of Membership system: SimpleMembership and Identity. Just by habit I'm leaning towards the most recent iteration (Identity), however I am now reading it is harder to query the user tables for appropriate role info and such.
Which would be the best for a system that has 3 specific roles and must disable/hide specific things depending on the role? And which one would be best for allowing me to create my own Add/Edit/Delete pages for users within the system?
MembershipProvider is depricated and replaced by Asp.Net Identity. Use Identity if this is a new project. Think of migration from MembershipProvider to Identity if it is a brown-field project, but it can take a week of time.
Identity is highly customisable and it is easy to add extra fields on a user and CRUD for users is very easy, especially if you know Entity Framework.
I have configured ASP user database. I can create users/roles either programmatically or by going to Project -> ASP.Net configuration in Visual Studio IDE.
Server this database is running on doesn't have VS installed. Is there a way to add users/roles through command line or IIS settings?
Thank you
If you set the connection string properly you can use VisualStudio running locally to configure your remote asp.net membership database.
I do that all the time.
Make sure your connections strings are right on your Web.Config file.
This is the easiest unless you want to code it yourself.
*Edit *
Just to be clear, you are not required to have Visual Studio installed on the server which hosts the membership database.
However this only works if you are not storing any additional data per user which is not part of asp.net's MembershipUser class.
In most cases you would implement a register page where you would collect the additional info. On submit you create a new MembershipUser (using MembershipProvider API) and then persist the additional information as best suits your needs. I typically use the MembershipProvider and have an store my custom info in an AppUsers table, (with the asp.net userId as a FK).
Hope this helps ;-)
Using MembershipProvider and RoleProvider is very, very easy. Ask if you need some sample snippets.
You can create a simple site or an admin only page on your current site and use the CreateUserWizard control. A Guide to customizing this control can be found here: https://web.archive.org/web/20211020103243/https://www.4guysfromrolla.com/articles/070506-1.aspx
Documentation here: http://msdn.microsoft.com/en-us/library/system.web.ui.webcontrols.createuserwizard.aspx
You can also use the membership objects to do this through code if you want to create your own console application to do it from the command line.
Do not try and do this in the database directly.
you can just add them manually to the database tables, there not that hard to deduce, just apply insert commands using your favorite sql client
Hai,
i am trying to store the user permissions for my web site.But I am little bit confused with xml and Database. For each user in site have different permissions. Have u ever faced this issue? for Example , if my site is a shopping site , for a local user , the report menu need not to display. A sales man need not to display the purchase page. and so on ..
I think you understood my problem .I have done this user management using a xml file . For each user a new node will create according to the menu and keep in the xml file . Next time the user login ,checks the permissions and and show only the allowed menus.
My boss tell me to do the same thing using the Database. by using XmlDataSource it is quite simple to bind data to the treeview (for setting permission) and binding to the menustrip also.
He is pointing the security problem . i don't think like so.
Which is better ? DB or XML
http://msdn.microsoft.com/en-us/library/yh26yfzy.aspx
My advice would be to use asp.net membership and roles (written by Microsoft). It is a very good security solution - login security, roles (permissions) and is stored in a SQLServer database (not sure if it can be stored elsewhere).
I use it on my site and you can use membership controls straight out of the box (login forms, change password, etc.) or you can roll your own.
The only tricky bit I found was setting up the membership tables, views and stored procs in my dB (you download a dB script), but really it was fairly straightforward to implement.
Here's a link to asp.net membership and roles
ASP .NET Membership and Roles (part of the Provider Model introduced on ASP .NET 2) is (IMHO) nice only when you need some basic stuff. The issue is that you need to use the whole system using SQL Server, but if you are planning to move to a different DB provider (MySQL, SQLite, etc..) then you'd have to implement your own provider (which is at best painful), and learn how the whole pieces fit each other. Granted, finding a custom implementation it's quite easy, but is not a copy & paste thing.
Another bad thing of the default provider model is that you will get a ton of SQL stored procedures, also called maintainance nightmares. The issue is that if your site scales, then these SP's will make your life a living hell (been there) and if you even dare to change hostings then you're in for a treat, so my advice would be make your own permissions hierarchy and use it the way you wish. Also, look for advices and some pre-existing solutions to the permissions problem which is quite common.
Website security can be split up into to distinct parts.
Authentication: Logging in
Authroization: Roles/Permissions.
The ASP.NET Forms Authentication Provider is a great way to implement authentication. I recently created a custom provider that communicates with our companies X500 directory (LDAP). It was very straight forward.
For Authorization, we implemented the entlib security application block. It allows you to keep Roles/Permissions in a separate location that can be accessed by your UI as well as your service layers (assuming your developing a scale-able solution). You may also want to look at the Windows Itentity Foundation which is slated to supersede entlib security application block, however it is only available for .NET 4.0.
I am trying to make an asp.net website using Visual web dev and C# that accesses data in an SQL database. For my site, I need to be able to save and access additional user properties such as age and gender. I have been playing around with the built in .NET Login tools but I don't understand how to keep track of the additional properties (age, gender...) I could store all the users information in my own database but how do I correlate the users data in my DB to the usernames in the member database that is automatically created?
Probably profiles are perfect and quite easy to use for your purpose. ASP.NET manages the relation between users and their associated profile data (which you can customize for your needs) quite comfortable. Here is short introduction video:
http://www.asp.net/learn/videos/video-44.aspx
Are you using an ASP.NET website project or web application project? The video (and most information in MSDN) is related to website projects. For web applications there are some complications to take into account when you use profiles.
(Some hints if you are using a web application project:
How to assign Profile values?
If you are using an website project you can ignore this)
As Slauma said ASP.Net Profiles is a great way to do this using the Membership API.
But I don't like the way profiles use delimited list serialized in the database, and I've heard reports of speed issues under heavy load.
I Use Membership API on just about all applications, except for the profile bit.
To store user profiles, you can create a separate table. Maybe called 'UserProfile'. Add a column with a unique index for 'username' and/or 'email'. Which ever you treat as the user's username. Now you can use that column to pull profile information at runtime.
As a bonus, if you use an ORM like Entity framework, you can now write simple LINQ queries to pull your user information.