C# - Login Control And Custom Membership Provider?

Oct 11, 2010

I am working on implementing a custom membership provider that works against an existing schema in my database and have a few thoughts/questions.The login control will automatically call the ValidateUser method of the membership provider, so no matter how I implement the provider the only thing the login control cares about is the bool value returned by this method. What I am confused about is there could be numerous reasons why a login attempt failed; user is locked out, too many tries in a period of time, etc. There is no way that I see to convey that to the control so it could display the proper message. Other properties of the membership provider such as PasswordStrengthRegularExpression have absolutely no effect on the login control as well (out of the box), I would have hoped that it would automatically somehow translate into regular expression validators, but that doesn't seem to be the case. So it seems that I need to initialize the login control properties with these settings out of the provider configuration if I want them to take on the control itself.

If the only thing that the Login control does out of the box (without manually handling events and doing the initialization as described above) is call the ValidateUser method on the membership provider, I see no way to convey back to the Login control why the validation failed or even doing things like throttling the validation requests based on a certain time window. Ultimately my question is why would I even use the membership provider then in conjunction with the login control? It seems like it was only designed for a Yes/No type response, which is very restrictive. If I want to build in logic with different messages back to the user I need to handle the login control events and call my own authentication classes that will handle all of my business requirements as well as return a custom error message back to the Login control to display to the user so they know why their attempt is invalid.Unless I am wrong in my assumptions, it seems that the interface between the Login control as the membership API is too restrictive to be useful. Perhaps the API works better for other auth controls like ChangePassword better but for the actual Login control I don't see the point.

View 3 Replies


Similar Messages:

MVC :: Custom Login With NHibernate - Use The Membership Provider

Aug 5, 2010

how do i create the login? I don't want to use the membership provider, I need some logic to login in the user? I can of course make all the validation of the user, the problem is to create the cookie or session

public ActionResult LogOn(string email, string password, bool? rememberMe)
{
//Create som cookie or session I can use for user login?
return null;
}

View 2 Replies

Security :: Login Controls And Custom Membership Provider?

Oct 11, 2010

I am working on implementing a custom membership provider that works against an existing schema in my database and have a few thoughts/question.The login control will automatically call the ValidateUser method of the membership provider, so no matter how I implement the provider the only thing the login control cares about the bool value returned by this method. What I am confused about is there could be numerous reasons why a login attempt failed; user is locked out, too many tries in a period of time, etc. There is no way that I see to convey that to the control so it could display the proper message. Other properties of the membership provider such as PasswordStrengthRegularExpression have absolutely no effect on the login control as well (out of the box), I would have hoped that it would automatically somehow translate into regular expression validators, but that doesn't seem to be the case. So it seems that I need to initialize the login control properties with these settings out of the provider configuration if I want them to take on the control itself.

If the only thing that the Login control does out of the box (without manually handling events and doing the initialization as described above) is call the ValidateUser method on the membership provider, I see no way to convey back to the Login control why the validation failed or even doing things like throttling the validation requests based on a certain time window. Ultimately my question is why would I even use the membership provider then in conjunction with the login control? It seems like it was only designed for a Yes/No type response, which is very restrictive. If I want to build in logic with different messages back to the user I need to handle the login control events and call my own authentication classes that will handle all of my business requirements as well as return a custom error message back to the Login control to display to the user so they know why their attempt is invalid.

Unless I am wrong in my assumptions, it seems that the interface between the Login control as the membership API is too restrictive to be useful. Perhaps the API works better for other auth controls like ChangePassword better but for the actual Login control I don't see the point.

View 1 Replies

Security :: Manual Login Control Using Membership Provider Script

Feb 1, 2010

I am using manual Login using asp membership provider. which is working fine

Here is the code

[Code]....

1. Remember me check box

2. Exception handling incase account is locked or was the id and passwod incorrect how do i find that out.

View 4 Replies

.net - Using The String Resources Of Membership Provider In A Custom Control?

Mar 15, 2010

I have the request to build a custom control for ASP.NET membership. The control is a kind of CreateUserWizard, but somewhat special. The users are created by our account executives. At their first log in the users enter their user name and initial password, change the password and enter additional information (email) in one transaction!

