Security :: Create Users And Assign Roles After Deployment?
Feb 18, 2010
I have set up a very simple authentication page where the user enters his password and if successful authentication occurs the program allows the user to make use of the controls in the page.
I used ASP.Net Configuration to create the user and roles, SQL Membership Provider for the authentication tables and asp login controls to authenticate.
Is there any way to add users and roles once the project is deployed? Could I use the ASP.Net configuration page? and if so how?
I have an asp.net web app that uses forms-based authentication, a SqlMembershipProvider (using an encrypted password format), and a SqlRoleProvider. I need to know if it's possible to administer the users (create new users, assign them to roles, etc.) from a windows application - the powers that be don't want any administrative functionality in the web app itself.
Here is the membership provider definition from web.config:
[code]....
So, obviously, I have a Sql Server database that contains the users and roles for the web app. I'd like to create a separate windows app that references the web app assembly, and use the configured MembershipProvider, RoleProvider, and machineKey to create users, assign users to roles, etc. If that's not possible, I can duplicate the configuration settings from web.config within the windows app. But I don't know how to do this either.
I am newbie to asp.net.I want to create roles for the existing users in my database. I dont want to use the membership provider database n roles provided with it.(i don't want to use aspnet.mdf at all)
I am create roles for my existing users n assign i wanted to assign the particular roles to a particular assign.
I've created a very simple website with two roles, "administrator" and "employees". I've also added users using asp.net configuration wizard for both. My concern, however, is that going ahead it will not possible to use the wizard to add new roles, assign them or alter them once the site is online. I won't be the administrator and so I need to find a way for the administrator to add new roles and assign them to users from a remote connection. Where can I find some information on creating such forms?
how to implement role based security in asp.net 4.0, in detail. Like from Data base to UI. how I wanted to implement. On page Load, drop will be filled with all available roles, with list of all check boxes(basically it will equal to the no. of links on the left side tree) below, I will select required boxes and then save. If that particular user with that role logged in, then we will load only those links which this role is having ( of course we will assign that user with the spefic role).
I'm workin with Visual studio 2010 and I'm trying to create an ASP.net Web Site, language used - C#
I have 2 different pages, for 2 different users with 2 different roles.Each page has a textbox.I have already created them.What I want to do, is to make a bind between this 2 textboxes, so that the second to get the first boxes' text.I managed to do it, but only if the textboxes are on the same page, very easy (Textbox2.Text=TextBox1.Text) . But how to do it for 2 different pages, for 2 different users with 2 different roles?
Another trouble would be....How can I connect the both users same time....after i start debugging the project, I do a sign in but when I sign in with the second user,the first is automaticly siggned out and the text it's lost.Then, how can they synchronize and the second user see what the first one wrote,using that 2 textboxes? Wich is the solution?
I am trying to implement a page for an admin to edit other users details including roles and profile. I have a custom profile provider that stores data in database. My implementation is a page that shows username and allows an admin to reset user password, unlock users and approve and disapprove the users. I wanted to add a column in the gridview to allow the admin to remove or add a user to a role with the constraint that a user should be added only to one role.
How can I authorize and authenticate users by roles? I have roles table and user's table, role Id is the primary key in the roles table and foreign key in the user's table.
I need to create a site that is Roles based and can use AD groups and Users. I found Scott Mitchell's tutorials for setting up "role-based-authorization-cs" [URL]
I've changed to using Windows auth. instead of forms and am pointing it to a remote SQL Database. I can successfully add a user/password/email etc. (although I believe the password and email sections aren't required and would like to remove them as options).
When I create a user (usera) and login to a windows box as usera the menu displays correctly based on the Roles I've added the user to in the SQL Database.
When I add an AD Group and add it to the same Role the menu's that are displayed do not match that of usera.
I'd like to be able to add entire AD groups (They can obviously change so it needs to be dynamic in some way), as well as add individual AD users to Roles. I'd prefer to do this via a Web interface.
My questions are.
