Security :: Use Of The MemberShipUser Class?
Mar 9, 2011What is the use of the MemberShipUser Class and can we use our own database with MemberShip User Class? Please provide me the some example.
View 1 RepliesWhat is the use of the MemberShipUser Class and can we use our own database with MemberShip User Class? Please provide me the some example.
View 1 RepliesI've added a class library project to my application.
In one of my classes, I need to use the MembershipUser class, but the project can't find it. I've added references to System.Web, System.Web.Security, and System.Security.Principal.
I'm using the default SqlMembershipProvider,but I've created a custom MembershipUser class (SoeMembershipUser) because I needed a "DisplayName" property.All the DisplayName does is look at the UserName and format it differently.When I try to cast a MembershipUser to a SoeMembershipUser user I get an InvalidCastException.
Exact error is:
"Unable to cast object of type 'System.Web.Security.MembershipUser' to type 'Soe.Tracker.SoeMembershipUser'."
Here is the code that fails:
SoeMembershipUser user = (SoeMembershipUser)Membership.GetUser(username); // invalid cast
I have also tried casting later like so:
MembershipUser user = Membershipship.GetUser(username); // ok
...
string displayName = ((SoeMembershipUser)user).DisplayName; // invalid cast
Here is the SoeMembershipUser class:
NOTE: I left off the constructors at first, but added them in later when I started having problems. Adding them made no difference.
public class SoeMembershipUser : MembershipUser
{
public SoeMembershipUser()
: base()
[code]...
I'm unable to set Comments property of a MembershipUser type objects.
E.g.
MembershipUser mu = Membership.GetUser(username);
mu.Comment = "someComments";
I'd expect this to set the Comment property of mu object to "someComments" and write changes to the database.
Later, I do a following check:
mu.Comment == "someComments";
Comment property is set to null. Is there anythign that I need to change in a web.config or...?
When I run the following debugging code it writes out credits:0
Dim MembershipUser As MembershipUser = Membership.GetUser()
Dim UID As String = MembershipUser.ProviderUserKey.ToString
SQL = "SELECT SUM(Credits) As Credits FROM Credits WHERE " & _
"DateDiff(m, [DateTime], GETDATE()) < 6 AND [UserID]=@UserID;"
cmd = New SqlCommand(SQL, Conn)
cmd.Parameters.Add(New SqlParameter("@UserID", UID))
DataReader = cmd.ExecuteReader()
If DataReader.HasRows Then
Do While DataReader.Read
[Code]....
MembershipUser newUser = Membership.CreateUser(UsernameTextbox.Text, PasswordTextbox.Text);In web.config i have connection string but i would like to use MemBershipUser on different connection string.
View 1 RepliesBefore spening anymore time researching this, I'd like some opinions.I inherited a .Net application - and I won't even mention that the previous owner built it using inline code and removed the code behind pages - so I have a LOT of fixing to do, including adding a data access layer.But, there is a login control and this sets the MembershipUser.There is a second app, written in ColdFusion, that I am passing one variable to the .Net app.We need one login for both apps. So, the CF is logged in and goes to the .Net app.I can check this var and see if the user exists but need to log the user in and set roles and Membership but bypass the login of the login control.
View 2 RepliesI have a page in my MVC application that shows all the users registered on the site. I retrieve informations about an User with this call:
[Code]....
I'm have a doubt using membershipuser to create users in the AD with Membership.CreateUser Method, does any one knows how can i send other attibutes to the AD, such as First Name and Last Name?, besides those ones: username
As String, _
password As String, _
email As String, _
passwordQuestion As String, _
passwordAnswer As String,
Writing a custom membership / role provider and have to validate user with extra parameter to Membership.Validate. So, instead of Membership.Validate(username, password) I need Membership.Validate(username, password, client).
Is this possible with the existing MembershipProvider? I would have liked to pass a new MembershipUser to the Validate method but didn't see anything that would work for that.
I create custom principal for implement logic for users. In identity I store Id, Name. But it abnormally - this classes must use for authenticate and authorize.
