Please refer to this post. I have become able to configure my web.config file so that when an unauthenticated user requests a page, he is redirected to the Login.aspx page. I have been able to do that by configuring web.config file and the following few lines of code: protected void btnLogin_Click(object sender, EventArgs e) {...
I am using asp.net forms authentication, membership provider and role provider. You can refer to this post. This post helped me to restrict access of the users to the specific areas of Web application according to their roles. But the roles are hard-coded in the Web.config file. I need to read the roles from the asp.net role provider...
I'm using ASP.NET Sitemaps with a custom Role Provider to generate a site Menu that displays available links depending on user role. This works fine if the roles don't change while a user is logged in. When the roles do change while the user is logged in, the Menu isn't automatically updated (I've checked, and the Roles.GetRolesForUser(...
Hi, I was considering using the custom MembershipProvider / RoleProviders. Unfortunately, the security layer we currently have requires some session stuff being set. So, when the IsUserInRole() method is called, the Session object is always null, due to the Session stuff being all prepopulated. Any suggestions on how I would be able t...
I need to be able to set a RoleProvider at runtime. I don't even know where it is coming from -- I am using some loosely coupled dependency injection -- so I can't even define it in the web.config file. How do I set the role provider at runtime? ...
I've built a custom RoleProvider which uses an already existing datasource (from a web service) to dtermine roles. It's written in C#, and I want to be able to compile it as a DLL so I can distribute it to others within the organisation and they can use it too. When compiling, how do I reference the web service? Currently getting this ...
I have very simple: [PrincipalPermission(SecurityAction.Demand, Role = "Administrator")] public partial class _Default : System.Web.UI.Page This works - it denies access if role is not administrator. But when it denies access, I simply get a white page (all unhandled exceptions are picked up in Global file and emailed/logged). How do ...
What I'm trying to do is the following: I want to use Custom Role Provider's role name into a sharepoint group (maybe like visitors) to restrict permissions and users resolved automatically with AD without a login page. To do that : I've created 1 sharepoint webapp and 1 extension of this webapp I've configured my 1 webapp (which zon...
I am interacting with a third party httpmodule for authentication. I implemented my custom roleprovider to interact with that. However they use a CustomPrincipal instead of the expected RolePrincipal for urlauthorization. In which event in global.asax can I hook to grab the customprincipal, instantiate a new RolePrincipal and copy over ...
I am kind of new to ASP.NET MVC, so need your help getting me through a problem: In my application the LogOn will be done using the Role of the user. I have my custom database schema (like User, Role, UserInRole etc.) and I am using my custom MembershipProvider and RoleProvider to achieve Logon. BTW I am using the MVC default Account ...
We have an ASP.NET MVC application for which we have developed our own custom RoleProvider class. Without caching it will access the datastore for every request - bad. The only caching option we can find is (in web.config) via cookies stored on the clients' machines. My two questions are: Is this secure (even with encryption enabled)? ...
I'm in need of a RoleProvider with the following functionality: Dynamic Assignment of Roles to Tasks Authentication / Authorizaiton of IPrincipals based on the dynamically allocated tasks in the system they have privilege to access Reporting showing who is currently logged in, and other common usage statistics. I'm pretty sure I'm goin...
I want to create a shared control where i want to generate markup according to the role of logged in user. TO achieve this I need to call a method in Model class. Is this a right way to do this in ASP.NET MVC as I heard that we should strictly separate out Model and Views. Please help. ...
I'm writing a setup-application for our web application. One of the tasks is to setup the database for the built-in SqlRoleProvider. I've got my script to create the database with the aspnet_regsql.exe-command, but now I've run into troubles creating default roles and user-mappings programatically. What I'd like to do: ... private clas...
Hello, I have different types of Roles to take into account when authorizing a user. For example: John must have Position Manager and be part of the Office Supplies Department to order a new computer. Problem with Roles is Roles.GetRolesForUser("John") can only return a string array. Should I go with a custom roleProvider and custo...
I recently refactored some code in an Active Directory role provider to remove support for multiple domains. In the process my integration tests broke in ways that I didn't expect. The tests do not reliably succeed unless I put significant delays between the test set up code and the code that invoked the method being tested. If I run ...
I have a custom Membership and Role Provider that I am setting up within an application. In ASP .Net Webforms I utilize the same providers and when the app is compiled and run the providers are initialized because of the references in the web.config. When I move this to MVC and put break points in my "Initialize" methods for these cl...
I need some help implementing a custom role provider in a asp.net mvc app. The problem is that I'm getting several errors like: MyRoleProvider does not implement inherited abstract member 'System.Web.Security.RoleProvider.RoleExists(string) I get the same error for other methods. However, I do have implementations for those... My we...
I'm developing an ASP.NET system that has two different 'tiers' of roles. The main tier will use Active Directory groups to determine membership, while the second tier will use a database. All users will have a tier-1 AD role, but not all users will have a tier-2 database role. I know I can use the AspNetWindowsTokenRoleProvider to mana...
I'm using WindowsTokenRoleProvider to determine Active Directory group membership in an ASP.NET web application. My problem is that performance is not good, especially when a user is in many groups. As an example, I am in 253(!) groups, and WindowsTokenRoleProvider is taking around 150 seconds to determine what groups I am in. I know I...