Security :: Authentication For Multi Tenant?
Dec 28, 2010
I have been seeking the best way, or at least a good way, to handle Client Access for a Multi-Tenant/SaaS-type web app designed with MVC 2.There are no tricks as far as client customizations needed here. So every company will have the same experience on the app. I just need to understand how I can isolate the experience so that a logged in user only sees data relevant to his company. My tactic is that my database houses a "tenantID" column for each row so I can easily isolate the rows that way. I am wondering if the default provider using the ASPNETDB.mdf can be modified to route users to their assigned company data. I have seen examples using route paths ({tenant}/{controller}/{action}/{id}) but even those threads express doubts. So if anyone has a good method that they are comfortable with, I am all ears (or eyes).
View 5 Replies
Similar Messages:
Jan 24, 2010
I am developing a web application which implements membership, roles and profiles. I also want it to be multi-tenant / multi-domain. By this I mean that I will have hundreds of domain names pointing at the same web application. I want users to be able to create accounts at each individual domain. I want the opposite of "single sign on". I want users to be able to use the same username, email address and password (or different ones, at their choice) to create accounts at the different sites. I do not want users to have any awareness that the different domains have any relation to each other as they will look different and have different content. The first problem I run into is that usernames have to be unique within the forms auth aspnet db.
Well, if they want to use the same username to register on 10 different sites then I need to support that. My first thought was that instead of identifying a user by their username, I need to extend the aspnet tables and sprocs to consider the username + a unique site identifier. Is there any sample code or has anyone else ever done this before? Should I just abandon the built in aspnet forms auth and roll my own custom auth scheme? The data on the sites is not sensitive so security isn't really that important to me.
View 8 Replies
Oct 10, 2010
I'm building a multi-tenant ASP .NET application. Given that each tenant can configure their application dynamically (which may involve dynamic custom assemblies being loaded into memory), I need a means of isolating each tenant.
I'd prefer not to create a new Web Application per tenant for maintenance reasons.
I've was considering using the AppDomainManager to create an AppDomain per application, but it seems this is not intended to be used for ASP .NET applications.
View 3 Replies
Dec 21, 2010
I've been all around the net for weeks now trying to figure out the best way to set up a Multi-tenant website (building a web app that multiple companies and their employees will use). As far as a database goes, I am interested in using one database with a copied set of tables for each company. As far as managing the login and security in MVC2 I am lost with the myriad of examples (mostly old and not MVC) that I have seen. So ideally my app would allow a company rep to register their company and then be able to add their own employees to the site. Then all employees could login and be securely associated with their own company's tables (table names would be appended with their AccountID).
I'm not sure if this would be handled using routing or session variables or what the more ideal and up to date methods might be. Like others who have discussed this issue, it seems like this should be a much more fleshed out solution as it is becoming a more common use on the internet. I'm even willing to simplify the database down to one set of tables that stores an AccountID in each row if needed.
View 1 Replies
Aug 14, 2010
In a multitenant system that hosts multiple organizations and applications, where an organization may use several applications hosted on the system, should my user and role model be such that a single user or role can exist across multiple applications and organizations? Or should I limit a user entity to a single organization/application pair and then define some overarching model to tie those user entities together? That is: John Doe is a person He wants to use ApplicationA and ApplicationB He works for two different companies (just bear with me), OrganizationA and OrganizationB Should the user model be:
johndoe@someuniquesuffix is his unique user name. This gives him access to both applications for both organizations. johndoe@applicationa@organizationa is his username for ApplicationA at OrganizationA. [URL]is his username for ApplicationB at organizationA...and the same for OrganizationB. Then have some "master" list that says that all 4 user accounts for the apps/orgs correspond to the same actual "person", John Doe?
The same scenario(s) described above applies to how I will design my Role schema.
View 2 Replies
Apr 7, 2010
I want to create a multi-tenant application that uses the hostname to determine the customer.