Building this by customizing CreateUserWizard or another built-in control seems to be the wrong way. I want to build a custom control by using string resources of the built-in controls. Is there a way to access just the resources of ASP.NET membership? Is their a public accessible resource manager or something similar?

View 1 Replies

VS 2008 Implement Custom Role Provider And Membership Provider

Sep 27, 2010

I have watched the how to video on Creating a Custom Membership provider. So far it works great. My login control interacts well with it etc. Now i've created a Custom Role Provider. I've created a class that inherits the RoleProvider base class and i've added code to each Sub. My question is, what is the best way to implement the role provider, considering I get the Roles etc from the database?

View 11 Replies

Security :: Implement custom Role Provider And Membership Provider?

Dec 1, 2010

i have implemented custom role provider and membership provider .

login page : SignIn.aspx

on successful login it redirects to (index-Homepage.aspx)

now PROBLEM is when it successfully logged in ,and redirects to 'index-Homepage.aspx' it gives Anornymoustemplate ..while its verifying the role correctly in index-Homepage.aspx.cs

View 1 Replies

Security :: Custom Membership Provider Error "Could Not Load Type Custom.AspNet.Membership.PostPropertyProvider"

Jan 5, 2011

This is my first membership provider; I converted the sample provider [URL] to SQL. I created a vb class provider and put it into the App_Code folder. After it was created I tried to modify my webconfig but the error pops up. I don't know what else to try, I don't know if I have missed something

webconfig:

[code]....

View 1 Replies

Security :: Big Extension Of Membership Provider - Should Use A New Custom Provider

Mar 27, 2010

i'm building an application and i need to manage roles, users and more things so i tought to use the membership provider but i have some questions about it: can i full extend it and can i override the functions to use a database table to store infos about config or i need to build my own provider?

View 4 Replies

Custom .Net Membership And The Login Control?

Mar 16, 2010

I am creating a custom membership provider for a web app that already has it's users stored in an existing database table. I used some code from a tutorial to help jump start my provider but I am a bit lost on how i can interact with the actual log in process.My custom provider has an override method for ValidateUser() and at the moment I am just returning true there. But I want to create a current user object to store in session scope. This object will just store some specifics about the user.

I guess another option would be to use the ASP.Net profile provider but again I am not clear on where to hook into log in process to run some code that would either create this user object or populate the profile information for the current user.

View 2 Replies

Net SQL Membership Provider Custom Provider Property

Dec 16, 2010

<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
</providers>
<properties>
<add name="FirstName"/>
<add name="LastName"/>
</properties>
</profile>

I have the code snippet above in my webconfig file. I am attempting to set the FirstName property in codebehind on a register.aspx page. Like this:

Profile.FirstName = ((TextBox)RegisterUser.CreateUserStep.ContentTemplateContainer.FindControl("FirstName")).Text;

VS says Profile is in System.Web.Profile Namespace. I then use it like this "System.Web.Profile.FirstName", but says first name does not exist in System.Web.Profile.FirstName namespace.

How do I set the property and later retrieve it?

View 3 Replies

Security :: Can Implement Custom MembershipUser/custom Roles And Membership Provider

Oct 13, 2010

I create custom principal for implement logic for users. In identity I store Id, Name. But it abnormally - this classes must use for authenticate and authorize.

I can implement custom MembershipUser, custom Roles and Membership provider.

How to do it? What best practices are?

View 5 Replies

Security :: Custom Membership Provider With Custom Controls?

Mar 21, 2010

I'm new to ASP.NET and I don't exactly understand some features.

I have a custom membership provider TestMembershipProvider which inherits from MembershipProvider. It has the following CreateUser method:

[Code]....

It's absolutely simple code.Then I have two text boxes (login, password) and the button to register a new user. I thas a following code:

[Code]....

[Code]....

Authentication in web.config is set like this:

[Code]....

No matter what I write into textboxes, following error is being returned:

The password retrieval question provided is invalid.

I don't know why. Either in web.config or in get RequiresQuestionAndAnswer I have false value. When I instantiate my TestMembershipProvider and call CreateUser directly instead of using static Membership.CreateUser, it works fine. Do I have to use instance of my TestMembershipProvider or did I missed anything?

View 1 Replies

C# - Dispose Of Custom Object From Within Custom Membership Provider?

