Objective:
I want to create a web service that allows me to connect to it (through ASP.NET Web Application) and then authenticate users just as Membership Provider Does/Role Provider Does.
I do not want to use Membership/Role Provider by configuring at the ASP.NET Web Application's Web.config. Instead, what i would like, is to have some sort of configuration that points my Asp.net Web Application to a webservice (the one i want to create), that than authenticates the user.
Expected Solution:
what i found after some google research, that the solution might be: WCF Authentication Service. But I am unable to get it working. I created this service, did all the configuration as it says in this article:
http://msdn.microsoft.com/en-us/library/bb398990.aspx
but i am not sure, how do i now configure my Asp.Net Web Application, to use this service as the Membership/Role Provider.
I may be going in complete wrong direction, and this service may not be the solution to my problem. Can you please help me out.
Thanks,
Your Dev Brother ... :)
You are going in the right direction.
ClientFormsAuthenticationMembershipProvider is a membership provider you are looking for.
Below is sample web.config configuration to use it:
<appSettings>
<add key="ClientSettingsProvider.ServiceUri" value="" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.0" />
<membership defaultProvider="ClientAuthenticationMembershipProvider">
<providers>
<clear/>
<add name="ClientAuthenticationMembershipProvider"
type="System.Web.ClientServices.Providers.ClientFormsAuthenticationMembershipProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
serviceUri="http://localhost:49712/Authentication_JSON_AppService.axd" />
</providers>
</membership>
</system.web>
Configuration may be tricky. I spent hours before figure out that ClientSettingsProvider.ServiceUri should be added.
You may add temp WinForms or WPF project to your solution to build configuration. these types of projects have special tab - Services tab in project settings that provide GUI for configuration. Sample below is for .NET 3.5 but idea is the same for 4.0.
http://www.codeproject.com/Articles/27670/Implementing-Application-Security-with-Client-Appl
Related
I am working on a project in ASP.NET using MembershipProvider for my login system. Our issue is that the ASPNETDB file generated by ASP.NET upon creation of the login system seems to be empty or is not properly storing member information. Our project is a Web Site project, and we ran into a weird case of not being able to maintain login info. I gave my colleague my ASPNETDB file, he overwrote his and yet the login system was still using his old member information, it would not recognize the new ASPNETDB file. So I'm assuming the issue is that the member information is not being stored in that specific file as I was expecting.
How do we remedy this? We need to install this system for a client, so we will probably host the site sometime soon, how do we localize the membership information so that it's consistent across multiple workstations? Right now the membership info seems to be tied to specific computers. And when we go into the ASPNETDB file there doesn't seem to be anything there.
Can anyone shine some light on this? Its been happening for a while now.
I still don't know how to make it so that it always pulls from the
same location (project directory) instead of SQL server.
In ASP.NET Membership, connection strings for memership and roleManager are in web.config. You just need to update them accordingly.
<configuration>
<connectionStrings>
<remove name="SqlConnection"/>
<add name="SqlConnection" connectionString="..."/>
</connectionStrings>
<system.web>
<membership>
<providers>
<clear/>
<add connectionStringName="SqlConnection" ... />
</providers>
</membership>
<roleManager enabled="true">
<providers>
<clear/>
<add connectionStringName="SqlConnection" ../>
</providers>
</roleManager>
</configuration>
I have setup my MVC application already to use the Membership provider along with AD.
I am able to login and see details about users and such.
My next step is to implement some sort of SSO with my SharePoint 2010 application. From what I understand, Claims-Based authentication may be a good approach for my situation. Both my MVC app and the SharePoint app will be hosted on the same domain if this helps with the question.
I have setup a Claims-Based SharePoint application, so I'm assuming I need to find out how to let SharePoint know that the user has logged into my MVC app so they don't need to login again, which is where ADFS might come into play.
Does anybody have any experience with this topic. If so, are there any resources available to look at for research?
I have found that Active Directory already supports multi-tenancy within a domain.
Make certain that applicationName setting in your web.config is the same for your Sharepoint and MVC apps.
<membership>
<providers>
<clear/>
<add
name="MyADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
.......
applicationName="/"
/>
</providers>
</membership>
I am creating a asp.net mvc 4 application to replace a suite of existing projects
including an asp.net 3.5 website and windows forms.
I have spent many months developing the asp.net mvc 4 application from scratch and
I have been focusing on the windows forms appliction.
I am now trying to integrate the asp.net 3.5 website....For now I am just trying
to add the website to the project. I have looked for how to do this and I see
most of what I need...but I have a few problems.
I am using areas. For the Carrier area (where the website applies) I have added
a folder called aspnet...and I have added the webpages and the other code to this
folder....All of this compiles.
I have also modified the RoutConfig.Cs file by adding this line:
routes.IgnoreRoute("{resource}.aspx/{*pathInfo}");
When I added the webpages to the project I added just the code, ignoring the
project files and the web.config for the asp.net website.....
I don't think I need to convert over the project files at all...but I am
trying to figure out what to do with the web.config....I know I can have
a web.config in the aspnet folder....but what to put into is my question.....
I tried just copying the existing file, but it had issues with the different
.net version (website is v3.5 and the mvc application is v4.0 of .net)....
My big concern is how to handle the security...the website used forms authentication security
and the mvc application uses simpleMembership.
