i want to be able to use the same database for the application as the asp membership details for forms authentication. I am currently using MVC4. When i started and added the system.web.providers to my project i got a seperate default connection. I have modified the string to point to the same database as that being used in my application (entityframework).
Should i expect the providers to autocreate the tables in this database i.e.
webpages_Membership
UserProfile
webpages_Roles
webpages_OAuthMembership
Currently I am getting...
To call this method, the "Membership.Provider" property must be an
instance of "ExtendedMembershipProvider"
when i try and register a new user via the default mvc4 application template. And the tables are absent.
regards
Tim
the issue here is that the default mvc4 internet template is using simplemembership to manage membership/roles information. the code in the template has assumption of this and can only work with simplemembership. when you install universal providers the account controller code blows up since it cannot understand universal providers. look at this post which explains further on this scenario
http://weblogs.asp.net/jgalloway/archive/2012/08/29/simplemembership-membership-providers-universal-providers-and-the-new-asp-net-4-5-web-forms-and-asp-net-mvc-4-templates.aspx
I have the same issue,
however mine isn't solved, but many people say add this to your web.config
<add key="enableSimpleMembership" value="false"/>
<add key="autoFormsAuthentication" value="false"/>
and if that doesn't work try making the top one true as well.
Related
I'm trying to implement Asp.Net Identity 2.0 (OWIN) in an existing application and I'm having all sorts of trouble when it comes to roles. I created a sample project from the project template and (as far as I can tell) I've copied everything from there into my application. I modified the connection information so the authentication tables come from my own Sql database instead of the default local DB.
Everything seems to work great. The tables are initialized (created) upon start-up and I can create a new user, assign a role to that user, and log in as that user. But when I attempt to check if the user is in a particular role I get an exception indicating a problem locating the local database. Well that would be because I'm not using the local DB. So why would my application be looking for roles in the (non-existent) local DB?
To rule out weirdness in my Sql instance, I changed the connection data of the sample app so that it points my DB and ran it. I can log in using the user I created in my application and can even poll the user for the role in question successfully. I confirmed this by examining the tables directly and verified the user, role, and user-role association were all there.
Here's what I did notice though. When I run the sample app the user is an instance of System.Security.Claims.ClaimsPrincipal. But when I run my app the user is an instance of System.Web.Security.RolePrincipal.
So, what did I miss? Why is my app returning a RolePrincipal instead of ClaimsPrincipal? Where could I look for clues?
I'm pulling my hair out on this and I don't have much left! Any help would be greatly appreciated.
What is happening is your old application is still hooking up to the old membership code. A few checklist items should bring you back...
Make sure FormsAuthenticationModule is removed (Since MVC5 no longer uses it)
<modules>
<remove name="FormsAuthenticationModule" />
</modules>
Make sure SimpleMembership is turned off (or alternatively just delete it)
<add key="enableSimpleMembership" value="false"/>
And the most important part is to delete references to WebMatrix (no longer used in MVC 5). WebMatrix will automatically register pre-application startup methods that will "attempt" to provide membership services to your project. See here for details
I had to remove RoleManager as well:
<modules>
<remove name="FormsAuthentication" />
<remove name="RoleManager" />
</modules>
i have created a role in asp.net as :
<configuration>
<CustomUsersSection>
<Roles>
<add RoleName="Administrator"/>
</Roles>
<Users>
<add UserName="admin" Password="password"
Email="abot#home" Role="Administrator"/>
</Users>
</CustomUsersSection>
</configuration>
Now i want to add all the Admin that are added into a table from a sql-server to the role define above. Thanks for any assistance.
My Admin table structure is as follows:
AdminId
AdminName
EmailAddress
...
Assuming you're using ASP.NET membership, I would look into implementing your own membership provider. You can do it relatively easily and there is a lot of material on the Web about how to do that. You will then be able to implement your own test (such as whether a record exists in a database table) to determine whether a user is in the Admin role.