Apr 16, 2010

I have created my custom MembershipProvider. I have used an instance of the class DBConnect within this provider to handle database functions. Please look at the code below:

public class SGIMembershipProvider : MembershipProvider
{
#region "[ Property Variables ]"
private int newPasswordLength = 8;
private string connectionString;
private string applicationName;
private bool enablePasswordReset;
private bool enablePasswordRetrieval;
private bool requiresQuestionAndAnswer;
private bool requiresUniqueEmail;
private int maxInvalidPasswordAttempts;
private int passwordAttemptWindow;
private MembershipPasswordFormat passwordFormat;
private int minRequiredNonAlphanumericCharacters;
private int minRequiredPasswordLength;
private string passwordStrengthRegularExpression;
private MachineKeySection machineKey;
**private DBConnect dbConn;**
#endregion
.......
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
if (!ValidateUser(username, oldPassword))
return false;
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true);
OnValidatingPassword(args);
if (args.Cancel)
{
if (args.FailureInformation != null)
{
throw args.FailureInformation;
}
else
{
throw new Exception("Change password canceled due to new password validation failure.");
}
}
SqlParameter[] p = new SqlParameter[3];
p[0] = new SqlParameter("@applicationName", applicationName);
p[1] = new SqlParameter("@username", username);
p[2] = new SqlParameter("@password", EncodePassword(newPassword));
bool retval = **dbConn.ExecuteSP("User_ChangePassword", p);**
return retval;
} //ChangePassword
public override void Initialize(string name, NameValueCollection config)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
......
ConnectionStringSettings ConnectionStringSettings = ConfigurationManager.ConnectionStrings[config["connectionStringName"]];
if ((ConnectionStringSettings == null) || (ConnectionStringSettings.ConnectionString.Trim() == String.Empty))
{
throw new ProviderException("Connection string cannot be blank.");
}
connectionString = ConnectionStringSettings.ConnectionString;
**dbConn = new DBConnect(connectionString);
dbConn.ConnectToDB();**
......
} //Initialize
......
} // SGIMembershipProvider

I have instantiated dbConn object within Initialize() event. My problem is that how could i dispose off this object when object of SGIMembershipProvider is disposed off. I know the GC will do this all for me, but I need to explicitly dispose off that object. Even I tried to override Finalize() but there is no such overridable method. I have also tried to create destructor for SGIMembershipProvider.

View 2 Replies

Custom Server Controls :: Get IP With Custom Membership Provider?

Feb 7, 2011

I was made a custom membership provider.

All works good. My problem is Logs.

[Code]....

[Code]....

I dont know how to get user's ip.

I tried these methods...

Dim req as httprequest
ip = req.servervariables("remote_host") 'result = nothing
Dim req as new httprequest
ip = req.servervariables("remote_host") 'result = nothing
Dim req as requestcontext
ip = req.request.servervariables("remote_host") 'result = nothing...

View 2 Replies

Custom Membership Provider For Asp.net Using C#?

Jun 11, 2010

How i can realise my own Membership Provider for my social network example project where i want to use more extended registration with new fields?

View 3 Replies

MVC And Custom Membership Provider?

Mar 22, 2011

i am planing an application that needs to handle different client logins. A user should be able to login under each clients url.The project will have a start page and multiple (database generated) client URLs.www.domain.com/ClientA www.domain.com/ClientB www.domain.com/ClientC
I failed using MVC Routes to build up such a scenario with dynamically clients so i used an MVC area for the client space:www.domain.com/clients/ClientA www.domain.com/clients/ClientB www.domain.com/clients/ClientC Is there any client support for membership providers? All i found is made for a single client environment. I would love to take advantage of the mvc buildin attributes for authentication..

View 2 Replies

Security :: Membership Provider Changes After Successful Login?

Nov 8, 2010

I have a site in which I'm intending to use multiple membership providers. I'm using my own custom membership provider to provide access to several data stores depending on the section in which the user's information resides.

The actual login functions correctly using the built-in ASP.NET Login component in which I've manually specified the membership provider it should validate against. When I run a trace on it's actions, I can see that it attempts the 'validateuser' against the correct data store and continues to redirect the user to their applicable section.

The problem is that once they are logged in and the site (or I) call 'GetUser' to get the users information or permissions, the membership provider reverts to the site's default provider.

