Extending RoleProvider GetRolesForUser ()
Jun 3, 2010
The GetRolesForUser() method in the RoleProvider takes the user login name and returns the list of roles for that user. But in my application this is not enough, I need a few more pieces of information to be able to get the user's roles. How can I get this extra information into the method? I have it in the Session, but I found out that Session is not available in the RoleProvider.
What I had in mind was putting this extra info in some class that extends MembershipUser, assuming I can get to it inside the RoleProvider. But I don't know how to create the CustomMembershipUser and make it part of the MembershipProvider. Is this even possible? The easy way out would be using cookies, but I'm trying to keep away from it.
View 1 Replies
Similar Messages:
Mar 24, 2010
I have a section on a page where a user can change their username. This is basically the code for that:
user.UserName = txtNewUserName.Text;
user.Save();
user is a class in my dbml and Save calls SubmitChanges on the data context.The name is changed in the database, so when it calls the following method, it fails because it is trying to get the user with the old username instead of the one that is in the database now.
public override string[] GetRolesForUser(string username)
{
return dc.Users.Where(u => u.UserName== username)
.SingleOrDefault().Roles
.Select(r => r.RoleName).ToArray<string>();
}
View 1 Replies
Aug 23, 2010
Why there is no method to get user roles by their ID. I do not want to use name. So I'm just wondering do I have to write my own or somebody else already did it ?
View 11 Replies
Dec 18, 2010
using asp.net membership api when I call Roles.GetRolesForUser(); it returns nothing. When I make a call Roles.GetAllRoles() all the roles are returned. What is the problem? Also what is the correct way to authenticate users using the membership api?
View 2 Replies
Oct 26, 2010
Roles.GetRolesForUser(UserName) .I have follwing codes in my Web.config,
<authentication mode="Forms">
<forms slidingExpiration="true" defaultUrl="admin/Welcome.aspx" timeout="60"/> </authentication>
<roleManager enabled="true" defaultProvider="SecurityTutorialsSqlRoleProvider">
<providers>
<add name="SecurityTutorialsSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" applicationName="SecurityTutorials" connectionStringName="SecurityTutorialsConnectionString"/>
</providers>
</roleManager>
View 2 Replies
Sep 10, 2010
I have built an asp.net web site with .net framework 3.5 and I am trying to avoid sending unncessary queries to my database in order not to have high server load. I have a login view in my master pages and it contains templates for anonymous users and members. To lighten my server load, I am using Sql Data Profiler and Database Tuning Advisor. I noticed that every page load triggers a stored procedure to get user role using
dbo.aspnet_UsersInRoles_GetRolesForUser stored procedure.
My question is that if it is necessary to check for every page load or I can store it somewhere and check later. is it Login View or Login Control sending queries? is it about access rules to member's pages? or is it because I used the login controls in my master page?
View 2 Replies
May 17, 2010
I have a web application that accesses a database through a wcf service. The idea is to abstract the data from the web application using the wcf service. All that works fine but I am also using the built in roleprovider using the SqlRoleManager which does access the aspnetdb database directly. I would like to abstract the roleprovider by creating a custom roleprovider in a wcf service and then accessing it through the wcf service.
I have created the custom role provider and it works fine but now I need to place it in a wcf service. So before I jump headlong into trying to get this to work through the WCF service, I created a second class in the web application that accessed the roleprovider class and changed my web config roleprovider parameters to use that class. So my roleprovider class is called, "UcfCstRoleProvider" and my web.config looks like this:
<roleManager
enabled="true"
defaultProvider="UcfCstRoleProvider">[code]....
But I get this error."Provider must implement the class 'System.Web.Security.RoleProvider'."
I hope I have explained well enough to show what I am trying to do. If I can get the roleprovider to work through another class in the same application, I am sure it will work through the WCF service but how do I get past this error?Or maybe I took a wrong turn and there is a better way to do what I want to do??
View 3 Replies
Nov 16, 2010
I trying to understand how a server farm would use MembershipProvider / RoleProvider. If I have a million users, I do not want to have multiple copies of the MembershipProvider / RoleProvider database. I would like to have one set of machines used for login but then redirect users to other machines in the server farm depending applications the users decide to use. However, once they are redirected to the new machine, I do not want the user to have to relogin. I want the credentials and role information to be available.
Does anyone know how MembershipProvider / RoleProvider is configured for this type architecture?
View 4 Replies
May 18, 2010
I have created a custom MembershipProvider and RoleProvider which communications with some existing business logic. The issue I have is that the user login in my business logic requires 3 arguments (group id, user id, and password) and the MembershipProvider and RoleProvider I implemented just use 1 or 2 arguments (username, password). Right now I append my group id and user id together and pass it as the username then parse it in the implemented methods. Is there a better way to do this?
Note, I can handle the login fine because I can call my own ValidateUser method. The main issue is when the implemented methods are called from other things like the RoleProvider.GetRolesForUser(username) method when I use the AuthorizeAttribute.
[Code]....
[Code]....
View 1 Replies
May 10, 2010
I'm trying to use this article to learn about custom roleproviders, but I'm getting this error:
Could not load type 'TestRoles.SimpleRoleProvider'.
The relevant section from my web.config:
<roleManager enabled="true" defaultProvider="SimpleRoleProvider">
<providers>
<add name="SimpleRoleProvider" type="TestRoles.SimpleRoleProvider"/>
</providers>
</roleManager>
The RolesProvider.cs class:
public class TestRoles{
public class SimpleRoleProvider : RoleProvider
{
public override string[] GetRolesForUser(string username)
{
List<string> roles = new List<string>();
roles.Add("Guest");
if (username.Equals("Dave"))
roles.Add("Admin");
return roles.ToArray();
}
}
}
From this error, it seems like it can't find the RoleProvider.
View 1 Replies
Feb 11, 2011
I'm trying to implement the following adjustments to the default ASP.NET RoleProvider so that it supports hierarchical role definitions. However i cannot create the following function, it keeps Executing the function.
Ref: [URL]
What is wrong with this function?
-- Template generated from Template Explorer using:
-- Create Multi-Statement Function (New Menu).SQL
--
-- Use the Specify Values for Template Parameters
-- command (Ctrl-Shift-M) to fill in the parameter
-- values below.
--
-- This block of comments will not be included in
-- the definition of the function.
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
-- Author: <Author,,Name>
-- Create date: <Create Date,,>
-- Description: <Description,,>
CREATE FUNCTION [dbo].[aspnet_Roles_Ancestor_TVF] (
@RoleId uniqueidentifier
)
RETURNS
@aspnet_Roles TABLE (
ApplicationId uniqueidentifier
, RoleId uniqueidentifier
, RoleName nvarchar(256)
, LoweredRoleName nvarchar(256)
, Description nvarchar(256)
, ParentRoleId uniqueidentifier
)
AS
BEGIN
; WITH aspnet_Roles_CTE (
ApplicationId
, RoleId
, RoleName
, LoweredRoleName
, Description
, ParentRoleId
, HierarchyLevel
) AS (
[Code.....]
View 2 Replies
Feb 24, 2010
I am obviously missing something here and it is driving me batty. I am trying to implement a custom role provider so that I can add some of my own custom code to it. I have created my CustomRoleProvider class, I have inherited the RoleProvider base class and implemented its members. I have made the required changes to my web.config so that my CustomRoleProvider is used. This is all working great.
All of this is wrapped up in a wrapper class as provided by the MVC Membership Starter Kit that I am using and wish to extend.
Now I want to add my own custom functionality.
When I add a function to my CustomRoleProvider I cannot see it or access it.
How do I add functionality to my CustomRoleProvider so that I can use it?
View 1 Replies
Dec 25, 2010
Does Forms Authentication require that cookies be enabled to use MembershipProvider and RoleProvider? If so, can anyone tell me the minimum security level I need to tel clients to use.
View 2 Replies
Aug 31, 2010
Say for my ASP.NET application, I have implemented my custom RoleProvider by using my existing Users table on my Oracle 11g database. Then, for my Membership Provider, can I still use the AspNetSqlMembershipProvider that comes with the .NET framework and uses SQL Server?
View 4 Replies
Apr 4, 2011
I have created custom membership and role providers for a SharePoint web application.
If I deploy the DLL for these classes into the GAC, the membership/role provision works just fine. If I deploy these DLLs to the web application's bin folder in IIS, the web app bails with a server error immediately when browsing to the site.
Parser Error Message: Exception has been thrown by the target of an invocation.
If I view source on the error page I get a bit more info:
[code]....
View 1 Replies
Feb 20, 2010
I'm making a custom MembershipProvider and RoleProvider.
I have database tables with Roles and UsersInRoles and I use LINQ-to-SQL to create objects of the tables.
When invoking [Authorize] on an action method, will it work with my custom RoleProvider?
How does it know if the user is authenticated and if the user is in the appropriate role?
View 1 Replies
Oct 15, 2010
I have written an assembly (DLL) containing two classes, MyMembershipProvider and MyRoleProvider, which are derived from MembershipProvider and RoleProvider, respectively. I have implemented most but not all of the abstract methods; the remaining ones all throw a NotImplementedException. I have signed the assembly and added a reference to it in my web-site project, where the relevant web.config sections look like this:
[Code]....
