Hi there, I am been taking a look at asp.net membership and it seems to provide everything that i need but i need some kind of custom Role functionality. Currently i can add user to a role, great. But i also need to be able to add Permissions to Roles.. i.e. Role: Editor Permissions: Can View Editor Menu, Can Write to Editors Table...
I would like to change the logged in user to another user temporarily to do some process. For example, say I am logged in as "Joe". In my method, I want to make the logged in user from "Joe" to "SuperUser", do some process, then change the logged in user back to "Joe". Can someone help with this? ...
Hi! I've just created custom ASP.NET Membership, Role, Profile and Session State providers, and I was wondering whether there exists a test suite or something similar to test the implementation of the providers. I've checked some of the open source providers I could find (like the NauckIt.PostgreSQL provider), but neither of them contai...
I'm developing a web application I want to use the role authentication to control different parts of the website accessibility. But my problem is say I implemented a upload and download functionality on one of the page and I want to have the ability to control a user whether they can either upload or download; or both. So, I'm not exactl...
Trying to figure out how to adequately test my accounts controller. I am having problem testing the successful logon scenario. Issue 1) Am I missing any other tests.(I am testing the model validation attributes separately) Issue 2) Put_ReturnsOverviewRedirectToRouteResultIfLogonSuccessAndNoReturnUrlGiven() and Put_ReturnsRedirectResu...
I want to create the membership tables online that are used for ASP.Net 3.5 login controls. I thought their was a script I could use or executable on my computer to install those tables. Is that the case? or what would be the best method to create the tables online. ...
I have an ASP.NET site with membership tables in a Main_DB for the site. Can I add more tables for the site for other data needed for the site or should that data be in another database? ...
I'm experimenting with writing my own custom MembershipProvider in asp.net and I want to roll my own login page. We do some fairly special stuff at login time so we can't use the default login control so I need a way to manually log a user in. So far I haven't found anything on how to write your own login control so I'm here, wondering...
I have an application I would like to force SSL on the login page and on the page that the CC is entered on. I would prefer to keep the rest of the application free of SSL. I have the code working to force SSL on certain pages, and remove SSL on others. The problem I have is that if I log in with SSL enabled the user is only authentic...
I created a Membership login system for my client, now they do NOT want the user to use one of his 5 last passwords when it comes time to create a new one. Is that something that is build in or how could I accomplish that? Thank you, Steve ...
I'd like to hear if anyone sees any problems with how I implemented the security in this Oracle based MVC.NET app, either security issues, concurrency issues or scalability issues. First, I implemented a CustomOracleMembershipProvider to handle the database interface to the membership store. I implemented a custom Principal named User ...
I’m building a site that needs users created with different roles and permissions to access different areas of the site. I using mvc 2 but I can’t find much clear guidance on using the Membership tool with mvc to create accounts and roles etc. I tried the web configuration tool which works but I would like to administrate the site remo...
I have a linq-to-sql class. I have a property "Password" for which I want to call the underlying ASP.NET Membership provider. Thus, I do not want this property written out directly but via my own code. I basically want to create a facade/proxy for this property such that I may use the underlying membership provider or a custom stored pro...
Hi, I am using a asp.net login control with one of my asp.net application to authenticate users. I also have roles defined as well. Some of the directories are setup so only users with ROLE "MANAGER" are able to access pages under those directories. If the user does not have "MANAGER" role, he will simply be redirect back to the logi...
Hi folks, I have used the asp membership feature to add user management to my web app. I have modified the default tables to include a couple more fields. On the create user wizard I have turned wizard step one into a customizable template and have added in the controls for the 2 fields. Do I know just modify the stored procedure used...
This is crazy, I have been trying for hours to get this to work. My client wants to be able to reset password for uses who have forgotten them The only parameter he has is the UserName. He does NOT want the user to be able to reset the password themselves, no that would be too easy...ARGHHHHH!! Anyway, if anyone has any suggestions how...
Is there a way to use the same username and password from the membership provider for a WCF service authentication? if so, which binding does it supports? I need to extract a profile variable from the user currently calling the service. Thanks for any help. ...
Hi, I'm using ASP.NET MVC 1 and I have added a custom Profile class using the WebProfile Builder VS add-in (found here: http://code.msdn.microsoft.com/WebProfileBuilder/Release/ProjectReleases.aspx?ReleaseId=980). On one of my forms I want a drop-down list of all users who share a specific profile value in common. I can see that I can ...
What would be the best way to store additional information outside of active directory? I will be utilizing AD authentication as well as WIndowsTokenRoleProvider but I will also need to store some additional information about a user that will be used for authorizations purposes. This is a ASP.net application with a SQL backend, I am loo...
Example scenario in an ASP.NET application using SQL Server membership provider : 1) a user can't remember their exact password, and tries many times in a short space of time to login with an invalid password (say 5 times in a 10 minute window). This locks out the user (i.e. sets the IsLockedOut flag of the aspnet_Membership table to 1)...