Is possible define different profiles a the same time?
I have two type of users in my web site and they have different properties.
Using asp.net profile is possible to define two or more profiles with distinct properties?
If you have different types of users in your app, you probably want to look at ASP.NET Roles.
Related
In my servlet based web application, there are many users. They have different roles like admin, manager, operator etc. After login based on their roles I would like to control the visibility of resources (HTML and JSP). E.g. operator can't modify or delete some data which is as usually done by manager or admin only.
Is it possible to manage in database which page can be accessed by which roles?
Is there a way to make my Umbraco website use a different database than Umbraco is using for the members of the website?
For example, when a user registers on my website, the data should be stored in a different database than the one Umbraco is using.
I'm using Umbraco 4.7.X.
Yes this is possible because umbraco is using the asp.net membership provider internally for membership management.
You can setup you own membership database just the way you set up for any other asp.net base website.
Follow is the URL that show you the steps for the same.
http://our.umbraco.org/wiki/how-tos/membership-providers/how-to-integrate-aspnet-membership-control-with-umbraco
I'm writing an MVC application, using ASP.Net Membership for security. The application will allow multiple websites to run from the same app and database.
The websites running on the app will be completely independent from each other. The users of those sites will have access to their site only.
If I'm using one web.config, one MVC app and one database, can I achieve site specific security using ASP.NET membership?
Presumably I'll only have one application key so won't be able to use that to differentiate between sites. I thought about using Roles but will be exposing roles to site administrators -- and don't want admins to add / configure roles for a different site to their own users.
This potential problem has only just occurred to me so any help will be greatly appreciated.
You could you have them as sub sites of the main site (with web.config setup there) and therefore, the authentication permeates through the sub-sites.
There is an ApplicationName property that the roles provider uses to filter roles on. Try setting that property before fetching roles.
Something like this should work:
Roles.ApplicationName = "MyAppName";
var authorized = Roles.IsUserInRole("Some.user", "admin");
I haven't tried this, it is a static property and could give you weird results, so be careful. The best way to do this would be to implement your own provider so you could do something like Roles.IsUserInRole("some.user","admin","MyAppName").
In asp.net Webforms apps, is there not any kind of maintenance UI page to edit and maintain the Profile properties of a User (I'm using VS2008 and the Web Application template), like in the WSAT Web Site Administratration Tool where you already can edit the basic Membership and Role properties for a User? I'm using the basic SQL Express data tables and the basic Membership and Role providers, and now I want to begin using the Profile provider to store and access additional properties for each User I create an account for. For instance, when I create a new User and assign them to a Role(s) on my web app, I use the WSAT tool, and now I also need to set certain Profile properties for them too. Is the only way to set these properties is programmatically? Surely there is an Admininstrative type of UI page for this so you can quickly view and edit Profile properties for a User.
Roles and Membership conform to a standard schema that you can easily create a static form for editing. Profile details are dynamic based on your configuration settings - and building dynamic forms can be a bit tricky.
On top of that, the default Profile provider stores all the profile information in one concatenated field, so you'd end up with a list of comma-separated values if they went for a really basic form.
I have an ASP.Net MVC application and I'm using Forms authentication in SQL Server. This sets up the authentication and authorization for me. However, I have other person-based data that I need to track as well, such as the person's phone number, department, their charge-out rate, start date, etc.
WHAT the person can do (which is controlled by ASP.Net security) is related to WHO they are (which is controlled by my application).
Is there a best practice for linking ASP.Net with my application data to get a more complete person object? Can I simply extend the information in the ASP.Net tables? Is it better to keep it separate? Has anyone got any tips or links for guidance?
Since you are already using ASP.NET Forms Authentication the ASP.NET RoleProvider which can be integrated into MVC via the Authorize attribute is just as easy to setup.
And you get something like this:
[Authorize(IsInRole="Chef")]
public ActionResult Cook() { // snip ...
And if you did use all that, there's also the ProfileProvider for ASP.NET which generates profile code for you with full intellisense support. You can customize which fields you want and what data types it should be stored in etc. etc.
Both the Role Provider and Profile Provider can be customized or roll-your-own, there are many many articles on the internet that will tell you how.
Using the ASP.NET providers also gives you the benefits that the data is maintained automatically throughout the ASP.NET request processing pipeline, e.g. you can access this property:
HttpContext.Current.Profile
...from almost anywhere.
Use the built-in functionality for Profile Properties to store additional data about your users.