Custom .Net Membership And The Login Control?

Mar 16, 2010

I am creating a custom membership provider for a web app that already has it's users stored in an existing database table. I used some code from a tutorial to help jump start my provider but I am a bit lost on how i can interact with the actual log in process.My custom provider has an override method for ValidateUser() and at the moment I am just returning true there. But I want to create a current user object to store in session scope. This object will just store some specifics about the user.

I guess another option would be to use the ASP.Net profile provider but again I am not clear on where to hook into log in process to run some code that would either create this user object or populate the profile information for the current user.

View 2 Replies


Similar Messages:

C# - Login Control And Custom Membership Provider?

Oct 11, 2010

I am working on implementing a custom membership provider that works against an existing schema in my database and have a few thoughts/questions.The login control will automatically call the ValidateUser method of the membership provider, so no matter how I implement the provider the only thing the login control cares about is the bool value returned by this method. What I am confused about is there could be numerous reasons why a login attempt failed; user is locked out, too many tries in a period of time, etc. There is no way that I see to convey that to the control so it could display the proper message. Other properties of the membership provider such as PasswordStrengthRegularExpression have absolutely no effect on the login control as well (out of the box), I would have hoped that it would automatically somehow translate into regular expression validators, but that doesn't seem to be the case. So it seems that I need to initialize the login control properties with these settings out of the provider configuration if I want them to take on the control itself.

If the only thing that the Login control does out of the box (without manually handling events and doing the initialization as described above) is call the ValidateUser method on the membership provider, I see no way to convey back to the Login control why the validation failed or even doing things like throttling the validation requests based on a certain time window. Ultimately my question is why would I even use the membership provider then in conjunction with the login control? It seems like it was only designed for a Yes/No type response, which is very restrictive. If I want to build in logic with different messages back to the user I need to handle the login control events and call my own authentication classes that will handle all of my business requirements as well as return a custom error message back to the Login control to display to the user so they know why their attempt is invalid.Unless I am wrong in my assumptions, it seems that the interface between the Login control as the membership API is too restrictive to be useful. Perhaps the API works better for other auth controls like ChangePassword better but for the actual Login control I don't see the point.

View 3 Replies

MVC :: Custom Login With NHibernate - Use The Membership Provider

Aug 5, 2010

how do i create the login? I don't want to use the membership provider, I need some logic to login in the user? I can of course make all the validation of the user, the problem is to create the cookie or session

public ActionResult LogOn(string email, string password, bool? rememberMe)
{
//Create som cookie or session I can use for user login?
return null;
}

View 2 Replies

Security :: Login Controls And Custom Membership Provider?

Oct 11, 2010

I am working on implementing a custom membership provider that works against an existing schema in my database and have a few thoughts/question.The login control will automatically call the ValidateUser method of the membership provider, so no matter how I implement the provider the only thing the login control cares about the bool value returned by this method. What I am confused about is there could be numerous reasons why a login attempt failed; user is locked out, too many tries in a period of time, etc. There is no way that I see to convey that to the control so it could display the proper message. Other properties of the membership provider such as PasswordStrengthRegularExpression have absolutely no effect on the login control as well (out of the box), I would have hoped that it would automatically somehow translate into regular expression validators, but that doesn't seem to be the case. So it seems that I need to initialize the login control properties with these settings out of the provider configuration if I want them to take on the control itself.

If the only thing that the Login control does out of the box (without manually handling events and doing the initialization as described above) is call the ValidateUser method on the membership provider, I see no way to convey back to the Login control why the validation failed or even doing things like throttling the validation requests based on a certain time window. Ultimately my question is why would I even use the membership provider then in conjunction with the login control? It seems like it was only designed for a Yes/No type response, which is very restrictive. If I want to build in logic with different messages back to the user I need to handle the login control events and call my own authentication classes that will handle all of my business requirements as well as return a custom error message back to the Login control to display to the user so they know why their attempt is invalid.

Unless I am wrong in my assumptions, it seems that the interface between the Login control as the membership API is too restrictive to be useful. Perhaps the API works better for other auth controls like ChangePassword better but for the actual Login control I don't see the point.

View 1 Replies

Security :: Custom Membership Provider Error "Could Not Load Type Custom.AspNet.Membership.PostPropertyProvider"

Jan 5, 2011

This is my first membership provider; I converted the sample provider [URL] to SQL. I created a vb class provider and put it into the App_Code folder. After it was created I tried to modify my webconfig but the error pops up. I don't know what else to try, I don't know if I have missed something

webconfig:

[code]....

View 1 Replies

Security :: Login Control And .Net Membership & Role?

Oct 28, 2010

I am currently working in an ASP.Net application where i need to implement ASP.Net Membership and Roles. I have used Login controls in my pages. Also I am using a menu in the master page, which is getting data bindings from database. For data bindings I am using XMLDatasource and a transform file (.xslt file). I need to bind the data to the Menu based on the user roles.

My issue is that the generated Menu is not behaving consistently. Sometimes it will show the correct menu for a particular role and some times it will show previously loaded data.Providing my code here:

masterpage.master.cs
private void LoadMenuItems() {
System.Security.Principal.IPrincipal User;
User = System.Web.HttpContext.Current.User;[code]....

View 7 Replies

Security :: Protecting A Folder Using Membership But No Login Control?

Jun 23, 2010

I have a business site that I want to use to show clients their projects I am working on. I don't want these projects to be visible to anyone but the clients, so I give them a user ID and password. I want to use asp.net membership to manage the login IDs and passwords, but I want to use jquery to submit the login form (it's lighter and leaner than the login control). Here is what I have: Page with an html form for login .js file with the jquery calls & code in it httpHandler to process the information from the formI have the user to entering their ID and password, I am using jquery.forms.js to process the form, which calls the httpHandler and passes the form values to the handler. I have the handler check to see if the user ID and password are correct, if not, it passes back a message to be displayed to the user. If the user is valid, then I have it passing back the role of the user, which also happens to be the name of the folder the client needs to view. I have the page redirecting via javascript to the client's folder once they are authenticated. I have the location of the client folder setup in my web.config.

The problem I'm having is the page just redirects back to the login page, with the return url included (?ReturnUrl=%2fCTS%2f2010+Design%2fLasmer%2findex.aspx). I want it to go to the client folder (Lasmer in this case) once the user has been authenticated. Shouldn't it send me to the folder's default page once it knows the user is authenticated? Do I have a problem in the way my web.config is wired up, and do I need anything in the client folder's web.config?Here is the code for the web.config:

[Code]....

Here is the code for the handler:

[Code]....

Here is the code for the .js file:

[Code]....

Here is the code for the page:

[Code]....

View 8 Replies

Security :: Manual Login Control Using Membership Provider Script

Feb 1, 2010

I am using manual Login using asp membership provider. which is working fine

Here is the code

[Code]....

1. Remember me check box

2. Exception handling incase account is locked or was the id and passwod incorrect how do i find that out.

View 4 Replies

Web Forms :: How To Get Logged In User Details When Using Membership Login Control

Jun 7, 2012

i have logged in using a login control

how can i transfer the login details to all other pages and how can i logout

View 1 Replies

Security :: How To Create A Customized Login Control And Calls For Membership Authentication

Mar 18, 2010

I just like to know how can i create my own authentication(calling the ASP .net membership, role) page with the same function as the LOGIN Control. Your wondering, why not use the Login control instead. I have my own design and i don't know how to pattern my design to the built in Login Control. I tried editing the login template, but it's pretty hard to pattern it to my design.

This is my design

Basically what would like to know how the Login Control calls for the authentication, and when authenticated, it will pass the user(full name) to my LoginView Control without any coding. Or is it possible that I remove default login button in the LOGIN Control then create my own button and trigger the authentication or validation? But if you have other suggestion that can follow my design and call the authentication, i would be happy to know.

View 3 Replies

.net - Using The String Resources Of Membership Provider In A Custom Control?

Mar 15, 2010

I have the request to build a custom control for ASP.NET membership. The control is a kind of CreateUserWizard, but somewhat special. The users are created by our account executives. At their first log in the users enter their user name and initial password, change the password and enter additional information (email) in one transaction!

Building this by customizing CreateUserWizard or another built-in control seems to be the wrong way. I want to build a custom control by using string resources of the built-in controls. Is there a way to access just the resources of ASP.NET membership? Is their a public accessible resource manager or something similar?

View 1 Replies

Custom Server Controls :: Inherit The Logion Control UI In Ascx Login Control?

Mar 14, 2011

How can I inherit the logion control UI in my custom ascx login control as well override it's OnAuthenticate event in my cusotm control code.

View 2 Replies

User Controls :: Implement Custom User Login With Roles Without Using Login Control

May 7, 2015

What if, I'm not using the LOGIN CONTROL but rather creating a Custom Control for Login. Is it possible to have user roles and a site map that redirects to its own destination when the user login?

View 1 Replies

C# - Change Login Control Layout In Custom Control?

Jun 21, 2010

Is it possible to create a Custom Control which inherits from System.Web.UI.WebControls.Login and change its layout and add additional controls such as a DropDownList. I have tried various ways to do this by overriding the Render Contents methods but each time I have to recreate the controls which are already present in the main Login control. Is it possible to somehow get a reference to the controls in the parent class and then override the Render Contents method to render the controls how I need them?I would like if at all possible to use the controls and functionality that already exist in the Login control but just change the layout and add in an additional DropDownList control.

View 1 Replies

Web Forms :: Make A Custom Login Control

Apr 25, 2010

need some guidance on how to make a custom login control where a user needs to input 3 field of input e.g Username, Password and Member ID number in order for them to be able to access a website.

View 3 Replies

Avoid Concurrent Login (logout Former Login Session) In Membership

Jan 8, 2010

I am wondering how I can implement so that later login session logout former login session to avoid concurrent login. I know how to check whether the user is online (by Membership.IsOnline()) and logout the current user (by FormsAuthentication.SignOut()). But I don't know how to logout the previous login session.

View 2 Replies

Security :: Add Another Custom Dropdownlist In Login Control To Authenticate The User?

Aug 13, 2010

how can add another dropdown inside the login control and authenticate the user on the basis of user name,password,and location.

is there any other way?

View 5 Replies

Forms Data Controls :: Custom Authentication To SQL DB Using Login Control?

Feb 7, 2011

I have an older custom classic asp app which handles time sheets for my organization. I would like to start migrate this application to asp.net. I am trying to figure out the best approach to implementing user authentication as the classic asp is built from scratch. For the new site, I would like to use the Login control to handle authentication but not sure the best way to wire it up to the existing SQL database with user name, password, and authentication levels. I have found this code snippit from the Microsoft site:

[Code]....

Unfortunately it does not suggest a connection mechanism. What would be the most logical / standardized way of making a connection to the db?

View 1 Replies

Security :: Login Plus Custom Login Using The Standaard Login Controls?

Apr 12, 2010

After reading a book I brought on ASP.net I fould the login controls to be very nice.I have set it up in my application so that customers can login using the standaard login controls and things were going smooth.But in my schema for my application I also have a table for customers (firstName, LastName, DOB, etc).And of course the customersID is used as a foreign key to tables such as Orders, Addresses (Home, Work, Postal).

The thing is how to i associate an asp.net login to a customer name in my table so that the CustomerID can be used through the application by knowing who is logged in.

View 7 Replies

Web Forms :: Custom Login Control In Masterpage With Coded User Validation?

Jan 17, 2010

I have a little doubt about creating a login control in the master page within a contentplaceholder.

What i want is to create my own login control in the masterpage, using a loginview inside a contentplaceholder. The code is the following:

[Code]....

So far so good, but now i want to create the logic to do the actual login. In a regular aspx page i'll do it in the cmdlogin click event, but as i'm in the masterpage, i'm not sure if i can do that. I actually tried to do it in the code behind of the masterpage, but it didn't work. What can do?? do i ahve to use the asp.net login control?

View 4 Replies

Security :: Can Implement Custom MembershipUser/custom Roles And Membership Provider

Oct 13, 2010

I create custom principal for implement logic for users. In identity I store Id, Name. But it abnormally - this classes must use for authenticate and authorize.

I can implement custom MembershipUser, custom Roles and Membership provider.

How to do it? What best practices are?

View 5 Replies

Security :: Displaying A Custom Message For Disabled Accounts Upon Sigin - Login Control?

