Is it possible to use a different database name with SqlMembershipProvider - asp.net

Can I specify a different database than ASPNETDB using SqlMembershipProvider? I am developing a site on a shared host, and have to restrict my data schema to a single provided database.
I was roundly scolded last time I suggested rolling my own authentication code.
Alternatively, is there some other packaged authentication system I could drop in and configure to use an arbitrary database and tables from asp.net?

You can install the ASP.Net Membership Schema to any SQL database by using the aspnet_regsql command line tool.
You can also specify any connection string you'd like for your membership provider. Simply add something like this to your membership declaration in your web.config file:
<connectionStrings>
<add name="MyConnectionString" connectionString="Database=MyDatabase;Server=xxx;User=xxx;Pwd=xxx;" providerName="System.Data.SqlClient"/>
</connectionStrings>
<membership defaultProvider="MyProvider">
<providers>
<add connectionStringName="MyConnectionString" applicationName="/Test"
description="MyProvider" name="MyProvider" type="SqlMembershipProvider" />
</providers>
</membership>

The previous answer is largely correct, but I had a problem until I fully qualified the "Type" value to be "System.Web.Security.SqlMembershipProvider".
<membership defaultProvider="MyProvider">
<providers>
<add connectionStringName="MyProvider"
applicationName="/Test"
description="MyProvider"
name="MyProvider"
type="System.Web.Security.SqlMembershipProvider" />
</providers>
</membership>

Related

ASP.NET Identity - where my tables created?

I have created sample register page to create user using ASP.NET Identity. Actually, I am working with this project since long back; which means, database is already existing.
From Register.aspx page, when clicked on the Register button, getting the message like "User created successfully"; but could not able to find out where relevant tables created.
Below is the connectionstrings section of my web.config file. Please note that, second connectionString "LocalDBConnectionString" is existing but NOT using anywhere, and in-fact not working.
I have verified with all the relevant databases for membership tables, but could not find relevant one.
<connectionStrings>
<add name="ASHOKConnectionString" connectionString="Data Source=SHRESTASOFT\SQLEXPRESS;Initial Catalog=ASHOK;Persist Security Info=True;User ID=sa; Password=tentod" />
<add name="LocalDBConnectionString" connectionString="Data Source=(LocalDB)\v11.0;AttachDbFilename=|DataDirectory|\ClassDB.mdf;Integrated Security=True" />
<add name="ASHOKEntities" connectionString="metadata=res://*/EntityFramework.ASHOK.csdl|res://*/EntityFramework.ASHOK.ssdl|res://*/EntityFramework.ASHOK.msl;provider=System.Data.SqlClient;provider connection string="data source=SHRESTASOFT\SQLEXPRESS;initial catalog=ASHOK;persist security info=True;user id=sa;password=tentod;MultipleActiveResultSets=True;App=EntityFramework"" providerName="System.Data.EntityClient" />
<add name="NORTHWINDDataContext" connectionString="metadata=res://*/EntityFramework.NorthwindDataContext.csdl|res://*/EntityFramework.NorthwindDataContext.ssdl|res://*/EntityFramework.NorthwindDataContext.msl;provider=System.Data.SqlClient;provider connection string="data source=SHRESTASOFT\SQLEXPRESS;initial catalog=NORTHWND;persist security info=True;user id=sa;password=tentod;MultipleActiveResultSets=True;App=EntityFramework"" providerName="System.Data.EntityClient" />
Where could the database be created?
Update - One more help required: Please observe that ASHOKConnectionString is existing inside connectionstrings section of web.config. This is the one I am using currently for other pages. If I want to get my ASP.NET Identity related tables into this database, how can I do? Can anybody please suggest me!
You can find where the members are stored by looking the membership field on web.config. For example you have to see something like:
<roleManager ... >
<providers>
<clear/>
<add connectionStringName="ASHOKConnectionString" ... />
</providers>
</roleManager>
<membership >
<providers>
<clear/>
<add connectionStringName="ASHOKConnectionString" ... />
</providers>
</membership>
and inside that database that is used for members, there are 11 tables that starts with aspnet_ and there are your member.

ASP.net Web Forms Application login using external DB

I'am creating a dynamic web form aplication. It stores the users data in another database (external server)
I know that there is aspnet_regsql.exe but i have no idea how to implement it on external server.
(i also can't loose data from existing database)
How can i force default login system to check if my database have valid credentials in my Password and UserName columns ?
Thanks in advance.
Membership using aspnet_regsql.exe has been obsoleted.
There are new ones -
Universal Providers
Simple Membership
ASP.NET Identity
Universal Providers will be the closest if you want to use the legacy Membership.
It stores the users data in another database (external server) I know
that there is aspnet_regsql.exe but i have no idea how to implement it
on external server.
Yes, you can store the Membership's tables in another database. If so, you will need to have separate connection string for the Membership.
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<clear/>
<add name="DefaultMembershipProvider" connectionStringName="MyConnection" ... />
</providers>
</membership>
<roleManager enabled="true" cacheRolesInCookie="false"
defaultProvider="DefaultRoleProvider">
<providers>
<clear/>
<add name="DefaultRoleProvider" connectionStringName="MyConnection" ... />
</providers>
</roleManager>

Can I run multiple websites under a single membership database?

I'm trying to plan a series of websites that all share many of the resources such as css/jscript/images/content etc. For this reason I wanted to run all of the websites under the same application and IIS profile, but depending on the URL being used change the masterpage and theme/skin.
The ASP.NET membership database seems as if it was designed with this goal in mind because it allows you to setup multiple applications, however I believe the purpose for which this was built was to allow applications to be run under virtual directories/folders, not on separate URLs.
Is it possible to map a url to a particular application?
Thanks in advance
Al
Yes it is possible to do this. In your configuration, use the applicationName for your providers. This way, all of the data will be saved in the same database, but kept separate by the Application Id that you will find in most of the tables.
One possibility for your shared resources can be to put them in just one location and you can point to that location from your other site by using a full url to the file in the first location.
Another possibility is to host one app in a virtual directory in the same domain, although you can get into some interesting issues with web.config inheritance doing this. It would help if you show your intended domain naming for the two applications.
In one application:
web.config 1:
<roleManager enabled="true">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" applicationName="/ApplicationOne"
...add other properties here as standard
/>
</providers>
</roleManager>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" applicationName="/ApplicationOne"
...add other properties here as standard
/>
</providers>
</membership>
In your other application:
web.config 2:
<roleManager enabled="true">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" applicationName="/ApplicationTwo"
...add other properties here as standard
/>
</providers>
</roleManager>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" applicationName="/ApplicationTwo"
... add other properties here as standard
/>
</providers>
</membership>
The easiest solution would be to include the style sheet depending on what URL the page is being executed on, using:
Request.ServerVariables("SERVER_NAME")
IE (pseudo):
if Request.ServerVariables("SERVER_NAME") = "http://www.domain1.com" then
include stylesheet1
else
include stylesheet2
end if
You would need to find a function to extract the domain name from the URL so it works well.

forms authentication

Ok so I am using forms authentication in my web site and I defined this in my config. Therefore I have an ASPNETDB.MDF. So do I need to have a database called ASPNETDB.MDF in my web host? If that is the case then how do I connect this so that my site uses this to verify users? I am sorry this seems to be like a very noob question
Place the ASPNETDB.MDF in your App_Data folder.
The connection string to use is <add name="LocalSqlServer" connectionString="Data Source=.\SQLExpress;Integrated Security=True;User Instance=True;AttachDBFilename=|DataDirectory|aspnetdb.mdf" />
When you hook this connection string to your membership provide the authentication will use your ASPNETDB.MDF file.
-------------------Try the following-----------------
Sorry place a above the connection string above you should be able to change the name of the connection string. You will also need to change this in your membership element.
<connectionStrings>
<clear />
<add name="NewConnectionString" connectionString="Data Source=.\SQLExpress;Integrated Security=True;User Instance=True;AttachDBFilename=|DataDirectory|aspnetdb.mdf" providerName="System.Data.SqlClient" />
</connectionStrings>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider"
connectionStringName="NewConnectionString"
...
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</membership>
You dont have to use a database to use forms authentication, you can define the entries in the web.config file if you like. It depends on the MembershipProvider that you are using.
Have a look here for an example

ASP.NET Membership - Which RoleProvider to use so User.IsInRole() checks ActiveDirectory Groups?

Very simple question actually:
I currently have IIS anonymous access disabled, users are automatically logged on using their Windows login. However calling User.IsInRole("Role name") returns false. I double-checked User.Identity.Name() and the "Role name" and it should return true.
I currently have this in my Web.Config:
UPDATE
I was calling User.IsInRole("Role name") where I should call User.IsInRole("DOMAIN\Role name")
However I still like to know if the <membership> entry is needed at all?
What should I change? (and is the <membership> entry needed at all?)
<authentication mode="Windows">
<forms
name=".ADAuthCookie"
timeout="10" />
</authentication>
<membership defaultProvider="ADMembershipProvider">
<providers>
<clear/>
<add
name="ADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="XXX\specialAdUser"
connectionPassword="xx"
/>
</providers>
</membership>
<roleManager enabled="true" defaultProvider="WindowsProvider">
<providers>
<clear />
<add name="WindowsProvider" type="System.Web.Security.WindowsTokenRoleProvider" />
</providers>
</roleManager>
If you use Windows authentication IsInRole will work with no extra configuration, as long as you remember to prefix the role with the domain, i.e. DOMAIN\groupName.
In addition you can role (pun intended) your own and use Windows auth against, for example, a SQL Role Provider, where you don't want your AD littered with custom roles for your application.
So no, you don't need the provider configuration at all.
The membership provider here isn't going to help. The ActiveDirectoryMembershipProvider seems to best(only?) fit with Forms authentication.
BlogEngine.NET has an Active Directory role provider.
Pretty sure the only thing you need in there is the roleManager group (along with the base authentication mode='windows' setting)
Out of the box, there's no role provider to use Active Directory directly. You can use the role table in the ASP.NET membership- and role-system, or you can use Authorization Manager (AzMan).
There's an article on CodeProject which shows the implementation of a role provider which works against the Active Directory - with full source code. Maybe this helps?
Marc

Resources