When I fire up the site, however, I get the following error:
Configuration Error
Description:
An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message:
Exception has been thrown by the target of an invocation.
The error message points to the <add /> tag in the <roleManager /> section: if I take that out, however (enabled="false"), it comes back again as soon as I try to log-in to the site (this time pointing to the membership section). I have verified that is recognising the classes by changing the name in the "type" attribute (to something that doesn't exist), at which point it throws a different error. Therefore I'm presuming there's a problem with my assembly code somewhere; but how can I find out where? I have debug=true in the web.config and also compiled the assembly with Debug options, but no clues.
View 4 Replies
Jun 18, 2010
I had a post here [URL] that I need to expand on now. I have a few web pages that need to check for a certain role on each page request. I have a custom Membership Provider and a custom Role Provider (called CustomRoleProvider - very original - I know) that I am using to do this. When a user logs in, the CustomRoleProvider.GetRolesForUser() method is called automatically (by the urlAuthorizationModule). When this method gets called, I am currently adding a role to the roles string array that allows/permits the user from viewing the web pages of concern based on certain qualifications that are determined elsewhere in the code (i.e. the database is queried to see if the user has rights to visit certain pages).
This approach only gets me half way because the user's roles are only checked once at login. When I wrote my previous post, I thought the CustomRoleProvider was broken because it wasn't calling the IsUserInRole() method on each page request. According to Microsoft, "The IsUserInRole method is called by the IsUserInRole method of the Roles class to determine whether the current logged-on user is associated with a role from the data source for the configured ApplicationName." (that information comes from this page:
[URL] Reading that description I thought it was being called automatically on each page request. This is not correct. What I need to know how to do is to get a method in the CustomRoleProvider that returns a boolean to be called automatically on each page request so I can update the user's roles if they change while the user is logged into the web site. For example, if the user has rights to visit page A and then five minutes later his rights are revoked, he can't visit page A again unless he contacts an admin to reset his rights.
View 1 Replies
Oct 5, 2010
How can I put MembershipProvider, ProfileProvider and RoleProvider in one single external config file?
View 1 Replies
Jan 28, 2011
As I'm learning the ins and outs of ASP.NET user management, I've learned that the default in VS is for it to use a SQL Server Express .mdf file for the data it needs to save. This won't help me for when I deploy my site, as I'm running SQL Server 2008 R2 on my IIS 7.5 server. I know that I can run a command line tool to automatically create the db tables necessary for user management, and will do that on my development machine, but how do I tell my existing, in development code in VS to ignore the existing Express .mdf file and look at the newly created db tables?
View 1 Replies
Nov 30, 2010
I've been recently tasked with leading an effort to improve our input (and output) validation with OWASP recommendations and PCI compliance in mind. In the process, I'm trying to assess the value of the ESAPI.NET project which does not appear to have seen any activity since the spring of '09 and as it stands is incomplete.
Does anyone have experience using or extending ESAPI.NET v0.2? Is it a good starting place today for building out an infrastructure to address the targeted vulnerabilities?
FYI: I am looking at MS AntiXSS which, of course, only addresses a portion of ESAPI's scope. We already do a good job with SQL injection though there are improvements we need to make.
View 1 Replies
Aug 23, 2010
Is it possible to Extend Textbox to have a Unique Name ? I have tried using UniqueID poperty,but this is not accessible with Request.Form("UniqueID")
View 2 Replies
Aug 15, 2010
When people talk about extending a control are they just talking about inheritance?
View 1 Replies
Apr 18, 2010
I have a rather large application that has literally a hundred DDLs with Yes / No ListItems. In an attempt to save myself some time, I created a custom control that extends the standard DDL.It all seems to work fine but I am having some issues when assigning the SelectedValue property in code where the selected value does not seem to have an affect on the control. I wonder if I should be adding my items during Init or PagePreLoad? Should I be calling base.OnInit before or after I add the list items? This mostly works but not 100%. (v3.5)
public class YesNoDropDownList : DropDownList
{
protected override void OnLoad(EventArgs e)
[code]...
View 1 Replies
Mar 5, 2010
When you create a webpage in ASP.net, the codebase inherits System.Web.UI.Page
Now when I extend the page object to check for SessionExpired for example, I create a new class and inherit from system.web.ui.page, and overwrite some functions.
The problem then is that on each page, I have to replace system.web.ui.page with my custompage class.
Is there a way to extend a class by adding methods or modifying its methods directly (e.g. add the sessionExpired check to System.Web.UI.Page) ?
I'm using .NET 2.0
View 2 Replies