Jan 9, 2011

I am using the SQLMembershipProvider for authenicating users for my web site. I would like to change the default message that is displayed when a user signs in but who's account is disabled. By default, it shows:

Your account has not yet been approved. You cannot login until an administrator has approved your account.

Is there a property for the Login control that allows me to change this message programmatically.

View 2 Replies

Security :: Custom Membership Provider With Custom Controls?

Mar 21, 2010

I'm new to ASP.NET and I don't exactly understand some features.

I have a custom membership provider TestMembershipProvider which inherits from MembershipProvider. It has the following CreateUser method:

[Code]....

It's absolutely simple code.Then I have two text boxes (login, password) and the button to register a new user. I thas a following code:

[Code]....

[Code]....

Authentication in web.config is set like this:

[Code]....

No matter what I write into textboxes, following error is being returned:

The password retrieval question provided is invalid.

I don't know why. Either in web.config or in get RequiresQuestionAndAnswer I have false value. When I instantiate my TestMembershipProvider and call CreateUser directly instead of using static Membership.CreateUser, it works fine. Do I have to use instance of my TestMembershipProvider or did I missed anything?

View 1 Replies

C# - Dispose Of Custom Object From Within Custom Membership Provider?

Apr 16, 2010

I have created my custom MembershipProvider. I have used an instance of the class DBConnect within this provider to handle database functions. Please look at the code below:

public class SGIMembershipProvider : MembershipProvider
{
#region "[ Property Variables ]"
private int newPasswordLength = 8;
private string connectionString;
private string applicationName;
private bool enablePasswordReset;
private bool enablePasswordRetrieval;
private bool requiresQuestionAndAnswer;
private bool requiresUniqueEmail;
private int maxInvalidPasswordAttempts;
private int passwordAttemptWindow;
private MembershipPasswordFormat passwordFormat;
private int minRequiredNonAlphanumericCharacters;
private int minRequiredPasswordLength;
private string passwordStrengthRegularExpression;
private MachineKeySection machineKey;
**private DBConnect dbConn;**
#endregion
.......
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
if (!ValidateUser(username, oldPassword))
return false;
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true);
OnValidatingPassword(args);
if (args.Cancel)
{
if (args.FailureInformation != null)
{
throw args.FailureInformation;
}
else
{
throw new Exception("Change password canceled due to new password validation failure.");
}
}
SqlParameter[] p = new SqlParameter[3];
p[0] = new SqlParameter("@applicationName", applicationName);
p[1] = new SqlParameter("@username", username);
p[2] = new SqlParameter("@password", EncodePassword(newPassword));
bool retval = **dbConn.ExecuteSP("User_ChangePassword", p);**
return retval;
} //ChangePassword
public override void Initialize(string name, NameValueCollection config)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
......
ConnectionStringSettings ConnectionStringSettings = ConfigurationManager.ConnectionStrings[config["connectionStringName"]];
if ((ConnectionStringSettings == null) || (ConnectionStringSettings.ConnectionString.Trim() == String.Empty))
{
throw new ProviderException("Connection string cannot be blank.");
}
connectionString = ConnectionStringSettings.ConnectionString;
**dbConn = new DBConnect(connectionString);
dbConn.ConnectToDB();**
......
} //Initialize
......
} // SGIMembershipProvider

I have instantiated dbConn object within Initialize() event. My problem is that how could i dispose off this object when object of SGIMembershipProvider is disposed off. I know the GC will do this all for me, but I need to explicitly dispose off that object. Even I tried to override Finalize() but there is no such overridable method. I have also tried to create destructor for SGIMembershipProvider.

View 2 Replies

Custom Server Controls :: Get IP With Custom Membership Provider?

Feb 7, 2011

I was made a custom membership provider.

All works good. My problem is Logs.

[Code]....

[Code]....

I dont know how to get user's ip.

I tried these methods...

Dim req as httprequest
ip = req.servervariables("remote_host") 'result = nothing
Dim req as new httprequest
ip = req.servervariables("remote_host") 'result = nothing
Dim req as requestcontext
ip = req.request.servervariables("remote_host") 'result = nothing...

View 2 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved