I'm attempting to make a system that stores employees details...name address etc.
I would like the users to be able to log on, see and change their own details only.
Is this possible is asp.net and if so how?
I'm really new at this so if you could keep answers as simple as possible.
Thanks
Here's a good starting point for your research...
Check out ASP.NET Membership. This is a good, out of the box, solution for storing basic "member" information (login/password/name/etc.). It will give you a good starting point for handling user authentication and building out ways for users to manager their info.
I usually use the SQL Membership Provider. Have a look at this link for good instructions on how to get it up and running.
You could look at the asp.net membership system, a walk-through can be found here - http://msdn.microsoft.com/en-us/library/879kf95c.aspx
Related
I find a few topics on this, but they point to too-generic documentation or, for the link that seemed most pertinent so far, don't work.
(I'll refer to all the built-in functionality for membership/roles in .NET as "Membership" here on out.)
Using .NET 4.0 and Visual Web Developer 2010 Express and SQL Server 2005.
I'm creating a website where, in order to sign up, you need to be a paying member. I've already created the database that holds all membership info, and I've already created the form where they sign up, as well as the pages where they themselves or site admins can manage their account info. I've also even created a class for authenticating them and checking for permission on pages based on level of access (roles).
I'm hoping for a clear, concise explanation of either of these options:
• Point "Membership" at the place where username/password are stored, disallowing it from auto-creating its own db. (I'll then go back through my site and replace my own custom authentication in the few places I have it with official .NET "Membership".)
• Or still run my own custom authentication, but in that process, say to "Membership", "Hey! User known as "username" and of role "member" is now authenticated. Note that in your own special place, assign them that role, and know what to do with it when I ask you hereafter." Could this be "Forms Authentication API"?
There's more to the account than just username/password/role. I know I can add more fields to accounts created using .NET but I also really don't want to use some randomly created, self-contained, disjointed database just for the sake of handling logins.
I have not yet learned the basics of "Membership", though I'm getting darn close in my process of learning .NET; and I can't spend the time right now making progress on that for personal reasons, but I have to proceed with making this site. I would like to be able to use many of the benefits that come along with .NET security, like being able to exclude users from folders using web.config, etc.
Mostly I'm just seeking assurance it will be possible for me to backpedal after I get some other aspects of the project shored up, but before I make it live, and without having to rewrite half of the membership forms and splitting that data into several databases and figuring out how to use "Membership" for either pieces of it or all of it when a member signs up.
Possible?
If I understand you correctly, what you are working on is similar to something I am working on here.
We have a custom authentication scripts in ColdFusion and I am creating a second .NET System with Membership login.
The way I went about it was to move all the user/role/profile information into Membership's tables and created an additional tblUserProperties table which holds all other information that the Membership standard tables cannot hold.
I have recoded the ColdFusion queries to point to the new Membership tables.
This way, if a user change password from either system, the logins will work from the other system as well.
I think keeping two systems/tables that do the same thing (authentication) is risky because of the password change reasons. There could be more, but why can't you just simply change your custom code to point to where Membership is pointing? That way you can use Membership provider to its full potential.
I have used asp.net so far to create personal web applications, for example, an application where I maintain to-do tasks in an MS SQL Server database or a customer management and support system. I use the basic authentication via web.config where I can create another user who can look and work with such a database, but then all the data is shared between him and me.
But now I want to convert this application into a membership model where a user signs up and will get to use his own personal list of to-do tasks. I can think of the following approach. Please correct me if I'm wrong on some point or if I have missed something.
Steps:
Add a membership user table and use the primary key of this table to access other tables where I will need to add this column, the to-do list in this case.
Next, I will need to write the Login, Signup and User management logic to maintain the user table. Here, I was hoping to find some working samples but all searches give me only ASP.NET MVC membership samples. I don't want to use MVC because I am using third-party asp.net components. As far as I know I can not use MVC with those components. Any links to ready made samples similar to MVC but for asp.net?
