i have a class library for membership provider and inherits from System.Web.Security.sqlMembershipProvider
i just want to change somthing in it this class library will work in difrent web form application
i need to get the connectionStringName in web.config where the membership set to work with it.
how can i get the connectionStringName?
I'm working with the default asp.net membershipprovider. Now, by default, that requires that all members registere have all unique email-addresses.However, I'd like to override that because, in a code behind of a certain webpage, I do not need emails to be unique.
View 4 RepliesI'm trying to unit test the MembershipProvider, however I cant figure out how or whether there is any need for unit testing of it...My business layer:
[Code]....
The only examples I've found so far requires a "MockMembershipProvider" with a local database setup... seems quite odd to me.
I trying to understand how a server farm would use MembershipProvider / RoleProvider. If I have a million users, I do not want to have multiple copies of the MembershipProvider / RoleProvider database. I would like to have one set of machines used for login but then redirect users to other machines in the server farm depending applications the users decide to use. However, once they are redirected to the new machine, I do not want the user to have to relogin. I want the credentials and role information to be available.
Does anyone know how MembershipProvider / RoleProvider is configured for this type architecture?
I have created a custom MembershipProvider and RoleProvider which communications with some existing business logic. The issue I have is that the user login in my business logic requires 3 arguments (group id, user id, and password) and the MembershipProvider and RoleProvider I implemented just use 1 or 2 arguments (username, password). Right now I append my group id and user id together and pass it as the username then parse it in the implemented methods. Is there a better way to do this?
Note, I can handle the login fine because I can call my own ValidateUser method. The main issue is when the implemented methods are called from other things like the RoleProvider.GetRolesForUser(username) method when I use the AuthorizeAttribute.
[Code]....
[Code]....
I'm using various ASP.NET controls out of the box such as the CreateUserWizard control, Login control etc... For custom controls, I have sanitized my inputs by making sure they conform to expected values. However, is this required for the controls such as the CreateUserWizard control, or is that handled internally? Do I need to provide any extra server side validation to these controls and, if so, would it be best to do it in the "CreateUserWizardControl_CreatingUser" event?
View 2 RepliesI have a web page, where the administrator can reset other users password.I am not using any membership controls here.I found that i can use Membership.Provider.ResetPassword() function.But i want to send the new password to the user through the mail, just like in password recovery control, reusing the mail configuration in the web.config file(which membership use with the password recovery control).Do i need to explicitly do the coding for sending the mail, using SMTP client, and mail message class?or is there any builtin functionality inside membership for this just like in password recovery?
View 8 RepliesDoes Forms Authentication require that cookies be enabled to use MembershipProvider and RoleProvider? If so, can anyone tell me the minimum security level I need to tel clients to use.
View 2 RepliesSay for my ASP.NET application, I have implemented my custom RoleProvider by using my existing Users table on my Oracle 11g database. Then, for my Membership Provider, can I still use the AspNetSqlMembershipProvider that comes with the .NET framework and uses SQL Server?
View 4 RepliesI have written an assembly (DLL) containing two classes, MyMembershipProvider and MyRoleProvider, which are derived from MembershipProvider and RoleProvider, respectively. I have implemented most but not all of the abstract methods; the remaining ones all throw a NotImplementedException. I have signed the assembly and added a reference to it in my web-site project, where the relevant web.config sections look like this:
[Code]....
When I fire up the site, however, I get the following error:
Configuration Error
Description:
An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message:
Exception has been thrown by the target of an invocation.
The error message points to the <add /> tag in the <roleManager /> section: if I take that out, however (enabled="false"), it comes back again as soon as I try to log-in to the site (this time pointing to the membership section). I have verified that is recognising the classes by changing the name in the "type" attribute (to something that doesn't exist), at which point it throws a different error. Therefore I'm presuming there's a problem with my assembly code somewhere; but how can I find out where? I have debug=true in the web.config and also compiled the assembly with Debug options, but no clues.
used the built-in Membership framework and has implemented his own provider by creating a class that inherits from MembershipProvider (found in System.Web.Security). I actually went ahead and created a custom provider which inherits from MembershipProvider. The problem is that there are several methods I do not really need. Also, the schema is totally different. Plus, most methods return a MembershipUser which means my User class has to inherit from it as well. So really, what benefits does the MembershipProvider and the whole Membership framework add to my system? Do these benefits justify the fact that I won't be using most of the methods on the class?
