I understand the whole membership approach is supposed to be easier in MVC 4.
However, this is proving to be very time consuming in getting this to work.
Case in point: The example at http://blog.longle.net/2012/09/25/seeding-users-and-roles-with-mvc4-simplemembershipprovider-simpleroleprovider-ef5-codefirst-and-custom-user-properties/ shows a modification to the System.Web section of the web.config, namely that one adds the WebMatrix type to the roleManager section. However, I have no role manager section in my web.config. This is a fresh project.
What did I miss along the way?
Second, what I ultimately want to do is hook up SimpleMembership to my MVC 4 project, and have custom profile fields. And I need to do this against MySQL. I've read that the universal data providers allow for this, but does anyone have one simple, single tutorial on how to do this?
I really do hope that things really are more "simple" in MVC 4 than they were in MCV 3.
SimpleMembership provider won't work with MySql - have to extend the ExtendedMembershipProvider and implement the methods, etc... to work with mysql/EF.
Related
I support a legacy webforms application with SQL backend and have been trying to upgrade it bit by bit
I have upgraded to .NET 4.6 (highest the hosting provider allows), added some jQuery, EF 6 goodness, refactoring in general and attempting to switch to code first from database first edmx, my next plan is to start creating new features using some kind of front end library like Vue.
But...
My problem at the moment is Membership.
It is used throughout the code and statements like
new Guid(Membership.GetUser().ProviderUserKey.ToString())
are literally too many to bear.
And the database has 10 tables and 9 views for it.
vw_aspnet_Applications
vw_aspnet_MembershipUsers
vw_aspnet_Profiles
etc..
The application is using it for authentication and for keeping track of which user is doing what.
Is there a way to upgrade that to a modern solution without much hassle?
I can take the effort out of my own time but I'd prefer a solution that is not overkill.
the amount of users is probably less than 20 so the alternative doesn't have to be complex.
It just has to support most of what Membership is doing.
I've played with Auth0 for a bit in my own time but it seems to be not suited for this.
There is MS Identity as well but I'd prefer to take advice before going into a rabbit hole.
Thanks!
Definitely no simple upgrade. Here's what we did in our case.
Created ASP.NET Identity tables. We made it similar to Membershipusers table and later migrated the whole table.
Added ApplicationUser, ApplicationRole,ApplicationUserManager , ApplicationSignInManager, ApplicationDbContext
Implements Autofac for DI defined at Startup.cs.
Worked on Login/Signup Controller classes.
Finally migrated the whole Membership DB to new aspnetusers table.
Application was initially designed using NOPCommerce (asp.net webforms) and its was relieve to replace Membership.GetUser().ProviderUserKey.ToString() to User.Identity.GetUserId()
Hassle free ? Do you mean easy path (or) scalable path ?
Design is more an opinion rather than objective. It's mostly based on the facts one know about the problem statement. Based on your's i would recommend the following.
Separate all the membership related code into a library (if not already done)
Now write interfaces that will abstract the actual authentication mechanism from the member ship related code in your project. That way your code doesn't need to be changed for any authentication related mechanism. This wouldn't also require change of database schema.
Now for real authentication use something like Auth0 (https://auth0.com/blog/add-auth-to-native-desktop-csharp-apps-with-jwt/) something like this will be easy to implement. But i don't know if your's is a commercial project / how the licensing will work. I know there is a free version for auth0, but i request you to check it out.
I have existing User tables in my project, and existing code that I want to maintain for persisting users to my database. This is a new ASP.NET site, but it just needs to play nice with existing tables and objects.
In most of my previous developing efforts, I would simply use FormsAuthentication to handle the HTTP Authentication, use its static methods to set the cookies and redirect the browser, and customer prepare the roles on the Principle. While this has worked well for me in the past, I am worried that FormsAuthentication is headed for the same fate as Dodos, Newspapers, and Record Stores, and I am also trying to challenge myself to not avoid new technologies simply because they are new (-er.)
Also, my project is utilizing ADO.NET and not the Entity Framework, and I am hoping to not have to use EF just for the users.
Can anyone point to a tutorial or walkthrough that would help in my getting up to speed on the Identity process and customizing it to fit my needs?
Thanks
I am hoping to not have to use EF just for the users.
Identity uses Entity Framework Code First. You cannot get away with EF if you want to use Identity's auto-generated tables.
Adam Freeman (author of Pro ASP.NET MVC 4 & 5) offers free 3 Chapters just for Identity.