All of the reading I have done focused on converting asp.net web applications,
not websites over to mvc.....and most don't say much about the web.config
file....
Nor have I found what to do with the security...again I have seen some things
on integrating the security model of MVC back into an existing asp.net web application,
but nothing on how to get an asp.net website working with the mvc simplemembership.
help!!
Both Web Forms and MVC use forms authentication for security. What differs is the membership/roles providers used. Web forms traditionally used the default ASP.NET providers, whereas MVC now uses the SimpleMembership providers. Here are the setting in the web.config for configuring the SimpleMembership providers.
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" />
</authentication>
<roleManager enabled="true" defaultProvider="SimpleRoleProvider">
<providers>
<clear/>
<add name="SimpleRoleProvider" type="WebMatrix.WebData.SimpleRoleProvider, WebMatrix.WebData"/>
</providers>
</roleManager>
<membership defaultProvider="SimpleMembershipProvider">
<providers>
<clear/>
<add name="SimpleMembershipProvider" type="WebMatrix.WebData.SimpleMembershipProvider, WebMatrix.WebData" />
</providers>
</membership>
</system.web>
Notice that you configure forms authentication the same way as web forms. The main difference is setting the role and membership provider to SimpleRoleProvider and SimpleMembershipProvider respectively. You will need to include the assembly WebMatrix.WebData in your references. SimpleMembership uses EF code first so initialization of the database at app start up is crucial. Read this article on seeding and customizing SimpleMembership which will give you some tips on how you might want to tackle database initialization in your app. There is an open source project called SimpleSecurity that decouples SimpleMembership from the application, which will make it easier to incorporate into your project and provides a simple method call to initialize it. You can read more about it here.
Sorry for the poor title here :)
I have my WSS configured for Forms Authentication. I'd like my users to land on the WSS login page, log in, and then provide them links to other ASP.NET apps which also are configured for forms authentication. I'd like to achieve a single-signon-ish solution (the reason I say "ish" is I'm not looking to implement SSO per-se, as in SAML, but rather achieve the similar effect of not forcing the user to re-enter their credentials). You can assume the forms auth credentials that WSS uses are the SAME as those in the subsequent forms auth apps I want to provide the links to.
Does this require code on the WSS side, or can I make this happen non-programmatically on the ASP.NET/IIS configuration side?
Thanks
What is your Forms Authentication Provider?
On Active Directory (for instance) your browser will remember what your authentication was on the first entry site and carry it for you.
Having this on the web.config file of both ASP.NET and SharePoint sites:
<connectionStrings>
<add name="ADConnectionString"
connectionString=
"LDAP://testdomain.test.com/CN=Users,DC=testdomain,DC=test,DC=com" />
</connectionStrings>
<membership defaultProvider="MyADMembershipProvider">
<providers>
<add
name="MyADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="testdomain\administrator"
connectionPassword="password"/>
</providers>
</membership>
Will ensure they will both use the same authentication providers and therefore once the browser has the information about their identity, it will recycle it accordingly throughout.
Other wise, try a Federation Service.
Here is a tutorial on how to use ADFS
Hi Ric thanks for the response. I think I found my answer. Forms authentication is all about the cookie, so if I configure both the ASP.NET web app and the Sharepoint virtual directory to use the same authentication cookie, I should get single-sign on between them. I'm going to try.
UPDATE: This works nicely.
I've written a custom MembershipProvider that uses a custom database schema for storing the members, but I am having trouble figuring out how to deploy the provider. My target server is running IIS7, and I am able to navigate to a dialog for a adding a .NET User Provider, but instead of allowing me to select the assembly containing the provider & then the class, it provides a drop-down with a couple of MS written providers.
Do I need to drop my assembly in a specific location so that my MembershipProvider class is discovered by IIS? If so, what where does the .dll need to go? Otherwise, how do tell ASP.Net to use my MembershipProvider? Every example I've seen simply references the fully qualified class name, but makes no mention of how the file needs to be deployed.
If you look in the web.config file for your application, you should have a section called system.web. Within that there is a membership element with a list of providers. You should be able to add your provider and set a default provider there. Once your membership provider is registered in this way, you should be able to select it as a default for that application from IIS as well.
<system.web>
...
<membership defaultProvider="MyMembershipProvider"
userIsOnlineTimeWindow="15">
<providers>
<add name="MyMembershipProvider"
type="Common.Auth.MyMembershipProvider, Common"
connectionStringName="MyAuthDBConnectionString"
enablePasswordRetrieval="true"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
writeExceptionsToEventLog="false" />
</providers>
</membership>
...
</system.web>
The providers element allows you to register multiple providers to choose from. Another feature is that you can clear out membership providers registered in other configuration files on the machine. This can make configuring your application less error prone later on. To do so, add the <clear/> element before the first membership provider (the <add/> element) in the list.
<system.web>
...
<membership defaultProvider="MembershipProvider1">
<providers>
<clear />
<add name="MembershipProvider1" ... />
<add name="MembershipProvider2" ... />
</providers>
</membership>
...
</system.web>
If you want to register the same provider with multiple web applications just using IIS Manager, you will need to put the assembly in the GAC and add the provider to one of the machine config files instead. This is usually more work for little benefit when deploying a single application.