MVC :: Get Reference To Current MembershipProvider?
Aug 5, 2010
Within a controller action, how do I get a reference to the current MembershipProvider? That would be the one specified in web.config as the default provider. I newed up an AccountMembershipService object, but it does not expose the _provider within it.I am not entirely clear on what I want. I want to create a site user in code and then store the UserId as a foreign key in the vendor master of my application. To do that I am thinking I can add a method to my custom membership provider that creates a user and returns the ID of that new user. What I need is be able to get a reference to the custom membership provider in the controller action method.
Given an instance of a control SomeControl that is in a some file (could be a usercontrol/ascx, or an aspx) how can I get a reference to the class to which it belongs?
In a usercontrol, SomeControl.NamingContainer seems to be reliable.
In a page that inherits from a MasterPage, this will return a reference to the ContentPlaceHolder, not the actual class that defines the aspx. What I would want in that case is SomeControl.Page
Parent will return the parent control in the heirarchy so isn't much use.
Is there any method for getting this directly regardless of what kind of thing it is?
I lifted some nice code to handle memberships, but I want to add a customer specific field. My issue is how to reference my class from the inline c# code.
[Code]....
The problem is the line csUserProperties.AddNew(intUserId, lngCustomerId); -- I get the error "The name 'csUserProperties' does not exist in the current context. I have <%@ Import Namespace="csUserProperties" %> at the top of the file. I also tried everything with no namespace in the class below.
Is there room for issue in the following code in terms of multiple users of the same web application? I mean, I know that a purely static string will be shared across all sessions for a single ASP.NET application, but since this explicitly refers to the Current.Session, even though it is static it seems like it would always refer to the session instance of the "current user." But an error is happening that could be explained by everyone sharing the current value of Mode and thus the most recent change overwriting everyone else's mode value. (As a background: This string is in a Helpers class that is used throughout the application. I do not want to make references to Session["Mode"] throughout the application and do not want to have to pass Session["Mode"] in every method call from an aspx.cs page.)
public static string Mode { get { var value = HttpContext.Current.Session["Mode"]; return (value ?? string.Empty).ToString(); } set { HttpContext.Current.Session["Mode"] = value; } }
Every thing is fine but when I execute the project, NO control on my user control gets "instantiated" and thus I receive error "Object Reference Not Set"
Note that My Control has,
1) Public property PublicProperty as String
2) 1 Label control
In Load Event Handler I am setting Text property of Label Control to PublicProperty. Here object reference NOT set error occurs (which means Label control is NOT initialized).I don't want to register my control using Src, TagPrefix etc.
I'm trying to unit test the MembershipProvider, however I cant figure out how or whether there is any need for unit testing of it...
My business layer:
public interface IAccountService { MembershipCreateStatus CreateUser(string userName, string password, string email); } public class AccountService : IAccountService { private readonly MembershipProvider provider; public AccountService() : this(null) { } public AccountService(MembershipProvider providera) { this.provider = providera ?? Membership.Provider; } public MembershipCreateStatus CreateUser(string userName, string password, string email) { if (String.IsNullOrEmpty(userName)) throw new ArgumentException("Value cannot be null or empty.", userName); if (String.IsNullOrEmpty(password)) throw new ArgumentException("Value cannot be null or empty.", password); if (String.IsNullOrEmpty(email)) throw new ArgumentException("Value cannot be null or empty.", email); MembershipCreateStatus status; provider.CreateUser(userName, password, email, null, null, true, null, out status); return status; } }
The only examples I've found so far requires a "MockMembershipProvider" with a local database setup... seems quite odd to me.
I'm working on an ASP.NET solution with 2 projects. One is the web interface and the other contains my business logic. I'm using LINQ to SQL for my data access in the second project.
Apart of my database, I have a table called Users which holds user information.
I've started to implement a MembershipProvider. I notice that MembershipUser is coupled with MembershipProvider. What is the most correct way of getting my BLL/DAL to talk about Users? Should I minimally implement MembershipUser and whenever a user calls a method, it will call for eg. GetUserInfo() in my BLL/DAL, to get complete information about the user?
Or should I make the MembershipUser class methods call my custom "Users" class methods (like a wrapper) in the BLL/DAL (this custom users class is not related to linq)?
Or can I somehow extend the Linq to sql class "CFUsers" to extend MembershipUser.
The problem I'm running into is that when people reset their passwords, it seems the ResetPassword() method returns a password that is longer than I want and has characters that can be confusing (l,1,i,I,0,O). Furthermore, I'm sending my users an email with a plain-text message and an HTML message (I'm using MailMessage with AlternateViews). If the password has unsafe HTML characters in it, when the email clients render the HTML text the password might be different (e.g. the %, &, and < aren't exactly HTML safe).
I've looked over the "add" element that belongs in the web.config, but I don't see any extra configuration properties to only include certain characters in the ResetPassword() method and to limit the password length.
Can I configure the ResetPassword() method to limit the password length and limit the character set it is choosing from?
Right now I have a workaround: I call ResetPassword() to make sure the supplied answer is correct, and then I use a RandomPassword generator I downloaded off the internet to generate a password that I like (without ambiguous characters, HTML safe, and only 8 characters long) and then I call ChangePassword() to change the user's password after I've already reset it.
We are converting an ASP site (using DotNetNuke) to a new PHP site. The only thing we have right now is a full export of the existing database. One of the tables is called "aspnet_Membership" and contains the following fields:
Password (looks like base64) PasswordFormat (always value 2) PasswordSalt (looks like base64) PasswordQuestion (always empty) PasswordAnswer (always empty)
We would like to decode these passwords and hash them to fit our own framework. From what I understand from the .NET documentation these kind of passwords can be decrypted. Is there an algorithm available that can do this or is it more complicated than that? Will it be possible if we create an ASP script on the current server?
I would like to validate a password field for creating / updating users in asp.net (.net 3.5). The password will be used for a MembershipProvider.What is the best way to implement this so that the validation will use the configuration settings of the membership provider? Of course I can just write the code, but this seems like something so fundamental that there must be a drop-in way to do it.[edit] clarified that this is a password field for new users or for changing passwords, so ValidateUser doesn't help.
I need to give a user the ability to change the email of any other user listed in the aspnetdb. I can easily change their password, but I can't get the email to change. I thought that usr.email = [URL] would work, but it doesn't. It doesn't error, but it also doesn't change anything.
This is the basic code:
Dim usr As MembershipUser = Membership.GetUser(userName) usr.Email = txtEmail.Text
I try to implement a Custom MembershipPriver with a Custom MemberShipUser in my own database (with a specifics Users Table Model) : This is ly diffent files:
iTwitterMembershipProvider.cs using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Security; using System.Collections.Specialized; using iTwitter.Models; public class iTwitterMembershipProvider : MembershipProvider { public override string ApplicationName { get { return _ApplicationName; } set { _ApplicationName = value; } } public override bool ChangePassword(string username, string oldPassword, string newPassword) { throw new NotImplementedException(); } public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) { return false; } public override iTwitterMembershipUser CreateUser(string login, string password, string email, string tokenKey, string tokenSecret, string twitterUserId, object providerUserKey, out MembershipCreateStatus status) { ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(login, password, true);
I'm working with the default asp.net membershipprovider. Now, by default, that requires that all members registere have all unique email-addresses.However, I'd like to override that because, in a code behind of a certain webpage, I do not need emails to be unique.
I've been wondering how i go about writing a MembershipProvider that authenticates using a WCF Provider. At the moment i have a wcf service that will authenticate a username and password.
I can write my own Membership provider that will authenticate using WCF calls, thats no problem. What i want is to have the WCF as the actually provider.
Meaning in the web.config file i just put the WCF service as the MembershipProvider. Or is this not possible or not the way this is to be done.
I have registered a custom MembershipProvider class in my Web.Config file. I'm using Inversion Of Control using Castle Windsor and I have registered my custom MembershipProvider class as transient (because it's using a service that's transient as well).
This means that I want the Membership provider instance recreated on every web request. Currently, it is created only once per application domain so when it tries to access the service it depends on, that service instance is reused while it is not supposed to.
Now I need to find a way of having Windsor control the lifetime of my custom MembershipProvider but I don't know how. I expected a factory sitting around somewhere in the .NET Framework, allowing me to override the instance creation and rerouting it to Windsor but I can't find anything alike.
By the way, I'm using .NET 4.0.
UPDATE: Here's some of my code so you can see what I'm doing exactly:
I was wondering if it is possible to use a WCF Dataservice as the MemberShipProvider for a forms auth application. I have written code for a provider (below), but I do not know what to do as far as a connection string, or any other web.config properties.
Here is the code for my provider, anytime it says Odbc that is because I based this off of the custom Odbc provider on the msdn site. The only ACTUAL references to any odbc connection are in the comments:
I trying to understand how a server farm would use MembershipProvider / RoleProvider. If I have a million users, I do not want to have multiple copies of the MembershipProvider / RoleProvider database. I would like to have one set of machines used for login but then redirect users to other machines in the server farm depending applications the users decide to use. However, once they are redirected to the new machine, I do not want the user to have to relogin. I want the credentials and role information to be available.
Does anyone know how MembershipProvider / RoleProvider is configured for this type architecture?
I have created a custom MembershipProvider and RoleProvider which communications with some existing business logic. The issue I have is that the user login in my business logic requires 3 arguments (group id, user id, and password) and the MembershipProvider and RoleProvider I implemented just use 1 or 2 arguments (username, password). Right now I append my group id and user id together and pass it as the username then parse it in the implemented methods. Is there a better way to do this?
Note, I can handle the login fine because I can call my own ValidateUser method. The main issue is when the implemented methods are called from other things like the RoleProvider.GetRolesForUser(username) method when I use the AuthorizeAttribute.
I'm using various ASP.NET controls out of the box such as the CreateUserWizard control, Login control etc... For custom controls, I have sanitized my inputs by making sure they conform to expected values. However, is this required for the controls such as the CreateUserWizard control, or is that handled internally? Do I need to provide any extra server side validation to these controls and, if so, would it be best to do it in the "CreateUserWizardControl_CreatingUser" event?
I have some problems with getting my website to log out the authenticated user automatically when the session ends (the user closes the browser).
This is what I have in my web.config:
[code]...
When I close the browser, the user is still logged in. How do I make the website forget the user through an option, so the user himself can decide if the website should remember or not?
