Security :: Insert Previous Users Into Membership Tables
Mar 10, 2011
I'm trying to do a bulk insert of data into the aspnet_Membership table. I have existing records from a previous version of the system I am re-building in asp.net. I've been researching and asking questions, but I am still missing something. What is the best way to do this? I believe I need to grab my previous table and iterate over each record and insert into the new membership table via the Membership.CreateUser method. So far I have been unable to make it work. My code so far in the on click event of a button is below.
using System.Data.SqlClient; [code]....
I had to upgrade a sites ecuroty from a custom system to .net membership. I created all the users like this.
ds = Wservices.SelectBulkUsers() If Not ds Is Nothing AndAlso Not ds.Tables(0) Is Nothing AndAlso ds.Tables(0).Rows.Count > 0 Then For Each dr In ds.Tables(0).Rows username = dr("username") password = dr("password") role = dr("SecurityClearance") email = dr("email") Dim newUser As MembershipUser = Membership.CreateUser(username, password, email, "", "", True, status) Select Case role Case "1" Roles.AddUserToRole(username, "normal user") Case "2" Roles.AddUserToRole(username, "administrator") Case "3" Roles.AddUserToRole(username, "super administrator") End Select If newUser Is Nothing Then errorMsg = username & " - " & status.ToString & "<br />" End If Next litResult.Text = errorMsg End If
I thought everything was fine and then went through the labourious task of replacing all the usersids used a as a foreign key in all the tables. It was only after doing this and trying to log on I couldnt, and noticed the membership table was empty. I assumed (stupidly) as it had done the users/ roles it must have done the membership. As I have already re-assigned the old user ids I dont want to import again as the userid will chnage. So my question is: Can I create a membership for each of the users in my aspnet_users table? I have the passwords etc in varchar fields at min from old table.
I'm creating a new middle tier where all of our client calls will go through a WCF service. We're using ASP.NET membership with the service in order to authenticate users. The middle tier will be hitting an existing database in which we already have an InetUsers table containing usernames and passwords.This is where it starts to get messy. This new middle tier will be used by our web application, but not by our existing desktop application, which will - until we rewrite it at some point in the future - be using the old COM+ middle tier. Administration of the users for the web application takes place in the desktop application. In other words, users will be created and passwords set and changed from within the desktop application, which in turn hits the already existing InetUsers table.Ideally, what will happen is when we deploy the new middle tier, we'll take all of the users from the InetUsers table and create records for them in aspnet_Users and aspnet_Membership. Then we'll set a trigger on the InetUsers table to keep aspnet_Users and aspnet_Membership up-to-date.There's a whole bunch of questions wrapped up in this, so I'll try and list them all out here:Is this the right approach? Obviously having this data in two places isn't ideal, but bear in mind here that I'm not the final decision maker here and we're kinda stuck with some legacy stuff here, at least for now. Still - maybe there's a better way.In the same vein - would we be better off coding our own membership provider rather than using the SqlMembershipProvider? How difficult/easy is it to do so?If we use this approach, I plan on using the aspnet_Membership_XXXX stored procedures for the initial population of the tables as well as in the triggers. Having done some research into this, it appears that if I want to call aspnet_Membership_CreateUser directly from SQL (ie in a trigger...) rather than using the API, I have to store clear text passwords since I can't get the salt and the hash right otherwise. Is this true?Does any of this even make sense or am I going about this the wrong way to begin with?
i have Login membership, also have table with database address, with columns: UserId, Address, City, etc... How given the user login,show data after the user login with another database table address (UserId) .
Lets say that I have a database set up with a load of info in it and I decide I want to add the membership and roles functionality to my site but my hosting provider makes me pay for each database I use. I don't want to pay for another db, so how do I set it up so that instread of creating membership and roles tables in the the aspnetdb database, it creates them in my existing database?
I want to rename aspnet_application table and its columns. 1- Does membership framework allow me to do that ?2- Will there be any problem in accessing System.Web.Security functions ?3- I have to change procedures and functions etc ?