In my custom membership provider I'm only overriding the methods for GetUser and Validate user which is working perfectly fine for a singular membership provider, but not when using a different provider.

How can I ensure that the correct membership provider is retained with the user's membership details? Is there a method that I need to override/append in order to achieve what I'm looking for?

View 1 Replies

LastActivityDate Custom Membership Provider

Feb 12, 2010

When is the LastActivityDate supposed to be updated? When I click on any other pages in my web application as an authenticated user, the LastActivityDate does not get updated.

I would imagine it should be updated when a user clicks on any page, whether it be to do with membership (change password, GetUser(), etc) or not. But the examples that I have seen, seem only to update it on ValidateUser().

http://msdn.microsoft.com/en-us/library/system.web.security.membershipuser.lastactivitydate.aspx

Under Remarks, it says to do it under ValidateUser method.

When do you update the LastActivityDate? Just inside ValidateUser()?

Update: Clarified question.

View 1 Replies

C# - 4 Custom Membership Provider Tables

Apr 3, 2011

Now this might just be straightforward, but I can't seem to figure it out..

I have set up the Custom Membership provider, and gave it the proper connection stuff.
What I know is that it connects to the correct database, but I know for sure that it doesn't look at the correct table.

How would I set it up to use a specific table? As the table already has users in them.

The table name is: members_info.

the column names are: member___id(key), member_name, member__pwd, member_perm

member___id => Being the Key and the account name to login with
member_name => Being the users Name or Nickname
member__pwd => 10 chars long (for now)
member_perm => holds 1 of the following values: 0) User 1)Admin 2)Banned


now I know that the later one is to be setup by the Role Provider, and I'm sure once I know how to do the membership one that one is similar in some way.

So my question is, how do I point the Custom Membership Provider to the table: members_info and to use member___id for username, members__pwd for password (and possibly get member_name out to say: Welcome {member_name}! when they login).

===

Added info.
Members__uid is the key value as it increases on each new entry.

===

Since you can't tell it to use a specific table

How can I set it up so, that it works with the tool provided in visual studio? (Website > ASP.net Configuration).

As it now says 0 users, on the security tab. I want to be able to manage the users through here too.

View 1 Replies

C# - How To Create A Custom Membership Provider For MVC 2

May 5, 2010

How do I create a custom membership for ASP.NET MVC 2 based on the ASP.NET membership provider?

View 5 Replies

Security :: MVC With Custom Membership-Provider?

Oct 27, 2010

i'm new to the mvc framework but i used forms authentification in an asp.net webapplication. Because im forced to use Sybase SQL Anywhere server i use membership / profile / role provider from sybase.Why i can't login in the MVC Application? When i create a user via mvc web control i'm logged in. But when i logout and try to login i get a error that username or password is not correct.Maybe someone has an idea? Could it be a problem with the application name? Both have the applicationname " / " ?Both applications has these web.config entries:

[Code]....

View 3 Replies

Security :: MemberShip Provider - Lock On The Page Login?

Jan 6, 2011

I have a problem with a login module in my website.

I use a membership provider custom on my website.

My login page is the default page. When I go in [URL](the root) I see my login page.

When I try to connect with my user and password, I'm not redirect to my url destination and reload the login page.

BUT if I go in the url : [URL] (my login page), I'm correctly redirect to my secure page.

Are you a idea of my problem ?

I use Visual Studio 2010 with framework 4.0, and IIS 7.5

my web.config :

[Code]....

View 5 Replies

Security :: How To Create A Custom Membership Provider

Mar 29, 2010

My question relates to membership providers. I have two websites that run on two different servers. One website is a community website that uses Telligent community server 2007. The other is a website that contains information. I have a form where users can request more information. What I would like to do is when a user requests more information, automatically create a user account in my community website. I was told that I can create a custom asp.net membership provider that will create a new user account in my community website. I have read some info at msdn and asp.net websites, but I am still unclear as to how I can create a custom membership provider that will work across different websites running on different servers.

View 1 Replies

Access The RequestContext From Within A Custom Membership Provider

Jan 13, 2011

Is there an easier/better way to access the RequestContext from within a custom Membership Provider than the following (and further, will this method even work):

[code]....

View 1 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved