Security :: Membership Providers Need ConnectionStrings?

Mar 22, 2010

I am writing a login routine that uses a .NET login control and I have a membership provider as well and set it all up in the config file. But I don't plan on using a connection string as I will be calling a web service in my ValidateUser function. Do I need the connection string in the config because it seems to throw an error if I don't have it.

In that case if you need it then wouldn't it be better to treat this membership provider class more as a normal class and just make calls to it directly like any class and not put any setting on my login control and remove the entry from my web.config

View 5 Replies


Similar Messages:

Security :: Using Multiple RoleManager Providers With Different Connectionstrings

Oct 13, 2010

I have two connection strings being used:

<add
name="db1"
connectionString="Server=localhost;user
id=root;password=;persist security info=True;Database=db1"
providerName="MySql.Data.MySqlClient"/>
<add
name="db2"
connectionString="Server=localhost;user
id=root;password=;persist security info=True;Database=db2"
providerName="MySql.Data.MySqlClient"/>

I would like to have two different Role Providers using these connection strings:

<roleManager
enabled="true"
defaultProvider="rp1"
cacheRolesInCookie="true"
createPersistentCookie="false"
cookieProtection="All">
<providers>
<clear/>
<add
name="rp1"
type="MySql.Web.Security.MySQLRoleProvider,
MySql.Web, Version=6.1.3.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d"
connectionStringName="db1"
applicationName="test"/>
<add
name="rp2"
type="MySql.Web.Security.MySQLRoleProvider, MySql.Web, Version=6.1.3.0, Culture=neutral,
PublicKeyToken=c5687fc88969c44d"
connectionStringName="db1"
applicationName="test"/>

My application starts with a login screen. Based on what the user selects, I would like to control which database to connect to. (DB1 vs DB2). The problem is, when the application starts the Role Provider defaults to "rp1". Is there a way I can change the default provider during runtime?

View 5 Replies

Security :: How To Use Multiple Membership Providers

Feb 25, 2010

In my web application am using ASP.Net Membership for authentication ann role management.But now i have a situation where i need to authenticate multiple clients against different DB based upon the URL request being send. Below is my web.Config Details.

<authentication>
<forms loginUrl="Login.aspx" defaultUrl="Login.aspx" />
</authentication>
<membership defaultProvider="QuickStartMembershipSqlProvider">
<providers>
<clear/>
<add connectionStringName="MEMBERSHIP_AND_ROLES" minRequiredPasswordLength="5"
minRequiredNonalphanumericCharacters="0"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
applicationName="SecurityQuickStart"
requiresUniqueEmail="true" passwordFormat="Hashed" name="QuickStartMembershipSqlProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
</membership>
<roleManager enabled="true" defaultProvider="QuickStartRoleManagerSqlProvider">
<providers>
<clear/>
<add connectionStringName="MEMBERSHIP_AND_ROLES" applicationName="SecurityQuickStart" name="QuickStartRoleManagerSqlProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
</roleManager>
ConnectionString.Config:
<add name="MEMBERSHIP_AND_ROLES" connectionString="Data Source=x.x.x.x;Initial Catalog=xxx;User ID=xxx;Password=xxx" providerName="System.Data.SqlClient"/>

Am using form authentication for user authentication. In my login page am using Membership.ValidateUser(username,password),which is using default membership provider. Now my situation is i need to override the default DB and connect to multiple DB based on URL request send to my web server.

View 1 Replies

Security :: Use Two Membership Providers Within The Same Application?

Apr 3, 2010

I'd like to know if its possible to use two membership providers within a single application. I need to have a membership provider "power users" and administrators on a site and a different one for clients and customers who will want to register on the site. I'd like to know if its possible to have two different membership providers to handle these two different sets of users. If it is, how do i go about it?

View 4 Replies

Security :: How The Membership Providers Works Under The Hood

Mar 27, 2010

I'd like to know how membership providers works under the hood, if it uses cookies, session, the principal and identity thread objects, etc.. etc.. where can I find information?

View 3 Replies

Security :: Membership Providers And Database Access

May 20, 2010

I am new to using the membership provider. I have been working in a small shop that has very focused programming and we are starting to venture out as our needs have grown. My question is the following:

Once I have created the asp schema and I set up users. How do I perform database access using those user accounts? I know how to perform access using a database account (schema), but do not understand how to use a user that only exists in a user table to access data tables.

Do I use an anonymous account and control access on the front end?

How to I track audit fields?

View 9 Replies

Security :: Using Multiple Membership Providers Simultaneously

Jul 1, 2010

I want to know if we can use multiple membership providers simultaneously in a single ASP.net application.

