Search Results

Search found 45 results on 2 pages for 'rolemanager'.

Page 1/2 | 1 2  | Next Page >

  • Rolemanager not working when ASPDotNetStorefront served in a virtual folder with FormsAuthentication

    - by digiguru
    Does anyone know if there is a valid roleManager I can apply to ASPDotNetStorefront to get the site working? We have a website that has an ASP.Net storefront served in a virtual folder off the root. ourwebsite.com ourwebsite.com/shop Everything has been workign fine until we put the groundwork in place for forms authentication in the website recently. This caused an error on the production server when you tried to get into the shop... Unable to cast object of type 'System.Web.Security.RolePrincipal' to type 'AspDotNetStorefrontCore.AspDotNetStorefrontPrincipal'. Looking at the shop's web.config I noticed there was no RoleManager node, so I tried to fix the problem by removing it in the shop's web.config <roleManager enabled="false"> </roleManager> This prevented the error occurring, but also prevented the shopping basket from working. Instead I removed the rolemanager tag from the root website... <!-- Conflicting with AspDotNetStorefront <roleManager enabled="true" defaultProvider="CustomizedRoleProvider"> <providers> <add name="CustomizedRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="constr" /> </providers> </roleManager> --> This worked, but obviously prevents role authentication working on the root website, which is okay for the next 2 or 3 releases. Anyone know the correct code for the rolemanager in DotNetStorefront?

    Read the article

  • ASP.NET MVC2 Implementing Custom RoleManager problem

    - by ile
    To create a custom membership provider I followed these instructions: http://stackoverflow.com/questions/2771094/asp-net-mvc2-custom-membership and these: http://mattwrock.com/post/2009/10/14/Implementing-custom-Membership-Provider-and-Role-Provider-for-Authinticating-ASPNET-MVC-Applications.aspx So far, I've managed to implement custom membership provider and that part works fine. RoleManager still needs some modifications... Project structure: SAMembershipProvider.cs: public class SAMembershipProvider : MembershipProvider { #region - Properties - private int NewPasswordLength { get; set; } private string ConnectionString { get; set; } public bool enablePasswordReset { get; set; } public bool enablePasswordRetrieval { get; set; } public bool requiresQuestionAndAnswer { get; set; } public bool requiresUniqueEmail { get; set; } public int maxInvalidPasswordAttempts { get; set; } public int passwordAttemptWindow { get; set; } public MembershipPasswordFormat passwordFormat { get; set; } public int minRequiredNonAlphanumericCharacters { get; set; } public int minRequiredPasswordLength { get; set; } public string passwordStrengthRegularExpression { get; set; } public override string ApplicationName { get; set; } public override bool EnablePasswordRetrieval { get { return enablePasswordRetrieval; } } public override bool EnablePasswordReset { get { return enablePasswordReset; } } public override bool RequiresQuestionAndAnswer { get { return requiresQuestionAndAnswer; } } public override int MaxInvalidPasswordAttempts { get { return maxInvalidPasswordAttempts; } } public override int PasswordAttemptWindow { get { return passwordAttemptWindow; } } public override bool RequiresUniqueEmail { get { return requiresUniqueEmail; } } public override MembershipPasswordFormat PasswordFormat { get { return passwordFormat; } } public override int MinRequiredPasswordLength { get { return minRequiredPasswordLength; } } public override int MinRequiredNonAlphanumericCharacters { get { return minRequiredNonAlphanumericCharacters; } } public override string PasswordStrengthRegularExpression { get { return passwordStrengthRegularExpression; } } #endregion #region - Methods - public override void Initialize(string name, NameValueCollection config) { throw new NotImplementedException(); } public override bool ChangePassword(string username, string oldPassword, string newPassword) { throw new NotImplementedException(); } public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) { throw new NotImplementedException(); } public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { throw new NotImplementedException(); } public override bool DeleteUser(string username, bool deleteAllRelatedData) { throw new NotImplementedException(); } public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords) { throw new NotImplementedException(); } public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) { throw new NotImplementedException(); } public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords) { throw new NotImplementedException(); } public override int GetNumberOfUsersOnline() { throw new NotImplementedException(); } public override string GetPassword(string username, string answer) { throw new NotImplementedException(); } public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) { throw new NotImplementedException(); } public override MembershipUser GetUser(string username, bool userIsOnline) { throw new NotImplementedException(); } public override string GetUserNameByEmail(string email) { throw new NotImplementedException(); } protected override void OnValidatingPassword(ValidatePasswordEventArgs e) { base.OnValidatingPassword(e); } public override string ResetPassword(string username, string answer) { throw new NotImplementedException(); } public override bool UnlockUser(string userName) { throw new NotImplementedException(); } public override void UpdateUser(MembershipUser user) { throw new NotImplementedException(); } public override bool ValidateUser(string username, string password) { AccountRepository accountRepository = new AccountRepository(); var user = accountRepository.GetUser(username); if (string.IsNullOrEmpty(password.Trim())) return false; if (user == null) return false; //string hash = EncryptPassword(password); var email = user.Email; var pass = user.Password; if (user == null) return false; if (pass == password) { //User = user; return true; } return false; } #endregion protected string EncryptPassword(string password) { //we use codepage 1252 because that is what sql server uses byte[] pwdBytes = Encoding.GetEncoding(1252).GetBytes(password); byte[] hashBytes = System.Security.Cryptography.MD5.Create().ComputeHash(pwdBytes); return Encoding.GetEncoding(1252).GetString(hashBytes); } } SARoleProvider.cs public class SARoleProvider : RoleProvider { AccountRepository accountRepository = new AccountRepository(); public override bool IsUserInRole(string username, string roleName) { return true; } public override string ApplicationName { get { throw new NotImplementedException(); } set { throw new NotImplementedException(); } } public override void AddUsersToRoles(string[] usernames, string[] roleNames) { throw new NotImplementedException(); } public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames) { throw new NotImplementedException(); } public override void CreateRole(string roleName) { throw new NotImplementedException(); } public override bool DeleteRole(string roleName, bool throwOnPopulatedRole) { throw new NotImplementedException(); } public override bool RoleExists(string roleName) { throw new NotImplementedException(); } public override string[] GetRolesForUser(string username) { int rolesCount = 0; IQueryable<RoleViewModel> rolesNames; try { // get roles for this user from DB... rolesNames = accountRepository.GetRolesForUser(username); rolesCount = rolesNames.Count(); } catch (Exception ex) { throw ex; } string[] roles = new string[rolesCount]; int counter = 0; foreach (var item in rolesNames) { roles[counter] = item.RoleName.ToString(); counter++; } return roles; } public override string[] GetUsersInRole(string roleName) { throw new NotImplementedException(); } public override string[] FindUsersInRole(string roleName, string usernameToMatch) { throw new NotImplementedException(); } public override string[] GetAllRoles() { throw new NotImplementedException(); } } AccountRepository.cs public class RoleViewModel { public string RoleName { get; set; } } public class AccountRepository { private DB db = new DB(); public User GetUser(string email) { return db.Users.SingleOrDefault(d => d.Email == email); } public IQueryable<RoleViewModel> GetRolesForUser(string email) { var result = ( from role in db.Roles join user in db.Users on role.RoleID equals user.RoleID where user.Email == email select new RoleViewModel { RoleName = role.Name }); return result; } } webconfig <membership defaultProvider="SAMembershipProvider" userIsOnlineTimeWindow="15"> <providers> <clear/> <add name="SAMembershipProvider" type="SA_Contacts.Membership.SAMembershipProvider, SA_Contacts" connectionStringName ="ShinyAntConnectionString" /> </providers> </membership> <roleManager defaultProvider="SARoleProvider" enabled="true" cacheRolesInCookie="true"> <providers> <clear/> <add name="SARoleProvider" type="SA_Contacts.Membership.SARoleProvider" connectionStringName ="ShinyAntConnectionString" /> </providers> </roleManager> AccountController.cs: public class AccountController : Controller { SAMembershipProvider provider = new SAMembershipProvider(); AccountRepository accountRepository = new AccountRepository(); public AccountController() { } public ActionResult LogOn() { return View(); } [AcceptVerbs(HttpVerbs.Post)] public ActionResult LogOn(string userName, string password, string returnUrl) { if (!ValidateLogOn(userName, password)) { return View(); } var user = accountRepository.GetUser(userName); var userFullName = user.FirstName + " " + user.LastName; FormsAuthentication.SetAuthCookie(userFullName, false); if (!String.IsNullOrEmpty(returnUrl) && returnUrl != "/") { return Redirect(returnUrl); } else { return RedirectToAction("Index", "Home"); } } public ActionResult LogOff() { FormsAuthentication.SignOut(); return RedirectToAction("Index", "Home"); } private bool ValidateLogOn(string userName, string password) { if (String.IsNullOrEmpty(userName)) { ModelState.AddModelError("username", "You must specify a username."); } if (String.IsNullOrEmpty(password)) { ModelState.AddModelError("password", "You must specify a password."); } if (!provider.ValidateUser(userName, password)) { ModelState.AddModelError("_FORM", "The username or password provided is incorrect."); } return ModelState.IsValid; } } In some testing controller I have following: [Authorize] public class ContactsController : Controller { SAMembershipProvider saMembershipProvider = new SAMembershipProvider(); SARoleProvider saRoleProvider = new SARoleProvider(); // // GET: /Contact/ public ActionResult Index() { string[] roleNames = Roles.GetRolesForUser("[email protected]"); // Outputs admin ViewData["r1"] = roleNames[0].ToString(); // Outputs True // I'm not even sure if this method is the same as the one below ViewData["r2"] = Roles.IsUserInRole("[email protected]", roleNames[0].ToString()); // Outputs True ViewData["r3"] = saRoleProvider.IsUserInRole("[email protected]", "admin"); return View(); } If I use attribute [Authorize] then everything works ok, but if I use [Authorize(Roles="admin")] then user is always rejected, like he is not in role. Any idea of what could be wrong here? Thanks in advance, Ile

