Using the Entity Framework that I generated. I have a Roles table created during the default system AspNetSqlRoleProvider security set-up.
In the Roles table, I have an ApplicationId uniqueidentifier column. Which has a guid populated in it, which doesn't change for my application.
I need to add a Role manually through my app using the entity framework. However, when creating my Roles object and setting Roles.ApplicationId. It expects a type of Guid. I have the ApplicationId in my web.config app settings. As it shouldn't change. But it is returned at string. I cannot type cast the value either to use in Roles.ApplicationId.
What can I do to use my current ApplicationId value when trying to create a new role manually using the EF?
You're going to have to convert to a Guid, but that's easy to do. The constructor takes a string value that's the GUID form (new Guid("..")), or I think there may be a Parse method too.
HTH.
Related
To access an OData web service that exposes data from a Core Data Service (CDS) in SAP R/3, a user needs has to have an authorization role assigned that contains the authorization object S_SERVICE.
The authorization object S_SERVICE requires two parameters:
the service type (SRV_TYPE) which is set to HT = "TADIR Object" in my case
the service hash (SRV_NAME).
Using the debugger I found out, that the function module AUTHORITY_CHECK_TADIR_SERVICE compares the hash from the S_SERVICE authorization object with the hash stored in a record of table usobhash:
I also found out, that function module AUTH_TRACE_CALC_HASH uses the data from the columns PGMID, OBJECT and OBJ_NAME in table usobhash as input to generate the hash which is then stored in column NAME.
So far, whenever I wanted to grant a user/role permission to access a OData service I needed to know this hash. To get the hash, I either checked the usobhash table or manually executed AUTH_TRACE_CALC_HASH and then entered the hash when I assigned the authorization object to an authorization role in transaction pfcg. I guess there has to be an easier, more "official" way to do this. My approach feels like a dirty workaround but I was unable to find any documentation about how to do it right.
tl;dr How do I set the S_SERVICE authorization object without either debugging AUTH_TRACE_CALC_HASH or searching for the relevant entry in usobhash?
Create a role with the Service in it. Therefore please create a new or choose an existing role in the transaction PFCG → (+ pushbutton).
Choose the object type "Authorization Default".
Choose "TADIR Service"; Choose object type IWSV or IWSG.
Use the F4 help to select your service.
Save the role.
Assign the role to user.
I am working on a project and using MembershipReboot as the membership manager. I am using Guids for the keys instead of the ints used in the Single Tenant demo. My application can add UserClaims but I get an error when trying to remove or delete them. Some error about not being able to set a foreign key to null. There is only one foreign key in UserClaim, the ParentKey. I don't think the framework should be setting it to null anyway, it should be simply deleting the UserClaim, not modifying it. I can fix this by scanning the repository for modified UserClaims and deleting them, but this is a horrible kludge. I was just wondering if anyone else has used UserClaim and if they worked for them?
MembershipReboot Version 7.2.
I need to check how many invalid attempt a user taken at the time of log in.
This is becauase our requirement is to save the max attempt password value from db not config.
The default Membership API doesn't expose the invalid attempt counts, but they are indeed tracked in the database.
If you take a look at the documentation for the Sample Membership Provider Implementation you'll see the following in the Database schema section:
FailedPasswordAttemptCount Integer,
FailedPasswordAttemptWindowStart DateTime,
FailedPasswordAnswerAttemptCount Integer,
FailedPasswordAnswerAttemptWindowStart DateTime
These work in conjunction with the PasswordAttemptWindow setting to lock users out if they fail to supply the correct values, and the counts are updated by the default provider when the user fails to log in.
If you want to manage these through a database rather than the web.config you only really have one choice: Write a custom membership provider (based on the sample) that reads the required values from the DB rather than the config settings.
This is because the property on the provider is read-only so you can't modify it once the provider is loaded and instantiated.
I just noticed that in the database for the auto generated ids for the default authentication users table the id is not an integer, it is a very large string.b(GUID)
here is an example:
a202fc44-7319-499e-80b8-96822f5833c0
Now all of the delete methods are implemented expecting an integer id and now obviously when it passes through its id. It gives an error.
1> why is it doing the string ids in he first place?
Is there any benefits in using this for a small scale application?
2> How can I change this to just use a normal auto-incremented int?
It is using code first migrations as it is implemented when I create the project. It just creates the database on the local sql server.
I am having a real problem, I created multiple users in sql server with different dbroles, and now im trying to check what's the user role in db and connect to a connection string depending on their role as this will be more secure..... how can I choose between different connection strings and pass it to the model.edmx, remember I am working with 3 tier design.
here is how my login control works:
http://i40.tinypic.com/nvz6lt.jpg
here is my connectionclass:
http://i39.tinypic.com/34qmybs.jpg
here is my app.config file:
http://i43.tinypic.com/6xq4q8.jpg
Thanks alot
There are multiple overloads for the ObjectContext constructor.
The default one just takes the connectionstring with a matching name from the config file. But you can also use a constructor where you specify the connection string yourself.
In your code you could maybe create a Authorization enum with values like BasicUser, Admin and pas that to your ConnectionClass. There you could do a switch and pick the right connection string from your config.