Security :: Migrating Role / Membership Database To New Server?
Sep 21, 2010
I have an existing ASPNET role/membership database created on SQLExpress 2005 (WIndows 2003 Server). I created it under the .NET 3 framework many years ago using the aspnet_regsql.exe application in full GUI mode.
I am setting up a new Windows 2008R2 server with .Net Framework 4 and SQL Server 2008R2. I don't want users to have to recreate accounts or create roles, etc.
So...
1. Should I backup the current database and import it into the new system, and if so do I even need to use the aspnet_regsql.exe application. (If so which version do I use, different aspnet_regsql.exe files exist in different directories (i.e., FrameWork, FrameWork64)
2. Should I just run aspnet_regsql.exe on its own and then somehow try to import the current data into those tables.
I am concerned that if I just import somehow the roles within SQL server will not be created properly.
View 4 Replies
Similar Messages:
Jun 7, 2010
I would like to collect all the emails from all users in a certain role. How would I do this ?
View 1 Replies
May 26, 2010
I am trying to create a Forms Authenticated site and have already used the aspnet_regsql tool to create the necessary logic in my SQL Server DB to hold my data. Now, I am looking to create a custom Membership, User and Role provider for my DB model. I was looking at the following video: [URL]
Now, I get the concept on how to go about it but I notice that this guy uses custom DB Procedures as to the ones that are generated by the aspnet_regsql tool. Can anyone direct me on where I can find info on how to go about building the Membership, User and Role provider class using the DB structure that aspnet_regsql generates? So much junk on google that I am having a hard time finding good guidance.
View 1 Replies
Apr 28, 2010
I have an old website running fine in Classic ASP with large customer base registered onto the site. The current site allows users to have their own user name(unique) registered against an ID assigned to them. They can change the User name later as well provided it is still Unique in the database(Database is SQLServer2005).
The Problem: Now i want to move the website to .NET and want to use the .NET Membership. I know how to create the database structure in SQL Server through aspnet_regsql script but my problem is how should i import the existing username and passwords as the password stored in MembershipDB is Hashed (salt). Also i might want to allow admins to impersonate as users later.
View 5 Replies
Nov 12, 2010
We have just migrated our application from VS 2008 to VS 2010 and our database from Sql server 2005 to 2008. Everything was working great until i tried to login to the site.
As when i try to log into the site, i am surprisingly always getting "FALSE" from Membership.Validateuser (). I goggled it and now i know i am not the alone victim of this irritating bug. Our live site is going to be down...
View 6 Replies
Aug 27, 2010
For that, I made my own users and passwords tables and hashed the passwords myself. Now, I would much rather move to Microsoft's built in membership provider with asp.net in sql server. Does anybody know a good way to migrate over?
The only real idea I've had so far is to make both systems run simultaneously, then when a user logs in, validate them in my old system, then ask them to re-enter their password and save their new stuff in the microsoft's system... then clear the record out of my old system. Eventually, I would hope that would move everybody into the new system. But that seems annoying and messy. Is there some better way?
View 1 Replies
Nov 13, 2010
Usually in sub-folder we will limit the access right to some roles and this feature requires pre-defined database schema.
However, if i still want to use this role feature of asp.net, but I do not like the pre-define database schema, I want to extract role information from my own database table and bind it to the role.
View 2 Replies
Apr 25, 2010
i am developing a website in vb.net ,as i am having 3 urser,customer,admin,and employee
i have taken the loginpage and in the codebehind i have permission access to the customer,admin and employee,with different user names and password now my problem is how to make the page to recover the password if the user forget the username or password
View 3 Replies
Apr 15, 2010
I am using the asp.net membership provider tables in sql server. I'm trying to figure out how to query a list of users that are NOT in any role.
View 4 Replies
Oct 28, 2010
I am currently working in an ASP.Net application where i need to implement ASP.Net Membership and Roles. I have used Login controls in my pages. Also I am using a menu in the master page, which is getting data bindings from database. For data bindings I am using XMLDatasource and a transform file (.xslt file). I need to bind the data to the Menu based on the user roles.
My issue is that the generated Menu is not behaving consistently. Sometimes it will show the correct menu for a particular role and some times it will show previously loaded data.Providing my code here:
masterpage.master.cs
private void LoadMenuItems() {
System.Security.Principal.IPrincipal User;
User = System.Web.HttpContext.Current.User;[code]....
View 7 Replies
Jul 24, 2010
I started out with the following code which worked fine, no problems:
[Code]....
I've since expanded the above so that it uses different providers according to the current logged in user. Here's the code since my changes:
[Code]....
I'm not getting any error messages but when I view the web page in the browser, it is stuck in a continuous loop where the page displays (correctly), then posts back to the server and displays again.
View 1 Replies
Apr 20, 2010
We are trying to implement Custom Role membership provider for our web app. For authorization we want to check for one more field like Facilityid for the logged on user along with role he has. eg. my User1 having Role1 with Facility1 can access some option and same user role for Facility2 have different option. So is there a way we can extend the existing role/profile provider to authorize user with this additional field along with role assigned.
View 1 Replies
May 4, 2010
I have a website created in ASP.Net 3.5(C#) and I have configued asp.net defalut membership provider for it.There are 5 different type of roles in this site. Now I want to display a small role based (i.e. depending upon the logged in user's role) menu whenever a user log-in to the site.For this I have added the code in the OnPageLoad() event of the master page, here is the code -
[Code]....
Now I wanted to know Is this code is logcally correct? And what is the security level of this code?
View 5 Replies
Sep 9, 2010
I had been trying to solve this but there is a hidden key i wish someone point me to.
I had a simple membership database with users in first the Membership Provider configured for clear password to retrieve the original password .
Now a new requirement say that the password must be hashed and reset .
I configure the Membership password to hash , and Implemented the Reset Password Module.
My problem is as follow.
If the user is new registered user with the new configuration the password and the security answer is hashed.
also when I go and reset the password it continue to be hashed.
Now I thought that with new configuration if any previous user with clear text configuration , If he use the password Reset module , because my configuration now is hashed , I expected that the new password and security answer will be hashed . what happen is old user continue in clear text even if the configuration is hashed. so If I had new users everything is fine.
old users Membership Provider somehow know they had been stored in clear text and it keep change password and security answer in clear text . If I delete this user and create it , Membership Provider understand that everything will be hashed. I need to know how it know this , I need to migrate users not to delete and recreate users .
Also if there are no solution for that , I wish Microsoft Consider it in future cause it is a real user scenario, that can happen imagine a business system that related to membership user Id , deleting users and recreate them is not a solution .
View 1 Replies
Jul 28, 2010
I'm building an application that will be used by a number of different schools who want completely separate databases so I've decided to have multiple connection strings and membership/role providers in my web.config file. In my code, I'm trying to set which connection string and provider to use at runtime for the correct database according to the logged in user.
I'm coming into a lot of bits in my code that previously worked fine, that now don't. For example, I used to use:
[Code]....
But now that I've changed it to this, it doesn't work anymore:
[Code]....
The compiler tells me that AddUserToRole is not a member of 'r'. I've had similar problems not just with Roles but Membership too, like with calling CreateUser.
I'd still like to be able to use all these methods that I was using before which are extremely handy. I just want to be able to set the membership/role provider at runtime rather than use the default one. Am I doing something wrong? Is there a simpler way to go about this?
View 7 Replies
Feb 15, 2011
I have a web app developed using role & membership provider...
this is my web.config file
<authentication mode="Forms">
<forms loginUrl="Forms/LogIn.aspx" name=".ASPXFORMSAUTH" defaultUrl="Forms/main.aspx" timeout="30"></forms>
</authentication>[code]....
So i would like that the page "pag1.aspx" is reached bypassing the "main.aspx" so If I try to digit directly on the server http://localhost/forms/pag1.aspx?C=159 ......correctly appears the login page....and the URL became..
http://localhost/Forms/LogIn.aspx?ReturnUrl=%2fForms%2fpag1.aspx%3fC%3d151&C=159 and after login I can see correctly the page1.aspx . when I try to reach the page from my browser..I digit
http://myserver/forms/pag1.aspx?C=159 .... the login page appears...but the url became..
http://myserver/Forms/main.aspx
and after login I cannot see the page1.aspx....but main.aspx
View 1 Replies
Mar 25, 2011
I have a "UserDetail" table in my "JobPost.mdf". When I click the "delete" linkbutton, it can delete the all User info from my "UserDetail" table, it also delete the corresponding "aspnet_Users" & "aspnet_Membership",but the "UserInRole" still contain that UserName. Even though I specified the Code:Membership.DeleteUser(UserName, true);
I thought true is for bool deleteallrelated data, but it doesn't really delete the userInRole. So next time the user registers with the same name, it automatically get the "admin" role right. This "deleteUser" page I keep it inside a protected "admin"folder. How to solve it? Why Membership.DeleteUser(UserName, true) doesn't delete UserInRole?
protected void GridView2_RowCommand(object sender, GridViewCommandEventArgs e)
{
if (e.CommandName == "Delete")
{
string UserName = e.CommandArgument.ToString();
Membership.DeleteUser(UserName, true);
JobPostDataContext db = new JobPostDataContext();
var query = from u in db.UserDetails
where u.UserName == UserName
select u;
foreach (var item in query)
{
db.UserDetails.DeleteOnSubmit(item);
}
db.SubmitChanges();
FormsAuthentication.SignOut();
}
}
My web.config inside the protected Admin folder:
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<system.web>
<authorization>
<allow roles="Administrators" />
<deny users="*" />
</authorization>
</system.web>
</configuration>
View 1 Replies
Oct 13, 2010
I need to populate a dropdown list with users who match certain role criteria. For example, if I have the following roles: Manager, Employee, Supervisor I would like to populate the list with only the Manager and Employee roles. Some individuals have multiple roles and they should be excluded if they also have the Supervisor role as illustrated below:
Name: A , Role(s): Manager, Employee, Supervisor
Name: B, Role(s): Employee
Name: C, Role(s): Manager, Employee
The final list should only contain names B & C.
I can use Roles.GetUsersInRole("Employee") but I am not sure if this is efficient or not.
View 2 Replies
Jul 16, 2010
[Code]....
returns the error: The parameter 'username' must not be empty.Parameter name: usernameI want to check if a user is logged. If not logged in redirect to loginerror.aspx.
View 9 Replies
Aug 12, 2010
I know very little, and even less about .dll's. I have a fairly simple albeit old, application that references a .dll that seems to do the logic for connecting to an access backend. I don't have the source code for the dll, but I don't see any code anywhere elese to sigify the dataconnections etc. When I move the application from an old IIS6 server .net 1.0, over to a newer IIS7 server with .net 2.0osmething, I errors out (see below). When I remove the reference to the dll, the login pages comes up okay but I just can't login. So, something is up with my DLL. What do I need to do?
Error Information: Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'failed. Source Error:
[Code]....
Stack Trace:
[Code]....
View 1 Replies
Jun 11, 2010
I am developing an application in which I can connect to the ASPNETDB.MDF if it is on my machine, however, when I want to put it on another machine and try to remote connect it, I get the error:
An error occurred while attempting to initialize a System.Data.SqlClient.SqlConnection object. The value that was provided for the connection string may be wrong, or it may contain an invalid syntax.
Parameter name: connectionString and my connection string is as follows:
<add name ="NewRemoteSqlServer" connectionString="Data Source=P1M1_2-HPSQLEXPRESS; AttachDBFilename=C:ASPNETDB.MDF; Integrated Security=SSPI; Username=P1M1_2-HP; Password=plus1minus1; " providerName="System.Data.SqlClient"/>
View 5 Replies
Jul 15, 2010
i currently develop an asp.net mvc 2 web app using asp.net membership and role management for authenticating and authorizing my users. I get complaints though that when adding a role to some user, he is not able to see new role assigned functionality, unless he re-enters (logout and login again) the application.
View 2 Replies
Feb 18, 2011
I am creating a interface for User Role Management based on built in membership provider.I want to display all the roles as check boxes for a selected user. I am able to display all the roles in the database, but not able to load the specific user roles. For example, I am able to publish role 1 role 2 role3 role 4 as check boxes. But if the user is already flagged as role 1 and role 3, I am not able to show that data (role1 and 3 should be checked when form loads, but right now, they are not checked)...How do I get the roles as checked boxes display on a page.I am using a repeater control to display roles as check boxes on the page..
<asp:Repeater ID="UsersRoleList" runat="server">
<ItemTemplate>
<asp:CheckBox runat="server" ID="RoleCheckBox" AutoPostBack="true" Text='<%# Container.DataItem %>'
[code]...
View 1 Replies
Mar 30, 2011
I have an application in Asp.net and using sql server to store user information. There is a table named dbo.member which stores user information - fname, lastname, email, phone etc. We use LDAP for authentication. The entire application works on this member table. There is a unique userid(not password) associated with each member. I installed default aspnet_membership, aspnet_role tables by running aspnet_regsql.exe utility. Now with increasing number of applications, handling members' information is becoming nightmare. I hope Membership providers will solve this problem but I have doubts.
How can I integrate existing member table with default aspnet_membership table? Or should I integrate since it is very limited? Same is the case with aspnet_Profile - it is very limited and I have stored all profile information into member table. We store more information and we want to query all that information for a user. Should I create my own provider that will use dbo.Member table instead of dbo.Membership table and also with Profile provider?
View 1 Replies
Jul 6, 2010
I have deployed an MVC application that uses ASPNetDB for Membership and Role Provider.
now when i browse to the site on the actual server where it was deployed to i can use the login page to login on to the site and gain access to views that are restricted to users like myself by role.
However when i try and access the web application from any client computer who has access to sites on the server since the server is on the same domain - i experience the following strange behaviour:
when i navigate to my login page and enter my username and password (as stored in the aspnetdb database)
and click login
the page refreshes (looses my userid and name) and it does not go to the view i requested.
it also does not show in the top right links that i am logged on.
it is as though it spits out my username and password and refresh the page and that is that!
Why does it work on the server where the site is hosted - but not from external clients?
i can access all pages that do not require users to be logged on or haev a specific role - but cannot log on and view them since login is broken?
View 4 Replies
