Tech - asp.net 3.5, Sql server 2005
I have integrate aspnet membership for my webapplication.
I am adding some users (member) from importing excel file.
So how can I add that user and role of that user in aspnet membership tables?
NOTE - I have SP which is used to add member in DB from uploaded excel file, I have wrote insert trriger on membertable.
Do not insert DB records manually. Use .NET's Membership Provider's stored procedures to do that, for example aspnet_Membership_CreateUser and aspnet_Roles_CreateRole.
But better off, use .NET's classes/methods to do that. They encapsulate the whole mechanism for you:
Membership Provider
Role Provider
First you create a user, then you (optionally) attach role(s) to.
UPDATE December 2015
Folks keep reading this. It's important to know that for a few years now, there is a totally different paradigm, ASP.NET Identity. please use it instead of the old Membership Provider.
Abhi you should use
//to create a user
MembershipUser newUser = Membership.CreateUser(UserName, Password, Email);
//to attach created user some role
Roles.AddUserToRole(newUser.UserName, role);
Update
For that you can for for membership stored procedure aspnet_Membership_CreateUser to create a user or you can create one for you to insert data into user and userinroles table.
I would encourage you to refer link
You can simply do INSERT in the AspNetUsers table with empty PasswordHash and SecurityStamp. Then we have a "forgot password" flow that establishes credentials using ASP.NET Membership.
Related
I want to change the password of Membership table ,i can change directly in database but that is in encrypted format.how to retrieve original password in front end and How to update that .Please send me the logic.
You cannot directory change it in database and should use Membership provided methods.
using System.Web.Security;
u = Membership.GetUser("username1");
u.ChangePassword("OldPassword","NewPass");
If you don't know old pass, use MembershipUser.ResetPassword instead
If you want a ready-made solution, I use this tool to manage my users and roles.
You just fire it up and point it to the web.config of your web app and away you go.
http://aspnetmemberman.codeplex.com/
Features
Initialize membership databases
Create and delete users
Create and delete roles
Assign and un-assign users to roles
Reset user passwords
Unlock, activate and de-activate users
Works with System.Web and custom providers
Attempts to handle custom profiles
I am using ASP.NET Membership in an ASP.NET MVC 3 Web application project.
I have installed the ASP.NET Membership tables using Aspnet_regsql.exe and now my main userTable has a foriegn key called "userID" which points to the "UserId" of aspnet_Users.
This "userTable" is connected to many tables. So for every operation now I require the "UserId" from aspnet_User using the username with which the user has logged in.
For this I use
MembershipUser user = Membership.Provider.GetUser(username, true);
now for each and every operation I have to make this call and get user.ProviderUserKey to continue with my other operations.
I am thinking there has to be a better way to do this. Is any any built in way to do this ?
The ASP.NET Membership Provider isn't intended to provide the ProviderUserKey... perhaps you could use the username instead? You can always easily access that through Context.User.Identity.Name.
I always use:
Guid userId = (Guid)Membership.GetUser().ProviderUserKey;
You get the user information once and put it in forms authentication cookie with user data encrypted.
For subsequent calls you use Context.Identity for the user information
You can keep the relevant information around in the cache, for example in a Dictionary<string, Guid> where the key is the user name (which you can lookup using HttpContext.Current.User.Identity.Name or Thread.CurrentPrincipal.Identity.Name), and the ProviderUserKey is the value.
Build this dictionary either on-demand or initialize it once, and put it in the ASP.NET Cache, Session or Application (of course watch our for serialization and concurrency issues).
I'm using ASP .NET with Oracle XE as my database and I use the ASP .NET Membership tools with Oracle as my provider. The ASP .NET Membership tool creates its own set of tables on my database.
My question is how can I show the data from the MemberInformation table when the user is logged on?
you can use Membership and MembershipUser' in theSystem.Web.Security`
MembershipUser user = Membership.GetUser();
string userEmail= user.Email;
Now using the user object you can access most information of the currently logged in user. These classes are powerful you can even use them to update user data.
See these Links for details:
MembershipUser
Membership
I havent worked on ActiveDirectory Membership provider earlier, I have a doubt on creating an application using AD membership provider. If I need to foreign reference a user in a different table(lets say a custom role table ) then what primary identifier(Foreign key) should I use to identify the user in the the table which holds the relation of Role and the users.
Also , where is the additional information(other than AD details) about the user is stored like User Name, Department, Current project etc.
Is a snapshot of Active directory taken frequently and stored in a table in the database which is then used in sql joins?
The base membership provider (and derived providers such as the ActiveDirectoryMembershipProvider) uses UserName as a functional key (queries for members expect UserName as the key query parameter and return a single MembershipUser object). Those queries return MemberShipUser objects that have basic membership information—including roles, email, comments, etc. If you want to combine the ADMembership Provider with extra information, you're best off using the UserName as the key to do so. Storing extra data is easier if you use a database because .UpdateUser only commits Email, Comment, and IsApproved properties.
And no, snapshots are not taken, though you can enable caching if you wish. The provider queries AD directly when it needs the information.
The aspnet membership database when created resides in App_Data folder and is quite handy as it supports all the Login controls very well. The user roles can be very well managed by the aspnet configuration manager. The profile properties are managed all by the the database itself.
The database thus created can be seen in the server connections. If you analyze the datatbase you will see that every user has a specific userId apart from the username. Both of them are unique. You need not copy all user data in other tables. You can specify the related data using joins. Once a user is logged in, you can refer him/her by User.Identity.Name (c#) in your code behind.
Kindly view the database tables using the Server Explorer in Visual Studio and you can view the tables structures -- aspnet_Users, aspnet_Membership, aspnet_Profile etc...
How do I migrate users from a existing users table to Forms Authentication?
There seems to be three options:
T-SQL - Iterate through the existing users table and insert into Forms Authentication tables using the stored procedure aspnet_Membership_CreateUser
Code - create a utility that will iterate through the existing users table and insert into Forms Authentication tables using Membership.CreateUser()
Code - as users login verify credentials against existing users table and insert into Forms Authentication tables using Membership.CreateUser()
Which is the most practical?
I have been currently trying option 1 but I am running into difficulties using the password salt to create the encrypted password from a plain text password
With regard to #1, what exactly is the problem? You don't need to worry about the hashing if you've got plaintext passwords already. Just call CreateUser(username, password). Simple as that.
Have you considered implementing your own MembershipProvider class that hits only your user table?
Trying to synchronise data between two tables may seem trivial now, but may cause you a whole world of hurt in the future as your software evolves.
Just to confirm are you saying you've got an existing users table in your database and you want to use asp.net membership and the membership tables generated?
If that is the case you don't necessarily need to migrate your data. You could extend the membership provider and create your own membership that links into the existing table you already have.
Here's a couple of link if it helps:
Asp.net video
Writing A Custom Membership Provider