C# - How To Create A Custom Membership Provider For MVC 2
May 5, 2010How do I create a custom membership for ASP.NET MVC 2 based on the ASP.NET membership provider?
View 5 RepliesHow do I create a custom membership for ASP.NET MVC 2 based on the ASP.NET membership provider?
View 5 RepliesMy question relates to membership providers. I have two websites that run on two different servers. One website is a community website that uses Telligent community server 2007. The other is a website that contains information. I have a form where users can request more information. What I would like to do is when a user requests more information, automatically create a user account in my community website. I was told that I can create a custom asp.net membership provider that will create a new user account in my community website. I have read some info at msdn and asp.net websites, but I am still unclear as to how I can create a custom membership provider that will work across different websites running on different servers.
View 1 Repliesany tutorials or materials that to implement a custom membership provider where I can using Linq to Entities for data retrieval in its internals?
View 1 RepliesI want to create a custom membership provider which doesnot has Password Question and Password Answer fields. But has some other extra fields.Is it possible? I am asking this because if I inherit MembershipProvider class then I get forced to use default CreateUser Method which has password question and password answer parameters. I don't want these parameters.
View 1 RepliesI have watched the how to video on Creating a Custom Membership provider. So far it works great. My login control interacts well with it etc. Now i've created a Custom Role Provider. I've created a class that inherits the RoleProvider base class and i've added code to each Sub. My question is, what is the best way to implement the role provider, considering I get the Roles etc from the database?
View 11 Repliesi have implemented custom role provider and membership provider .
login page : SignIn.aspx
on successful login it redirects to (index-Homepage.aspx)
now PROBLEM is when it successfully logged in ,and redirects to 'index-Homepage.aspx' it gives Anornymoustemplate ..while its verifying the role correctly in index-Homepage.aspx.cs
This is my first membership provider; I converted the sample provider [URL] to SQL. I created a vb class provider and put it into the App_Code folder. After it was created I tried to modify my webconfig but the error pops up. I don't know what else to try, I don't know if I have missed something
webconfig:
[code]....
i'm building an application and i need to manage roles, users and more things so i tought to use the membership provider but i have some questions about it: can i full extend it and can i override the functions to use a database table to store infos about config or i need to build my own provider?
View 4 Replies<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
</providers>
<properties>
<add name="FirstName"/>
<add name="LastName"/>
</properties>
</profile>
I have the code snippet above in my webconfig file. I am attempting to set the FirstName property in codebehind on a register.aspx page. Like this:
Profile.FirstName = ((TextBox)RegisterUser.CreateUserStep.ContentTemplateContainer.FindControl("FirstName")).Text;
VS says Profile is in System.Web.Profile Namespace. I then use it like this "System.Web.Profile.FirstName", but says first name does not exist in System.Web.Profile.FirstName namespace.
How do I set the property and later retrieve it?
I create custom principal for implement logic for users. In identity I store Id, Name. But it abnormally - this classes must use for authenticate and authorize.
I can implement custom MembershipUser, custom Roles and Membership provider.
How to do it? What best practices are?
I'm new to ASP.NET and I don't exactly understand some features.
I have a custom membership provider TestMembershipProvider which inherits from MembershipProvider. It has the following CreateUser method:
[Code]....
It's absolutely simple code.Then I have two text boxes (login, password) and the button to register a new user. I thas a following code:
[Code]....
[Code]....
Authentication in web.config is set like this:
[Code]....
No matter what I write into textboxes, following error is being returned:
The password retrieval question provided is invalid.
I don't know why. Either in web.config or in get RequiresQuestionAndAnswer I have false value. When I instantiate my TestMembershipProvider and call CreateUser directly instead of using static Membership.CreateUser, it works fine. Do I have to use instance of my TestMembershipProvider or did I missed anything?
I have created my custom MembershipProvider. I have used an instance of the class DBConnect within this provider to handle database functions. Please look at the code below:
public class SGIMembershipProvider : MembershipProvider
{
#region "[ Property Variables ]"
private int newPasswordLength = 8;
private string connectionString;
private string applicationName;
private bool enablePasswordReset;
private bool enablePasswordRetrieval;
private bool requiresQuestionAndAnswer;
private bool requiresUniqueEmail;
private int maxInvalidPasswordAttempts;
private int passwordAttemptWindow;
private MembershipPasswordFormat passwordFormat;
private int minRequiredNonAlphanumericCharacters;
private int minRequiredPasswordLength;
private string passwordStrengthRegularExpression;
private MachineKeySection machineKey;
**private DBConnect dbConn;**
#endregion
.......