    Read the article

  • Getting Started with ASP.NET Membership, Profile and RoleManager

    - by Ben Griswold
    A new ASP.NET MVC project includes preconfigured Membership, Profile and RoleManager providers right out of the box.  Try it yourself – create a ASP.NET MVC application, crack open the web.config file and have a look.  First, you’ll find the ApplicationServices database connection: <connectionStrings>   <add name="ApplicationServices"        connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true"        providerName="System.Data.SqlClient"/> </connectionStrings>   Notice the connection string is referencing the aspnetdb.mdf database hosted by SQL Express and it’s using integrated security so it’ll just work for you without having to call out a specific database login or anything. Scroll down the file a bit and you’ll find each of the three noted sections: <membership>   <providers>     <clear/>     <add name="AspNetSqlMembershipProvider"          type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"          connectionStringName="ApplicationServices"          enablePasswordRetrieval="false"          enablePasswordReset="true"          requiresQuestionAndAnswer="false"          requiresUniqueEmail="false"          passwordFormat="Hashed"          maxInvalidPasswordAttempts="5"          minRequiredPasswordLength="6"          minRequiredNonalphanumericCharacters="0"          passwordAttemptWindow="10"          passwordStrengthRegularExpression=""          applicationName="/"             />   </providers> </membership>   <profile>   <providers>     <clear/>     <add name="AspNetSqlProfileProvider"          type="System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"          connectionStringName="ApplicationServices"          applicationName="/"             />   </providers> </profile>   <roleManager enabled="false">   <providers>     <clear />     <add connectionStringName="ApplicationServices" applicationName="/" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />     <add applicationName="/" name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />   </providers> </roleManager> Really. It’s all there. Still don’t believe me.  Run the application, walk through the registration process and finally login and logout.  Completely functional – and you didn’t have to do a thing! What else?  Well, you can manage your users via the Configuration Manager which is hiding in Visual Studio behind Projects > ASP.NET Configuration. The ASP.NET Web Site Administration Tool isn’t MVC-specific (neither is the Membership, Profile or RoleManager stuff) but it’s neat and I hardly ever see anyone using it.  Here you can set up and edit users, roles, and set access permissions for your site. You can manage application settings, establish your SMTP settings, configure debugging and tracing, define default error page and even take your application offline.  The UI is rather plain-Jane but it works great. And here’s the best of all.  Let’s say you, like most of us, don’t want to run your application on top of the aspnetdb.mdf database.  Let’s suppose you want to use your own database and you’d like to add the membership stuff to it.  Well, that’s easy enough. Take a look inside your [drive:]\%windir%\Microsoft.Net\Framework\v2.0.50727\ folder.  Here you’ll find a bunch of files.  If you were to run the InstallCommon.sql, InstallMembership.sql, InstallRoles.sql and InstallProfile.sql files against the database of your choices, you’d be installing the same membership, profile and role artifacts which are found in the aspnet.db to your own database.  Too much trouble?  Okay. Run [drive:]\%windir%\Microsoft.Net\Framework\v2.0.50727\aspnet_regsql.exe from the command line instead.  This will launch the ASP.NET SQL Server Setup Wizard which walks you through the installation of those same database objects into the new or existing database of your choice. You may not always have the luxury of using this tool on your destination server, but you should use it whenever you can.  Last tip: don’t forget to update the ApplicationServices connectionstring to point to your custom database after the setup is complete. At the risk of sounding like a smarty, everything I’ve mentioned in this post has been around for quite a while. The thing is that not everyone has had the opportunity to use it.  And it makes sense. I know I’ve worked on projects which used custom membership services.  Why bother with the out-of-the-box stuff, right?   And the .NET framework is so massive, who can know it all. Well, eventually you might have a chance to architect your own solution using any implementation you’d like or you will have the time to play around with another aspect of the framework.  When you do, think back to this post.

    Read the article

  • ASP.NET MVC2 custom rolemanager (webconfig problem)

    - by ile
    Structure of the web: SAMembershipProvider.cs namespace User.Membership { public class SAMembershipProvider : MembershipProvider { #region - Properties - private int NewPasswordLength { get; set; } private string ConnectionString { get; set; } //private MachineKeySection MachineKey { get; set; } //Used when determining encryption key values. public bool enablePasswordReset { get; set; } public bool enablePasswordRetrieval { get; set; } public bool requiresQuestionAndAnswer { get; set; } public bool requiresUniqueEmail { get; set; } public int maxInvalidPasswordAttempts { get; set; } public int passwordAttemptWindow { get; set; } public MembershipPasswordFormat passwordFormat { get; set; } public int minRequiredNonAlphanumericCharacters { get; set; } public int minRequiredPasswordLength { get; set; } public string passwordStrengthRegularExpression { get; set; } public override string ApplicationName { get; set; } // Indicates whether passwords can be retrieved using the provider's GetPassword method. // This property is read-only. public override bool EnablePasswordRetrieval { get { return enablePasswordRetrieval; } } // Indicates whether passwords can be reset using the provider's ResetPassword method. // This property is read-only. public override bool EnablePasswordReset { get { return enablePasswordReset; } } // Indicates whether a password answer must be supplied when calling the provider's GetPassword and ResetPassword methods. // This property is read-only. public override bool RequiresQuestionAndAnswer { get { return requiresQuestionAndAnswer; } } public override int MaxInvalidPasswordAttempts { get { return maxInvalidPasswordAttempts; } } // For a description, see MaxInvalidPasswordAttempts. // This property is read-only. public override int PasswordAttemptWindow { get { return passwordAttemptWindow; } } // Indicates whether each registered user must have a unique e-mail address. // This property is read-only. public override bool RequiresUniqueEmail { get { return requiresUniqueEmail; } } public override MembershipPasswordFormat PasswordFormat { get { return passwordFormat; } } // The minimum number of characters required in a password. // This property is read-only. public override int MinRequiredPasswordLength { get { return minRequiredPasswordLength; } } // The minimum number of non-alphanumeric characters required in a password. // This property is read-only. public override int MinRequiredNonAlphanumericCharacters { get { return minRequiredNonAlphanumericCharacters; } } // A regular expression specifying a pattern to which passwords must conform. // This property is read-only. public override string PasswordStrengthRegularExpression { get { return passwordStrengthRegularExpression; } } #endregion #region - Methods - public override void Initialize(string name, NameValueCollection config) { throw new NotImplementedException(); } public override bool ChangePassword(string username, string oldPassword, string newPassword) { throw new NotImplementedException(); } public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) { throw new NotImplementedException(); } // Takes, as input, a user name, password, e-mail address, and other information and adds a new user // to the membership data source. CreateUser returns a MembershipUser object representing the newly // created user. It also accepts an out parameter (in Visual Basic, ByRef) that returns a // MembershipCreateStatus value indicating whether the user was successfully created or, if the user // was not created, the reason why. If the user was not created, CreateUser returns null. // Before creating a new user, CreateUser calls the provider's virtual OnValidatingPassword method to // validate the supplied password. It then creates the user or cancels the action based on the outcome of the call. public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { throw new NotImplementedException(); } public override bool DeleteUser(string username, bool deleteAllRelatedData) { throw new NotImplementedException(); } public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords) { throw new NotImplementedException(); } // Returns a MembershipUserCollection containing MembershipUser objects representing users whose user names // match the usernameToMatch input parameter. Wildcard syntax is data source-dependent. MembershipUser objects // in the MembershipUserCollection are sorted by user name. If FindUsersByName finds no matching users, it // returns an empty MembershipUserCollection. // For an explanation of the pageIndex, pageSize, and totalRecords parameters, see the GetAllUsers method. public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) { throw new NotImplementedException(); } // Returns a MembershipUserCollection containing MembershipUser objects representing all registered users. If // there are no registered users, GetAllUsers returns an empty MembershipUserCollection // The results returned by GetAllUsers are constrained by the pageIndex and pageSize input parameters. pageSize // specifies the maximum number of MembershipUser objects to return. pageIndex identifies which page of results // to return. Page indexes are 0-based. // // GetAllUsers also takes an out parameter (in Visual Basic, ByRef) named totalRecords that, on return, holds // a count of all registered users. public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords) { throw new NotImplementedException(); } // Returns a count of users that are currently online-that is, whose LastActivityDate is greater than the current // date and time minus the value of the membership service's UserIsOnlineTimeWindow property, which can be read // from Membership.UserIsOnlineTimeWindow. UserIsOnlineTimeWindow specifies a time in minutes and is set using // the <membership> element's userIsOnlineTimeWindow attribute. public override int GetNumberOfUsersOnline() { throw new NotImplementedException(); } // Takes, as input, a user name and a password answer and returns that user's password. If the user name is not // valid, GetPassword throws a ProviderException. // Before retrieving a password, GetPassword verifies that EnablePasswordRetrieval is true. If // EnablePasswordRetrieval is false, GetPassword throws a NotSupportedException. If EnablePasswordRetrieval is // true but the password format is hashed, GetPassword throws a ProviderException since hashed passwords cannot, // by definition, be retrieved. A membership provider should also throw a ProviderException from Initialize if // EnablePasswordRetrieval is true but the password format is hashed. // // GetPassword also checks the value of the RequiresQuestionAndAnswer property before retrieving a password. If // RequiresQuestionAndAnswer is true, GetPassword compares the supplied password answer to the stored password // answer and throws a MembershipPasswordException if the two don't match. GetPassword also throws a // MembershipPasswordException if the user whose password is being retrieved is currently locked out. public override string GetPassword(string username, string answer) { throw new NotImplementedException(); } // Takes, as input, a user name or user ID (the method is overloaded) and a Boolean value indicating whether // to update the user's LastActivityDate to show that the user is currently online. GetUser returns a MembershipUser // object representing the specified user. If the user name or user ID is invalid (that is, if it doesn't represent // a registered user) GetUser returns null (Nothing in Visual Basic). public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) { throw new NotImplementedException(); } // Takes, as input, a user name or user ID (the method is overloaded) and a Boolean value indicating whether to // update the user's LastActivityDate to show that the user is currently online. GetUser returns a MembershipUser // object representing the specified user. If the user name or user ID is invalid (that is, if it doesn't represent // a registered user) GetUser returns null (Nothing in Visual Basic). public override MembershipUser GetUser(string username, bool userIsOnline) { throw new NotImplementedException(); } // Takes, as input, an e-mail address and returns the first registered user name whose e-mail address matches the // one supplied. // If it doesn't find a user with a matching e-mail address, GetUserNameByEmail returns an empty string. public override string GetUserNameByEmail(string email) { throw new NotImplementedException(); } // Virtual method called when a password is created. The default implementation in MembershipProvider fires a // ValidatingPassword event, so be sure to call the base class's OnValidatingPassword method if you override // this method. The ValidatingPassword event allows applications to apply additional tests to passwords by // registering event handlers. // A custom provider's CreateUser, ChangePassword, and ResetPassword methods (in short, all methods that record // new passwords) should call this method. protected override void OnValidatingPassword(ValidatePasswordEventArgs e) { base.OnValidatingPassword(e); } // Takes, as input, a user name and a password answer and replaces the user's current password with a new, random // password. ResetPassword then returns the new password. A convenient mechanism for generating a random password // is the Membership.GeneratePassword method. // If