View 1 Replies

Security :: Are The Aspnet_xyz Tables Linked / Related To The Membership Providers

Feb 16, 2011

After running the aspnet_regsql.exe tool, i notice a bunch of different tables pertaining to the ASPNET security (e.g. aspnet_Applications, aspnet_Membership, aspnet_Paths, aspnet_Personalations, aspnet_Profile, aspnet_Roles, aspnet_SchemaVersion, aspnet_Users, aspnet_UsersInRoles). Do the different providers (AspNetSqlMembershipProvider, AspNetSqlProfileProvider, AspNetSQLRoleProvider) relate or associated with certain aspnet_xyz tables? I imagine the AspNetSQLProfileProvider is responsible for the aspnet_Profile table correct? The AspNetSQLRoleProvider probably is tied to the aspnet_Users, aspnet_Roles, aspnet_UsersInRoles table? Any links documenting the relationship between teh providers and the aspnet_xyz tables?

View 1 Replies

Security :: Customizing Membership Providers / Modify The Existing Sp's In Sql08

Jan 12, 2010

This is the first time i would be using .net membership providers and i need to add some extra columns and chage a couple of existing datatypes of the exising columns.

my Q is:

1)can i do this without having to suffer down the road.

2)can i modify the existing sp's in sql08 or would i need to use additional sp's for the new columns that i add.

View 4 Replies

Security :: Multiple Membership Providers - Error "Unable To Establish Secure Connection With The Server"

Aug 9, 2010

In my web.config I have:

[Code]....

If I just have ADProvider1 it works, when I add ADProvider2, even though for testing I only use ADProvider1 I get an error: "Unable to establish secure connection with the server" Am I adding the second provider to the membership section incorrectly?

View 11 Replies

Membership - Two Providers On Site

Aug 11, 2010

Our site has got two ASP.NET membership providers. The built in one, and a custom one (SqlMembershipProvider.

I am able to log into both no problems, but I don't necessary require the ability to have both logged in at the same time.

The issue I have is as follows:

User "person_a@site.com" logs into the built in provider. They then navigate to the section of the site where we require the custom provider.

On this page, I can check if they are authenticated, and get their username. I can then get a MembershipUser object form the custom providers GetUser method. (HttpContext.Current.User.Identity.Name)

It is possible (and very likely) that the username "person_a@site.com" could also exist in the users for the custom provider.

But, I don't want them to be logged in here, as they haven't authenticated against the custom provider.

So, is it possible to check which proivider HttpContext.Current.User was generated from.

View 1 Replies

Two Different Membership Providers On The Same Web-solution

Jan 17, 2011

I have built two websites, both of them use a custom membership provider I have written myself.

One of these sites is already a long time online and runs fine. Now I have installed the other site on the same webserver in the same Web as a different application. Also have I given a seperate ApplicationPool for each solution.

If now the client logs on to one site, he looses the session on the other and vice versa. It's not possible to be loged on on both sites together. All the rest works fine.

What is the connection between the two sites. Is it necessary to change something in my membership providers?

View 1 Replies

Using Membership And Profile Providers?

Feb 18, 2011

I'm trying to use both the default Membership and Profile Providers and can not for the life of me get both to work at the same time. I'm using MS Visual Web Developer 2010 Express and when I create a new Project I get access to the Membership but not the Profile. When I create a new Website I get just the opposite i.e. access to Profile and not Membership. What do I need to do to get access to both?

View 2 Replies

Dynamic Routes And Membership Providers

Aug 25, 2010

Using the a Membership provider and the MVC framework, is it possible that routes are dynamically changed so that a already logged in user goes to his own page, rather than the default.

At the moment I go to the default. If the user is already logged in or not, there I do a redirect to their own page. This can't be the correct way! Can it?

In RegisterRoutes I have this

routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapRoute("Default",
"{controller}/{action}/{id}",
new { controller = "Home", action = "Index", id = "" }
);

View 1 Replies

Multiple Membership Providers (web.config + Sql)

Apr 1, 2011

I know this question is asked (and answered) a lot already, but I believe my situation is unique.

We are using the ASP.NET SqlMembershipProvider. However, we also have some less-secure content we would like to secure by adding users directly to the web.config, like so...

<forms loginUrl="login.aspx" defaultUrl="default.aspx">
<credentials passwordFormat="Clear">
<user name="user1" password="123" />
<user name="user2" password="456" />
</credentials>
</forms>

Is it possible to use this method alongside a SQL Membership Provider? If so, how?

