.net - Use Of User.IsInRole Without Using Membership ?
Feb 17, 2010I'm using Forms authentication and I would like to make use of roles, can I somehow set the role of the user without Membership ?
View 4 Replies
Similar Messages:
Why Would User.IsInRole Return True, But AuthorizeAttribute Not
Jan 25, 2011I'm securing an ASP.NET MVC 2 application, and I have a user who is in the role "Foo".
This is true:
User.IsInRole("Foo")
But yet, when I attempt to lock down a controller action like the following, the user is denied:
[Authorize(Roles = "Foo")]
public ActionResult PrivatePage()
{
return View();
}
If IsInRole reports true, why would the Authorize attribute not allow the user in?
User.IsInRole Returning False Using Windows Authentication
Mar 15, 2010My ASP.NET app is using windows authentication. If I run the following code:
WindowsIdentity wi = (WindowsIdentity)User.Identity;
foreach (IdentityReference r in wi.Groups)
{
ListBox1.Items.Add(r.Translate (typeof (NTAccount)).Value);
}
if (User.IsInRole ("Everyone"))
Label1.Text = "Is in role";
The listbox will contain the name of every group the user belongs to. If I then call User.IsInRole, and pass in the name of any of those groups, I always get a false.
Security :: User.IsInRole For Any User?
Feb 13, 2010how can I find out if one of the user is the member of any role? For the logged user, I use User.IsInRole("Admin"), but how to find out if the nonlogged user is in the role?
View 2 RepliesWeb Forms :: Filtering Data In A Nested Master Form Based On User.isinrole?
Dec 8, 2010My website has a "charts" menu item that lets you choose from about a dozen pages each with a different chart in them. Each one of these pages uses the same nested master page which has some drop-down lists and text boxes to let the visitor do some filtering of what data shows up in the charts (I do this by building SQL statement parts in the nested master page and triggering an event that the chart page reacts to).
Anyway, One of the DropDownList controls shows the names of everyone in the Company (I use MembershipProvider and RoleProvider). What I want to is have the DropDownList show a different collection depending on the role that the visitor is in; If the visitor is in the "Principal" role, I want them to see everyone. If they are not in that role, I want them to get only their own name.
I expect I'd have to do this in code-behind... But thought I'd check to see if anyone knows if it is possible to have an "IF" statement in the SQL DataSource for this control that can refer to the role that the current logged-in user belongs to
Security :: Dynamically Create Membership User And Check If User Name Is Valid Or Used?
Jul 25, 2010I am createing user dynamially with the below code; string MyPassword = Membership.GeneratePassword(8,0).ToString(); Membership.CreateUser(TextBox7.Text, MyPassword, TextBox8.Text); but before I start creating, I would like to check if the user name is used before or not.
View 2 RepliesSecurity :: Store User Password In Custom Membership User
Aug 12, 2010I have a custom membership user class and custom MembershipProvider working against database. Due to security reasons the user passwords are stored in the database as hashed values. So my procedure
public override bool ValidateUser(string username, string password) is
{
//select hashed password from db
return (EncodePassword(password) == dbpassword)
}
[code]....
Web Forms :: How To Log Out User In Membership
Jun 7, 2012how to perform log out task in web page in different forms
View 1 RepliesHow To Reset And Get Password Of Membership User
Jun 21, 2010i am working on membership concepts in asp.net. Now i want to reset new password and getpassword for specific user.
this is my web.config code:
[code]....
Security :: How To Logout Another User (Membership)
Jan 26, 2011In the site I am building we have standard users and superusers. A superuser can delete another user from the system and this should result in that user being logged out (if he/she is currently logged in). We use the Membership provider. Or actually the superuser doesnīt delete the other user completely but instead sets his/her as inActive by following code:
[code]...
But, that should not matter... What I want to know is how to make the affected user being logged out. I donīt need a popup or anything to be shown to the other user that he/she is just logged out, it is enough to check if that user is logged in when he/she tries to move to another page on my site.
Membership.GetUser() Vs Context.User?
Apr 29, 2010What are the differences between Membership.GetUser() and Context.User, and which is recommended for use in getting information about the current user?
View 2 RepliesSecurity :: Get Membership User Comments?
Apr 26, 2010I'm trying to get the comments section for a user, to populate a text box which can be updated. I'm getting the "Object reference not set to an instance of an object" error. Why is this occurring?
[Code]....
C# - Create User In Another Membership.ApplicationName?
Dec 6, 2010I have an administration website - the users of which should be able to modify users for a public site. This means the administration site has a valid membership provider, but I want to be able to access/change members in another site (and therefore ApplicationName).
First thought was to set ApplicationName on the Membership static - but that seems like a bad idea according to answers here: Changing Membership.ApplicationName in code - thread safety.
Second thought was to duplicate the MembershipProvider entry to the web.config - so now I can do WebSiteMembershipProvider = Membership.Providers("WebsiteSqlMembershipProvider") - but I can't now seem to get to a 'Membership' object which will let me (for example) call the standard 'CreateUser' method.
I tried WebSiteMembershipProvider.CreateUser - but it takes a load more parameters, and doesn't seem to do anything if I poke some values into it.
Am I nearly there? Or do I need a different approach? There's always the SqlProvider's stored procedures, I suppose...
Security :: Membership Search User?