For example:
CustomerOne.myapp.com
AnotherCo.myapp.com
AndOneMore.myapp.com
I can do the database and security side with no problems, I can also get the hostname from the URL, but what I am struggling to find out is how to create the basic plumbing that would allow a new customer to sign up online, provide their company name, and for the application to create the new URL, ready to be used straight away.
View 1 Replies
Jan 24, 2010
im trying to build my first multi-tenant application, i used a shared database and it is complete now, i want to build the app now, and i tried this approach: all urls in the app have the following form ~/user/page.aspx(user directory is logical) where user is the current user, which is saved in a session after he logs in. when the user requests a page, say ~/user/profile.aspx, he is routed to the real page ~/profile.aspx and then his data are retrieved from the database. i dont think this is how multi tenant applications work, but i couldnt think of another method.
View 1 Replies
Dec 21, 2010
I currently have a MVC2 application hosted on premise that allows the user to add custom extensions (controllers, filters, views, validators) so that they can extend the application to suit their needs. I'm using MEF as my composition container, but MVC2 relies on the extensions (assemblies, views and scripts) to be located in a particular directory or found at runtime based on a configuration setting. The MEF catalog is instantiated at startup meaning if any new extensions are required to be added or updated then the application needs to be restarted. This is all fine in a single-tenant world but now I want to make it multi-tenant hosted in the azure cloud.
The problem I forsee is the location of the custom extensions and how they are deployed. My initial thought is to use azure blob storage (one per tenant) to store the custom extensions and then download per-session (rather than Application Startup), however in the past the way MVC has worked is it tries to resolve assemblies and find views within the current AppDomain whereas my assemblies and their embedded resources will be in memory.
View 3 Replies
Jan 10, 2011
Does anyone have a simple tutorial on how to build a multi tenant application using MVC 2?
View 1 Replies
Mar 10, 2010
I'm after a bit of advice on how to handle a multi tenant site in ASP.NET from a UI perspective. What I want to be able to offer is a choice of layouts to the client i.e.
Layout 1: Navigation horizontal at the top. Search results in a table in the middle. Some text at the bottom.
Layout 2: Navigation vertical on the left. Some text in the middle. Search results at the bottom
Layout 3, Layout 4, Layout x etc...
Each element within the various layouts can differ too. For example, the search results might look like simple list in Layout 1, but will have a completely different look in Layout 2. Once a client has decided on Layout x, I then need to apply their company identity to the layout by changing the colours, logos, etc.
View 3 Replies
Oct 15, 2010
I have scoured the web and have yet to find and example that matches my requirements.
What I have is an existing multi-tenant asp.net application where all users authenticate against a single SQL Server database. This database also contains several other settings type data that is used within the application. Each client after authentication, utilizes thier own SQL Server database for data storage, for isolation purposes. Essentially all of the client database are identical and reside on the same server, but reside on one or more servers as well.
The application is currently written in asp.net 2.5 framework and utilizes the Micrsoft Practices Enterprise Library for DAL. Wnd we are looking to migrate to 4.0 and implement NHibernate to replace the MPEL.
I have implemented a solution already using NHibernate and the 4.0 framework, so I am familar with the concepts. I found the resources for my current session manager here as a matter of fact. But that application only had a single database, so not much too it.
The implementation is essentially what you see here:
[URL]
The other solutions that I have seen multiple config entries and/or files to manage this, but that is not desireable, since we may add new clients frequently and all of the connection information is already maintained in the authentication database.
[code]....
View 1 Replies
Nov 20, 2010
My application is used by several customers, who needs to maintain their own database. Currently I'm keeping all the connectionstrings and according to the user, change it. (In a case of CRUD operation). Is this errenous way? I don't know much about MultiTenant applications. Is that the best solution for my problem?
View 1 Replies
Mar 30, 2010
we are building a multi-tenant application, which will support that each tenant can have a unique top level domain, the application is build using the asp.net 3.5 and SQL servr 2005, while each tenant will have different database. I have seen a number of questions about the similar applications on the StackOverFlow, but none of them is related to the Testing, I want to know is how one can test the application in a development environment, specially How can we test that each customer connects to his own DB based on the URL. how can we emulate different domains on the local system. like [URL] and [URL]all goes to dev machine's IIS.
View 1 Replies
Mar 5, 2010
I would like to add this feature to my web application, for the end users to chose the type of the authentication either (windows) or (Forms), and add it in the admin setting. This can be done by changing the authentication type programmatically in the code. how can I do this? Note: The user can use one type at time only.
View 1 Replies
Oct 29, 2010
We have a simple ASP.NET app that uses the ASP.NET SqlMembershipProvider and all is great.
We want to create a second app on the same server, also use the SqlMembershipProvider, but a different "applicationName" so that the user accounts between the two apps are kept separate.
It looks like this would be possible by making the two different app domains (ie they each have their own web.config), but I'm hoping to just put them in different directories so I don't have 3 web.configs (one for each app, and the main one) that all have to be kept synchronized. So what I'm after is:
/web.config
/APP1 (uses membership provider in /web.config, with userlist A)
/APP2 (uses membership provider in /web.config, with userlist B)
It looks simple to define multiple membership providers that use a different 'applicationName' value.
But how do you tell the system.web.authentication node which membership provider to use?
View 2 Replies
Nov 17, 2010
Does anyone have any pointers for implementing the following: I want to cheaply enable multi-factor authentication on an asp.net website. I want people to be able to use an app on their phone (iPhone at the very least) to generate the token used alongside their username/password to login to the site. I do not want the people to have to carry a third-party device/fob to generate the token.
View 3 Replies
Jan 18, 2011
Our current application is working fine but when you try to misbehave like we found out that When login with same user in multiple tab with different organization(there is a organization dropdown in the master page which sets the cookie whenever it is changed.) in tab one it is org 1 and tab 2 it is org2 , cookie has the later org 2 in it but when we go back in tab1(which had org1) and save the record org 2 will be saved with the record So can some one share some sort of a checklist with us which address these types of problem.
View 3 Replies
Jul 14, 2010
This could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.
View 3 Replies
Jan 4, 2011
What's the difference between Basic Authentication and Integrated Windows Authentication in IIS?
View 3 Replies
Mar 10, 2010
I set authentication mode to Windows in the web.config and I enable Windows Authentication and disable the Anonymous Authentication in IIS 7 on win 7, but HttpContext.Current.User is always null.It works fine when I host the web app in IIS 6.0.
View 1 Replies
Sep 3, 2010
What do I need to do in order to change an application from Forms Authentication to windows authentication?
View 2 Replies
Aug 9, 2010
I have a web farm web project, and want to make sure windows authentication is working well without any problem in web farm, can any one give me some web sites or information about that?
View 1 Replies
Feb 8, 2010
Am going to develop authentication part in the web site. I want my authentication module should not be hacked by any one and also want in secure side.
View 1 Replies
Sep 2, 2010
I needed information regarding the capabilities & integration of AzMan tool with Asp.net.Currently, I got a Sharepoint 2007 website along with ASP.NET 2008 where I am using Form Based Authenication.Now, the requirement is any user within a domain registered in AD should be able to login in website through intranet.
Can I acheive this using AzMan, or I need to create two websites one with FBA for internet users and the other one for the intranet users with AD authenication. Also my intenet website is deployed and in use where usermapping and roles are already created, so using this tool what will be the impact on existing webiste.
View 2 Replies
Jun 3, 2010
I have developed the authenticated rss feed using the basic http authentication for my site.I also have the admin module for the site which uses the Asp.net Forms Authentication .Both are in the same project.When i turn on the forms authentication module to None in my web.config.My rss feed authentication works fine(the browser pop up the dialog box for the username and password) and upon entering the username and password the rss feed gets displayed.But with forms authentication turn on when i click the rss feed link i am getting redirected to the administrator login page.
If i set my authentication mode to none than the feed works like dream but the admin module do not work as it uses forms authentication.
How can i resolve the conflict for that one.I am using the asp.net mvc filter on my feed contoller to pop up the dialog box for the username and password.
[Code]....
View 1 Replies