I know it's bad practice to do this. This is only a stepping stone as we move parts of our website into the asp.net application. We would like some of those password to be easily editable without going to the database.

View 2 Replies

DataSource Controls :: Membership Providers - Error

Jun 3, 2010

I am now using SQL Server 2008 EXPRESS x64 on a PC running WINDOWS 7 ULTIMATE x64 bit.

how to configure ASP.Net Membership Providers because I can't attach a database created after this example :

http://aquesthosting.headtreez.com/doc/29423088-74cd-4d51-b2ee-3cb958f08d1a

(I have created runproviders.sql with my Visual Studio x64 Win64 Command Prompt (2010) )

Still now working...

Every time I run ASP.NET Configuration -> Provider -> Select a single provider for all site management data and TEST for

AspNetSqlProvider

I get the following error every time :

"Could not establish a connection to the database.

If you have not yet created the SQL Server database, exit the Web Site Administration tool, use the aspnet_regsql command-line utility to create and configure the database, and then return to this tool to set the provider."

I can tell you for sure that my new created database is working because i used a web page with a CreateUserWizard1 control and I can create new users.Even I can see the new creted user with ASP.NET Configuration -> Security.

View 2 Replies

Web Forms :: Set Roles Without Membership And Role Providers?

Mar 10, 2010

how do i do that through config file?

View 11 Replies

Visual Studio 2008 - Multiple Membership Providers?

Sep 2, 2010

I have created two custome membership providers that I would like to add to my web.config. The first one would be the default that the asp.net application would use. The second would be called by a WCF service that I have in the same application.

The providers in the membership section of my web.config looks like the following:

<add name="SiteProvider" type="MyNameSpace.SiteProvider, MyNameSpace" ApplicationName="Si2" EnablePasswordReset="true" PasswordStrengthRegularExpression="(?=[w$#_ ]{8,})(?=.*?d)(?=.*?[A-z])[w$#_ ]*" ResetPasswordMinimumLength="8" ResetPasswordPattern="USL9SLU9SLU9SLLLL" ResetPasswordAllowDuplicateCharacters="false" />
<add name="WCFProvider" type="MyNameSpace.WCFProvider, MyNameSpace" ApplicationName="Si2" EnablePasswordReset="true" PasswordStrengthRegularExpression="(?=[w$#_ ]{8,})(?=.*?d)(?=.*?[A-z])[w$#_ ]*" ResetPasswordMinimumLength="8" ResetPasswordPattern="USL9SLU9SLU9SLLLL" ResetPasswordAllowDuplicateCharacters="false" />

I receive the error "Item has already beed added. Key in dictionary: 'SiteProvider' Key being added: 'SiteProvider'" any time I browse to the site.

This doesnt make sense to me sense they have unique names. If i remove the second provider the site is browseable.

View 1 Replies

WCF - Compatibility Mode And Custom Authentication Using Membership Providers

Oct 26, 2010

To begin with I work on the large application, that has a WinForms client and server. Server in our case is the set of WCF services. There is one service that is responsible for authentication of users. The logic of authentication is custom and complex and authentication service uses different membership providers.

We want to protect the access to server services for non-authenticated users. The users must firstly authenticate and than use other services (users in this case are the other systems, services, WinForms client, etc.). On this basis, we decided to use the ASP.NET Url/File Authorization feature.

So, I set on the ASP.NET compatibility mode, allowed cookie in all binding configurations, added AspNetCompatibilityRequirements attribute to our services and added the followingconfigurations to config:

<authentication mode="Forms">
<forms cookieless="UseCookies">
<credentials passwordFormat="Clear" />
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
...
<location path="AuthenticationService.svc">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>

In the authenticate method of our authentication service I add the following code:
public AuthenticationResult AuthenticateUser(string username, string password)
{
AuthenticationResult result = new AuthenticationResult();
result = Authenticate(username, password);
if (result.IsAuthenticated)
FormsAuthentication.SetAuthCookie(username, true);
return result;
}

Next, I wrote the following code:

var authClient = new AuthenticationServiceClient();
var result = authClient.AuthenticateUser("user", "password");
var otherClient = new OtherServiceClient();
var temp = otherClient.DoSomething();

But after authentication I can't access to OtherServiceClient...

So, how can I share the call context between the WCF services calls? Could anybody provide some useful articles about this question?

