I am using a default .aspx web forms example in Visual Studio 2010 and I am curious if anyone can speak to how the default login/register system stores the user's information. From what I can tell this is not stored in any kind of SQL type table.
Is it known exactly where this file is located, and how would one interface with that? I would like that table to contain a URL for each user in addition to their password. ( I am guessing the 'table' only contains user and password ).
Is this possible or would I be better of creating my own login/register system? I know it wouldn't be that much coding, but it would sure be nice to utilize what is already there.
Please spare me if this is easily edited up in a menu somewhere. Was unknowingly thrown into a aspx project with little previous experience. Taking in info as fast as I can!
Thanks in advance for your inputs!
If you use the Membership class you have access to all the methods you need. This class includes methods for:
Creating users
Changing their password
Deleting Users
etc.
The users are stored in the aspnetdb and the information is in several tables. The main ones are:
aspnet_User - this stores the users
aspnet_Applications - which applications are running
aspnet_Membership - this relates the users to the applications they are authorised for
aspnet_Profile - user profile information the the application
This is a standard SQL database that exists on your SQL Server.
For a fuller explanation read this MSDN article.
The users are stored in the ASPNETDB.MDF database in the App_Data folder.This file is hidden by default so I can understand why you're confused.
To make ASPNETDB visible - select the App_Data folder in Solution Explorer and click Show All Files.
Now if you click on the .mdf file the database will open in the Server Explorer in Visual Studio.
The user information is located in the aspnet_Users and aspnet_Membership tables.
The query below will return the user id, user name,encrypted password and email:
SELECT aspnet_Users.UserId, aspnet_Users.UserName, aspnet_Membership.Password, aspnet_Membership.Email
FROM aspnet_Users INNER JOIN
aspnet_Membership ON aspnet_Users.UserId = aspnet_Membership.UserId
Related
In default authorization database that is created by wizard, there are two tables for one entity. For example:
aspnet_users and users, aspnet_roles and roles, etc.
What is the reason for this?
Something has gone wrong? The default database created by aspnet_regsql for authentication has three tables; aspnet_users, aspnet_roles and aspnet_applications. Adding roles for authorization adds a few more, but they're still all aspnet_ prefixed.
You can check this for yourself by running
aspnet_regsql -sqlexportonly
and examining the SQL it produces. There's not even a way to remove the prefix when you register SQL for application services.
I found the reason. aspnet_ prefixed tables created by aspnet_regsql and others (Roles, Profiles, Users, etc) created by web site administration tool when added the user and role. Thank your advice.
If someone gives me WebForm/MVC website code using ASP.NET Membership (and he does not know the username/password), or I download it from the Internet without username/password information, how do I retrive username/password such that I can load it into VS2010, set up breakpoints, enter correct username/password, and run it to learn the code?
That information is stored in a database. The web.config file will tell you where is the database located. Once you know this, you can query the table for user information but the passwords will be hashed; however, you can always create new users programmatically or even just run straight queries against the database to do whatever you want/need.
I have set up an Active Directory Membership provider and can successfully create and log in users into the active directory with an ASP.NET application.
However, the active directory has other fields besides Username/Password such as First Name, Last Name , Telephone Number etc. Is there any way for me to be able to gather this information using my ASP.NET website and store it in the Active Directory?
I understand that I need to use a Profile Provider and I can technically set it up to use an SQL DB to store the extra profile information, but is there any way I can store the information directly in the fields available in the Active Directory? As far as I know there is no ActiveDirectoryProfileProvider.
Thank you,
You could get there -- probably would need to step outside the membership system and use the System.DirectoryServices to write to AD. Now, writing to SQL will be a lot easier, especially at development time. And you won't have to fight a sysadmin who doesn't want your web app having elevated AD privileges.
I'm going to use the membership system in ASP.net, but need to change it in 2 ways.
The database which stores the users is Access, and I want to salt the password(etc) plus ask the user to enter details like links to their facebook pages etc which are stored in the database.
So how do I use access with the system?
And how can I change/add fields which are stored in the database (i know how to create them in the database btw, just how I get the membership system to ask for it and store it)
(I could make my own registration/user login system, except I don't know how to restrict access to pages, so how could I go about this?)
Links to tutorials/references would be great
And another on how to write a custom membership provider for the Access Database.
1) Use SQL Server Express edition. It's free, it's good, it works out of the box.
2) Check out the Profile providers for personalisation. http://msdn.microsoft.com/en-us/library/2y3fs9xs.aspx
Here's a link explaining how to use Access:
http://msdn.microsoft.com/en-us/library/44w5aswa.aspx
As for storing extra user information. Asp.NET provides this via personalization. Here are two links to get you going:
Video: http://www.asp.net/learn/videos/video-43.aspx
Article: http://msdn.microsoft.com/en-us/magazine/cc163724.aspx
one more...
Membership Provider MSAccess
when i run this code, i get back true
bool isAdmin = Roles.IsUserInRole(item.loginName, "Administrator");
but when i bring up the Security tab in the Asp.net Website administration tool, this user doesn't exist (or atleast i dont see this user in the list)
when i go to the database, i do see this users in the aspnet_Users and aspnet_UsersInRoles table but i dont see this users in the aspnet_Membership table.
do you know how this is possible. is there any other way i can clear out this user since i can't delete them using the asp.net tool?
Delete the user from aspnet_Users then aspnet_UsersInRoles