I suggest, though, that you learn about the built-in Membership Providers and the membership database ASP.NET automatically creates before you do this. This is because that's a pretty decent implementation and does things that would be labor-intensive to do for yourself, such as encrypting the information being stored to protect it from being easily hacked.
I'm currently using the asp.net membership provider (with logins stored in db) to protect certain pages of my site. However, I also have non .aspx resources I wish to protect - word docs, excel spreadsheets, pdfs, etc. Is this even possible? If so how would I go about doing this?
thanks!
If you are running IIS 7 under the integrated pipeline (the default setup), all requests go through IIS. This means you have to do nothing other than setup your web.config. You'll need to do one little thing though, put the following attribute on the modules node under system.webServer:
<modules runAllManagedModulesForAllRequests="true" />
This ensures that the forms authentication modules run for your static content.
I have an Existing ASP.NET reporting application using windows authentication. A lot of the report generation code is in separate classes and has a core error logger that I didn't write, this error logger I believe was built for windows apps as it uses WindowsIdentity.GetCurrent().Name. In the case of ASP.NET I believe this will return the account running the ASP.NET pages at the server.
I believe using User.Identity.Name on the pages would be the correct way to do this but it is not available from within the report generation classes only on the page. Is there a way to obtain it withing the error logger class without passing it as an extra parameter.
There are hundreds of report classes so I dread to have to go through and add a parameter to every one.
If you can use impersonation in your web.config:
....
<authentication mode="Windows"/>
<identity impersonate="true"/>
....
your report classes will get the right user.
If your reporting classes can reference the System.Web assembly and you are willing modify the code, you could also do:
HttpContext.Current.User.Identity.Name
but make sure the caller comes from an ASP.NET request or it will throw a nullref.
Looking for a bit of advice on where to take a current webapp which supports logins based on active directory and makes use of the built in asp login component.
The problem is that we want to have the option to use the active directory login or a "normal" login using data stored in our local database.
Just to make it clear. On each installed system it would be one or the other so I'm not asking how to check both each login atempt.
Basic flow:
Determine which login mode is set
if active directory
load active directory login form
validate login info against active directory
login to system
else if normal login
load default login form
validate login info against database
login to system
My lack of knowledge on the asp login component may be the problem here but I'm unsure of how to make the login component know which login mode to run the validation on? The login form seems just like a black box, which makes me a little uneasy when using it on such an important task.
Can this be done?
Or..
Should I just write a custom login for the system and be done with it?
The login control will be your friend in this situation, as it simply utilizes the ASP.Net membership provider model. You will not need to change the application at all!
All you need to do is specify in the web.config file which authentication mode you'll be using. This can of course be set up on a machine by machine basis. So, for your active directory machines:
<connectionStrings>
<add name="ADConnectionString" connectionString="LDAP://testdomain.test.com/CN=Users,DC=testdomain,DC=test,DC=com" />
</connectionStrings>
<membership defaultProvider="MyADMembershipProvider">
<providers>
<add
name="MyADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="testdomain\administrator"
connectionPassword="password"/>
</providers>
</membership>
You can read more on implementing login with membership providers and active directory from http://msdn.microsoft.com/en-us/library/ms998360.aspx.
And then for your machines that will be authenticating against a database, you simply write a custom membership provider that will authenticate against your database. It's really simple, you really only need to implement one method. You can start here: http://msdn.microsoft.com/en-us/library/f1kyba5e.aspx.
Here is a great example also, with a bare minimum of code and an easy walkthrough for setting it up: http://www.15seconds.com/issue/050216.htm
If you use Forms authentication, you could check the user against active directory and against the database and if either returns a positive set the forms authentication to true.
yes and no.
the LOGIN components utilize the Membership provider classes. What you need is to code yourself up a Active Directory version, and tell ASP.Net to look towards it for AD, or to look toward the SQLMembershipProvider if using the database