I've implemented my own Authorize attribute, and I notice that it queries to check permissions when I use [Authorize]. Is there any way I can get that permission and use it in the current controller that applies the Authorize attribute without having to rewrite and requery the code in the controller? ...
I am working on a web application that has strict security and auditing requirements (HIPPA stuff). So we are evaluating whether we should build our own custom membership and role providers or whether there is a commercially available component that we can buy. If you have any experience (good or bad) with third party Asp.Net membershi...
I have requirement to design a WCF Service based system to filter requests on roles in C# Rules User can access X SuperUser can access Y Admin can access Z Database Resource AccessControl X User,SuperUser,Admin Y Admin Z Admin How do I create a system where I can transform these ac...
Hi all, simple question... Given I have an ASP.NET site, which uses a [custom] RoleProvider, Is there any way in which I can somehow "refresh" the provider without forcing the user to log out of the site and log back in? I'm looking for something that would be akin to a fictional method Roles.Refresh() Specifically, I am looking ...
Essentially I want to show a friendly message when someone is not part of a role listed in my attribute. Currently my application just spits the user back to the log in screen. I've read a few posts that talk about creating a custom attribute that just extends [AuthorizeAttribute], but I'm thinking there's got to be something out of th...
We're going to be using a custom role provider with WCF. The overridden method GetRolesForUser will require the use of an already existing RoleRepository. Now, with a run-of-the-mill class, we'd construct it using StructureMap and the RoleRepository dependency would be injected via the constructor. However, it's WCF that does the co...
I have Membership, Profile and Role providers setup for my .NET MVC website. I would like to say: this Role has access to that Page. How do I 'inject' this code to the RoleProvider? Or do I have to override it somehow? Any leads? (Roles are stored in the default ASP.NET SqlRoleProvider, Pages are stored in a seperate SQL database). ...
I'm building a tiny web application with a simple user autentication scheme. I register the users in web.config, like this: <authentication mode="Forms"> <forms loginUrl="~/login.aspx" defaultUrl="default.aspx" ...> <credentials passwordFormat="SHA1"> <user name="UserA" password="B60D121B438A380C343D5EC3C2037564B82FFEF3"/> ...
I would like to use .Net's SqlMembershipProvider and SqlRoleProvider for user management in my application. My issue is that when the application starts, it does not know any db connection information. For security purposes, it needs to get this information from a WCF service that is running on the datbase server. Therefore I need to bui...
I'd like to glue my custom permissioning system into a new ASP.NET MVC app. I've done a fair amount of work writing my own custom AuthorizeAttribute for the app. I've also written my own custom MembershipProvider and RoleProvider implementations. All of this works beautifully, up until I need to check the Roles my user is a part of. I d...
hey everyone, I've enabled Roles in my ASP.NET web application, but I'm slightly confused as to where they are being stored. In my old project, each Role would appear in the ASP.NET Roles table, and I could see them. However, in my new project, I can't see any Roles in the database table. The strange thing is, I can still use them (and...
I'm making a custom MembershipProvider and RoleProvider. I have database tables with Roles and UsersInRoles and I use LINQ-to-SQL to create objects of the tables. When invoking [Authorize] on an action method, will it work with my custom RoleProvider? How does it know if the user is authenticated and if the user is in the appropriate r...
I have tried to set up .Net authentication to allow authentication across subdomains in my app. To do this, I added a "domain" attribute in the forms element, like this: <forms domain=".mydomain.com" name=".MyApp" loginUrl="Util/login.aspx" timeout="120" /> Then, for the role provider, I added a domain to that too: <roleManager doma...
I have a database in SQLExpress 2008 that I am accessing via an EF4 connection. It also contains the ASP.Net role provider tables for the website. In the web.config there are two separate connection strings pointing to the same database. When it comes to debugging the database I get the following error: Unable to open the physical f...
My asp.net MVC application is not caching roles instead it round tripping to the database every request. Also when I attempted to view the cookie I noticed it had not been written to the browser. Web.config: <roleManager defaultProvider="CustomRole" enabled="true" cacheRolesInCookie="true" cookiePath="/" cookieName="CustomRole" maxCach...
Hi I've got confused . We hear a lot about Provider in ASP.NET . Membership-Provider , Role Provider , XmlDataProvider ,CustomProvider, .... What are those and why we need them in ASP.NET ? ...
Because the RoleProvider interface seems to treat roles as nothing more than simple strings, I'm wondering if there is any non-hacky way to apply an optional value for a role on a per-user basis. Our current login management system implements roles as key-value pairs, where the value part is optional and usually used to clarify or limit...
I'm implementing role based security using Microsoft's membership and role provider. The theoretical problem I'm having is that you implement a specific role on a method such as: [PrincipalPermissionAttribute(SecurityAction.Demand, Role="Supervisor")] private void someMethod() {} What if at some point down the road, I don't want Supe...
Hello friends, I have created my own custom role provider class "SGI_RoleProvider" and configured properly. Everything is working fine. Suppose that I have added a public method say "SayHello()", then how can i call that. Because if i am using Roles then the method is not displayed. If i am forcefully using that Roles.SayHello() then c...
I'm trying to use this article to learn about custom roleproviders, but I'm getting this error: Could not load type 'TestRoles.SimpleRoleProvider'. The relevant section from my web.config: <roleManager enabled="true" defaultProvider="SimpleRoleProvider"> <providers> <add name="SimpleRoleProvider" type="TestRoles.Si...