I tried googling this and have had no luck. I would like to implement membership roles without any reference to email accounts or smtp. Does anyone have information on this topic?
View 4 RepliesI create custom principal for implement logic for users. In identity I store Id, Name. But it abnormally - this classes must use for authenticate and authorize.
I can implement custom MembershipUser, custom Roles and Membership provider.
How to do it? What best practices are?
I am using forms authentication to protect a website and would like to set it so when someone uses the registration form that the account created is disabled and an email is sent to me notifying me of the new signup. Then I can go and enable the account.
I am very new to this but have gotten the basic registration form and login form working with my SQL 2008 Server but this is a bit above me and I have looked through the MSDN info on the CreateUserWizard and don't see options for this.
[ASP.NET 3.5, FormsAuthentication, SQL Server]
In the Roles table there is Role, and RoleType.
I have 3different roles, 2 of which have sub-roles.
Example
Role----------------------Type
Adminstrator
Subscriber---Basic
Subscriber---Business
I need to implement Code Access Security, and URL based security using the roles & types...
For instance, the (Subscriber/Basic) would need to view a different set of pages, and have different access to things then a (Subscriber/Business).
I think I can handle the Code Access security with a custom attribute, but I am unsure to how enforce a User be apart of 2 roles in the URL Authorization.
I am currently using the web.config to deny/allow access to the directories/pages.
e.g.
/Areas/Admin/web.config
[Code]....
Is it possible to force the user to be apart of 2 roles with this technique?
Pls explain the Membership Roles in MVC ASP.NET 3.5
View 1 RepliesI have an live website and I need to enable roles and add it to a folder. What's the best way to go about it? Do I add code to web.config? Do I add code to individual pages? Do I use the membership provider service with V W D and recopy the website?
View 7 RepliesLets say that I have a database set up with a load of info in it and I decide I want to add the membership and roles functionality to my site but my hosting provider makes me pay for each database I use. I don't want to pay for another db, so how do I set it up so that instread of creating membership and roles tables in the the aspnetdb database, it creates them in my existing database?
View 5 Repliesin my app i want to create two types of users. (1) 'staff' (2) 'admin'
i have a page called registration which basically creates a user. i used the asp.net configuration wizard to create roles and set access rights to certain pages and this works great.
however, if i was to deploy this app then users wouldnt have access to the asp.net wizard therefore not be able to create users with roles/access.
so how can i do this in code? can i create a drop down in the registration page with two values (staff and admin) which will represent roles and then another drop down with access rights? (allow/deny)
how can i now program these drop down and make it work like i would normally do using asp.net configuration wizard?
I need to enable/disable roles using membership. How is it done.
View 3 RepliesI am trying to load all the roles into my dropdownlist but I keep getting an error saying IDatasource is not listed, I have the following code:
Roles.datasource = Roles.GetAllRoles()
Roles.databind()
What Else do I have to do?
I'm trying to build a portal kind of an application in asp.net, in which one of the functionality is letting people log in and upload their documents. The upload page is only accessible to registered users of the portal.
Problem:
I would like to track the user uploaded files according to their userIds.
Is it possible to use the FileUpload Control and C# to fetch the current user id, create a directory with the same name(as that of userID) in the file system and upload the files( multiple file upload, if necessary) into it?
Also another admin page would have to be able to see the list of files uploaded by the specific user and download it if necessary.
have a project where there are main 3 types of users i have to block them from accessing other pages but without using roles or membership is there any other way to do the same?
View 3 RepliesIts very easy to add users to roles by using the in built controls. but how can add users through customized login controls?. i have tried using
//MembershipUser m = Membership.CreateUser(name, pass, null);
I have developed an asp.net website. I Have Used Asp.Net membership provider.My Question is , I Have Three Roles , For Eg: Basic, Intermediate, Admin ...Now , i need to apply two roles for single page say basic and admin .... How can i do this ... Plz help me .... Thanx in advance ......
if (Roles.IsUserInRole("Admin") == false)
Server.Transfer("AccessDenied.aspx");
I need to implement field level security based on the roles. I have a page Employee.aspx . In that i have ten controls. If i am enter as admin role i need to show all the controls. If i am enter as user have to show only five controls. How to design the appplication for control level security?
View 5 RepliesI want to create the roles,membership and user data on ISeries AS 400 rather then the one used in APP_Data.
View 4 RepliesI have a client asp.net website that uses ASP.Net Membership, Roles and Profile providers and Login controls. I need to expand the application so was going to use WCF Workflows, the ASP.Net website will be hosted on a different server than the WCF Services so what I want to do is get the ASP.Net Website to auth via the WCF Service. So process will go:
ASP.Net Website ------------------> WCF Service ------------------> SQL Database (Membership, Roles, Profile, Workflow Persistence Data and Business Data)
I tried creating a custom Membership and Role providers but I have had problems managing the users (Membershipuser class) saying null when a vaild user has been return by the WCF Service as can access the properies but not the methods.
