I am trying to set up two projects. One mvc5 project and a windows forms project. I would like the user to register on the Mvc5 site and then be able to use the Username and Password in a windows forms login. I am storing the sql database in Azure. All I need to do is check the username and password but am not sure how to check the Hashed password saved in the AspNetUsers table as I dont know how MVC5 Encrypts the password when the user registers. Any pointers would be grateful, or advise if this is a sensible option to share users between projects?
Thanks
Related
I want to implement the LDAP in my MVC web Application.I dont have any knowledge about this.I just know for the time being that this is used for User Authentication using Windows domain Active Directory UserID and Password.
So please suggest me for this to implement this step by step.
If you build an Intranet site that will be hosted within your corporate network, you can use Integrated Windows Authentication which does not require to enter UserID and Password. Please see detailed tutorial regarding this topic.
If you need to use Forms Authentication (user should enter his name and password) then see this MSDN article.
I actually want to create/list/edit asp.net membership users from a page authenticating with Windows-Authentication, the website uses ASP.Net MVC4. This is the administration website for another website using the forms authentication with asp.net membership on an SQL database. So this should allow company users to administer external users.
I can't use Membership-API, because the actual context does not support the asp.net membership.
Using the stored procedures requires manually hashing the password etc and this is not recommended. Also inserting the users directly into the tables would have this problem.
So is there a working example for administering asp.net membership users from a windows forms authenticated website?
I just managed to solve this problem using a webservice to decouple Windows-Domain authentication from asp.net-Membership:
Windows Domain Website for administration uses Webservice
Webservice offers functionality to manage users of asp.net membership
Webservice access has to be restricted to local server (so only the Windows Domain website can use it) and allows anonymous access (or with a special account).
Webservice needs to be configured like an asp.net membership website and to use the same membership database like the "normal users Website"
ASP.NET MVC Can I use an extra table to store user profile? And how to do that?
Something I've done here:
I have a database table has userId name, email, password stuff.
I want to use all the information in this table for user authentication, and also for user profile. How can I do that in Asp.net Mvc2 project?
Thanks in advance!
You can use SQL Membership provider
We have a production site using ASP.NET built in membership. Now we wan't to extend the tables with some custom properties so we built a custom membership provider using ADO.Net entities.
Everything is working fine, we can create new users and the login controls are also working. We imported every existing user from the aspnet_Membership table into our custom table, and copied the password field into our custom password field in the custom table.
Unfortunately, these existing user cannot login into the system. We found out while debugging the system that the password is not properly decrypted (we're using passwordFormat="Encrypted").
For example:
We have an user with password testing123. When we decrypt the password from the database, it returns 睝렱ꀱ䧥꾖饱testing123
Does anybody have an idea what we're doing wrong here?
EDIT:
I find this answer where is described you should remove the salt (8 bytes) from your password. In that case that is the solution for me, but then I have a problem with new users passwords which are working OK by default.. Is there no other possibility?
If I am using Windows Authentication in an ASP.NET app, and I want to use custom roles instead of using Windows security groups as roles, do I need to write a custom Role provider? The solution needs to be able to map Windows users and groups to application specific roles.
If I understand your question - no you don't need to use roles from Active Directory security groups as roles for your ASP.NET application. And you dont need to implement a custom Role provider. The default one simply retrieves the Roles from the ASP.NET application database.
You can simply have application defined roles in this database, that you create with the aspnet_regsql.exe utility (in the .NET 2.0 framework folder).
Probably the greatest collections of resources/information on this topic:
http://weblogs.asp.net/scottgu/archive/2006/02/24/ASP.NET-2.0-Membership_2C00_-Roles_2C00_-Forms-Authentication_2C00_-and-Security-Resources-.aspx
Actually you CAN use the built in ASP.NET security configuration web site. You have to temporarily switch to Internet Mode, Then you can add users DOMAIN\username as username, enter some password (it won't be used once you switch back), you can then assign these to roles. Once you switch back to Windows mode these users will be used automatically.