Security :: Use Roles Stored In SQL And AD Users / Groups?

Feb 7, 2011

I need to create a site that is Roles based and can use AD groups and Users. I found Scott Mitchell's tutorials for setting up "role-based-authorization-cs" [URL]

I've changed to using Windows auth. instead of forms and am pointing it to a remote SQL Database. I can successfully add a user/password/email etc. (although I believe the password and email sections aren't required and would like to remove them as options).

When I create a user (usera) and login to a windows box as usera the menu displays correctly based on the Roles I've added the user to in the SQL Database.

When I add an AD Group and add it to the same Role the menu's that are displayed do not match that of usera.

I'd like to be able to add entire AD groups (They can obviously change so it needs to be dynamic in some way), as well as add individual AD users to Roles. I'd prefer to do this via a Web interface.

My questions are.

1. Am I going about this the right way?

2. If I'm not what would be a better way?

3. If I am what do I need to do to allow ADGroup lookup?

View 2 Replies


Similar Messages:

Security :: Web.config Authorization Roles With Local Groups With Domain Groups In Them

Sep 29, 2010

I am "DomainMyDomainUserName" If I do this:

[Code]....

I can access the website I've created on my local machine in debug mode; and with my domain account as a local administrator, if I do this:

[Code]....

I can still access the website; and with my domain account in a Domain Group named "DomainDomainLocalSecurityGroup", if I do this:

[Code]....

I can still access the website; HOWEVER, if I create a Local Group on my machine named "LocalMachineGroup" and I add "DomainMyDomainUserName" to this group and I do this:

[Code]....

I get an Access Denied error trying to access the website. What I want to do is, have a group on my local machine (for testing), on a test web server, and on a production web server named "MyWebsiteUserAccess" with the same Domain Group (filled with Domain Users allowed access to the site) in all of these local groups; so that when I test the web application on my local machine, on my test web server and on my production web server, I don't have to change the Web.config file to have it work on each AND if the Domain Group name ever has to change, it won't affect access to the website.

What am I overlooking or is this even possible to do this way? I understand that there is a way to do Role Management through ASP.NET but I don't understand that well enough yet to implement that (and will probably go that route once I've done the research on how to best implement it for purpose of access control of this intranet site).

View 2 Replies

Security :: Synchronization Between Two Users With Different Roles?

Jul 2, 2010

I'm workin with Visual studio 2010 and I'm trying to create an ASP.net Web Site, language used - C#

I have 2 different pages, for 2 different users with 2 different roles.Each page has a textbox.I have already created them.What I want to do, is to make a bind between this 2 textboxes, so that the second to get the first boxes' text.I managed to do it, but only if the textboxes are on the same page, very easy (Textbox2.Text=TextBox1.Text) . But how to do it for 2 different pages, for 2 different users with 2 different roles?

Another trouble would be....How can I connect the both users same time....after i start debugging the project, I do a sign in but when I sign in with the second user,the first is automaticly siggned out and the text it's lost.Then, how can they synchronize and the second user see what the first one wrote,using that 2 textboxes? Wich is the solution?

View 4 Replies

Security :: Edit Users Roles In Gridview?

Sep 14, 2010

I am trying to implement a page for an admin to edit other users details including roles and profile. I have a custom profile provider that stores data in database. My implementation is a page that shows username and allows an admin to reset user password, unlock users and approve and disapprove the users. I wanted to add a column in the gridview to allow the admin to remove or add a user to a role with the constraint that a user should be added only to one role.

View 1 Replies

Security :: Authorize And Authenticate Users By Roles?

May 18, 2010

How can I authorize and authenticate users by roles? I have roles table and user's table, role Id is the primary key in the roles table and foreign key in the user's table.

View 4 Replies

Security :: Net Users And Net Roles Features Not Available In IIS7

Dec 13, 2010

I'm running IIS7 ( in integrated mode ) and Net. 4.0 framework on Windows 7.

a) If web application runs within Asp.Net v4.0 pool, then both Net Users and Net Roles features are not available.

b) I assume Asp.Net 4.0 apps can only run within Asp.Net v4.0 pools?

View 1 Replies

Security :: Multiple Applications Use Same Users & Roles?

Jan 10, 2011

I am using ASP.NET Membership with the default provider. I have a project where there are 3 different applications(seperated by the applicationName). Now I need every user to be able to log in to all the applications, but have a seperate role in each.Is this possible(I dont want to duplicate user details or logins for the same person)?

View 4 Replies

Security :: Transfer Users Roles Etc Form One Db To Another?

Jan 27, 2011

i hve 3 applications with membership providers which are wrking perfectly.. i am storing the users , roles , profiles etc in the same database as for the each application. now i want to store users roles etc in a single db n application data in separate db.. how can i shift existing users from current db to new db without re-creating them ..

View 6 Replies

Security :: How To Create Roles For The Existing Users In Database

Jun 10, 2010

I am newbie to asp.net.I want to create roles for the existing users in my database. I dont want to use the membership provider database n roles provided with it.(i don't want to use aspnet.mdf at all)

I am create roles for my existing users n assign i wanted to assign the particular roles to a particular assign.

View 2 Replies

Security :: Login Goes To Sql Server For Users And To SqlExpress For Roles?

Sep 9, 2010

I have a site witl forms authentication using te login control. I altered my sql server, I added a connectionstring and used the connectionstring in both, <rolemanager> and <Membership>. That part of the web.config is listed below.

The problem is that the login control goed to SQLserver to check the users and their passwords, but it goed to the SQLExpress database for the roles.....

[code]...

View 3 Replies

Security :: Create Users And Assign Roles After Deployment?

Feb 18, 2010

I have set up a very simple authentication page where the user enters his password and if successful authentication occurs the program allows the user to make use of the controls in the page.

I used ASP.Net Configuration to create the user and roles, SQL Membership Provider for the authentication tables and asp login controls to authenticate.

Is there any way to add users and roles once the project is deployed? Could I use the ASP.Net configuration page? and if so how?

View 3 Replies

Security :: Calling Roles.AddUserToRole Inserts Two New Users

Jan 2, 2011

I'm trying programatically to create a new user, that's working OK on it own, but whenever I add the following line to my code, it seems to create two new members with the same name in my aspnet_Users table?

Roles.AddUserToRole(newUser.ToString(), "Registered");

Here's my code:

[Code]....

View 6 Replies

Security :: Allowing Access To Users Who Are In Multiple Roles?

Feb 26, 2010

I have a web.config file with <authorization> section. I'm using window authentication.

The problem is that I would like to allow access to the web site to those users who are in multiple roles.

For example:

<authorization>
<allow roles = "Role1 AND Role2"/>
<deny users="*"/>
</authorization>

(Meaning I would like to allow access only to those user who are both in Role1 AND Role2.)

Is this possible to achive this?

If not, what would be the alternatives?

Note: Currently I'm doing the roles assignment in the Global.asax file in the OnAuthenticateRequest event (i'm reading the groups that the current user belong to in the Active Directory).

View 4 Replies

Security :: Managing Users And Roles Across Different Projects In A Solution?

May 27, 2010

Initially, in my solution I had one project, and had set up all that is required for asp.net security, and that includes users and roles and access rules, etc. All of that was and still is working fine.

Now I added another project to my solution, and my first project points to pages in the second project.

The problem is that it seems like the users and roles are not being transferred accross projects. Not sure if I am explaining my problem correctly...if not, feel free to ask...

Its my first time trying to manage users and roles accross projects within a solution.

View 1 Replies

Security :: Unable To Use Existing Database Users And Roles, In New Web Application?

Jul 13, 2010

I am creating a Web Application in asp.net 2.0 and sql server 2005.I want to use an existing database.

I have created a login and a signup page. Then i replace the new SQL database (the one that is created automaticly by the visual studio) with the exiting database I have.If I create a new user, the new user goes to the database and I can login with the new user. I cannot login with the existing users.If I go to the asp.net configuration, I only can see the new users I have created, I cannot see the users that were in the database already and I can't see the roles also.

I can I make the new application to recognize the users and roles of the existing database?

View 9 Replies

Security :: Development Time Can Managment Roles And Users By Clicking?

Mar 26, 2010

in development time i can managment roles and users by clicking from main menu website -- > ASP.Net Configuration but how to do that after deploy ??

