We are trying to implement Custom Role membership provider for our web app. For authorization we want to check for one more field like Facilityid for the logged on user along with role he has. eg. my User1 having Role1 with Facility1 can access some option and same user role for Facility2 have different option. So is there a way we can...
I've recently started tinkering with ASP.NET MVC, but this question should apply to classic ASP.NET as well. For what it's worth, I don't know very much about forms authentication and membership providers either. I'm trying to write my own MembershipProvider which will be connected to my own custom user table in my database. My user tab...
Hello everyone - We are attempting to integrate an ASP.NET MVC site with our client's SSO system using PingFederate. I would like to use the built in FormsAuthentication framework to do this. The way I've gone about it so far is: Set up my Web.config so that my FormsAuthentication LoginURL goes to my site's "BeginAuthentication" acti...
Hi, I am looking for a solution for user use the browser's back button to navigate to previous page once logged out. I have a web application build in asp.net and using a custom membership provider for authentication and authorization. Everything works fine except when the user click on the logout link to log out of the application an...
I have been on this problem for a while. I need to compare a paasword that the user enters to a password that is in the membership DB. The password is hashed and has a salt. Because of the lack of documentation I do not know if the salt is append to the password and then hashed how how it is created. I am unable to get this to match. Th...
Hi, I'm trying to implement roles in my site. There are several projects in the solution, one of which is a web application. In that web application, I'm trying to use WSAT to create three roles. There are many folders for the application. I've used WSAT to define role based access rules for each folder. However, when I debug and n...
As I understand it "forms" is just a method to authenticate users. Is this correct? But what "membership" really is I don't know. I've written a custom membership provider but I still don't really see what "membership" is about it if I'm using a custom user table and custom roles table. So what is forms? And what is membership? ...
Does anyone out there have a create script for aspnet_membership table? I found a data structure for it on MS site but cannot find a script to create it anywhere on the web. Many thanks in advance J ...
I have an ASP.Net Web site using .Net Membership with a SQL Server provider, so the users and roles are stored in the SQL tables created by Aspnet_regsql.exe. Is this architecture totally self-contained and portable, or are users in it somehow bound to the specific Web site on which they create their account? Put another way, if we cre...
Is it possible for two or more ASP.NET MVC sites to use a single SQL Server database for authentication and other things? Here's how I'm thinking of setting it up: I will combine the current database of each site into one single database, prefixing the tables with the name of the site they belong to. I currently have authentication tabl...
I am using a WCF authentication service I set up with a web application. I have successfully set up and tested the AuthenticationService and RolesService. The web application can successfully call methods like ValidateUser and GetRolesForCurrentUser through the WCF services. I want to integrate the WCF authentication service with my web...
Hi guys, I have a new table that hold old passwords, I need to check if there is a match. If there is a match I need the ChangePassword contol to NOT change the password. I need to tell the user that this password was used and pic a new one. I can't seem to be able to interrupt the control from changing the password. Maybe I am using...
Hi everybody, I'm currently working on a membership system for my web application, which is based on forms authentication from the framework. I created some users with the integrated tool, and the login is perfectly working. But now what I want to do is to give administrator the capability to create, modify, delete users. So here is ...
Hello Stackoverflowers, I am writing my own custom Identity class which implements IIdentity. I don't need to change the default method IsAuthenticated but so now I was wondering how does the default IIdentity determines if it should return true or false? I thought to find the answer in the FormsAuthenticationTicket I am using but not...
I am trying to implement a custom membership provider and want to change the GetUser method. The problem is that GetUser returns MembershipUser and I want to return MyMembershipUser which has two additional properties FirstName and LastName. I can create a new method in my membership provider which returns MyMembershipUser but then I thi...
For ASP.NET MVC extranet applications, what are the pros and cons of using SQL Authentication instead of the ASP.NET Membership API to handle security? ...
Not sure whether this pertains to VS 2010 or to the upgraded framework, but... we are using the Oracle membership provider to authenticate users. Prior to the upgrade everything worked fine, but now Membership.ValidateUser(user, password) returns false despite valid credentials. There is no exception thrown, so it's hard to determine wha...
Hi, I am not a experienced programmer, I need to query the Membership User Collection provided in asp.net mvc. I want the members be able to add other members as friends, I have created a added friend table. Id, MemberId, Friend_MemberId, DateAdded I want to display a list of Members which are not added to this list (like filter alre...
Hello, I am so close to get this project done. I need to retrieve the password and passwordSalt from my Membership table to compare it to my 'OldPasswords' table. The problem is the Membership provider does not let me use the GetPassword method because the password is hashed. And I can not retrieve it in a normal sqlConnection because...
After all the answers to my last question about fine-tuning turned out to be more useful than I expected, I thought that I would ask another similar Question about the MembershipProviders as well. Okay, so firstly, to clarify: I know what a Membership, Role, and Profile provider is, how to implement my own, and how to configure them, an...