MembershipProvider in .NET 4.0
Hi I use VS2010 B2 and .Net 4.0 in my project. I want to customize a MembershipProvider but i can't find this class in Vs2010. Guide me please. ...
asp.net-membership
web.config in directory with no aspx pages
I have a directory where I am placing PDF files that are generated by my application. The issue is that since there are no aspx pages, the security in the web.config is not preventing direct navigation to those pdf's. Granted, the information is public, I just dont want someone to be able to go straight to them for a variety of reasons...
What is the best approach to take for user profiles in my web application?
I'm currently building an ASP.NET MVC web application. My site security is (currently) built atop an extension of the System.Web.Security Membership model where I've extended: AuthorizeAttribute MembershipProvider RoleProvider This has sufficed for the security mechanism - although it has complicated a lot of things I could probably...
What is the simplest way to create my own FTP server?
What is the simplest way to create my own FTP server in C#? Some of the folders will be virtual folders. The authentication should be from a SQL Server database, which includes tables of the ASP.NET Membership API Authenctication. Any ideas? ...
How do I wrap everything inside a TD element with a SPAN or DIV
What am I doing wrong, my html is rendered as such: <td colspan="2"><input id="ctl00_ContentPlaceHolder1_Login1_RememberMe" type="checkbox" name="ctl00$ContentPlaceHolder1$Login1$RememberMe" /> <label for="ctl00_ContentPlaceHolder1_Login1_RememberMe">Remember me next time. </label></td> I want to wrap everything inside the TD ...
How to get ASP.NET Forms Authentication (using role restrictions) to not redirect to login page.
Does anyone know of a way to get ASP.NET Forms Authentication to not redirect back to the login page if a user is not allowed to visit a certain page or folder based on their role (and perhaps show a message instead)? ...
Default Membership and User Profiling vs Custom ones.
Hello, I was just going through the "AccountController.cs" code (the default one which appears when you create a new ASP.NET MVC project). When I tried to compare it to the one that is proposed in my book, I noticed that the two controllers share the same concepts and implements the same methods (LogOn, LogOff, CreateUser, DeleteUser, C...
Sharing ASP.NET authentication between sites
We are launching a new web site using a sub-domain and need to ensure that users logging in to the original (main domain) site, are also authenticated in the new site. I believe I need to ensure all related web.config settings (forms authentication, cookie names etc) are the same in both applications and also manually set the machineKey...
Deadlock calling Membership.CreateUser on a Load Test
Hi, I am getting Sql deadlocks while calling aspnet_Users_CreateUser Api during load test (100+ concurrent users) I have wrapped the createUser, roles.AddUserToRole and another custom mapping procedure inside a Transaction Scope block. Once the deadlock is encountered no more user accounts are created. I am also using Enterprise Librar...
Why SQL Membership Database tables created by aspnet_regsql have no primary keys
This question is about the tables created by aspnet_regsql for the ASP.NET 2.0 Membership database. I am incorporating these tables and procs, etc from the database into my application database for ease of manageemnt and integration with the application data. I notice that none of the tables have primary keys. This is a difficulty with...
If I implement my own CustomPrincipal in asp.net mvc, must I use a Custom ActionFilterAttribute?
If I implement my own CustomPrincipal in asp.net mvc, must I use a Custom ActionFilterAttribute to check for Roles that my users belong to (like this: http://www.codethinked.com/post/2008/04/01/Setting-up-authentication-in-aspnet-MVC.aspx)???. When I use: [Authorize] It works fine. But when I use: [Authorize(Roles=("Example"))] It...
ASP.Net Membership Provider. Impersonation
I have a custom membership/roles provider, due to the nature of the project it will require Admins to login as users while assisting them with querys. Now, Its easy to re-log the admin in with the selected membership account, however this meens that the Admin will effectivly be logged out. I'm looking for a way to allow Admins to impers...
Microsoft Membership Provider Vs Custom Provider Vs Complete Custom Login System
I am currently converting a very old, but working classic ASP site to ASP.Net. It has a completely custom written user management system. Whilst it works fine, it really needs a refresh as I want it to be more flexible for some future projects in the works. When I asked someone about this, they said "You need to use the Microsoft Provi...
Membership.GeneratePassword doesn't conform to numberOfNonAlphaNumericCharacters
I'm using Membership.GeneratePassword(10, 0). i.e. Number of Non-AlphaNumeric characters should be zero, as per the MSDN defintion: http://msdn.microsoft.com/en-us/library/system.web.security.membership.generatepassword(VS.80).aspx However, I noted that this didn't conform to what I expected. Is there a bug in the algorithm, or is it ...
With ASP.NET membership, how can I show a 403?
By default, ASP.NET's membership provider redirects to a loginUrl when a user is not authorized to access a protected page. Is there a way to display a custom 403 error page without redirecting the user? I'd like to avoid sending users to the login page and having the ReturnUrl query string in the address bar. I'm using MVC (and the A...
ASP.NET membership providers in non-web apps?
Does anyone know if it's possible to use an ASP.NET membership (and role) provider in a non-web app (ie in a desktop C# app)? Related question -- is there an LDAP membership provider (it looks like SharePoint has one, but I don't think it's the same as the ASP.NET provider). I'm sure the Active Directory one is probably close, but I'm ...
membership timeout and session timeout
I need to set memebership timeout to be less than session timeout to avoid using the membership and the login session is expired, this is a problem that i face in my asp.net application that i am using login control and when the user send a comment and the login control session is expired it should not accept the comment and i knew later...
ActiveDirectoryMembershipProvider and referential integrity
In the past, when I implemented my own authentication mechanisms I would have a user table with relationships to other tables in my application's MySQL database. However, now that I'm considering using ActiveDirectoryMembershipProvider, I see no way to create similar relationships between AD users and those tables. What's the normal wa...
new DateTime comparison fails due to timezone differences between DLLs
I have a ASP.NET web application that implements a custom Membership Provider. Because the LastLockOutDate property of the MembershipUser cannot be null, but my underlying entity does allow nulls, I was setting it like this: DateTime lastLockOutDate = (account.DateLastLockOut.HasValue) ? account.DateLastLockOut.Value : new ...
How can I change the ASP.Net MVC Login Redirect based on role?
I have the following code I've typed into the Account Controller in my MVC project and I am in both the administrator and manager roles. When I log in I get redirected back to my home index instead of being redirected to my AdminApp index. Any ideas where I'm going wrong in my code? [AcceptVerbs(HttpVerbs.Post)] [System.Diagnostic...