View 7 RepliesI'm facing very odd problem with my application. I've been developing my own custom memberhip provider (derived from MembershipProvider, of course) and everything was working smoothly, until something odd happened. In my config file, I register my provider with such code:
[Code]....
When I deploy my site, I get this error message:
Configuration Error
Description:
An error occurred during the processing of a configuration file required to service this request. review the specific error details below and modify your configuration file appropriately.
Parser Error Message: Input string was not in a correct format.
Source Error:
Line 62: <clear/>
Line 63: <add name="CustomSqlMembershipProvider"
Line 64: type="My_Membership.CustomSqlMembershipProvider"
Line 65: applicationName="My Application"
Line 66: enablePasswordRetrieval="false"
I am beginner in web applications development. I started one little project and host it on source forge "https://homoco.svn.sourceforge.net/svnroot/homoco". And I started implementing authentication in this application to learn how it works. From my experience people never use out of the box things so I want to implement this stuff alone (like in real world projects). So some questions:
1) Is there any reason to use membership out of the box? To use database table schema, stored procedures etc. that tool generate for developer. I think that this lower control over code and I decided to implement it my self. I don't know if I am right.
2) Is my approach in this demo project good or bad (if someone have time I like to do just a little code review)? I created database based on business rules. Not using database schema that membership provider require. Extend "MembershipProvider" class to satisfy my needs. Implement queries to database myself.
3) Now, this question is a little wired but I have to ask it. If we make custom Membership Provider and do sql queries alone, implement all MembershipProvider class methods ourselves, and in application use Membership.blabla() why is this approach different from not extending MembershipProvider class and putting all this methods in some unique class and call its methods then? I hope that someone understand what I ask here.
I am sorry for three questions, but I really trying to find the best way to implement this feature in my demo project like it is a real world application.
I'm trying to unit test the MembershipProvider, however I cant figure out how or whether there is any need for unit testing of it...
My business layer:
public interface IAccountService
{
MembershipCreateStatus CreateUser(string userName, string password, string email);
}
public class AccountService : IAccountService
{
private readonly MembershipProvider provider;
public AccountService() : this(null) { }
public AccountService(MembershipProvider providera)
{
this.provider = providera ?? Membership.Provider;
}
public MembershipCreateStatus CreateUser(string userName, string password, string email)
{
if (String.IsNullOrEmpty(userName)) throw new ArgumentException("Value cannot be null or empty.", userName);
if (String.IsNullOrEmpty(password)) throw new ArgumentException("Value cannot be null or empty.", password);
if (String.IsNullOrEmpty(email)) throw new ArgumentException("Value cannot be null or empty.", email);
MembershipCreateStatus status;
provider.CreateUser(userName, password, email, null, null, true, null, out status);
return status;
}
}
The only examples I've found so far requires a "MockMembershipProvider" with a local database setup... seems quite odd to me.
I'm working on an ASP.NET solution with 2 projects. One is the web interface and the other contains my business logic. I'm using LINQ to SQL for my data access in the second project.
Apart of my database, I have a table called Users which holds user information.
I've started to implement a MembershipProvider. I notice that MembershipUser is coupled with MembershipProvider. What is the most correct way of getting my BLL/DAL to talk about Users?
Should I minimally implement MembershipUser and whenever a user calls a method, it will call for eg. GetUserInfo() in my BLL/DAL, to get complete information about the user?
Or should I make the MembershipUser class methods call my custom "Users" class methods (like a wrapper) in the BLL/DAL (this custom users class is not related to linq)?
Or can I somehow extend the Linq to sql class "CFUsers" to extend MembershipUser.
I have an C# asp.net app using the default Sql MembershipProvider. My web.config has a few settings that control how I'm using this Provider:
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresUniqueEmail="true"
passwordFormat="Hashed"
minRequiredPasswordLength="5"
The problem I'm running into is that when people reset their passwords, it seems the ResetPassword() method returns a password that is longer than I want and has characters that can be confusing (l,1,i,I,0,O). Furthermore, I'm sending my users an email with a plain-text message and an HTML message (I'm using MailMessage with AlternateViews). If the password has unsafe HTML characters in it, when the email clients render the HTML text the password might be different (e.g. the %, &, and < aren't exactly HTML safe).
I've looked over the "add" element that belongs in the web.config, but I don't see any extra configuration properties to only include certain characters in the ResetPassword() method and to limit the password length.
Can I configure the ResetPassword() method to limit the password length and limit the character set it is choosing from?
Right now I have a workaround: I call ResetPassword() to make sure the supplied answer is correct, and then I use a RandomPassword generator I downloaded off the internet to generate a password that I like (without ambiguous characters, HTML safe, and only 8 characters long) and then I call ChangePassword() to change the user's password after I've already reset it.
We are converting an ASP site (using DotNetNuke) to a new PHP site. The only thing we have right now is a full export of the existing database. One of the tables is called "aspnet_Membership" and contains the following fields:
Password (looks like base64)
PasswordFormat (always value 2)
PasswordSalt (looks like base64)
PasswordQuestion (always empty)
PasswordAnswer (always empty)
We would like to decode these passwords and hash them to fit our own framework. From what I understand from the .NET documentation these kind of passwords can be decrypted. Is there an algorithm available that can do this or is it more complicated than that? Will it be possible if we create an ASP script on the current server?
Within a controller action, how do I get a reference to the current MembershipProvider? That would be the one specified in web.config as the default provider. I newed up an AccountMembershipService object, but it does not expose the _provider within it.I am not entirely clear on what I want. I want to create a site user in code and then store the UserId as a foreign key in the vendor master of my application. To do that I am thinking I can add a method to my custom membership provider that creates a user and returns the ID of that new user. What I need is be able to get a reference to the custom membership provider in the controller action method.
View 1 RepliesI would like to validate a password field for creating / updating users in asp.net (.net 3.5). The password will be used for a MembershipProvider.What is the best way to implement this so that the validation will use the configuration settings of the membership provider? Of course I can just write the code, but this seems like something so fundamental that there must be a drop-in way to do it.[edit] clarified that this is a password field for new users or for changing passwords, so ValidateUser doesn't help.
View 3 RepliesI need to give a user the ability to change the email of any other user listed in the aspnetdb. I can easily change their password, but I can't get the email to change. I thought that usr.email = [URL] would work, but it doesn't. It doesn't error, but it also doesn't change anything.
This is the basic code:
Dim usr As MembershipUser = Membership.GetUser(userName)
usr.Email = txtEmail.Text
I try to implement a Custom MembershipPriver with a Custom MemberShipUser in my own database (with a specifics Users Table Model) : This is ly diffent files:
iTwitterMembershipProvider.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Collections.Specialized;
using iTwitter.Models;
public class iTwitterMembershipProvider : MembershipProvider
{
public override string ApplicationName
{
get { return _ApplicationName; }
set { _ApplicationName = value; }
}
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
throw new NotImplementedException();
}
public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)
{
return false;
}
public override iTwitterMembershipUser CreateUser(string login,
string password,
string email,
string tokenKey,
string tokenSecret,
string twitterUserId,
object providerUserKey,
out MembershipCreateStatus status)
{
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(login,
password,
true);
[Code.....]
i am using AccessMembershipProvider in my asp.net project.
I want to add "Address" element to membership.
I added a column "Address" to aspnet_Membership table in ASPNetDB.mdb.
But i can't do other settings.(web.config, configuration,AccessMembershipProvider.cs)
I've been wondering how i go about writing a MembershipProvider that authenticates using a WCF Provider. At the moment i have a wcf service that will authenticate a username and password.
I can write my own Membership provider that will authenticate using WCF calls, thats no problem. What i want is to have the WCF as the actually provider.
Meaning in the web.config file i just put the WCF service as the MembershipProvider. Or is this not possible or not the way this is to be done.
I have registered a custom MembershipProvider class in my Web.Config file. I'm using Inversion Of Control using Castle Windsor and I have registered my custom MembershipProvider class as transient (because it's using a service that's transient as well).
This means that I want the Membership provider instance recreated on every web request. Currently, it is created only once per application domain so when it tries to access the service it depends on, that service instance is reused while it is not supposed to.
Now I need to find a way of having Windsor control the lifetime of my custom MembershipProvider but I don't know how. I expected a factory sitting around somewhere in the .NET Framework, allowing me to override the instance creation and rerouting it to Windsor but I can't find anything alike.
By the way, I'm using .NET 4.0.
UPDATE: Here's some of my code so you can see what I'm doing exactly:
[Code]....
I was wondering if it is possible to use a WCF Dataservice as the MemberShipProvider for a forms auth application. I have written code for a provider (below), but I do not know what to do as far as a connection string, or any other web.config properties.
Here is the code for my provider, anytime it says Odbc that is because I based this off of the custom Odbc provider on the msdn site. The only ACTUAL references to any odbc connection are in the comments:
[Code]....