.net - Custom Role Provider With ActiveDirectory Authentication?
Feb 21, 2010
I'm creating a custom Role provider based on the ASP.NET Role provider. I have 3 tables. One for Users, one for Roles, one for UsersInRoles.The Users table has no password column because the users are authenticated with ActiveDirectory. That's my approach so far. I can't get the cusstom Role Provider to work, anyone has the same situation like me. How do you make a custom Role provider works with AD?
I've just started a small ASP.NET web application. In this project, I need to authenticate the users with Active Directory. I managed to authenticate the users successfully with Active Directory. But with Authorization with Custom Role Provider, I'm so confused. You see, the user name and password are stored in AD. So, my approach is that after the LoggedIn event of the Login Control, I check if UserName is not yet stored in the Users table yet, then I will store the UserName there. Finally, I have all the UserName of the AD users store in the Users table so I can assign Roles to the users. see my tables diagram below:
Let's say I assign UserA to RoleOne. After he logs in successfully, I do some query to look for his Roles.
Where do I keep the Role ticket? In the Cookie or in the session? How does the authorization of ASP.NET role provider work? I want to store the authorization ticket like ASP.NET role prover does too.
I've just started a small ASP.NET web application. In this project, I need to authenticate the users with Active Driectory. I managed to authenticate the users successfully with Active Directory. But with Authorization with Custom Role Provider, I'm so confused.You see, the user name and password are stored in AD. So, my approach is that after the LoggedIn event of the Login Control, I check if UserName is not yet stored in the Users table yet, then I will store the UserName there. Eventually, I have all the UserName of the AD users store in the Users table so I can assign Roles to the users.
Let's say I assigned UserA to RoleOne. After he logs in successfully, I do some query to look for his Roles.
Where do I keep the Role ticket? In the Cookie or in the session? How does the authorization of ASP.NET role provider work? I want to store the authentication ticket like ASP.NET role prover does too.
1. user can login by their AD account and password.
2. AD account can be assigned to different group.
I know there is a training video - [URL] to teach how to use the tool to provision the membership schema to SQL server for Forms authentication. but how can I use AD authentication with this?
I have watched the how to video on Creating a Custom Membership provider. So far it works great. My login control interacts well with it etc. Now i've created a Custom Role Provider. I've created a class that inherits the RoleProvider base class and i've added code to each Sub. My question is, what is the best way to implement the role provider, considering I get the Roles etc from the database?
i have implemented custom role provider and membership provider .
login page : SignIn.aspx
on successful login it redirects to (index-Homepage.aspx)
now PROBLEM is when it successfully logged in ,and redirects to 'index-Homepage.aspx' it gives Anornymoustemplate ..while its verifying the role correctly in index-Homepage.aspx.cs
I have created my own custom role provider class "SGI_RoleProvider" and configured properly.
Everything is working fine.
Suppose that I have added a public method say "SayHello()", then how can i call that. Because if i am using Roles then the method is not displayed. If i am forcefully using that Roles.SayHello() then compiler gives the error.
how can i call this. Because creating a new instance of SGI_RoleProvider is meaningless.
I am implementing a custom role provider in my nhibernate application I have a repository that I call whenever I want to access the nhibernate session. So when my role provider initializes itself
public override void Initialize(string name, System.Collections.Specialized.NameValueCollection config) { base.Initialize(name, config); Repository = new Repository();
We are trying to implement Custom Role membership provider for our web app. For authorization we want to check for one more field like Facilityid for the logged on user along with role he has. eg. my User1 having Role1 with Facility1 can access some option and same user role for Facility2 have different option. So is there a way we can extend the existing role/profile provider to authorize user with this additional field along with role assigned.
I have a custom role provider and I'm trying to get the IsUserInRole() method to get called when a user of a certain role tries to access a restricted page. However, the method is never called.
[code]...
When the user goes to a restricted page, I'd like the custom role provider to check the user's role and deny/grant access.
I have created custome Membership Role and Profile provider using INGRES db. Now I can see my IngresMembership and IngresRole provider in the Provider tab(Select a different provider for each feature (advanced) ) of WSAT but when I clik on security tab I get this error:
"There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store.
The following message may help in diagnosing the problem: Object reference not set to an instance of an object."
What am I missing? Do I need to add code for all override methods for Role provider? I have just written code for the Initialize and GetRolesForUser functions.
I have a custom role provider class that is currently being used by a web application. We are now in the process of migrating several windows applications from VB6 to VB.Net. From preliminary research, I understand that I can use the custom role provider in win forms as well and came across Client Application Services. I understand how the Client Application Services is setup, but can't seem to find how the custom role provider code will be shared between the web apps and the windows apps.
how to implement a custom role provider which has support for parent and child roles?
I have a requirement to have high level Role permissions as per the usual Role provider functionality. However, I also have a requirement to further breakdown permissions into sub roles. I toyed with the idea of having further role instances for sub permissions but I'd prefer to have a native solution which allows for sub roles.
In this scenario, the "Admin" role is actually 2 distinct roles, one for IT and one for Extranet scenarios. Ideally, there is no association between the 2 "Admin" roles because they are unique sub roles.
[Edit]: Following Igor's comment I feel I should clarify. The aspnetdb is already hosting multiple applications and therefore the use of the Application Name is not possible to segregate the sub roles as it is already being used to seperate the roles by application.
I am new to asp.net and I have a system am trying to edit but each time I debug it, I get errors. The one of the errors is shown below: Server Error in '/starBus' Application.
Configuration Error.An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message:
Could not load type 'CustomRoleProvider'.
Source Error:
Line 74: <providers> Line 75: <clear/> Line 76: <add applicationName="/" name="CustomRoleProvider" type="CustomRoleProvider"/> Line 77: </providers> Line 78: </roleManager>
Source File:
C:UsersGayancyDesktopstarBusweb.config Line: 76..Below is the web.config codes with Line 76 in bold: <?xml version="1.0"?><!--
Note: As an alternative to hand editing this file you can use the web admin tool to configure settings for your application. Use the Website->Asp.Net Configuration option in Visual Studio. A full list of settings and comments can be found in machine.config.comments usually located in
I have a custom oledb role provider that pretty much a cust and past of:
[URL]
except I've used oledb instead of odbc. I'm connecting to an oracle database and the tables have been created with out any issues. now if I go into the Website Administration Tool and try to create a new role I get the error
"Specified cast is not valid."
I can create a role directly in the database (through TOAD) and the role will show up in the .NET WAT, so I know it can make the connection and read the info just fine. I just can't create or delete or modify a role without the above error.
I have Membership configured with IIS7, tables for it located in my own database, created with aspnet_regsql utility, and I am using custom connection string to access it.
This is part of web.config related to Membership :
I created a custom forms authentication and membership provider and it seems to work fine opening up in WAT, creating roles and adding users. Also when I in my mvc app use it to log users in, it works fine. However it seems to fail to determine a user's role (no errors, but just jump over User.IsInRole(...) lines and Roles.GetRolesForUser(); comes up empty. I got a gut feeling I did something wrong with my configuration, so for now I'll post just that:
There are multiple roles. (Role A, Role B etc) There are multiple input/output fields. (Field A, Field B etc) There are multiple permission levels controlling access to each field. (Read, Direct Edit, Edit With Approval, None) Each role has its own permissions to fields. (Role A has Read Permission to Field A; Role B has Direct Edit permission to Field A etc) Every role can be assigned to users and they are assigned by Geographic information. (User A is assigned to Role A for Continent: Europe - Country: Germany; User B is assigned to Role A for Continent: Europe - Country: France; User A is assigned to Role B for Continent: Europe - Country: France etc) Users can have multiple roles User identity is coming from Windows Authentication.
is it possible to represent this type of kind of multi-layered security model using ASP.NET internal membership/role providers? If so, what should my starting point be? Creating only custom role provider with custom methods and fields be enough?
I am trying to create a Forms Authenticated site and have already used the aspnet_regsql tool to create the necessary logic in my SQL Server DB to hold my data. Now, I am looking to create a custom Membership, User and Role provider for my DB model. I was looking at the following video: [URL]
Now, I get the concept on how to go about it but I notice that this guy uses custom DB Procedures as to the ones that are generated by the aspnet_regsql tool. Can anyone direct me on where I can find info on how to go about building the Membership, User and Role provider class using the DB structure that aspnet_regsql generates? So much junk on google that I am having a hard time finding good guidance.
I think I'm missing something simple...I have a customRole Provider set up and it seems to be working fine - I can add/change/delete info using the WAT.For my Authorization I do a custom routine that is separate from the .net provider that basically says the users is or is not authenticated (true/false).If the user IS authorized how do I set the cookie (or whatever) letting .NET know who they are so I can use the roles on a directory level?I know I can use Roles.IsUserInRole on individual pages but I'd like to be able to use directory based authorization too (from the web.config).
Unfortunately, all the examples for Forms Authentication Code Behind w/ Custom Role and Membership Providers I find online are written with a VB.NET code behind and I need a C# code behind. I need a codebehind that will do the following:
authenticate user upon login button click if user active_flag=0 (false) OR password!=@password, display error: "Access Denied" if user admin_flag=1 & active flag=1 (true), redirect to admin_pageszipsearch.aspx if user admin_flag=0 (false) & active_flag=1 (true), redirect to pageszipsearch.aspx
I've been asked to upgrade a few applications and I'm planning on merging all of them into one asp.net application. I'm fine with this decision and have spoken with fellow workers and they also think it's the best option to go with.
The application will be accessed from a small group of users which belong to a larger domain. I'm currently planning on using Windows authentication and only allow this small set of users to access the asp.net application. Also there must be some role management, so that only certain users can view certain functionality.
I really don't want to have many different windows groups; so I want to avoid having to assign different windows groups to different folders and control permissions in the web.config.
What I'd like to do is:
- Assign one windows group to the small group of users who will access the page.
- Create a custom membership provider and control the user who accesses the application. Depending on the user I will then assign his current set of roles.
- Add an application setting to the web.config, with the name of the current administrator, so if he logs in, he will be assigned all roles, and will be able to create and assign roles to other users.
1 - whats the difference between Role Provider and Membership provider ??
2- If we implement Custom Role Provider or Custom Membership provider then what does this means ? and which Provider do we use when we apply custom role provider or custom membership provider