After running the aspnet_regsql.exe tool, i notice a bunch of different tables pertaining to the ASPNET security (e.g. aspnet_Applications, aspnet_Membership, aspnet_Paths, aspnet_Personalations, aspnet_Profile, aspnet_Roles, aspnet_SchemaVersion, aspnet_Users, aspnet_UsersInRoles). Do the different providers (AspNetSqlMembershipProvider, AspNetSqlProfileProvider, AspNetSQLRoleProvider) relate or associated with certain aspnet_xyz tables? I imagine the AspNetSQLProfileProvider is responsible for the aspnet_Profile table correct? The AspNetSQLRoleProvider probably is tied to the aspnet_Users, aspnet_Roles, aspnet_UsersInRoles table? Any links documenting the relationship between teh providers and the aspnet_xyz tables?
The following code is used to add the asp membership tables to an already existing database instead of creating a seperate database for membership and having two databases in the application.
aspnet_regsql.exe -S .SQLEXPRESS -U username -P password -d databsename -A all
It works fine by adding the membership tables to the existing database that is located in the c drive, program files sqlserver folder.
But my database however is not in the c drive but located in my asp website app_data folder, so the above code does not give any error and the tables are not added after I run it. how can I now add the membership tables using the above code when my database is located in the website app_data folder,
I have been diligently learning all about the asp.net membership framework and have a test site running it all. However, during my testing, it became apparent that deleting users would be useful. I can delete users from the "aspnet_users" & "aspnet_Membership" tables simply by right-clicking on the table in server explorer, selecting "show table data", highlight the rows and press delete!!
However, this is a pain and I would much rather do this properly from code behind.
I have found out that the membership schema supplies a large number of "stored procedures" including "Delete_Users" however, when I execute this one manually, I have no idea what the last two parameters are (number of tables and something else from memory - the first two "application name" and "username" are easy to copy in to the dialog.
show me a sample set of VB code that I can use behind a "Delete User" button on my webform including how I supply the parameters. I have set up a drop down list box from teh "aspnet_users" table which displays the "UserName" and has as the SelectedValue "UserId".
I used [URL] as a guide and have something configured to show me the users which are logged into the system. This uses the aspnet_Users.LastActivityDate column to see when someone last did something on the system. It also uses the userIsOnlineTimeWindow within the web.config to determine whether a user is online or not.
But because of this userIsOnlineTimeWindow limitation of .NET, even when someone logs out of the system or closes their browser window, the system still sees them as being online. Also, if they are on a page and don't do anything for 10 minutes, the system will show them offline until they refresh their page or go to another page. know of a better, more real-time way to tracking users which are logged in, logged out, etc?
I don't want to wait 10 minutes for the system to show that a user is offline and also if there's 10 minutes of inactivity, it shows them being offline.
I have set up Membership and Roles and can create users and login using the ASp Login control. However I need to associate users with customers (in a Customers table in the database) and display content according to the customer that the user belongs to. Is the best way of doing this to create a foreign key field in the aspnet_Users table relating back to Customers table which would have to be updated manually after creating the user or is there a better way?
I'm have a doubt using membershipuser to create users in the AD with Membership.CreateUser Method, does any one knows how can i send other attibutes to the AD, such as First Name and Last Name?, besides those ones: username
I need to authenticate users based on three parameters such as username, password and officename instead of just username and password. User name is unique only across the single office and not across the application.
Can I achieve this using Membership class and if yes do I need to write any custom code for that?
I had created a Membership ASP.NET 3.5 website and selected the Forms authentication. Therefore, I created several users with related information into the ASPNETDB database. Yesterday, I changed the website security to Windows authentication.
This morning, when reviewing the ASPNETDB data for another website, I still can see those Membership Forms users and their ApplicationIDs in the aspnet_Users and aspnet_membership tables. How can I delete those Forms users?
Another question: In aspnet_Applications table, I can see the ApplicationName (e.g. /WebPartsDemo) for the Web Parts websites. I have 2 ApplicationIDs in the aspnet_Membership table. I can not see only one ApplicationID in the aspnet_Applications table, but with an empty ApplicationName, i.e. / only.
Do I miss something when creating the Membership website? What is the ApplicationName for the Membership website?
I have the requirement to export all my users and custom profile properties to an excell spreadsheet but i can find a way to do it. I have found several exampls of how to export the Profile information eg(
I've created a membership system based on asp.net 2. There are other tables that store user information, such as emails sent etc. I've created a users table based on the TableProfileProvider. My question is concerning deleting the member
Is it OK to delete the member from the aspnet_membership table and roles related tables using Membership.DeleteUser, though keep all the custom tables and the information including the information in the Users table created by the TableProfileProvider? or can you foresee problems?