View 1 Replies

Configuration :: Deploying Custom Membership And Role Providers Under IIS7

Jul 27, 2010

I have a custom membership provider and a custom role provider in a .NET assembly dll called Qws.Web. The full namespace path to the classes are Qws.Web.Providers.QwsMembershipProvider and Qws.Web.Providers.QwsRoleProvider They both inherit MembershipProvider and RoleProvider respectively When I include the assembly using a project reference in VS2010 it all works fine. The minute I publish the website and project to the staging server (using IIS7) i get the following error: Unable to find the requested .Net Framework Data Provider. It may not be installed. You can see the site at [URL] I've tried all of the usual stuff and been trawling the internet for the last two days.

1. The Qws.Web.dll file IS in the bin folder
2. My Web.Config file is below:

[Code]....

3. The providers are not in the GAC and not in the machine.config file as I only want them available for this site.

View 3 Replies

C# - Forms Authentication Code-Behind With Custom Role And Membership Providers

Mar 8, 2011

Unfortunately, all the examples for Forms Authentication Code Behind w/ Custom Role and Membership Providers I find online are written with a VB.NET code behind and I need a C# code behind. I need a codebehind that will do the following:

authenticate user upon login button click
if user active_flag=0 (false) OR password!=@password, display error: "Access Denied"
if user admin_flag=1 & active flag=1 (true), redirect to admin_pageszipsearch.aspx
if user admin_flag=0 (false) & active_flag=1 (true), redirect to pageszipsearch.aspx

Default.aspx Code:

<asp:Login ID="LoginUser" runat="server" EnableViewState="false" RenderOuterTable="false">
<LayoutTemplate>
<span class="failureNotification">
<asp:Literal ID="FailureText" runat="server"></asp:Literal>
</span>......

View 1 Replies

Mixed Mode Authentication Against AD And Fallback To The Database If It Fail With Membership Providers?

Jul 12, 2010

my user will use form authentication against Active Directory or database. Theres no Windows Integrated Authentication there!!

What i want is when the user submit the authentication form, it will try to validate the user against Active Directory and if it fail, try with the database.

How can i do that? What i had in mind was to build a custom membership provider that will encapsulate the logic but im not sure how to start.

View 2 Replies

Security :: Put 2 Connectionstrings Inside Aspx.cs?

Jul 18, 2010

For example, I have these connectionstrings in my web.config:

<add name="xxx1" connectionString="..."/>
<add name="xxx2" connectionString="..."/>

I want to put 2 connection strings into my aspx.cs page; xxx1 and localsqlserver. I tried to do:

string strConnectionString = ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString;
strConnectionString += ConfigurationManager.ConnectionStrings["xxx1"].ConnectionString;

but it cannot "detect" the LocalSqlServer. I am trying to populate a GridView with fields from 2 different database, hence I need 2 connectionstrings. Example of my SQL statements:

string strCommandText = "SELECT aspnet_Users.UserName, TableA.Field1, ";
strCommandText += " FROM aspnet_Users, TableA, TableB";
strCommandText += " WHERE aspnet_Users.UserID=TableA.UserID, TableA.ID=TableB.ID";

View 6 Replies

Security :: How To Encrypt The ConnectionStrings In File Web.config

Mar 15, 2011

I fully followed the steps in this page [URL]

look at the step 5 at "Using the Example Provider in an ASP.NET Application" element , I entered the command "

aspnet_regiis.exe -pe "connectionStrings" -app "/SessionState" -prov "TripleDESProvider"
" at the windows command line, it asked me "The protection provider 'TripleDESProvider' was not found"

I make sure the files keys.snk and keys.txt are in the same folder and the file web.config is correct. Who can tell me the reason for the error and how do I handle with it?

View 2 Replies

Security :: Unable To Encrypt Web.config ConnectionStrings In Web Application Project

Nov 28, 2010

I'm all set on the server side with the RSA key pair installed. Where I'm hung up is trying to get the job done on the web.config file ... can't seem to get the aspnet_regiis command string right. I am using the command string provided by the web host (DiscountAsp.net). Most (all) of the examples I read use a website on the development machine. I actually registered my project in IIS and tried that but it didn't work. In any case I would rather not have to go to the hassle of registering a project in IIS anyway if I can avoid it.

Details:

My web application project is in a folder on my local machine:

D:Projects<project name>

This is most recent (failed) attempt to use aspnet_regiis:

C:WINDOWSMicrosoft.NETFrameworkv4.0.30319aspnet_regiis.exe -pe "connectionStrings" "D:Projects<project name>"

Is it possible to just do this manually by looking at the NetFrameworkConfigurationKey_xxxxx.xml file and entering the values? Seems like it should be do-able except I'm not sure how to parse the xml file for the correct values.

On a related note, when I add the following code to web.config it "announces" that "The keyContainerName attribute is not allowed". Ditto useMachineContainer

[Code]....

View 2 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved