I have done a custom implementation of MembershipProvider but for some reason the initialize method is not being invoked and thus my provider is not setting up properly from the config parameters, who invokes it in the first place and how do i get it to work.
I assume this is an ASP.NET application. Do you have a reference to your membership provider in your web.config (it can also be in your machine.config, but this is lesser used)?
You should have something like the following in the system.web section of your web.config:
<membership defaultProvider="MyCustomMembershipProvider">
<providers>
<clear/>
<add
name="MyCustomMembershipProvider"
type="MyNamespace.MyCustomMembershipProvider"
connectionStringName="..." ... />
</providers>
</membership>
Make sure also that your provider is inheriting from the System.Web.Security.MembershipProvider abstract class.
See this MSDN article for more detail and examples.
Related
I would like to use mvc4 Simple membership provider. So I set up a new MVC4 internet application. Click Debug and I see that db and tables were created for me.
Is this all I need to do?.
Some articles:
http://weblogs.asp.net/jgalloway/archive/2012/08/29/simplemembership-membership-providers-universal-providers-and-the-new-asp-net-4-5-web-forms-and-asp-net-mvc-4-templates.aspx
http://blog.longle.net/2012/09/25/seeding-users-and-roles-with-mvc4-simplemembershipprovider-simpleroleprovider-ef5-codefirst-and-custom-user-properties/
tell me to add
<membership defaultProvider >...
section. is this necessary?
Also:
I can't get ASP.Net configuration tool to work. It says "An error was encountered. Please return to the previous page and try again. "
??
If you created a new MVC 4 web application using the Internet template it should have wired up SimpleMembership for a basic log-on/log-off functionality. It should have already updated your web.config with the proper settings. It should have setup the membership and roles and they should looks something like this.
<roleManager enabled="true" defaultProvider="SimpleRoleProvider">
<providers>
<clear/>
<add name="SimpleRoleProvider" type="WebMatrix.WebData.SimpleRoleProvider, WebMatrix.WebData"/>
</providers>
</roleManager>
<membership defaultProvider="SimpleMembershipProvider">
<providers>
<clear/>
<add name="SimpleMembershipProvider" type="WebMatrix.WebData.SimpleMembershipProvider, WebMatrix.WebData" />
</providers>
</membership>
SimpleMembership does not use the ASP.NET Configuration Tool used with the traditional ASP.NET membership. You have to create your own web pages for managing roles and users.
The Internet template just creates the basic functionality for authentication and authorization in your application. But SimpleMembership is very extensible. For example it is fairly easy to customize what type of information you want to capture in the user profile or setup email confirmation of new users.
In an ASP.NET website it is possible with a few short additions to the Web.Config section to add auto-magically wired properties to the user profile.
So for example with some XML like this.
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" connectionStringName="LocalSqlServer" applicationName="/" type="System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
<properties>
<add name="Name" allowAnonymous="true"/>
<add name="VisitedOn" type="System.DateTime" allowAnonymous="true"/>
</properties>
</profile>
You would end up with the ability to do this. Without having to declare any further code.
Profile.Name = "Some Test Value";
Profile.VisitedOn = DateTime.Now;
Profile.Save();
I have attempted to duplicate this functionality in an ASP.NET Web App and can't even seem to find the base Profile declaration let alone the custom properties.
I have however found that System.Web.Profile.DefaultProfile.Properties does infact contain the custom declared properties I define in the Web.Config.
So where might I be going wrong? What is the process for getting auto wired properties in web apps working?
The properties are created during the Compilation of ASP.NET Web Application when the first request arrives.
Ref: ASP.NET Application Life Cycle Overview for IIS 5.0 and 6.0
Profile properties defined in the Web.config file If profile
properties are defined in the application's Web.config file, an
assembly is generated that contains a profile object.
You can hook into this Compilation by writing a custom BuildProvider and registering the same. This build provider can be used for generating the auto wired properties.
I'm creating a custom Role provider based on the ASP.NET Role provider. I have 3 tables. One for Users, one for Roles, one for UsersInRoles.The Users table has no password column because the users are authenticated with ActiveDirectory. That's my approach so far. I can't get the cusstom Role Provider to work, anyone has the same situation like me. How do you make a custom Role provider works with AD?
What I did: create a class which inherits from System.Web.Security.RoleProvider, and choose "Implement abstract class" from the context menu when clicking on : Roleprovider. I only implemented the method GetRolesForUser (the other methods throw NotImplementedException).
At a certain point I thought I also needed to implement the MembershipProvider, but a simple addition to web.config fixed it (since the assembly is not in the GAC, in the type-attribute, you only need to mention the namespace+type-name; not the assembly name and other parameters):
<configuration>
<system.web>
<roleManager enabled="true" defaultProvider="MyRoleProvider">
<providers>
<clear />
<add name="MyRoleProvider" type="Namespace.To.MyRoleProvider" />
</providers>
</roleManager>
</system.web>
</configuration>
There is no need to implement the ValideUser method on a MembershipProvider.
You should be able to write the role provider in a manner to where you override the ValidateUser() method and force it to perform the AD lookup there. After that, most of the built in stuff should take over.
Very simple question actually:
I currently have IIS anonymous access disabled, users are automatically logged on using their Windows login. However calling User.IsInRole("Role name") returns false. I double-checked User.Identity.Name() and the "Role name" and it should return true.
I currently have this in my Web.Config:
UPDATE
I was calling User.IsInRole("Role name") where I should call User.IsInRole("DOMAIN\Role name")
However I still like to know if the <membership> entry is needed at all?
What should I change? (and is the <membership> entry needed at all?)
<authentication mode="Windows">
<forms
name=".ADAuthCookie"
timeout="10" />
</authentication>
<membership defaultProvider="ADMembershipProvider">
<providers>
<clear/>
<add
name="ADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="XXX\specialAdUser"
connectionPassword="xx"
/>
</providers>
</membership>
<roleManager enabled="true" defaultProvider="WindowsProvider">
<providers>
<clear />
<add name="WindowsProvider" type="System.Web.Security.WindowsTokenRoleProvider" />
</providers>
</roleManager>
If you use Windows authentication IsInRole will work with no extra configuration, as long as you remember to prefix the role with the domain, i.e. DOMAIN\groupName.
In addition you can role (pun intended) your own and use Windows auth against, for example, a SQL Role Provider, where you don't want your AD littered with custom roles for your application.
So no, you don't need the provider configuration at all.
The membership provider here isn't going to help. The ActiveDirectoryMembershipProvider seems to best(only?) fit with Forms authentication.
BlogEngine.NET has an Active Directory role provider.
Pretty sure the only thing you need in there is the roleManager group (along with the base authentication mode='windows' setting)
Out of the box, there's no role provider to use Active Directory directly. You can use the role table in the ASP.NET membership- and role-system, or you can use Authorization Manager (AzMan).
There's an article on CodeProject which shows the implementation of a role provider which works against the Active Directory - with full source code. Maybe this helps?
Marc
I've written a custom MembershipProvider that uses a custom database schema for storing the members, but I am having trouble figuring out how to deploy the provider. My target server is running IIS7, and I am able to navigate to a dialog for a adding a .NET User Provider, but instead of allowing me to select the assembly containing the provider & then the class, it provides a drop-down with a couple of MS written providers.
Do I need to drop my assembly in a specific location so that my MembershipProvider class is discovered by IIS? If so, what where does the .dll need to go? Otherwise, how do tell ASP.Net to use my MembershipProvider? Every example I've seen simply references the fully qualified class name, but makes no mention of how the file needs to be deployed.
If you look in the web.config file for your application, you should have a section called system.web. Within that there is a membership element with a list of providers. You should be able to add your provider and set a default provider there. Once your membership provider is registered in this way, you should be able to select it as a default for that application from IIS as well.
<system.web>
...
<membership defaultProvider="MyMembershipProvider"
userIsOnlineTimeWindow="15">
<providers>
<add name="MyMembershipProvider"
type="Common.Auth.MyMembershipProvider, Common"
connectionStringName="MyAuthDBConnectionString"
enablePasswordRetrieval="true"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
writeExceptionsToEventLog="false" />
</providers>
</membership>
...
</system.web>
The providers element allows you to register multiple providers to choose from. Another feature is that you can clear out membership providers registered in other configuration files on the machine. This can make configuring your application less error prone later on. To do so, add the <clear/> element before the first membership provider (the <add/> element) in the list.
<system.web>
...
<membership defaultProvider="MembershipProvider1">
<providers>
<clear />
<add name="MembershipProvider1" ... />
<add name="MembershipProvider2" ... />
</providers>
</membership>
...
</system.web>
If you want to register the same provider with multiple web applications just using IIS Manager, you will need to put the assembly in the GAC and add the provider to one of the machine config files instead. This is usually more work for little benefit when deploying a single application.