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
if (!ValidateUser(username, oldPassword))
return false;
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true);
OnValidatingPassword(args);
if (args.Cancel)
{
if (args.FailureInformation != null)
{
throw args.FailureInformation;
}
else
{
throw new Exception("Change password canceled due to new password validation failure.");
}
}
SqlParameter[] p = new SqlParameter[3];
p[0] = new SqlParameter("@applicationName", applicationName);
p[1] = new SqlParameter("@username", username);
p[2] = new SqlParameter("@password", EncodePassword(newPassword));
bool retval = **dbConn.ExecuteSP("User_ChangePassword", p);**
return retval;
} //ChangePassword
public override void Initialize(string name, NameValueCollection config)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
......
ConnectionStringSettings ConnectionStringSettings = ConfigurationManager.ConnectionStrings[config["connectionStringName"]];
if ((ConnectionStringSettings == null) || (ConnectionStringSettings.ConnectionString.Trim() == String.Empty))
{
throw new ProviderException("Connection string cannot be blank.");
}
connectionString = ConnectionStringSettings.ConnectionString;
**dbConn = new DBConnect(connectionString);
dbConn.ConnectToDB();**
......
} //Initialize
......
} // SGIMembershipProvider
I have instantiated dbConn object within Initialize() event. My problem is that how could i dispose off this object when object of SGIMembershipProvider is disposed off. I know the GC will do this all for me, but I need to explicitly dispose off that object. Even I tried to override Finalize() but there is no such overridable method. I have also tried to create destructor for SGIMembershipProvider.
I was made a custom membership provider.
All works good. My problem is Logs.
[Code]....
[Code]....
I dont know how to get user's ip.
I tried these methods...
Dim req as httprequest
ip = req.servervariables("remote_host") 'result = nothing
Dim req as new httprequest
ip = req.servervariables("remote_host") 'result = nothing
Dim req as requestcontext
ip = req.request.servervariables("remote_host") 'result = nothing...
How i can realise my own Membership Provider for my social network example project where i want to use more extended registration with new fields?
View 3 Repliesi am planing an application that needs to handle different client logins. A user should be able to login under each clients url.The project will have a start page and multiple (database generated) client URLs.www.domain.com/ClientA www.domain.com/ClientB www.domain.com/ClientC
I failed using MVC Routes to build up such a scenario with dynamically clients so i used an MVC area for the client space:www.domain.com/clients/ClientA www.domain.com/clients/ClientB www.domain.com/clients/ClientC Is there any client support for membership providers? All i found is made for a single client environment. I would love to take advantage of the mvc buildin attributes for authentication..
When is the LastActivityDate supposed to be updated? When I click on any other pages in my web application as an authenticated user, the LastActivityDate does not get updated.
I would imagine it should be updated when a user clicks on any page, whether it be to do with membership (change password, GetUser(), etc) or not. But the examples that I have seen, seem only to update it on ValidateUser().
http://msdn.microsoft.com/en-us/library/system.web.security.membershipuser.lastactivitydate.aspx
Under Remarks, it says to do it under ValidateUser method.
When do you update the LastActivityDate? Just inside ValidateUser()?
Update: Clarified question.
Now this might just be straightforward, but I can't seem to figure it out..
I have set up the Custom Membership provider, and gave it the proper connection stuff.
What I know is that it connects to the correct database, but I know for sure that it doesn't look at the correct table.
How would I set it up to use a specific table? As the table already has users in them.
The table name is: members_info.
the column names are: member___id(key), member_name, member__pwd, member_perm
member___id => Being the Key and the account name to login with
member_name => Being the users Name or Nickname
member__pwd => 10 chars long (for now)
member_perm => holds 1 of the following values: 0) User 1)Admin 2)Banned
now I know that the later one is to be setup by the Role Provider, and I'm sure once I know how to do the membership one that one is similar in some way.
So my question is, how do I point the Custom Membership Provider to the table: members_info and to use member___id for username, members__pwd for password (and possibly get member_name out to say: Welcome {member_name}! when they login).
===
Added info.
Members__uid is the key value as it increases on each new entry.
===
Since you can't tell it to use a specific table
How can I set it up so, that it works with the tool provided in visual studio? (Website > ASP.net Configuration).
As it now says 0 users, on the security tab. I want to be able to manage the users through here too.
i'm new to the mvc framework but i used forms authentification in an asp.net webapplication. Because im forced to use Sybase SQL Anywhere server i use membership / profile / role provider from sybase.Why i can't login in the MVC Application? When i create a user via mvc web control i'm logged in. But when i logout and try to login i get a error that username or password is not correct.Maybe someone has an idea? Could it be a problem with the application name? Both have the applicationname " / " ?Both applications has these web.config entries:
[Code]....
Is there an easier/better way to access the RequestContext from within a custom Membership Provider than the following (and further, will this method even work):
[code]....
how do i create the login? I don't want to use the membership provider, I need some logic to login in the user? I can of course make all the validation of the user, the problem is to create the cookie or session
public ActionResult LogOn(string email, string password, bool? rememberMe)
{
//Create som cookie or session I can use for user login?
return null;
}
I've implemented my custom membership provider. I use third server for authentication (call web method that validates user/password). I need this user/password for retrieve some additional data from this server. Asp.net MVC uses FormsAuthentication and cookie for keep 'login state' by default. It works well when I login on site first time. But when I close and open site again sometime after, cookie keeps it 'login'but I don't have credential for access to server data. I can change cookieless attribute (to 'UseUri' for example) in configure file but in this case I should login again if I open second tab with this app in same browser.My questions:
Is way to call SingOut of FormsAuthentication (remove authentication ticket from browser) when user closes asp.net mvc app?Is secure way to pass user/password data through session? Because server is unstable and interrupt connection often and app should have possibility for silent reconnect.
For three days now I have been going from one tutorial/video/sourcecode to the other about how to create the membership-part of my website, but I am still none the wiser :S
I have been looking through this video and these tutorials on the subject, but either they are not what I am looking for or they are too advanced, that I would just write my own user-procedures like I would in classic ASP..
The standard sql membership provider is nice and all, but I really favor using my own database-logic and not drown the website/database with tables, views, stores procedures and highly custimizable features that I'll never use.. That's why I'm trying to build my own custom membership provider
I think I'm on the right track with building a class that inherits from System.Web.Security.MembershipProvider, but when I tell VS to "Implement abstract class" I already have a problem with what I'm seeing: public override string ApplicationName
I know what the applicationname is for, but I am fairly certain that I will never be using the same database for several websites for this project, so why do I need to implement that functionality?
I guess what my problem is, is that although a method like Create-/DeleteUser is handy, I would like to determine whether or notI want to implement that.. Of course the CreateUser is of need to the CreateUserWizard control, but is the ApplicationName really neccesary?
Maybe I just need a little adwise from people that have had a need of custom database-structure - that's actually all I need, I don't think I will see a need for extra functionality codewise..
I have an ASP.NET MVC web application that implements a custom membership provider. The custom membership provider takes a UserRepository to its constructor that provides an interface between the membership provider and NHibernate. The UserRepository is provided by the Ninject IoC container.
Obviously, however, this doesn't work when the provider is instantiated by .NET: the parameterless constructor does not have a UserRepository and cannot create one (the UserRepository requires an NHibernate session be passed to its constructor), which then means that the provider cannot access its data store. How can I resolve my object dependency?
It's probably worth noting that this is an existing application that has been retrofitted with Ninject. Previously I used parameterless constructors that were able to create their required dependencies in conjunction with the parametered constructors to assist unit testing.
I am working on implementing a custom membership provider that works against an existing schema in my database and have a few thoughts/questions.The login control will automatically call the ValidateUser method of the membership provider, so no matter how I implement the provider the only thing the login control cares about is the bool value returned by this method. What I am confused about is there could be numerous reasons why a login attempt failed; user is locked out, too many tries in a period of time, etc. There is no way that I see to convey that to the control so it could display the proper message. Other properties of the membership provider such as PasswordStrengthRegularExpression have absolutely no effect on the login control as well (out of the box), I would have hoped that it would automatically somehow translate into regular expression validators, but that doesn't seem to be the case. So it seems that I need to initialize the login control properties with these settings out of the provider configuration if I want them to take on the control itself.
If the only thing that the Login control does out of the box (without manually handling events and doing the initialization as described above) is call the ValidateUser method on the membership provider, I see no way to convey back to the Login control why the validation failed or even doing things like throttling the validation requests based on a certain time window. Ultimately my question is why would I even use the membership provider then in conjunction with the login control? It seems like it was only designed for a Yes/No type response, which is very restrictive. If I want to build in logic with different messages back to the user I need to handle the login control events and call my own authentication classes that will handle all of my business requirements as well as return a custom error message back to the Login control to display to the user so they know why their attempt is invalid.Unless I am wrong in my assumptions, it seems that the interface between the Login control as the membership API is too restrictive to be useful. Perhaps the API works better for other auth controls like ChangePassword better but for the actual Login control I don't see the point.
We are trying to implement Custom Role membership provider for our web app. For authorization we want to check for one more field like Facilityid for the logged on user along with role he has. eg. my User1 having Role1 with Facility1 can access some option and same user role for Facility2 have different option. So is there a way we can extend the existing role/profile provider to authorize user with this additional field along with role assigned.
View 1 Replies