I can implement custom MembershipUser, custom Roles and Membership provider.
How to do it? What best practices are?
I am beginner in web applications development. I started one little project and host it on source forge "https://homoco.svn.sourceforge.net/svnroot/homoco". And I started implementing authentication in this application to learn how it works. From my experience people never use out of the box things so I want to implement this stuff alone (like in real world projects). So some questions:
1) Is there any reason to use membership out of the box? To use database table schema, stored procedures etc. that tool generate for developer. I think that this lower control over code and I decided to implement it my self. I don't know if I am right.
2) Is my approach in this demo project good or bad (if someone have time I like to do just a little code review)? I created database based on business rules. Not using database schema that membership provider require. Extend "MembershipProvider" class to satisfy my needs. Implement queries to database myself.
3) Now, this question is a little wired but I have to ask it. If we make custom Membership Provider and do sql queries alone, implement all MembershipProvider class methods ourselves, and in application use Membership.blabla() why is this approach different from not extending MembershipProvider class and putting all this methods in some unique class and call its methods then? I hope that someone understand what I ask here.
I am sorry for three questions, but I really trying to find the best way to implement this feature in my demo project like it is a real world application.
I try to implement a Custom MembershipPriver with a Custom MemberShipUser in my own database (with a specifics Users Table Model) : This is ly diffent files:
iTwitterMembershipProvider.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Collections.Specialized;
using iTwitter.Models;
public class iTwitterMembershipProvider : MembershipProvider
{
public override string ApplicationName
{
get { return _ApplicationName; }
set { _ApplicationName = value; }
}
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
throw new NotImplementedException();
}
public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)
{
return false;
}
public override iTwitterMembershipUser CreateUser(string login,
string password,
string email,
string tokenKey,
string tokenSecret,
string twitterUserId,
object providerUserKey,
out MembershipCreateStatus status)
{
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(login,
password,
true);
[Code.....]
I need to set IsApproved = true; for a User (using MembershipUser) when I select a CheckBox in a GridView.
The event handler uxRoleCheckBoxSelector_CheckChanged it is setted on the actual CheckBox.
Could you tell me guys what I am doing wrong?
Script does not generate any Exception but does not work.
[Code]....
I created a custom membership provider and am getting the following error trying to create a new "MembershipUser".
Could not load type 'MyTestApp.Membership.TestMembershipProvider' from assembly 'System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'.
I am running this from a Unit Test project, so I'm not sure if that's causing the issue, but I did include System.Web, System.Web.ApplicationServices as well as a reference to MyApp.Membership and MyApp.DataModels (Entity objects).
The error happens inside my "GetUser" function which is below, my configuration is also below.
[code]....
I am using ASP.NET MVC 3. I am using what essentially came with for free in the Visual Studio project template for an MVC project with the "Internet Application" option. Basically this brings in Forms authentication and provides some basic elements to manage user login and stuff.
I am also using the web profiles stuff with this to store some custom fields. Everything was going great. I use SuperFunProfile as a wrapper around the Profile instance to make it easier to get at profile properties. Until I wanted to set a property of a Profile right away after signing the user up.The problem I can't solve is that this.Request.RequestContext.HttpContext.Profile contains the profile for the anonymous user. How can I get a new profile for the user now that he should be signed up and signed in?
public ActionResult SignUp(SignUpModel model)
{
if (ModelState.IsValid)
{
[code]....
I poked around Membership and Web.Profile, but I am not seeing anything that looks like it will get me closer to my goal.Maybe I should just create a ProfileModel that I store myself into the DB rather than using Web.Profile? I could key that on MembershipUser.ProviderUserKey which would make it easier to create a ProfileModel at sign up, I suppose.