the user name is not valid, ResetPassword throws a ProviderException. ResetPassword also checks the value of // the RequiresQuestionAndAnswer property before resetting a password. If RequiresQuestionAndAnswer is true, // ResetPassword compares the supplied password answer to the stored password answer and throws a // MembershipPasswordException if the two don't match. // // Before resetting a password, ResetPassword verifies that EnablePasswordReset is true. If EnablePasswordReset is // false, ResetPassword throws a NotSupportedException. If the user whose password is being changed is currently // locked out, ResetPassword throws a MembershipPasswordException. // // Before resetting a password, ResetPassword calls the provider's virtual OnValidatingPassword method to validate // the new password. It then resets the password or cancels the action based on the outcome of the call. If the new // password is invalid, ResetPassword throws a ProviderException. // // Following a successful password reset, ResetPassword updates the user's LastPasswordChangedDate. public override string ResetPassword(string username, string answer) { throw new NotImplementedException(); } // Unlocks (that is, restores login privileges for) the specified user. UnlockUser returns true if the user is // successfully unlocked. Otherwise, it returns false. If the user is already unlocked, UnlockUser simply returns true. public override bool UnlockUser(string userName) { throw new NotImplementedException(); } // Takes, as input, a MembershipUser object representing a registered user and updates the information stored for // that user in the membership data source. If any of the input submitted in the MembershipUser object is not valid, // UpdateUser throws a ProviderException. // Note that UpdateUser is not obligated to allow all the data that can be encapsulated in a MembershipUser object to // be updated in the data source. public override void UpdateUser(MembershipUser user) { throw new NotImplementedException(); } // Takes, as input, a user name and a password and verifies that they are valid-that is, that the membership data // source contains a matching user name and password. ValidateUser returns true if the user name and password are // valid, if the user is approved (that is, if MembershipUser.IsApproved is true), and if the user isn't currently // locked out. Otherwise, it returns false. // Following a successful validation, ValidateUser updates the user's LastLoginDate and fires an // AuditMembershipAuthenticationSuccess Web event. Following a failed validation, it fires an // // AuditMembershipAuthenticationFailure Web event. public override bool ValidateUser(string username, string password) { throw new NotImplementedException(); //if (string.IsNullOrEmpty(password.Trim())) return false; //string hash = EncryptPassword(password); //User user = _repository.GetByUserName(username); //if (user == null) return false; //if (user.Password == hash) //{ // User = user; // return true; //} //return false; } #endregion /// <summary> /// Procuses an MD5 hash string of the password /// </summary> /// <param name="password">password to hash</param> /// <returns>MD5 Hash string</returns> protected string EncryptPassword(string password) { //we use codepage 1252 because that is what sql server uses byte[] pwdBytes = Encoding.GetEncoding(1252).GetBytes(password); byte[] hashBytes = System.Security.Cryptography.MD5.Create().ComputeHash(pwdBytes); return Encoding.GetEncoding(1252).GetString(hashBytes); } } // End Class } SARoleProvider.cs namespace User.Membership { public class SARoleProvider : RoleProvider { #region - Properties - // The name of the application using the role provider. ApplicationName is used to scope // role data so that applications can choose whether to share role data with other applications. // This property can be read and written. public override string ApplicationName { get; set; } #endregion #region - Methods - public override void Initialize(string name, NameValueCollection config) { throw new NotImplementedException(); } // Takes, as input, a list of user names and a list of role names and adds the specified users to // the specified roles. // AddUsersToRoles throws a ProviderException if any of the user names or role names do not exist. // If any user name or role name is null (Nothing in Visual Basic), AddUsersToRoles throws an // ArgumentNullException. If any user name or role name is an empty string, AddUsersToRoles throws // an ArgumentException. public override void AddUsersToRoles(string[] usernames, string[] roleNames) { throw new NotImplementedException(); } // Takes, as input, a role name and creates the specified role. // CreateRole throws a ProviderException if the role already exists, the role name contains a comma, // or the role name exceeds the maximum length allowed by the data source. public override void CreateRole(string roleName) { throw new NotImplementedException(); } // Takes, as input, a role name and a Boolean value that indicates whether to throw an exception if there // are users currently associated with the role, and then deletes the specified role. // If the throwOnPopulatedRole input parameter is true and the specified role has one or more members, // DeleteRole throws a ProviderException and does not delete the role. If throwOnPopulatedRole is false, // DeleteRole deletes the role whether it is empty or not. // // When DeleteRole deletes a role and there are users assigned to that role, it also removes users from the role. public override bool DeleteRole(string roleName, bool throwOnPopulatedRole) { throw new NotImplementedException(); } // Takes, as input, a search pattern and a role name and returns a list of users belonging to the specified role // whose user names match the pattern. Wildcard syntax is data-source-dependent and may vary from provider to // provider. User names are returned in alphabetical order. // If the search finds no matches, FindUsersInRole returns an empty string array (a string array with no elements). // If the role does not exist, FindUsersInRole throws a ProviderException. public override string[] FindUsersInRole(string roleName, string usernameToMatch) { throw new NotImplementedException(); } // Returns the names of all existing roles. If no roles exist, GetAllRoles returns an empty string array (a string // array with no elements). public override string[] GetAllRoles() { throw new NotImplementedException(); } // Takes, as input, a user name and returns the names of the roles to which the user belongs. // If the user is not assigned to any roles, GetRolesForUser returns an empty string array // (a string array with no elements). If the user name does not exist, GetRolesForUser throws a // ProviderException. public override string[] GetRolesForUser(string username) { throw new NotImplementedException(); //User user = _repository.GetByUserName(username); //string[] roles = new string[user.Role.Rights.Count + 1]; //roles[0] = user.Role.Description; //int idx = 0; //foreach (Right right in user.Role.Rights) // roles[++idx] = right.Description; //return roles; } public override string[] GetUsersInRole(string roleName) { throw new NotImplementedException(); } // Takes, as input, a role name and returns the names of all users assigned to that role. // If no users are associated with the specified role, GetUserInRole returns an empty string array (a string array with // no elements). If the role does not exist, GetUsersInRole throws a ProviderException. public override bool IsUserInRole(string username, string roleName) { throw new NotImplementedException(); //User user = _repository.GetByUserName(username); //if (user != null) // return user.IsInRole(roleName); //else // return false; } // Takes, as input, a list of user names and a list of role names and removes the specified users from the specified roles. // RemoveUsersFromRoles throws a ProviderException if any of the users or roles do not exist, or if any user specified // in the call does not belong to the role from which he or she is being removed. public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames) { throw new NotImplementedException(); } // Takes, as input, a role name and determines whether the role exists. public override bool RoleExists(string roleName) { throw new NotImplementedException(); } #endregion } // End Class } From Web.config: <membership defaultProvider="SAMembershipProvider" userIsOnlineTimeWindow="15"> <providers> <clear/> <add name="SAMembershipProvider" type="User.Membership.SAMembershipProvider, User" /> </providers> </membership> <roleManager defaultProvider="SARoleProvider" enabled="true" cacheRolesInCookie="true"> <providers> <clear/> <add name="SARoleProvider" type="User.Membership.SARoleProvider" /> </providers> </roleManager> When running project, I get following error: Server Error in '/' Application. Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: The method or operation is not implemented. Source Error: Line 71: <providers> Line 72: <clear/> Line 73: <add name="SARoleProvider" type="User.Membership.SARoleProvider" /> Line 74: </providers> Line 75: </roleManager> I tried: <add name="SARoleProvider" type="User.Membership.SARoleProvider, User" /> and <add name="SARoleProvider" type="User.Membership.SARoleProvider, SARoleProvider" /> and <add name="SARoleProvider" type="User.Membership.SARoleProvider, User.Membership" /> but none works Any idea what's wrong here? Thanks, Ile

