I'm using aspnet memberhips database for authorization and authentication for my azure web application.
This aspnet application contains the employees details. All good until we got new requirment. The new requirement is to in include lots of extra attributes related to employees such as awardcode, costcentre, division, location etc...
The requirement is also to admin these details via Admin portal.
Is there any way we can fit the above requirement with in aspnet database? Should I add extra tables and fields or there's a better way of acheving this.
Thank you.
You might want to consider the ASP.NET Profile provider. It's another component of the Membership framework. It stores a somewhat dynamic list of user properties in the database, typically in the aspnet_Profile table. You can get a lot of functionality for free by making additions to Web.config, or you can customize heavily by implementing a custom profile provider. Here are some links to get started:
http://msdn.microsoft.com/en-us/library/014bec1k.aspx
http://msdn.microsoft.com/en-us/magazine/cc163457.aspx
There have been times though when this approach wasn't a great fit for me, so I simply created a separate UserRecord table in the database with exactly the columns I wanted, and added some views to the database that joined UserRecord with the bulitin aspnet_Membership table, etc., to get the right combination of data.
Related
I have an ASP.NET MVC 5 application where I want to authorize users to access specific content via roles. These roles will be passed in through the application headers. After exploring ASP.NET membership, it seems like the membership information is normally supposed to be stored in a table, but I do not need/want this. I simply need to take the role from the header when the user accesses the application, and then access it later (ideally) using ASP.NET membership to use data annotations in my models and/or views to control who can see what information.
I apologize if this is sort of ambiguous, I am just not sure where to start since I cannot seem to find an example of someone simply taking the role from the headers without storing this information in a membership table.
Thanks!
I'm going to use the membership system in ASP.net, but need to change it in 2 ways.
The database which stores the users is Access, and I want to salt the password(etc) plus ask the user to enter details like links to their facebook pages etc which are stored in the database.
So how do I use access with the system?
And how can I change/add fields which are stored in the database (i know how to create them in the database btw, just how I get the membership system to ask for it and store it)
(I could make my own registration/user login system, except I don't know how to restrict access to pages, so how could I go about this?)
Links to tutorials/references would be great
And another on how to write a custom membership provider for the Access Database.
1) Use SQL Server Express edition. It's free, it's good, it works out of the box.
2) Check out the Profile providers for personalisation. http://msdn.microsoft.com/en-us/library/2y3fs9xs.aspx
Here's a link explaining how to use Access:
http://msdn.microsoft.com/en-us/library/44w5aswa.aspx
As for storing extra user information. Asp.NET provides this via personalization. Here are two links to get you going:
Video: http://www.asp.net/learn/videos/video-43.aspx
Article: http://msdn.microsoft.com/en-us/magazine/cc163724.aspx
one more...
Membership Provider MSAccess
In asp.net Webforms apps, is there not any kind of maintenance UI page to edit and maintain the Profile properties of a User (I'm using VS2008 and the Web Application template), like in the WSAT Web Site Administratration Tool where you already can edit the basic Membership and Role properties for a User? I'm using the basic SQL Express data tables and the basic Membership and Role providers, and now I want to begin using the Profile provider to store and access additional properties for each User I create an account for. For instance, when I create a new User and assign them to a Role(s) on my web app, I use the WSAT tool, and now I also need to set certain Profile properties for them too. Is the only way to set these properties is programmatically? Surely there is an Admininstrative type of UI page for this so you can quickly view and edit Profile properties for a User.
Roles and Membership conform to a standard schema that you can easily create a static form for editing. Profile details are dynamic based on your configuration settings - and building dynamic forms can be a bit tricky.
On top of that, the default Profile provider stores all the profile information in one concatenated field, so you'd end up with a list of comma-separated values if they went for a really basic form.
I have an ASP.Net MVC application and I'm using Forms authentication in SQL Server. This sets up the authentication and authorization for me. However, I have other person-based data that I need to track as well, such as the person's phone number, department, their charge-out rate, start date, etc.
WHAT the person can do (which is controlled by ASP.Net security) is related to WHO they are (which is controlled by my application).
Is there a best practice for linking ASP.Net with my application data to get a more complete person object? Can I simply extend the information in the ASP.Net tables? Is it better to keep it separate? Has anyone got any tips or links for guidance?
Since you are already using ASP.NET Forms Authentication the ASP.NET RoleProvider which can be integrated into MVC via the Authorize attribute is just as easy to setup.
And you get something like this:
[Authorize(IsInRole="Chef")]
public ActionResult Cook() { // snip ...
And if you did use all that, there's also the ProfileProvider for ASP.NET which generates profile code for you with full intellisense support. You can customize which fields you want and what data types it should be stored in etc. etc.
Both the Role Provider and Profile Provider can be customized or roll-your-own, there are many many articles on the internet that will tell you how.
Using the ASP.NET providers also gives you the benefits that the data is maintained automatically throughout the ASP.NET request processing pipeline, e.g. you can access this property:
HttpContext.Current.Profile
...from almost anywhere.
Use the built-in functionality for Profile Properties to store additional data about your users.
i am new to asp.net mvc so please be explicit as possible.
Here is my goal:
i want to create a simple website where users can:
Register and log in
Enter there contact details(phone, address, etc)
View there contact details
Edit details of #3.
Later in the website, i will create other pages that use this data but for now the only items above are needed.
my questions is that i have been reviewing the default asp.net mvc sample that comes when you create a new asp.net mvc app.
I am trying to figure out if i should store all the contact details in the aspnetdb.mdf database in an existing table or i should be creating new tables.
it seems like i could extend aspnet_Users or aspnet_membership.
please let me know if these tables can be extended to store additional fields or if its safer to just create a new table in this database.
You could use an Asp.net profile provider to store the information. Follow the link for instructions on using the built-in SqlProfileProvider. By default, the SqlProfileProvider will create tables in the aspnetdb.mdf file, so you can keep everything in one place. You can access the profile provider as a property on the HttpContext.
Edit: Better link for ASP.Net profile information
Using the Profile provider, you don't have to worry about making database calls or identifying the current user. It's all done on your behalf. Double-check the documentation, because the following might be a little off.
You add the fields that you want in your web.config inside <system.web>. In your case, it would be the necessary contact information.
<profile>
<properties>
<add name="Address" />
<add name="City" />
<add name="State" />
<plus other fields ... />
</properties>
</profile>
Then, you can access HttpContext.Profile.Address and so forth and the provider will take care of tying everything to the current user.
Adding and editing the information means displaying a form. Viewing the details is just displaying all the fields you saved from the previous form post.
The NerdDinner source and tutorial are well worth checking out if you're completely new to MVC.
You may also want to take a look at the SQL Server Publishing Wizard found here.
It essentially allows you to copy the database structure and/or data to a .sql file that you can then import into your primary SQL database.
I don't particularly like the aspnetdb approach but that's my personal opinion.
This question has been the cause of a little bit of an internal debate for me. I can see the logic in extending the existing membership provider to hold the neccessary aditional information, however I would only use the aspnetdb database to store this information if that was the path taken, as the purpose of that database, in my mind, is to store information mamaged by ASP.NET via the Membership API
If you did decide not to extend asp.net's existing membership provider then I would suggest creating another database, or at the very least some new table(s) to keep data you are managing seperate from any other data managed by ASP.NET