Is it possible to have the same DB and web.config for both local development machine and the final production server(with forms authentication)? I'm asking this because if I change anything in the ASP.NET Configuration screen(should I use this at all?) I loose the ability to login. Don't know what to put in the <Membership><applicationName>, should it be /myapp-editor or just /, it's different since it runs on two different domains/servers(final server doesn't have an application dir, just root). How can I make sure that the user created on one server will be usable on the other machine?
View 3 Repliesi have been creating a website on my computer which has VWD 2008 and SQL Server 2008, i have membership and role system set up, (using the aspnet_regsql) and that worked perfectly fine on my compuetr.
Now when i was ready to deploy it on my web server, i simply copied the whole database, and added it onto the SQL Server on my server, so it has exactly the same rows, tables, data, etc etc.
Now, when i run the website via the domain, users are able to login etc, and my authentication code that redirects users if they are not logged in also works, so im sure it cant be a problem with the membership provider, as it all seems to work.
But all the users that were already in the set roles, it still shows them in the role in aspnet_roles table, but its not working, the thing i have in the roles loginview does not display, and even after running the web administrator tool, it shows that the user is in that role, but does not work (even while viewing on the local machine)
So i added code in a page_load event that would auto add that user to the role
System.Web.Security.Roles.AddUserToRole(HttpContext.Current.User.Identity.Name, "TestRole");
and on entering the domain (on the local server) i got error:
The role '' was not found.
And on local host server
I get error:
The user 'TestUser' is already in role 'TestRole'.
But yet, even on the localhost i still cant see any indications that the user is in a role, as none of my rle login views are showing.
The role '' was not found.
once user answers security question and clicks submit that you can then re direct them to a new page and display their password on screen? rather than send an email?
View 1 RepliesI am using asp.net membership for all the users and roles, right now i have a website on which i have created 2 roles "admin" and "member" in this website i create accounts, so all the accounts are separated/distinguished by account name now i was to add one more role "accountholders" and i want to add this role in such a way that an account holder will be able to see his / her account's stuff ...
i as admin will be creating username and password for accountholders and i will provide them their login credentials so that they can login and see what's in their account. My idea of creating account is that, the accounts that i have in my database will be the key, so when i will create username for particular account , in the create user wizard i should have a drop downmenu will all the accounts name. so the user that i am
creating will be linked on that account only ..
I'm using vs 2005 and asp.net 2.0 to create my website. Recently, I thought about applying membership instead of my customized security system in order to achieve higher security level and performance. At first thing went well, since it was easy to create/manage users and Role names from behind code, but when I came upon the "Access Rules" I faced what you can call it an 'obstacle' at least from my opinion.
The thing is, I don't want to use Asp.net Web Site Administration Tool to create and manage my access rules which I'm going to assign to each of my dynamically created Roles. What I want to be able to do is make a page where the Admin can create/manage his desired Role(s) and also, create/manage the Access Rules, then add such Access Rules to the previously created Role(s).
Now, what I need to know first is... is it even possible to do such thing in the first place? Because the way i understand it is, since the access rules are stored in the web.config of each folder/directory that you apply them on then it shouldn't be allowed to modify it from the running/published website.
I have incorporated the asp.net membership and roles feature in my web app on my local dev setup that uses SQL 2008 Developer edition, all works as it should.
My remote system uses SQL 2005 express and I went through the process of creating the ASPNET membership tables via the "aspnet_regsql" command to my remote target database. I then created a few users, adjusted my app connection strings accordingly and uploaded.
My login page uses the "login" server control and when I try and login using credentials from one of the previously created users I get a "Your login attempt was not successful. try again." error. I know the users are in the DB as I can see then via the SQL Management studio on the remote DB. I have triple checked the username/passwords and I am definately entering the correct info. The connection strings are correct as the initial page renders content from another table in the DB. I am getting no errors.
My best guess at the moment is that SQL Express handles Membership/Roles connections differently to the full versions of SQL?
providing template or sample code to manage users from Client side.
My Environment Details:-
Framework: 3.5
Code Behind: C#
Membership/Roles Provider: SQL Server
I've created a membership system based on asp.net 2. There are other tables that store user information, such as emails sent etc. I've created a users table based on the TableProfileProvider. My question is concerning deleting the member
Is it OK to delete the member from the aspnet_membership table and roles related tables using Membership.DeleteUser, though keep all the custom tables and the information including the information in the Users table created by the TableProfileProvider? or can you foresee problems?