    Read the article

  • Does the asp.net RoleManager really cache the roles for a user in a cookie if so configured?

    - by Ralph Shillington
    In my web.config I have the Role Manager configured as follows: <roleManager enabled="true" cacheRolesInCookie="true" cookieName=".ASPROLES" cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All"> however in our custom RoleProvider it would seems that the GetRolesForUser method is always being called, rather than as I would have expected, the RoleManager serving up the roles from its cookie. We're using something like to get the roles for a user: string[] myroles = Role.GetRolesForUser("myuser"); Is there something that I'm missing in the configuration, or in the use of the RoleManager Thanks in advance

    Read the article

  • web.config, configSource, and "The 'xxx' element is not declared" warning.

    - by UpTheCreek
    I have broken down the horribly unwieldy web.config file into individual files for some of the sections (e.g. connectionStrings, authentication, pages etc.) using the configSource attribute. This is working file, but the individual xml files that hold the section 'snippets' cause warnings in VS. For example, a file named roleManager.config is used for the role manager section, and looks like this: <roleManager enabled="false"> </rolemanager> However I get a blue squiggle under the roleManager element in VS, and the following warning: The 'roleManager' element is not declared I guess this is something to do with valid xml and schemas etc. Is there an easy way to fix this? Something I can add to the individual files? Thanks P.S. I have heard that it is bad practice to break the web.config file out like this. But don't really understand why - can anyone illuminate me?

    Read the article

  • Can I create a custom roleprovider through a WCF service?

    - by RJ
    I have a web application that accesses a database through a wcf service. The idea is to abstract the data from the web application using the wcf service. All that works fine but I am also using the built in roleprovider using the SqlRoleManager which does access the aspnetdb database directly. I would like to abstract the roleprovider by creating a custom roleprovider in a wcf service and then accessing it through the wcf service. I have created the custom role provider and it works fine but now I need to place it in a wcf service. So before I jump headlong into trying to get this to work through the WCF service, I created a second class in the web application that accessed the roleprovider class and changed my web config roleprovider parameters to use that class. So my roleprovider class is called, "UcfCstRoleProvider" and my web.config looks like this: <roleManager enabled="true" defaultProvider="UcfCstRoleProvider"> <providers> <add name="UcfCstRoleProvider" type="Ucf.Security.Wcf.WebTests.UcfCstRoleProvider, Ucf.Security.Wcf.WebTests" connectionStringName="SqlRoleManagerConnection" applicationName="SMTP" /> </providers> </roleManager> My class starts like this: public class UcfCstRoleProvider : RoleProvider { private readonly WindowsTokenRoleProvider _roleProxy = new WindowsTokenRoleProvider(); public override string ApplicationName { get { return _roleProxy.ApplicationName; } set { _roleProxy.ApplicationName = value; } } As I said, this works fine. So the second class is called BlRoleProvider that has identical properties and parameters as the roleprovide but does not implement RoleProvider. I changed the web.config to point to this class like this: <roleManager enabled="true" defaultProvider="BlRoleProvider"> <providers> <add name="UcfCstRoleProvider" type="Ucf.Security.Wcf.WebTests.BlRoleProvider, Ucf.Security.Wcf.WebTests" connectionStringName="SqlRoleManagerConnection" applicationName="SMTP" /> </providers> </roleManager> But I get this error. "Provider must implement the class 'System.Web.Security.RoleProvider'." I hope I have explained well enough to show what I am trying to do. If I can get the roleprovider to work through another class in the same application, I am sure it will work through the WCF service but how do I get past this error? Or maybe I took a wrong turn and there is a better way to do what I want to do??