View 4 Replies

Security :: Roles Not Applying In Web.config (NTLM Authenticated Users)

Jun 3, 2010

I am not able to allow/deny users based on roles in the web.config (using <location path>). The following does not work even if the user is in the 'Admin' role:[Code]....

I am able successfully execute IsUserInRole() and GetRolesForUser() in the codebehind and get expected results. The same applies to the web.sitemap, adding roles in there do not seem to apply to the user even if he is a member of the role.

Here is my web.config (trimmed some sections out so it's not too long):[Code]....

And web.sitemap:

[Code]....

View 8 Replies

Security :: Regain Access To Manage Users And Roles For This Application?

Sep 23, 2010

I am working on an application that resides on a development server on our internal network. The application was originally written to use Membership and Roles. We got busy almost a year ago before the app was finished, and now we are trying to get it ready to use internally.

The login page works just fine, but I have lost the ability to controls users and roles. I am running Visual Studio 2010 Professional now on a Windows 7 VM. I can open the application fine but there is no Web Administration Tool available for me to manage users or roles. If I go to Website -> in Visual Studio, there is no option for ASP.NET Configuration in the drop down menu. It simply isn't there.

How can I regain access to manage users and roles for this application? We are using Forms authentication and the database resides on a SQL Server 2005 instance on a separate box from the web server and my local VM.

View 1 Replies

Security :: Finding Sample Admin Page For Managing Users And Roles

Nov 9, 2010

Can anyone point me to a sample admin page for managing users and roles (forms authentication). Something like the security section of the WSAT, but for a finished site.

View 3 Replies

C# - Administer Website (create New Users, Assign Users To Roles, Etc.) From A Windows App?

Feb 9, 2010

I have an asp.net web app that uses forms-based authentication, a SqlMembershipProvider (using an encrypted password format), and a SqlRoleProvider. I need to know if it's possible to administer the users (create new users, assign them to roles, etc.) from a windows application - the powers that be don't want any administrative functionality in the web app itself.

Here is the membership provider definition from web.config:

[code]....

So, obviously, I have a Sql Server database that contains the users and roles for the web app. I'd like to create a separate windows app that references the web app assembly, and use the configured MembershipProvider, RoleProvider, and machineKey to create users, assign users to roles, etc. If that's not possible, I can duplicate the configuration settings from web.config within the windows app. But I don't know how to do this either.

View 3 Replies

Security :: Grab A Users/roles List / How To Implement A User's List Into Website

Sep 16, 2010

Just wondering how to implement a user's list into website ? im using ASP.NET C#. I want to be able to:

add/delete usersadd/remove roles

View 2 Replies

How To List Windows Users And Groups

Aug 18, 2010

I have a ASP.NET Website project and I need to list all the users and their groups on my Windows system. I have set the identity impersonation to true and provided the username and password of the admin in the web.config. Where do I start?

Update:

I have the following code at the moment -

var machine = new DirectoryEntry("WinNT://<IP ADDRESS>");
foreach (DirectoryEntry child in machine.Children)
{
// get the child's group(s).
}

When I debug, I can see the list of users in machine.Children. How do I find the group(s) that this user belongs to?

View 2 Replies

Security :: How To Hide Multiple Roles With Roles.getallroles()

Mar 7, 2011

I have a multi level application that I am developing and need to block multiple rows from being joined. I know how to hide one role but I cannot figure out how to hide multiple.

Here is my current code

[Code]....

View 2 Replies

Security :: Retrieve List Of All Security Groups For Server?

May 6, 2010

I am utilizing local security groups to secure my application and I need to list all the available groups on the local machine. I can get the list of groups a user is a member of, but I need the complete list of available groups.

View 1 Replies

Security :: Automatically Assigning Roles / Standard Practice For Assigning Roles To Newly Signed-on members?

May 17, 2010

Newb question: what is the standard practice for assigning roles to newly signed-on members. Is it usually manual or is there a way of automatically assigning roles. Being completely new to this, I am confronted by the issue of my site having three different roles that new members could fall into, but am unsure about how to assign each a role. I can't imagine having to go through the process manually if I have thousands of members.

View 6 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved