I have a LightSwitch customer-order management application. The customers can login and only view their orders. I'm trying to create a similar web app but not sure what route to take - ASP.net...etc. since not all my clients have Silverlight installed. If I did this in ASP.NET with Visual Web Developer, how would I go about the authentication based on the customer record in the db? It wasn't as big of a deal in LightSwitch.
There is an article on Codeproject about sharing the authentication between a .NET app and LightSwitch. Basically it comes down to 2 things in the web.config; MachineKey, and Forms Cookie. These have to be the same in all web.config files, and it automatically works.
http://www.codeproject.com/KB/silverlight/DNNThingsForSale.aspx
Also, Team Foundation Server has a web front end, and it exactly represents what is in the application.... Team Foundation Server uses the exact same way of describing the UI as LightSwitch ... so you might find something there.
Related
we have two projects in asp.net web form and asp.net core. we are planned to integrate these with session(in one domain).
my search showed in .net core only method for outproc are sql server and Redis. It seems not to be supported state server in .net core. is that right?
we were tested sql server session state but donot work right, asp.net core save session data in table with name SQLState but in asp.net save session data ASPStateTempSessions. thus session cannot be share between them.
have everybody a full sample for share Session object between ASP.NET (4.6 or higher) and ASP.NET CORE?
There's more to this than just the store. You're correct that ASP.NET Core does not support State Server (at least out of the box), so you will likely need to move to something like SQL Server or Redis, regardless.
However, the bigger issue is encryption/decryption. ASP.NET and ASP.NET Core employ entirely different methods of cryptography. ASP.NET uses a "machine key", where as ASP.NET Core use data protection providers and a key ring. Even assuming a shared session store, unless you get them speaking in the same language here, you won't be able to decrypt what was set by one from the other.
In that regard, though, you might be out of luck. ASP.NET MVC 5 supports OWIN and the data protection infrastructure in ASP.NET Core is OWIN compatible, so if you set up your ASP.NET app to utilize data protection providers and you share the same session store, key ring store, and application name, then they can view each other's cookies. However, I don't think Web Forms participates in this, even if you embed them in an MVC 5 app. As such, there's probably no way to share the session store between the two. Still, you can give it a go, I suppose. The worst that can happen is that it won't work, and you're right back where you are now. The ASP.NET Core docs cover how to set everything up.
I don't know if it's possible. ASP Web Form and ASP Net Core have different architecture.
Alternatively, if you want to have shared resources between projects, you could create web service for both.
For example. If you want to have Cross-Domain and Cross-Platform Single-sign-on, you could do this scenario:
All of the projects would need to authenticate to www.sso.com to check the login between apps.
We need Authenticate web service to check the shared authentication. And we could share other data for all authenticated users.
Here is a detailed explanation and sample project:
https://www.codeproject.com/Articles/114484/Single-Sign-On-SSO-for-cross-domain-ASP-NET-appl-2
I have two applications, one in asp.net and the other in asp.net core. I want to share a common database, as well as the same login. Ie, a user can register via asp.net application, and then their identity will be shared with asp.net core application.
Is this possible? I notice that each have their own identity models, and I am looking for a way of sharing this, ie. some documentation to resolve this.
Looking for:
- Is this possible?
- Documentation and more information on implementation (how to)
I am resolving by use of Identity Server, which both applications will hook into. Will just take a bit of re-jigging.
I'd like to make an OOB Silverlight app based on the Silverlight Business Application template in Visual Studio. The template uses the default ASP.Net membership provider. I understand how to use that to add users and roles, etc. I've found plenty of tutorials on that. What I'd like to be able to do, is configure the Silverlight template so that it uses an existing ASP.Net membership base. We'd like this app to have a companion website (ASP.Net based).
To clarify: We've been able to setup an ASP.Net website and have created a SQL database with the required tables (aspnet_Users, aspnet_Membership, etc.). I'd like to configure a Silverlight app to access the same users and roles that are in those tables.
Can anyone help me out in terms of what I'd need to put in the Web.config? Do I just need a connection string? I'm new to ASP.Net authentication, but I'd rather use what ASP.Net gives me out of the box than have to write my own authentication service. I feel like this should be really easy, and is just a matter of pointing the Silverlight app in the right direction.
I'd like to use Silverlight 5 and .Net 4.5 if I can but I don't mind using an older version of either if it makes things easier.
You can just point the connection string to the existing database.
From this answer:
You can point your connection string for authentication to a database that all application can access.
So if you have the default database that .NET creates, you can point your other application to that as well for authentication.
I'm a web developer who's working in a new shop with developers from a desktop background - as such they have certain idiosyncrasies/best practices when it comes to organizing their code - one of which is that separate UI views are isolated into different projects.
So, on the web side of the house, I have a problem with different projects building in different app domains:
1) I have a "portal" project with a default.aspx
In the code behind there is a custom authentication method called from inside the Login_Authenticate event to log into the "business layer" of the desktop application. The business side stores session data in ASP.NET sessions.
2) I have a "viewer" project with default.aspx - this was originally in the portal project as "Viewer.aspx", where it was covered under the same login scheme and authenticated fine, but we decided it would be good to stand on it's own project because it is a separate view.
We added the same machine key to both web.config files so the .NET forms authentication could be passed via single sign on.
I built the viewer project in two different the fashions:
1st Try (it's own URL):
http://localhost/Viewer
2nd Try (a subdomain under the portal URL):
http://localhost/Portal/Viewer
The issue I'm running into is that the session is not being passed between the Portal project and the Viewer project. I know this is because IIS is running them in different app domains. Unfortunately without the ASP.NET session from the Portal, the Viewer is not logged into the business application.
Is there a best practice/is it even possible for running multiple projects in one app domain? Should the Viewer be a part of the Portal application since it requires the same session? Should the Viewer be a separate project that requires it's own separate login into the business layer? Is there even a best practice/guideline for this scenario?
By default session cannot be shared between different applications.
In practice most projects are not separated this way. In my experience most use some sort of n-tier architecture. Basically you have all your "view" code in one asp.net project, any buisness logic/data objects in another dll project, and your data access in a third dll project. The website then just references the other two dlls.
To solve your issue this answer might give you what you want: Sharing sessions across applications using the ASP.NET Session State Service
There is a way to have multiple projects, but one site. That example is a little old but still works, and is how we do our site.
I have a website that uses ASP .Net membership and roles using the SqlMembershipProvider and SqlRoleProvider. Right now I am only using this for a small section of the site that only 2 people have access to. The site may expand in the near future and the number of users could grow into the thousands.
My question is, is there any kind of open source administration tool for managing users or am I stuck building my own? I can't really use the ASP .Net Web Application Administration Tool because, as far as I know, it is only accessible from Visual Studio. User administration would be handled by our help desk and would need to handle all of the things that the stored procedures in the SQL server provide such as adding users on the customer's behalf, resetting passwords, unlocking users, etc.
I just can't believe that an administration front-end has not been developed to handle these sorts of things and provide more functionality than the ASP .Net Configuration page provides.
Take a look at MyWSAT on CodePlex.
http://mywsat.codeplex.com/
MyWSAT aka ASP.NET WSAT is a WebForms based Website Starter Kit for the ASP.NET Membership Provider with Forms Authentication. It provides you with all the security features required for a site out of the box so you start focusing on building your pages. It allows you to manage membership users online once your site is deployed. It features complete administrative back-end functionality and designed to manage users, as well as admin pages for users to manage their own user data.