membership-provider

Why membership provider is not generic?

I have to confess that I hate membership provider. The default implementation is not very appropriate normally and I haven't seen so far a good implementation of a custom membership provider, probably because this is not possible :-) So the question is: In your opinion: which are the reasons for not having membership/role provider as a...

Asp.net override Membership settings at runtime (asp.net mvc)

I had an application that hooked onto 1 single database. The app now needs to hook into multiple databases. What we want to do is, using the same application/domain/hostname/virtual dir give the user the option on the login screen to select the "App/Database" they want to connect into. Each database has the App tables/data/procs/etc a...

How to dispose off custom object from within custom membership provider

I have created my custom MembershipProvider. I have used an instance of the class DBConnect within this provider to handle database functions. Please look at the code below: public class SGIMembershipProvider : MembershipProvider { #region "[ Property Variables ]" private int newPasswordLength = 8; private string connectionS...

Provider information is not pulling from the MVC project's Web.Config

I'm working on branching my services of my MVC solution to a separate project, which includes a MembershipProvider wrapper. The problem is that when doing my unit testing, the provider information being used isn't coming from the MVC project's Web.Config file (e.g. the connection string), but some default settings. I have the feeling, th...

deny custom role

how can i deny access to call method. something like this [HandleError] [Authorize(Roles = "role1, role2")] public class AdminController : Controller { [Deny(Roles = "role2")] public ActionResult ResultPage(string message) { ViewData["message"] = message; return...

protecting non .aspx pages with Asp.net Membership provider

I'm currently using the asp.net membership provider (with logins stored in db) to protect certain pages of my site. However, I also have non .aspx resources I wish to protect - word docs, excel spreadsheets, pdfs, etc. Is this even possible? If so how would I go about doing this? thanks! ...

ASP.NET Membership C# - How to compare existing password/hash

I have been on this problem for a while. I need to compare a paasword that the user enters to a password that is in the membership DB. The password is hashed and has a salt. Because of the lack of documentation I do not know if the salt is append to the password and then hashed how how it is created. I am unable to get this to match. Th...

Is a .Net membership database portable, or are accounts somehow bound to the originating Web site or server?

I have an ASP.Net Web site using .Net Membership with a SQL Server provider, so the users and roles are stored in the SQL tables created by Aspnet_regsql.exe. Is this architecture totally self-contained and portable, or are users in it somehow bound to the specific Web site on which they create their account? Put another way, if we cre...

ASP.NET Membership ChangePassword control - Need to check for previous password

Hi guys, I have a new table that hold old passwords, I need to check if there is a match. If there is a match I need the ChangePassword contol to NOT change the password. I need to tell the user that this password was used and pic a new one. I can't seem to be able to interrupt the control from changing the password. Maybe I am using...

ASP.NET Membership - Retrieve Password and PasswordSalt from Membership Table - Hash UserID

Hello, I am so close to get this project done. I need to retrieve the password and passwordSalt from my Membership table to compare it to my 'OldPasswords' table. The problem is the Membership provider does not let me use the GetPassword method because the password is hashed. And I can not retrieve it in a normal sqlConnection because...

How to fine tune a Membership Provider?

After all the answers to my last question about fine-tuning turned out to be more useful than I expected, I thought that I would ask another similar Question about the MembershipProviders as well. Okay, so firstly, to clarify: I know what a Membership, Role, and Profile provider is, how to implement my own, and how to configure them, an...

ASP.Net MVC per area membership

I am building an ASP.Net MVC app that will run on a shared hosting account to host multiple domains. I started with the default template that includes membership and created an mvc area for each domain. Routing is set up to point to the correct area depending on the domain the request is for. Now I would like to set up membership speci...

Membership - get user email

I am using ASP.Net MVC2 with the default membership/profile/role providers, I'd like to access the user email in my ForgotPassword Action to email a new password to the user, but so far I've only been able to get the username (User.Identity.Name). Am I missing something here? ...

Error: Only LDAP Connection Strings are Supported against Active Directory

I have the following ASP.NET Membership section defined in the Web.config file: <membership defaultProvider="AspNetActiveDirectoryMembershipProvider"> <providers> <clear/> <add connectionStringName="ADService" connectionUsername="umanage" connectionPassword="letmein" enablePasswordReset="true" enableSearchMethods="true" ...

asp.net membership provider api. usability. best-practice

Hello everybody, Membership/Role/Profile providers API appeared in early days of asp.net Nearly everytime I can't live with standard API & have to add some extra functionality (for sorting, retrieving e.t.c.). I also have to use different database structure often (with foreign key to some tables for example) or think about performance...

ASP.NET MVC2 Implementing Custom RoleManager problem

To create a custom membership provider I followed these instructions: http://stackoverflow.com/questions/2771094/asp-net-mvc2-custom-membership and these: http://mattwrock.com/post/2009/10/14/Implementing-custom-Membership-Provider-and-Role-Provider-for-Authinticating-ASPNET-MVC-Applications.aspx So far, I've managed to implement custo...

ASP CreateUserWizard Membership provider registration user validation

Im a newbie to the world of ASP and C#, I have just created my first Registration form using the CreateUserWizard Membership Provider and set up the validators which work great, Appart from the "Username". If the user name is taken the page simply refreshes and no error appears would be realy greatfull if somone could point out where I m...

Using ProviderBase for Membership Provider

Is it possible to simply inherit from ProviderBase to write a MembershipProvider, instead of inhering from System.Web.Security.MembershipProvider? There's just so much junk in the default one, we really want something much, much simpler. ...

How to Display Validation Error Messages on an ASP.NET MVC Page?

I am pretty new to ASP.NET and C# I have spent the day learning the basics of the ASP.NET Membership provider I have built all my validator but are getting stuck at outputting my error message on the page. private void LogCreateUserError(MembershipCreateStatus status, string username) { string reasonText = status.ToString(); s...

Security approach in web application

Hello everyone. I am designing a web application in ASP.NET / C# where each registered user has the ability to add/modify/delete rows based on their user-id. Take this example: I am going to edit my route on the page /route.aspx?routeid=854 which belongs to me (user-id: 1). But because I am a curious guy I try to access /route.aspx?...