I also want the users to be able to login with their google id, dropbox id, etc. Is this possible while having my own login/signup? How does user table change then? Is the Email Address the only data to link up all these things? For example, if someone logs in with google id, I authenticate using Google oauth 2 API but use the email address as the data to add or locate that user to give him his data tables. I'm confused on how this kind of user table looks where all kinds of logins are possible along with a custom one. Any ideas?
http://www.shiningstar.net/ASPNet_Articles/SqlMembershipProvider.aspx
This should help talk you through what you need to do.
I got the exact solution that combines membership with oauth and is built into ASP.NET 4.5. What is more, there is a video that demos it all!
http://www.asp.net/vnext/overview/aspnet/oauth-in-the-default-aspnet-45-templates
I already got a table stored all customer information. Such as name, email phone, password and other things.
In this case, how can I take advantages of asp.net membership/role/profile provider?
I want to use annotation in MVC2 to do authentication and such.
Thanks for your advice, any reading URL is welcome.
You'll probably need to create custom membership provider.
Check out:
MSDN Article
ASP.Net Video
And see if they help you
There are very simple way
1. use aspnet_regsql.exe
(in C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727)
Choose option add to existing database
Use your name, email, phone like Profile, or you can create script which add users automatically(and you need add to this user phone,email etc)
http://forums.asp.net/p/1540444/3753784.aspx
(It's useful documentation about asp.net roles,membership etc)
https://web.archive.org/web/20211020202857/http://www.4guysfromrolla.com/articles/120705-1.aspx
I'm throwing in a CW answer to compare/contrast the other two "real" answers.
So you have two choices: Use the standard membership provider and their database schema as per John's answer, or create your own membership provider and utilize your current database as per user517656's answer.
If you use the standard provider, you'll have to migrate your users into the microsoft database. But once you do that, you shouldn't have to write much code at all.
If you use a custom provider you have to write all of the code yourself, but you don't have to change your database.
I have a website and I wanted to become an open ID publisher. How to do that?
Depending on your exact requirements, you might want to try OpenID delegation instead. You can then use your website as a layer of abstraction over a third party provider.
As you're building for asp.net - take a look at DotNetOpenAuth. It's a free, open-source library that can make your asp.net webrite an OpenID provider (your website can be used to identify you) or a relying party (users can log in on your website using OpenID).
In fact, StackOverflow uses it as well, and so do I. It has a number of examples, and it's pretty reliable and secure.. Definitely recommended! :)
If you just want to run your own identity server, then a good place to start looking is here. I run phpMyID on my site that acts as an openID server for me, it was easy to set up, seems to work, and no-one has stolen my identity ..yet.
Does anyone have any examples of using Sqlite with ASP.NET membership? I am building a small "drop-in" type web application and don't want to rely on an SQL database for storing user credentials, etc. Sqlite seems like a good option, and I have been impressed with its performance in Elmah; I wouldn't mind using xml as a data store either.
On another note, perhaps asp.net membership isn't a good choice for basic form level security? The app will not require more then a couple users for those who implement it, and at this time I don't see a need for roles. My thought of using asp.net membership is simplicity to setup and get running; why build a security class if I don't need to, right?
Any other suggestion are surely welcome; thank you for your time.
It looks like Roger Martin's project - http://www.codeproject.com/KB/aspnet/SQLite-Providers.aspx - is now the recommendation for SQLite connectivity.
This is suggested by Peter Bromberg (http://twitter.com/peterbromberg/status/5031854389) and the next top resource on Google is the above by Roger Martin, who suggests that as the place to get the provider (http://galleryserverpro.blogspot.com/2009/08/new-release-adds-support-for-flash.html#comments).
Seeing as how it's part of a semi-commercial product (and the author is trying to get back to work on it as a full-time job), it seems this will be kept up to date.
EDIT 1: More information about the ordering of released providers for SQLite: http://sqlite.phxsoftware.com/forums/p/75/397.aspx
I am a big fan of SQLlite as well. I would say asp.net membership is good enough for the basic stuff.
Peter at Eggheadcafe has this right article about sqllite, check it out.
Article
For using the membership provider with other databases look at a custom membership provider
There's a new, updated source for Roger Martin's SQLiteMembershipProvider
nuget package: https://www.nuget.org/packages/SQLiteMembershipProvider
sourcecode: https://bitbucket.org/jkuemerle/sqlitemembershipprovider