Please take a look at a project I have created for this topic on github https://github.com/giorgos07/AspNet.Identity.AdoNetProvider Hope you like it.
this is my first question. The company I work for uses a pretty large and old vb.net site. We were hoping to integrate mvc.net into the site. I've been following a book "Pro ASP.NET MVC 2 Framework" by Steven Sanderson - and it doesn't seem terrible complicated to merge the 2 systems together.
The breakdown looks like this:
Update build file - add GUIDs to so IDE gives options for mvc files.
Add assembly references for mvc.net.
enable routing. (I need to be sure it still uses the vb.net routing first, then mvc)
Merge web.configs. (Using a new blank mvc.net vb project, also where I got the GUID from)
Add whatever folders and start using mvc.
For reference, we currently use .net 3.5, but our operations team tells me 4.0 should be no problem.
The problem I run into is that the GUID from the blank mvc project doesn't work. When I add them to the older project I get "The project type is not supported by this installation." errors. I'm not very familiar with the project types and I'm not sure how to proceed from here. I've tried several combinations to with no success.
Does anyone know how to where I can get or generate the correct GUIDs to get this working? If anyone has done this, are there any other pitfalls I should watch out for? I have the project copied to another branch, so I'm free to make changes without affecting anything else.
Edit:
These are the GUIDs from our main site project:
{349c5851-65df-11da-9384-00065b846f21};
{F184B08F-C81C-45F6-A57F-5ABD9991F28F}
These are the GUIDs from a new mvc4 project (I'm not picky about MVC2-4)
{E3E379DF-F4C6-4180-9B81-6769533ABE47};
{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}
I would suggest that you leave the current code base as it is.
You can start all your new development(new modules) in ASP.Net MVC. You can then just integrate this new module in your application. This way you can keep all the regression in respected code bases.
You will face problem only in case of session. If you are having InProc session then it would be little difficult to share. If it is already OutProc then it is easy.
I'm building a custom ASP.NET Membership provider since I'd like to use my own 'User' table for creating members and that kind of stuff. Here's the situation:
I've got a MVC 4 project that refers to a 'Services' project containing the service layer.
I built a wrapper around the custom MembershipProvider which helps unit testing. This wrapper references the custom MembershipProvider.
I reference the wrapper from my service layer.
I placed the custom MembershipProvider inside the MVC4 project (in the App_Data folder) because that's required as far as I know... At least: Visual Studio whines that it can't find the membership provider if I put it elsewhere.
So now I've got a circular dependency: MVC4 -> Service Layer -> Wrapper -> MVC4. My question: how do I get rid of that? Ideally I'd like to place the membership provider in a separate project, but I just don't get that to work. Any suggestions about that? Google isn't really helpful I'm afraid.
Bonus question 1: Should I extend SqlMembershipProvider instead of MembershipProvider?
Bonus question 2: Is there no better option? This whole ASP.NET membership feels really outdated and has many downsides imho (for instance: it isn't built to be testable).
You can absolutely put your custom membership provider in another project. I have two that I built as separate DLLs, and then added a reference in the web project.
You don't mention why you added a reference in your service layer, but if this is necessary you should really treat them as two different scopes, and therefore requiring two separate solutions. I have one membership provider that required calling a WCF service to authenticate membership, but those are two seperate pieces and you should not be sharing code between the two.
You do not need to place your code in the App_Data folder, just add a reference to your Membership Provider project or DLL in the web site project. Right
Bonus Question 1: No.
Bonus Question 2: The membership providers pre-date the whole TDD movement (as far as Microsoft is concerned), so yes, they are not real conducive to testing. But, if you inherit from the base classes, you are hooking into a well tested and time-worn framework, so you really only need to test your custom bits.
I'm working with ASP.Net MVC as well as DynamicData and I need to add role-based security.
Should I implement this via:
IHttpHandler with custom actions that check if the user is authorized?
Or should I be using a RoleProvider?
Or perhaps some combination of the two?
If the RoleProvider is a viable option, when would I ever need to extend the abstract RoleProvider base class vs. using the ones included. MSDN says you would only extend this class if "You need to store role information in a data source that is not supported by the role providers included with the .NET Framework." Please expound on this. Explain how this would work under circumstances where I don't need to extend the base class but instead use the included role providers. What data sources are supported by the included providers?
Also, would your answer to these questions be different for ASP.Net MVC vs. ASP.Net DynamicData?
All MSDN is saying here is "we wrote this stuff for you, tested and debugged it, please use it".
The default role providers work great if you spend some time to set them up. Implementing your own isn't too hard either.
I'd answer both pretty much the same. With MVC your setting an Authorize attributes on your Controller and/or Controller actions. With Dynamic data your setting things up with inside the web.config file.