    Read the article

  • Configure Forms based authentication in SharePoint 2010

    - by sreejukg
      Configuring form authentication is a straight forward task in SharePoint. Mostly public facing websites built on SharePoint requires form based authentication. Recently, one of the WCM implementation where I was included in the project team required registration system. Any internet user can register to the site and the site offering them some membership specific functionalities once the user logged in. Since the registration open for all, I don’t want to store all those users in Active Directory. I have decided to use Forms based authentication for those users. This is a typical scenario of form authentication in SharePoint implementation. To implement form authentication you require the following A data store where you are storing the users – technically this can be active directory, SQL server database, LDAP etc. Form authentication will redirect the user to the login page, if the request is not authenticated. In the login page, there will be controls that validate the user inputs against the configured data store. In this article, I am going to use SQL server database with ASP.Net membership API’s to configure form based authentication in SharePoint 2010. This article assumes that you have SQL membership database available. I already configured the membership and roles database using aspnet_regsql command. If you want to know how to configure membership database using aspnet_regsql command, read the below blog post. http://weblogs.asp.net/sreejukg/archive/2011/06/16/usage-of-aspnet-regsql-exe-in-asp-net-4.aspx The snapshot of the database after implementing membership and role manager is as follows. I have used the database name “aspnetdb_claim”. Make sure you have created the database and make sure your database contains tables and stored procedures for membership. Create a web application with claims based authentication. This article assumes you already created a web application using claims based authentication. If you want to enable forms based authentication in SharePoint 2010, you must enable claims based authentication. Read this post for creating a web application using claims based authentication. http://weblogs.asp.net/sreejukg/archive/2011/06/15/create-a-web-application-in-sharepoint-2010-using-claims-based-authentication.aspx  You make sure, you have selected enable form authentication, and then selected Membership provider and Role manager name. To make sure you are done with the configuration, navigate to central administration website, from central administration, navigate to the Web Applications page, select the web application and click on icon, you will see the authentication providers for the current web application. Go to the section Claims authentication types, and make sure you have enabled forms based authentication. As mentioned in the snapshot, I have named the membership provider as SPFormAuthMembership and role manager as SPFormAuthRoleManager. You can choose your own names as you need. Modify the configuration files(Web.Config) to enable form authentication There are three applications that needs to be configured to support form authentication. The following are those applications. Central Administration If you want to assign permissions to web application using the credentials from form authentication, you need to update Central Administration configuration. If you do not want to access form authentication credentials from Central Administration, just leave this step.  STS service application Security Token service is the service application that issues security token when users are logging in. You need to modify the configuration of STS application to make sure users are able to login. To find the STS application, follow the following steps Go to the IIS Manager Expand the sites Node, you will see SharePoint Web Services Expand SharePoint Web Services, you can see SecurityTokenServiceApplication Right click SecuritytokenServiceApplication and click explore, it will open the corresponding file system. By default, the path for STS is C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebServices\SecurityToken You need to modify the configuration file available in the mentioned location. The web application that needs to be enabled with form authentication. You need to modify the configuration of your web application to make sure your web application identifies users from the form authentication.   Based on the above, I am going to modify the web configuration. At end of each step, I have mentioned the expected output. I recommend you to go step by step and after each step, make sure the configuration changes are working as expected. If you do everything all together, and test your application at the end, you may face difficulties in troubleshooting the configuration errors. Modifications for Central Administration Web.Config Open the web.config for the Central administration in a text editor. I always prefer Visual Studio, for editing web.config. In most cases, the path of the web.config for the central administration website is as follows C:\inetpub\wwwroot\wss\VirtualDirectories\<port number> Make sure you keep a backup copy of the web.config, before editing it. Let me summarize what we are going to do with Central Administration web.config. First I am going to add a connection string that points to the form authentication database, that I created as mentioned in previous steps. Then I need to add a membership provider and a role manager with the corresponding connectionstring. Then I need to update the peoplepickerwildcards section to make sure the users are appearing in search results. By default there is no connection string available in the web.config of Central Administration. Add a connection string just after the configsections element. The below is the connection string I have used all over the article. <add name="FormAuthConnString" connectionString="Initial Catalog=yourdatabasename;data source=databaseservername;Integrated Security=SSPI;" /> Once you added the connection string, the web.config look similar to Now add membership provider to the code. In web.config for CA, there will be <membership> tag, search for it. You will find membership and role manager under the <system.web> element. Under the membership providers section add the below code… <add name="SPFormAuthMembership" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" applicationName="FormAuthApplication" connectionStringName="FormAuthConnString" /> After adding memberhip element, see the snapshot of the web.config. Now you need to add role manager element to the web.config. Insider providers element under rolemanager, add the below code. <add name="SPFormAuthRoleManager" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" applicationName="FormAuthApplication" connectionStringName="FormAuthConnString" /> After adding, your role manager will look similar to the following. As a last step, you need to update the people picker wildcard element in web.config, so that the users from your membership provider are available for browsing in Central Administration. Search for PeoplePickerWildcards in the web.config, add the following inside the <PeoplePickerWildcards> tag. <add key="SPFormAuthMembership" value="%" /> After adding this element, your web.config will look like After completing these steps, you can browse the users available in the SQL server database from central administration website. Go to the site collection administrator’s page from central administration. Select the site collection you have created for form authentication. Click on the people picker icon, choose Forms Auth and click on the search icon, you will see the users listed from the SQL server database. Once you complete these steps, make sure the users are available for browsing from central administration website. If you are unable to find the users, there must be some errors in the configuration, check windows event logs to find related errors and fix them. Change the web.config for STS application Open the web.config for STS application in text editor. By default, STS web.config does not have system.Web or connectionstrings section. Just after the System.Webserver element, add the following code. <connectionStrings> <add name="FormAuthConnString" connectionString="Initial Catalog=aspnetdb_claim;data source=sp2010_db;Integrated Security=SSPI;" /> </connectionStrings> <system.web> <roleManager enabled="true" cacheRolesInCookie="false" cookieName=".ASPXROLES" cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All" createPersistentCookie="false" maxCachedResults="25"> <providers> <add name="SPFormAuthRoleManager" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" applicationName="FormAuthApplication" connectionStringName="FormAuthConnString" /> </providers> </roleManager> <membership userIsOnlineTimeWindow="15" hashAlgorithmType=""> <providers> <add name="SPFormAuthMembership" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" applicationName="FormAuthApplication" connectionStringName="FormAuthConnString" /> </providers> </membership> </system.web> See the snapshot of the web.config after adding the required elements. After adding this, you should be able to login using the credentials from SQL server. Try assigning a user as primary/secondary administrator for your site collection from Central Administration and login to your site using form authentication. If you made everything correct, you should be able to login. This means you have successfully completed configuration of STS Configuration of Web Application for Form Authentication As a last step, you need to modify the web.config of the form authentication web application. Once you have done this, you should be able to grant permissions to users stored in the membership database. Open the Web.config of the web application you created for form authentication. You can find the web.config for the application under the path C:\inetpub\wwwroot\wss\VirtualDirectories\<port number> Basically you need to add connection string, membership provider, role manager and update the people picker wild card configuration. Add the connection string (same as the one you added to the web.config in Central Administration). See the screenshot after the connection string has added. Search for <membership> in the web.config, you will find this inside system.web element. There will be other providers already available there. You add your form authentication membership provider (similar to the one added to Central Administration web.config) to the provider element under membership. Find the snapshot of membership configuration as follows. Search for <roleManager> element in web.config, add the new provider name under providers section of the roleManager element. See the snapshot of web.config after new provider added. Now you need to configure the peoplepickerwildcard configuration in web.config. As I specified earlier, this is to make sure, you can locate the users by entering a part of their username. Add the following line under the <PeoplePickerWildcards> element in web.config. See the screenshot of the peoplePickerWildcards element after the element has been added. Now you have completed all the setup for form authentication. Navigate to the web application. From the site actions -> site settings -> go to peope and groups Click on new -> add users, it will popup the people picker dialog. Click on the icon, select Form Auth, enter a username in the search textbox, and click on search icon. See the screenshot of admin search when I tried searching the users If it displays the user, it means you are done with the configuration. If you add users to the form authentication database, the users will be able to access SharePoint portal as normal.

