I'm starting to use the membership provider.
My first idea is to create 2 different mvc3 applications: one for the Web Site and the other to administer the first one. Each application has a different applicationName (WebSite and AdminWebSite).
I want to create Users of WebSite using the application AdminWebSite. Is it possible?
Yes, can specify multiple providers and reference them by provider name. Just make sure that the provider settings for WebSite in AdminWebSite are defined exactly the same way.
Related
So I wrote quite a few ASP.NET web applications and there I often used the forms authentication. Now I need to do the same but in a client application. What would be the best way to create something like this?
I was searching for it for some time now but I didn't find something that I could implement in my project. I just need to have a login screen and only when it is valid with the user logins I created I should be able to use the complete application.
Can someone please help me?
There are probably several approaches that you could take. If the application is internally distributed you could use a database connection to something like SQL Server where you would have accounts set up to validate against. If the distribution is external you may want to consider setting up a server and using socket connections in your application to make calls to your server(again storing account information in a back end database) to validate users.
I remember using ASP.NET Identity for that purpose. Was very easy and everything is pretty much ready.
ASP.NET Core Identity is a membership system that adds login
functionality to ASP.NET Core apps. Users can create an account with
the login information stored in Identity or they can use an external
login provider
learn.microsoft.com/en-us/aspnet/core/security/authentication/identity
Okay, So I want to basically use a single sign on...I read about it, but I cant seem to find good documentation or tutorials on how to implement it for MVC asp.net 4.5. I have an application which allows users to register... I want to be able to allow users from that application to be logged into the second application if they have access. Also, both of these applications would be in different databases... Any suggestions? Btw this is not using webforms...
Is it possible to apply the roles manager from that first application into the second? Or would I just need to create new roles in the second application?
What I have tried:
I have to implement a number of solutions that were on google but most seem to be using webforms... which i dont know how to use...
You need to configure an API which will act as an Authorization Server.
The "Auth" server will issue JSON Web Tokens for authenticated users and those users will present this JWT to the protected end points (Resource Servers) in order to access them.
Your MVC web applications will act as Resource Servers.
Read Implement JSON Web Tokens Authentication in ASP.NET Web API and and Identity 2.1
I'm creating a WCF service to share all membership operations (such as user creation, login, change password, etc) between multiple applications (websites, WS, IPhone App, etc), using the ASP.NET Membership Provider.
I want also to store information about application sending the request.
I'm wondering if it make sense to dynamically set the Membershio provider's Application
Name so to store this info in the membership tables? Since the provider is a singleton it would be something like :
System.Web.Security.Membership.ApplicationName = application;
bool isValid = System.Web.Security.Membership.ValidateUser(username, password);
It actually works but don't know if this is a proper use and if it can cause any trouble in future. Usually as far as I know the application name comes from the Web.config (but in my scenario it would be always the same, the WCF one) and I haven't seen any example where this Property is dynamically set.
Another option would be to store this info in a separate table and leave the Application Name static coming from web.config.
Any suggestion is welcome!
That's not what the application name is for in the membership providers.
You say that you want the user accounts to be shared between multiple applications. In this case the membership application name must be the same between all applications.
The app name is there to allow multiple applications to share the same database but keep their users isolated - a web site configured with an application of app1 will not share users with an application of app2 even if they share the same physical membership database.
Log it elsewhere!
I'm developing a web part for MOSS 2007.
The web part is being deployed to a web application which utilizes forms-based authentication, and role/membership providers to control users.
The membership table has been edited to include addition user info (I am aware, that this isn't the best way to handle additional user, i.e. profiles etc., however, this is a requirement from another department).
Since my web part needs to access this information, I was thinking of implementing a custom membership provider.
So far I've followed:
http://msdn.microsoft.com/en-us/library/6tc47t75.aspx
and I've got my custom membership class, and a very stripped down membershipprovider-class.
But how do I enable/use this membership provider in my web part?
I've tried creating a simple web.config in the "WebPartCode" folder of my solution, next to my webpart code file, with connection string and membership provider tags.
But I don't even really know how to build/reference/use the membership provider itself, so I don't know what else I need to do.
I've built a C# class library project with the two classes (membershipprovider and custom membershipuser) and compiled it and installed it in the global assembly cache - is this correct? and how do I access them from here?
Hope someone can help
You already have FBA set up and working, so you shouldn't need to make any changes in Central Administration for your web application. However, for your reference, the UI settings are found in Central Administration under 'Application Management' - 'Authentication Providers.'
You will need to install the DLLs for your membership provider either in the GAC on every Sharepoint server in your farm or in the bin directory for your web application on every Sharepoint server in your farm. I would recommend packaging your DLLs up in a solution in order to deploy them.
FBA then needs to be configured in the web.config for your Sharepoint IIS site (e.g., web application). This can be found at C:\Inetpub\wwwroot\wss\VirtualDirectories\[Name of Web App]\web.config, and this needs to be configured for every Sharepoint server in your farm.
Please note that by installing your custom membership provider on a particular web application, you will necessarily remove the existing membership provider. This may cause problems for existing users unless your custom membership provider uses the same member database (e.g., usernames/passwords) that the current membership provider uses.
Tim
I want to log in for 1 application and use the same login token to authenticate the second application. I have used the same application name so both applications use the same membership provider.....
I have 2 web applications, using asp.net 3.5, c#, hosted in IIS 7.0. I use the aspnet_membership provider for authentication/authorization
They are hosted side by side as 2 seperate applications . The question is can I log in for 1 application and be authenticated for the other by using the same log in....
Thanks in advance
Stuart
The technology behind Single Sign-On solutions cannot be explained in a few lines of code, it requires some reading/studying to look at the alternatives and how to implement them.
For instance you could take a look at this article about Single Sign-On using Active Directory Federation Services.
UPDATE:
Here is a blogpost about Single sign-on with Forms Authentication.
Its called Single Sign On - SSO and its fairly simple to do if your applications are hosted on the same domain (app1.domain.com and app2.domain.com - or - domain.com/app1 and domain.com/app2), its fairly straightforward to do so.
When you create a cookie using the Forms Authentication, set the domain as ".domain.com".
Also, both the Applications would have to use the same Machine Key within web.config.
Check out http://www.codeproject.com/KB/web-security/aspnetsinglesignon.aspx and http://weblogs.asp.net/hernandl/archive/2004/06/09/ssoformsauth.aspx