I am trying to provision some users to update their email address in active directory (AD). I'm trying to achieve it using MembershipUser class. But getting 'general access denied error'. Here's my code:
string userName = "sathish";
System.Web.Security.MembershipUser userDetails = System.Web.Security.Membership.GetUser(userName);
if (userDetails != null)
{
userDetails.Email = "sathish@xyzee.com";
I am trying to provision some users to update their email address in active directory (AD). I'm trying to achieve it using MembershipUser class. But getting 'general access denied error'. Here's my code:
string userName = "sathish";
System.Web.Security.MembershipUser userDetails = System.Web.Security.Membership.GetUser(userName);
if (userDetails != null)
{
userDetails.Email = "sathish@xyzee.com";
I have an application that uses its own authorization to determine if a user has access to pages. I want to display a more friendly "access denied" page in the event that access denied. In the MasterPage...
[Code]....
In the web.config
[Code]....
I get the error below. To me it looks like I'm not allowed to, or the error is a result of just trying to instantiate the UnauthorizedAccessException() class,Attempted to perform an unauthorized operation.
Exception Details: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}ASPNET on IIS 5 or Network Service on IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
I currently built a custom form using VS 2005 to accommodate administrators when deleting users from the membership "aspnetdb" database.
I set the method for the objectDataSource to use "DeleteUser(String username, Boolean delete All Related Data), returns Boolean".
When I run the application and click the delete link from my gridview I receive the following error message:
"Value cannot be null. Parameter name: username"
How do I get the value for username?
I am using VB.Net/ASP.Net 2008/3.5 to create a Web Application and I am trying to access the Profile Class.
I notice that unlike a "Website" that you cannot access the Profile class from a "Web Application" and I was wondering what is the best way of adding the Profile class to a Web application?
I'm trying to create roles for my web application using the Role class methods provided in ASP.net but when I attempt to use the class methods as such:
[Code]....
I am using a custom membership provider. I want to expose additional properties under User class.
So in my custom membership provider class I added few Properties (FirstName, LastName, Address, etc) and set their value in ValidateUser(). However back in aspx.cs if I type User. I do not see FirstName, LastName and Address in intellisense.
Is what I'm attempting to do even possible? Or do I need to resort to using my own custom user class? In which case I wouldn't need to use custom membership provider because I can program my custom user class to do everything that custom membership provider can do. Only thing is I would need to pass this user object in session object.
I'm new to this forum, Ok here is the problem. I tried to implement the user profile pattern that provided by ASP.Net 2.0, first I added this couple of tags to the web.config
<system.web>
<anonymousIdentification
enabled="true"/>
<profile>
<properties>
<add
name="Name"
allowAnonymous="true"/>
<add
name="Age"
allowAnonymous="true"
type="System.Int16"/>
<group
name="User">
<add
name="Category"
allowAnonymous="true"/>
<add
name="MemberSince"
allowAnonymous="true"
type="System.DateTime"/>
<group>
<properties>
<profile>
Then I buit the project and moved to the page code behind, the surpise is that I didn't have the Profile object in the intellisense.
I'm new to MVC and I have a question and I need your inputs.I have this portion of code inside a method (let me just call this MyMethod):
[Code]....
where I am simply using the default CreateUser method from default Membership class to create a new user. This method simply adds the user on the default membership table. Now I have another table which I call userDetails table and I am hoping to add additional information related to the user recently added on the membership table.I can simply add more codes inside MyMethod to do the above logic of adding the additional information to another table. However I was thinking that if I do this... and I delete the user using the ASP.Net Web Application Administration Tool, I may end up with orphan entry on my userDetails table after the user is deleted from the membership table (since the administration tool wouldn't know MyMethod and use the default method from Membership class).So is there a way I can override the CreateUser method from the System.Web.Security.Membership class such that it goes through this flow?
1. invoke the original or base CreateUser method (the user is now created during this step)
2. determine user_id of the newly-added user on membership table.
3. add more user-related information on another table example: userDetails table.
This way, every time I call the CreateUser method it automatically adds the necessary entries on the membership and userDetails tables.If I create my own membership class inheriting from the original class, it would mean a lot work rewriting lots of methods when in reality what I'm trying to achieve is only adding additional information related to the user. I tried modifying the default membership table from the provider database but I get and error during the user-creation process. This gives me the impression that I am not allowed to modify the existing tables... which would lead me to creating a custom provider.