    Read the article

  • Finding the groups of a user in WLS with OPSS

    - by user12587121
    How to find the group memberships for a user from a web application running in Weblogic server ?  This is useful for building up the profile of the user for security purposes for example. WLS as a container offers an identity store service which applications can access to query and manage identities known to the container.  This article for example shows how to recover the groups of the current user, but how can we find the same information for an arbitrary user ? It is the Oracle Platform for Securtiy Services (OPSS) that looks after the identity store in WLS and so it is in the OPSS APIs that we can find the way to recover this information. This is explained in the following documents.  Starting from the FMW 11.1.1.5 book list, with the Security Overview document we can see how WLS uses OPSS: Proceeding to the more detailed Application Security document, we find this list of useful references for security in FMW. We can follow on into the User/Role API javadoc. The Application Security document explains how to ensure that the identity store is configured appropriately to allow the OPSS APIs to work.  We must verify that the jps-config.xml file where the application  is deployed has it's identity store configured--look for the following elements in that file: <serviceProvider type="IDENTITY_STORE" name="idstore.ldap.provider" class="oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider">             <description>LDAP-based IdentityStore Provider</description>  </serviceProvider> <serviceInstance name="idstore.ldap" provider="idstore.ldap.provider">             <property name="idstore.config.provider" value="oracle.security.jps.wls.internal.idstore.WlsLdapIdStoreConfigProvider"/>             <property name="CONNECTION_POOL_CLASS" value="oracle.security.idm.providers.stdldap.JNDIPool"/></serviceInstance> <serviceInstanceRef ref="idstore.ldap"/> The document contains a code sample for using the identity store here. Once we have the identity store reference we can recover the user's group memberships using the RoleManager interface:             RoleManager roleManager = idStore.getRoleManager();            SearchResponse grantedRoles = null;            try{                System.out.println("Retrieving granted WLS roles for user " + userPrincipal.getName());                grantedRoles = roleManager.getGrantedRoles(userPrincipal, false);                while( grantedRoles.hasNext()){                      Identity id = grantedRoles.next();                      System.out.println("  disp name=" + id.getDisplayName() +                                  " Name=" + id.getName() +                                  " Principal=" + id.getPrincipal() +                                  "Unique Name=" + id.getUniqueName());                     // Here, we must use WLSGroupImpl() to build the Principal otherwise                     // OES does not recognize it.                      retSubject.getPrincipals().add(new WLSGroupImpl(id.getPrincipal().getName()));                 }            }catch(Exception ex) {                System.out.println("Error getting roles for user " + ex.getMessage());                ex.printStackTrace();            }        }catch(Exception ex) {            System.out.println("OESGateway: Got exception instantiating idstore reference");        } This small JDeveloper project has a simple servlet that executes a request for the user weblogic's roles on executing a get on the default URL.  The full code to recover a user's goups is in the getSubjectWithRoles() method in the project.

    Read the article

  • ASP.NET MVC Custom Role Provider/RolePrincipal

    - by Keith K
    My asp.net MVC application is not caching roles instead it round tripping to the database every request. Also when I attempted to view the cookie I noticed it had not been written to the browser. Web.config: <roleManager defaultProvider="CustomRole" enabled="true" cacheRolesInCookie="true" cookiePath="/" cookieName="CustomRole" maxCachedResults="25" cookieSlidingExpiration="true" cookieProtection="All" cookieRequireSSL="false" createPersistentCookie="false"> <providers> <clear/> <add name="CustomRole" type="Membership.CustomRole, Membership" connectionString="MemberDB" applicationName="/"/> </providers> </roleManager>

