roleprovider

When do asp.net role providers live and die?

I am working with a custom role provider in asp.net and it appears that once the provider is loaded into memory, it doesn't drop out of memory until the web application is restarted (like when the web.config file is changed and saved). Further, all of the requests to that web application seem to utilize the one instance of the role provi...

Setting ASP.Net Role Provider Programmatically

I have a requirement for multiple Role Providers per website. What I'm not seeing is if/how to tell ASP.Net which provider to use (similar to the membership provider property on the login controls). I have a feeling that since this is done (I beleive) in an HTTP Module the role check may be occuring before the page life cycle ever begi...

How can I allow a user to assign different site functions to different roles in an asp.net role provider?

I am debating on whether or not to write my own authentication class. It's almost done but I think it could be better to use a role provider (either custom or the default.) I know you can assign users to roles, and then display info to the user based upon the current role. But what if you want to assign permission based upon a task? For ...

Asp .Net MVC with Windows Authtication and SQL Server Role Based Provider

Did anybody make MVC + Windows Auth + SQL Server role based provider work on IIS 7.0? Any pointers will be helpful. ...

To what extent does my custom sql role/membership provider have to conform to the samples?

I'm using the membership and role provider code from the Microsoft SQLProvider and SQLRoleProvider samples, and I'm getting a little overwhelmed with exactly how I can integrate my own schema into the source. The GetAllUsers method, for example, loads data from specific tables in the ASP.NET database and puts them into a very specific d...

Where does Web.HttpContext.Current.User.Identity.Name come from?

I have FormsAuthentication.SetAuthCookie("someName", True) as part of my custom login sequence. Later, I have some page only allowing a specific role: <location path="myPage.aspx"> <system.web> <authorization> <allow roles="SomeRole"/> <deny users="*"/> </authorization> </system.web> ...

Does the asp.net RoleManager really cache the roles for a user in a cookie if so configured?

In my web.config I have the Role Manager configured as follows: <roleManager enabled="true" cacheRolesInCookie="true" cookieName=".ASPROLES" cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All"> however in our custom RoleProvider it would seems that the GetRolesForUser meth...

Custom RoleProvider: Can't insert record in UsersInRole Table

Hi, I have implemented a LINQ to SQL based RoleProvider, when I assign role to a user following exception is thrown while AddUsersToRoles method is called. I have defined a composite primary key userid & roleId on this table, it still throwing this exception: Can't perform Create, Update or Delete operations on 'Table(UsersInRole)'...

Why would this catch all block not in fact catch all

The code is fairly simple --- the issue is that there is an invalid character in the groupPath string (a '/' to be exact). What I'm trying to do (at least as a stop gap) is skip over DirectoryEntries that I can't get the cn for --- regardless of why. However when I run this code the catch block doesn't run and I get instead: The server...

Sitemap security trimming using roles attributes only, and not allow/deny rules elsewhere.

I am aware that the tag has the "roles" attribute to make up for the nodes that don't have the "url" attribute, which can be resolved in other ways. I'm not interested in these other ways, though, I'd like to have all my permissions set in my sitemap file. How to accomplish this? I'm using custom RoleProvider, custom MembershipProvider...

Roles.GetRolesForUser() results are cached

When I run Roles.GetRolesForUser("username") the roles are returned correctly, however if I add a user into a role in AD, the result does not show up until I log the user out of their system, and have them log back in. Is there any way to make the system re-check each time? ...

Unit testing custom RoleProvider with Moq?

I created a custom RoleProvider in a custom library. I would like to unit test it. Via Moq I created a fake HttpContextBase. How to pass this to the to be tested RoleProvider? The Identity is a custom test implementation class. This works fine. I only don't know how to pass in the fake context in my provider. This is not an MVC applicat...

ASP.NET security trimming problem no fine grained control possible?

I have this sitemap: <?xml version="1.0" encoding="utf-8" ?> <siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0"&gt; <siteMapNode> <siteMapNode url="www.google.com" title="Google" roles="*" /> <siteMapNode url="www.zdnet.com" title="Zdnet" roles="NonExistingRole" /> <siteMapNode url="www.microsoft.com" ti...

Difference between Roles.GetRolesForUser and Roles.Provider.GetRolesForUser?

I am using Windows authentication and don't have a custom membership. However I do have a custom role provider and turned it on. However, what about the < authorization /> element in the web.config? Do I need to do something with that as well? At the moment I can't get use Roles.GetRolesForUser("") method (returns nothing) but have to d...

Accessing authorization information in web.config

I'm writing a custom role provider and I need programmatic access the authorization information stored in the web.config. Certain section of the site are only accessible by certain roles. I would like to find out which roles can access a page and/or which page a certain role can access. I can't seem to figure this one out. ...

ASP.NET: retrieving authorised roles for a page

I have an ASP.NET site that uses a custom role provider to determine authorisation for different parts of the site. I have configured the authorised roles for different parts of the site in web.config. If a user is not in a particular role, I'd like to be able to inform them which role they require to be able to access that part of t...

ASP.NET MVC redirect to an access denied page using a custom role provider

Hi! I'm creating a custom role provider and I set a Authorize attribute specifying a role in my controller and it's working just fine, like this: [Authorize(Roles="SuperAdmin")] public class SuperAdminController : Controller ... But when an user doens't have access to this controller, he's redirected to login page. How can I redirect...

Are there any good XmlMembershipProvider and XmlRoleProvider implementations out there that can be used for Commercial purposes?

Does anyone know of any good XmlMembershipProvider and XmlRoleProvider classes that are able to be used for commercial purposes, royalty free? I know that BlogEngine.NET uses an XmlMembershipProvider and XmlRoleProvider, but it's covered under the Microsoft Recipricol License which states that you have to provide your users/customers th...

Is it possible to use ASP.NET MembershipProvider/RoleProvider in self-hosted WCF services?

I am trying to use custom ASP.NET MembershipProvider and RoleProvider to handle security for my service. The service is self-hosted in a console app, not in IIS. I use webHttpBinding with Basic Authentication. I configured serviceCredentials and serviceAuthorization to use providers. Providers really get initialized. But WCF seems to ig...

asp.net's Obscure Role Provider

Plz refer to this previous post of mine. I have studied asp.net's membership provider. Now I need to study how to use asp.net's Role Provider facility in combination with Forms Authentication. I did study MSDN's Role Provider topic. It was not helpful for beginners as usual. I have also searched Google. That was also a failure. Can ...