1. Am I going about this the right way?
2. If I'm not what would be a better way?
3. If I am what do I need to do to allow ADGroup lookup?
I am using ASP.NET Membership with the default provider. I have a project where there are 3 different applications(seperated by the applicationName). Now I need every user to be able to log in to all the applications, but have a seperate role in each.Is this possible(I dont want to duplicate user details or logins for the same person)?
i hve 3 applications with membership providers which are wrking perfectly.. i am storing the users , roles , profiles etc in the same database as for the each application. now i want to store users roles etc in a single db n application data in separate db.. how can i shift existing users from current db to new db without re-creating them ..
I have a site witl forms authentication using te login control. I altered my sql server, I added a connectionstring and used the connectionstring in both, <rolemanager> and <Membership>. That part of the web.config is listed below.
The problem is that the login control goed to SQLserver to check the users and their passwords, but it goed to the SQLExpress database for the roles.....
I'm trying programatically to create a new user, that's working OK on it own, but whenever I add the following line to my code, it seems to create two new members with the same name in my aspnet_Users table?
I have a web.config file with <authorization> section. I'm using window authentication.
The problem is that I would like to allow access to the web site to those users who are in multiple roles.
For example:
<authorization> <allow roles = "Role1 AND Role2"/> <deny users="*"/> </authorization>
(Meaning I would like to allow access only to those user who are both in Role1 AND Role2.)
Is this possible to achive this?
If not, what would be the alternatives?
Note: Currently I'm doing the roles assignment in the Global.asax file in the OnAuthenticateRequest event (i'm reading the groups that the current user belong to in the Active Directory).
Initially, in my solution I had one project, and had set up all that is required for asp.net security, and that includes users and roles and access rules, etc. All of that was and still is working fine.
Now I added another project to my solution, and my first project points to pages in the second project.
The problem is that it seems like the users and roles are not being transferred accross projects. Not sure if I am explaining my problem correctly...if not, feel free to ask...
Its my first time trying to manage users and roles accross projects within a solution.
I am creating a Web Application in asp.net 2.0 and sql server 2005.I want to use an existing database.
I have created a login and a signup page. Then i replace the new SQL database (the one that is created automaticly by the visual studio) with the exiting database I have.If I create a new user, the new user goes to the database and I can login with the new user. I cannot login with the existing users.If I go to the asp.net configuration, I only can see the new users I have created, I cannot see the users that were in the database already and I can't see the roles also.
I can I make the new application to recognize the users and roles of the existing database?
I am not able to allow/deny users based on roles in the web.config (using <location path>). The following does not work even if the user is in the 'Admin' role:[Code]....
I am able successfully execute IsUserInRole() and GetRolesForUser() in the codebehind and get expected results. The same applies to the web.sitemap, adding roles in there do not seem to apply to the user even if he is a member of the role.
Here is my web.config (trimmed some sections out so it's not too long):[Code]....
I am working on an application that resides on a development server on our internal network. The application was originally written to use Membership and Roles. We got busy almost a year ago before the app was finished, and now we are trying to get it ready to use internally.
The login page works just fine, but I have lost the ability to controls users and roles. I am running Visual Studio 2010 Professional now on a Windows 7 VM. I can open the application fine but there is no Web Administration Tool available for me to manage users or roles. If I go to Website -> in Visual Studio, there is no option for ASP.NET Configuration in the drop down menu. It simply isn't there.
How can I regain access to manage users and roles for this application? We are using Forms authentication and the database resides on a SQL Server 2005 instance on a separate box from the web server and my local VM.
Can anyone point me to a sample admin page for managing users and roles (forms authentication). Something like the security section of the WSAT, but for a finished site.
can any one tell how to create the roles in asp.net? when ever Admin creates the roles, there it self he should assing the pages,which pages should be open when ever perticular person enters in to the site. When ever Admin wants to assing the Roles,all pages appear in grid view with check box,if he checks that pages,he able to access other wise he couldnot access that page.