Aug 20, 2010Is there a membership function to search a username Like this: LIKE '%UserName%' ?
This is not working.
[Code]....
Membership Db - Adding Branches To A User?
Apr 14, 2010I am playing around with the membership database and have a question. Lets say I have a company called company ABC. There are 10 branches that belong to comapany ABC.
IS there anyway to create a relationship within the database using company ABC as the parent and having the 10 branches as childs?
Security :: Active A User With Membership
Dec 20, 2010How can I active a user that has been created with Membership?
View 1 RepliesSecurity :: Add Membership User Check If Exists?
Dec 13, 2010I would like to create a sync process between an ADSI table and aspnet Membership using Membership.CreateUser. However, I need to see if a user exists before importing. I can import as long as a user does not exist however I am having trouble checking if users exist and only importing if they do not. Here is my code so far.
[Code]....
Security :: Referencing The Membership User Table?
Oct 13, 2010When creating a foreign key to the membership user table, is it better to refer to the user_id column or is it ok to use the username column? I assume that the Membership spec enforces uniqueness in the username since there is a method Membership.GetUser(username) that returns one user. Using the id is a bit awkward in code because I have to end up casting all over the place like (int)user.ProviderUserKey. The username would give more information quickly when viewing raw data as well. Just wondering if someone knows a reason why I shouldn't use it as the foreign key.
View 1 RepliesSecurity :: Generate User Membership Provider?
Dec 22, 2010Is it possible to call a membership provider to generate a username and password automatically?
View 1 RepliesUsing SQL Membership Provider - Store Own Per - User Data?
Mar 27, 2010I'm using the ASP.NET SQL Membership Provider. So, there's an aspnet_Users table that has details of each of my users. (Actually, the aspnet_Membership table seems to contain most of the actual data). I now want to store some per-user information in my database, so I thought I'd just create a new table with a UserId (GUID) column and an FK relationship to aspnet_Users. However, I then discovered that I can't easily get access to the UserId since it's not exposed via the membership API. (I know I can access it via the ProviderUserKey, but it seems like the API is abstracting away the internal UserID in favor of the UserName, and I don't want to go too far against the grain).
So, I thought I should instead put a LoweredUserName column in my table, and create an FK relationship to aspnet_Users using that. Bzzzt. Wrong again, because while there is a unique index in aspnet_Users that includes the LoweredUserName, it also includes the ApplicationId - so in order to create my FK relationship, I'd need to have an ApplicationId column in my table too. At first I thought: fine, I'm only dealing with a single application, so I'll just add such a column and give it a default value. Then I realised that the ApplicationId is a GUID, so it'd be a pain to do this. Not hard exactly, but until I roll out my DB I can't predict what the GUID is going to be. I feel like I'm missing something, or going about things the wrong way. What am I supposed to do?
What's The Correct Way Of Getting A Membership Provider Where User Id = Email
May 1, 2010I want to implement membership where email is used as the user id. Is there a ready-made provider for this, or do I have to write my own one? Or should I just make do with the 'default' one?
View 1 RepliesError - Membership Provider When Adding User
Nov 17, 2010The error message below i get when I"m trying to create a new user in a project management system we use for a client. I type in all the corresponding information then when I click create it throws this error.
invocation. at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner) at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at System.Web.Administration.WebAdminMembershipProvider.CallWebAdminMembershipProviderHelperMethodOutParams(String methodName, Object[] parameters, Type[] paramTypes) at System.Web.Administration.WebAdminMembershipProvider.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, Object providerUserKey, MembershipCreateStatus& status) at System.Web.UI.WebControls.CreateUserWizard.AttemptCreateUser() at System.Web.UI.WebControls.CreateUserWizard.OnNextButtonClick(WizardNavigationEventArgs e) at System.Web.UI.WebControls.Wizard.OnBubbleEvent(Object source, EventArgs e) at System.Web.UI.WebControls.CreateUserWizard.OnBubbleEvent(Object source, EventArgs e) at System.Web.UI.WebControls.Wizard.WizardChildTable.OnBubbleEvent(Object source, EventArgs args) at System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) at System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Security :: Logout A User From C# Membership With JavaScript?
Nov 20, 2010if a user wants to clear their personal information from a page after clicking on a button that they be re-directed to the ASP Login page. This code needs to be developed using Java Script because I want the user to confirm with a confirmation box that they intended to clear their info. I have found resources on MS that pointed to referencing the "System Web Extension" within the Web Config file shown below, which enables Java Script to be able to reference the Authentication Service classes. I am also calling the function show_confirm in the button onclick event to process the message box response.
I also need to redirect a user back to the Login page within this same show_confirm() function without pointing directly to the URL, but instead to the folder where the page is locateded like in VB Server Redirect if possible.
The error message I receive when I run this code is: Microsoft JScript runtime error: 'sys' is undefined.
Shawn
[Code]....
[Code]....
Security :: How To Get Membership User Hashed Password
Jul 28, 2010i have implemented asp. net membership authentication and one of my users has forgotten his password.
The passwords are hashed and when i try retrieveing his password i get the error that password retrieval is not available for hashed passwords.
Should i reset the password?
Security :: Membership - Getting A Unique Identifier For User
Feb 22, 2010I realize that user names are unique, but is there another identifier associated with the username? If there is, how do I find out what it is for the user who is currently logged in?
View 2 Replies