I am new to asp.net and developing an application where there will be some roles like (admin, entry user, maker, checker) one user can have all or can have partial roles based on the provided roles and the page should restrict functionality based on the user role.
What is the best way of implementing it without memberships in asp.net ..
thanks
How can define a role without membership? You have to know who they are in order to get their role, otherwise there is no point.
Related
How would I go about hardcoding a role in ASP.NET MVC within the program itself, rather than through a database, for authentication (and then how could I add people to this role)?
What I'm trying to do is have 3 roles: Progammer, DatabaseAdministrator, and SystemsAdministrator. I'd like to be able to add people to those roles (also hardcoded), and then authenticate people based on role, rather than username. Right now, I am authenticating people like this:
If (#User.Identity.Name == "DOMAIN\\first.m.last")
What I want to be able to do is:
If (#User.Identity.Role == "ROLENAME")
However, I only have three roles and 8 people; I do not want to have to create a table in my database for them. So I'd create the role DatabaseAdministrator, and then add three people into as the string "DOMAIN\first.m.last". Then, I could have the action populate the view based on their rolename.
Everything I've seen so far has you do it through the database. Would appreciate any help. Thanks!
I am assuming that you are using Windows Authentication.
With that said you can easily authorize based on the users Active Directory Groups. This will keep you out of the database and all you have to do is add a user to an AD group if the users change.
Then you can authorize on the controller or action with this annotation.
[Authorize(Roles = #"DOMAIN\ADGroup")]
I am using ASP.NET Identity 2 in web forms and i need to get list of a role users, i mean list of users that are in "Admin" role or "User" role.
can you help me?
Look at the Roles IQueryable on the RoleManager class -- it's meant to allow queries. If you're using EF, then the Roles is IQueryable<IdentityRole> and IdentityRole has a collection of Users property. With these IDs you can then access the Users IQueryable on the UserManager. :)
thanks #Brock Allen .
i found that i should change some base codes in role manager and user manager system in asp.net identity, if some one needs to change and customize asp.net identity here is a good article : click
I am working on an Intranet Asp.net mvc with windows authentication enabled. I am building an asset management application, and I need to define user groups and security roles. For example I have a group that contains senior HR employees; this group will be linked to a security role. The security role will allow for example to add new vehicles, but only allow reading the information about IT assets such as PC, etc.
But since I am working on intranet and the users exists in the Active Directory, and I want to link the user groups to customize security role. So is it a recommended approach to use my own userGroups table and securityRole table to store the information about the user groups and their security roles.
Currently I only use the users from AD , but stores the info about user groups and security roles inside my custom tables. As this will give me more flexibility of implementing the requirements, OR it is recommended to use the build-in groups and role management that comes with asp.net?
Thanks
If the ability exists to maintain the active domain groups there is no reason to maintain a local groups table isinrole can be used for group access checks
I'm trying to implement some role-based functionality in my web application (.NET 4.0.3) so that I can control what menu items users can see based on their roles, either Administrator or User.
I'm simply using existing AD groups to administer the roles. Let's say there is a team in my organisation that is represented by an AD group called IT-Managers, and there is another team with AD group IT-Support. I simply want to map IT-Managers as Administrator and IT-Support as User.
I can easily use WindowsPrincipal.IsInRole() to check whether the currently logged-in user belongs to either group, but how do I tell the application that the logged-in user holds the Administrator role or the User role, therefore sitemap security trimming can pick this up?
By implementing your custom Role Provider. Once implemented you can easily use the ASP.NET role provider framework....
Roles.IsUserInRole("Admin");
Roles.GetUsersInRole("Users");
etc.
You can implement a Role Provider by implementing the RoleProvider abstract class or by extending an existing one such as SqlRoleProvider. There's a lot of extensive documentation out there. I'll paste a couple of links
http://msdn.microsoft.com/en-us/library/aa478950.aspx
http://www.codeproject.com/Articles/28546/Active-Directory-Roles-Provider
Hi i like to design a asp.net application(app1) where we can create role and actions. here action is such as create student details and delete student details... this both actions comes underneath to a role1.. so, the application will have some roles with set of actions. This roles and action will be used later in another applications(app2 and app3).
i have designed app1 with single sign on for all the application(app2,app3). when a user enter into app2, he/she will be redirected login page which resides in app1. There user validation will take place. once validated, authentication ticket will be send back to requested application(app2).
Once app2 receive the ticket, it will make another request app1 to get the roles and action belongs to singed user. the app2 should behave based the actions belongs to role.
*A user can have more roles.
how to control the user activities based on the actions?
Is there any framework to achieve this model?
Can you provide me any guidance for achieve my idea?
You should investigate the use of a RoleProvider which is built into the .NET Framework.
In addition to the role provider you can use the Authorization Manager to create Operations, Tasks, and Roles. You can then link Operations to specific function in you application and map roles in a variety of ways.
How To: Use Authorization Manager (AzMan) with ASP.NET 2.0