I want to use NauckIT asp.net membership provider for Postgres.
I was playing with example and I managed to register/login/logout user. However, This membership provider also has role management, but i dont know how to use it.
My question is: Is it possible to use ASP.NET Configuration utility (the one you start from menu Project>ASP.NET Configuration) to create roles and users? How do I achieve this?
If this is not possible, Is there any other way to do this (besides inserting/update roles/users directly to Postgres DB - this is not much user friendly)
Thank you in advance
Roles are managed by a RoleProvider in ASP.Net
I would imagine if it has a custom Membership provider, then it would also have a custom role provider as well. If this is the case, then you can certainly use the out of the box Management Pages for ASP.Net as it simply uses the Role and Membership providers that are already defined.
It would appear that NauckIT does in fact have a role provider.
Again, the management pages should work just fine if following the instructions in the link above.
Related
We are looking at enhanching our current security access model which is basically a check if the user is logged in. We now require the acesss to modules and pages and possible certain sections in the page such as dropdown restrictions based on your role.
I'm not sure how to design but maybe a few pointers and writing the requirements here will help.
The user usually belongs to an company.
The user usually has a role within that company
The company is made up of 1 or more sub companies
The user/role can have access to some modules in the system
The user/role can have access to some or all sub companies.
A role must be completely configurable on the fly.
A interface is required to configure the access for the users and the roles.
The menu needs to be configured based on access rights
The page needs to be configured based on access rights
We are using asp.net 2.0 at the moment but could possibly upgrade.
So based on that I think we need
User, Group, Role ( but roles need to be configurable) and Modules
A role for one organisation may have same name but have access to completely different Modules.
I am not sure asp.net membership is suitable so would like some opinions as it seams that access to pages is all hardcoded in config etc?
Yes, you can use ASP.Net Membership Provider for what you have stated.
As you said you are using ASP.Net 2.0, you cannot use new ASP.NET Universal Providers which is based on Entity Framework.
However, Membership Provider is introduced in ASP.Net 2.0. So you can still use the old version which uses aspnet_regsql.exe to create tables with the correct schema.
Here is the link for step-by-step instruction -
https://web.archive.org/web/20211020202857/http://www.4guysfromrolla.com/articles/120705-1.aspx
Please note that you cannot migrate from old ASP.Net 2.0 Membership to new Universal Providers.
I have an ASP.NET MVC3 web application. I use Windows Authentication. I need to achieve the following:
create an admin Role
add specific user to admin Role.
create a database table to map users to their role to allow the application to check access permissions
The third point is the most important point. How do I do that?
If you want to use the default Membership and Role Provider please refer to this msdn article on how creating an intranet application with asp.net mvc 3. But if you want to implement your own membership and role provider i recommend to use this library.
Just insert in the web.config the call to the membershipRoleProvider.
than for implementing the roles just call the AddRole, while to check if a user is in a role just call IsUserInRole.
You can find samples and documentation here and here
I'm writing an MVC application, using ASP.Net Membership for security. The application will allow multiple websites to run from the same app and database.
The websites running on the app will be completely independent from each other. The users of those sites will have access to their site only.
If I'm using one web.config, one MVC app and one database, can I achieve site specific security using ASP.NET membership?
Presumably I'll only have one application key so won't be able to use that to differentiate between sites. I thought about using Roles but will be exposing roles to site administrators -- and don't want admins to add / configure roles for a different site to their own users.
This potential problem has only just occurred to me so any help will be greatly appreciated.
You could you have them as sub sites of the main site (with web.config setup there) and therefore, the authentication permeates through the sub-sites.
There is an ApplicationName property that the roles provider uses to filter roles on. Try setting that property before fetching roles.
Something like this should work:
Roles.ApplicationName = "MyAppName";
var authorized = Roles.IsUserInRole("Some.user", "admin");
I haven't tried this, it is a static property and could give you weird results, so be careful. The best way to do this would be to implement your own provider so you could do something like Roles.IsUserInRole("some.user","admin","MyAppName").
In asp.net mvc default application you get he account controller which enable user registration, log in, log out and changing password.
I was wondering is it possible to implement litle more like enabling administrator to delete some user or give some user different roles like in asp.net configuration where you create user, roles and asign roles to users?
I already figured out and extend profile for users, so now they have much more infos and profile picture.
If you have any experience or examples of user management in asp.net mvc.
Although a bit outdated, this project maybe can give you a few hints on how to implement membership administration in ASP.NET MVC:
Asp.Net MVC Membership Starter Kit
Quote
What is the Asp.Net MVC Membership
Starter Kit?
The starter kit currently consists of
two things:
A sample website containing the controllers, models, and views needed
to administer users & roles.
A library that provides testable interfaces for administering users &
roles and concrete implementations of
those interfaces that wrap the
built-in Asp.Net Membership & Roles
providers.
Out of the box, the starter kit gives
you the following features:
List of Users
List of Roles
User Account Info
Change Email Address
Change a User's Roles
Update
For restricting certain operations to specific user roles, you can create these roles using the project I mentioned earlier, and then decorate your own application's controllers and/or actions with an Authorize attribute, referencing the desired roles:
[Authorize(Roles = "Administrator, HR")]
public ActionResult DeleteUser(int UserId)
{
// do something
}
This would prevent users that are not Administrator or HR to delete users.
Here is my try for a reusable user & role management:
https://github.com/Epstone/Simple-MVC-User-Management
If I were you I'd create a Admin "module" which handles all of these things. I don't know of any asp.net documentation on this, but if you look around on PHP documentation (Zend Framework, CakePHP or other) you get the basic ideas of the structures you should use to achieve this. Just remember to keep things seperated, admin stuff goes into a admin module not a user module (but maybe a user controller inside a admin module).
I answered a similar question here:
User Management in ASP.Net MVC 3
This provides you with an MVC 3 Razor based User Management Tool. This does not include Roles, but if you get this far, it should not be real difficult to add them.
I am creating a website in ASP MVC. Can anyone give me some advice on using the built-in membership provider in the following way.
I want my users to create an Administrative account for themselves and then create accounts for the people in their organization, or the people that they want to give access to.
I guess in a Database it will look something like this:
Companies have Administrators. Administrators can give users access.
I am sure this pattern is used all over the place, I am just not sure how to implement it. Especially using the membership providers.
Thanks,
David
There is nothing special in implementing this. It can be easily accomplished by built-in features of ASP.NET 2.0:
Configure Web site to use membership (via web.config)
Enable role management (via web.config <roles enabled="true"> tag)
Add administrator accounts to Administrators role.
Control access to the administrative pages by using [Authorize(Roles="Administrators")] attribute in the controller action.
Require authentication on other non-admin actions ([Authorize])
When I did this, I used the Membership Provider for authentication however, the organization concept I created externally from the Provider. You could use the Profile Provider.
As for roles I would still use the Roles within the ASP.Net Membership Model.
You can create a role for those people and name it something like organizational-admin, though that's a bit long, you catch my drift :). And give those the power to create users with a regular user role. At least that's how i did it in one of my applications.
Ofcourse you'll keep the admin to yourself or to the person who is in charge of this particular site.
Gu's blog has a small example of how to implement the roles in an action filter.