    Read the article

  • ASP.NET Web Forms Extensibility: Providers

    - by Ricardo Peres
    Introduction This will be the first of a number of posts on ASP.NET extensibility. At this moment I don’t know exactly how many will be and I only know a couple of subjects that I want to talk about, so more will come in the next days. I have the sensation that the providers offered by ASP.NET are not widely know, although everyone uses, for example, sessions, they may not be aware of the extensibility points that Microsoft included. This post won’t go into details of how to configure and extend each of the providers, but will hopefully give some pointers on that direction. Canonical These are the most widely known and used providers, coming from ASP.NET 1, chances are, you have used them already. Good support for invoking client side, either from a .NET application or from JavaScript. Lots of server-side controls use them, such as the Login control for example. Membership The Membership provider is responsible for managing registered users, including creating new ones, authenticating them, changing passwords, etc. ASP.NET comes with two implementations, one that uses a SQL Server database and another that uses the Active Directory. The base class is Membership and new providers are registered on the membership section on the Web.config file, as well as parameters for specifying minimum password lengths, complexities, maximum age, etc. One reason for creating a custom provider would be, for example, storing membership information in a different database engine. 1: <membership defaultProvider="MyProvider"> 2: <providers> 3: <add name="MyProvider" type="MyClass, MyAssembly"/> 4: </providers> 5: </membership> Role The Role provider assigns roles to authenticated users. The base class is Role and there are three out of the box implementations: XML-based, SQL Server and Windows-based. Also registered on Web.config through the roleManager section, where you can also say if your roles should be cached on a cookie. If you want your roles to come from a different place, implement a custom provider. 1: <roleManager defaultProvider="MyProvider"> 2: <providers> 3: <add name="MyProvider" type="MyClass, MyAssembly" /> 4: </providers> 5: </roleManager> Profile The Profile provider allows defining a set of properties that will be tied and made available to authenticated or even anonymous ones, which must be tracked by using anonymous authentication. The base class is Profile and the only included implementation stores these settings in a SQL Server database. Configured through profile section, where you also specify the properties to make available, a custom provider would allow storing these properties in different locations. 1: <profile defaultProvider="MyProvider"> 2: <providers> 3: <add name="MyProvider" type="MyClass, MyAssembly"/> 4: </providers> 5: </profile> Basic OK, I didn’t know what to call these, so Basic is probably as good as a name as anything else. Not supported client-side (doesn’t even make sense). Session The Session provider allows storing data tied to the current “session”, which is normally created when a user first accesses the site, even when it is not yet authenticated, and remains all the way. The base class and only included implementation is SessionStateStoreProviderBase and it is capable of storing data in one of three locations: In the process memory (default, not suitable for web farms or increased reliability); A SQL Server database (best for reliability and clustering); The ASP.NET State Service, which is a Windows Service that is installed with the .NET Framework (ok for clustering). The configuration is made through the sessionState section. By adding a custom Session provider, you can store the data in different locations – think for example of a distributed cache. 1: <sessionState customProvider=”MyProvider”> 2: <providers> 3: <add name=”MyProvider” type=”MyClass, MyAssembly” /> 4: </providers> 5: </sessionState> Resource A not so known provider, allows you to change the origin of localized resource elements. By default, these come from RESX files and are used whenever you use the Resources expression builder or the GetGlobalResourceObject and GetLocalResourceObject methods, but if you implement a custom provider, you can have these elements come from some place else, such as a database. The base class is ResourceProviderFactory and there’s only one internal implementation which uses these RESX files. Configuration is through the globalization section. 1: <globalization resourceProviderFactoryType="MyClass, MyAssembly" /> Health Monitoring Health Monitoring is also probably not so well known, and actually not a good name for it. First, in order to understand what it does, you have to know that ASP.NET fires “events” at specific times and when specific things happen, such as when logging in, an exception is raised. These are not user interface events and you can create your own and fire them, nothing will happen, but the Health Monitoring provider will detect it. You can configure it to do things when certain conditions are met, such as a number of events being fired in a certain amount of time. You define these rules and route them to a specific provider, which must inherit from WebEventProvider. Out of the box implementations include sending mails, logging to a SQL Server database, writing to the Windows Event Log, Windows Management Instrumentation, the IIS 7 Trace infrastructure or the debugger Trace. Its configuration is achieved by the healthMonitoring section and a reason for implementing a custom provider would be, for example, locking down a web application in the event of a significant number of failed login attempts occurring in a small period of time. 1: <healthMonitoring> 2: <providers> 3: <add name="MyProvider" type="MyClass, MyAssembly"/> 4: </providers> 5: </healthMonitoring> Sitemap The Sitemap provider allows defining the site’s navigation structure and associated required permissions for each node, in a tree-like fashion. Usually this is statically defined, and the included provider allows it, by supplying this structure in a Web.sitemap XML file. The base class is SiteMapProvider and you can extend it in order to supply you own source for the site’s structure, which may even be dynamic. Its configuration must be done through the siteMap section. 1: <siteMap defaultProvider="MyProvider"> 2: <providers><add name="MyProvider" type="MyClass, MyAssembly" /> 3: </providers> 4: </siteMap> Web Part Personalization Web Parts are better known by SharePoint users, but since ASP.NET 2.0 they are included in the core Framework. Web Parts are server-side controls that offer certain possibilities of configuration by clients visiting the page where they are located. The infrastructure handles this configuration per user or globally for all users and this provider is responsible for just that. The base class is PersonalizationProvider and the only included implementation stores settings on SQL Server. Add new providers through the personalization section. 1: <webParts> 2: <personalization defaultProvider="MyProvider"> 3: <providers> 4: <add name="MyProvider" type="MyClass, MyAssembly"/> 5: </providers> 6: </personalization> 7: </webParts> Build The Build provider is responsible for compiling whatever files are present on your web folder. There’s a base class, BuildProvider, and, as can be expected, internal implementations for building pages (ASPX), master pages (Master), user web controls (ASCX), handlers (ASHX), themes (Skin), XML Schemas (XSD), web services (ASMX, SVC), resources (RESX), browser capabilities files (Browser) and so on. You would write a build provider if you wanted to generate code from any kind of non-code file so that you have strong typing at development time. Configuration goes on the buildProviders section and it is per extension. 1: <buildProviders> 2: <add extension=".ext" type="MyClass, MyAssembly” /> 3: </buildProviders> New in ASP.NET 4 Not exactly new since they exist since 2010, but in ASP.NET terms, still new. Output Cache The Output Cache for ASPX pages and ASCX user controls is now extensible, through the Output Cache provider, which means you can implement a custom mechanism for storing and retrieving cached data, for example, in a distributed fashion. The base class is OutputCacheProvider and the only implementation is private. Configuration goes on the outputCache section and on each page and web user control you can choose the provider you want to use. 1: <caching> 2: <outputCache defaultProvider="MyProvider"> 3: <providers> 4: <add name="MyProvider" type="MyClass, MyAssembly"/> 5: </providers> 6: </outputCache> 7: </caching> Request Validation A big change introduced in ASP.NET 4 (and refined in 4.5, by the way) is the introduction of extensible request validation, by means of a Request Validation provider. This means we are not limited to either enabling or disabling event validation for all pages or for a specific page, but we now have fine control over each of the elements of the request, including cookies, headers, query string and form values. The base provider class is RequestValidator and the configuration goes on the httpRuntime section. 1: <httpRuntime requestValidationType="MyClass, MyAssembly" /> Browser Capabilities The Browser Capabilities provider is new in ASP.NET 4, although the concept exists from ASP.NET 2. The idea is to map a browser brand and version to its supported capabilities, such as JavaScript version, Flash support, ActiveX support, and so on. Previously, this was all hardcoded in .Browser files located in %WINDIR%\Microsoft.NET\Framework(64)\vXXXXX\Config\Browsers, but now you can have a class inherit from HttpCapabilitiesProvider and implement your own mechanism. Register in on the browserCaps section. 1: <browserCaps provider="MyClass, MyAssembly" /> Encoder The Encoder provider is responsible for encoding every string that is sent to the browser on a page or header. This includes for example converting special characters for their standard codes and is implemented by the base class HttpEncoder. Another implementation takes care of Anti Cross Site Scripting (XSS) attacks. Build your own by inheriting from one of these classes if you want to add some additional processing to these strings. The configuration will go on the httpRuntime section. 1: <httpRuntime encoderType="MyClass, MyAssembly" /> Conclusion That’s about it for ASP.NET providers. It was by no means a thorough description, but I hope I managed to raise your interest on this subject. There are lots of pointers on the Internet, so I only included direct references to the Framework classes and configuration sections. Stay tuned for more extensibility!

    Read the article

  • Silverlight Cream for March 31, 2010 -- #826

    - by Dave Campbell
    In this Issue: Andrea Boschin, Radenko Zec, Andrej Tozon, Bobby Diaz, Brad Abrams, Wolf Schmidt, Colin Eberhardt, Anand Iyer, Matthias Shapiro, Jaime Rodriguez, Bill Reiss, and Lee. Shoutouts: Cigdem has a post up about here MIX10 Interviewing experiences: MIX10 SilverlightShow Interviews Ian T. Lackey has his material up from his talk Silverlight SEO at the St. Louis .Net Users Group Not Silverlight but definitely WP7 cool, Michael Klucher reports that there are New Windows Phone Samples on Creators Club Online Tim Heuer posted a survey: What tools are the minimum to get started in Silverlight? From SilverlightCream.com: A RoleManager to apply roles declaratively to user interface Andrea Boschin also has a new post at SilverlightShow discussing the use of a RoleManager in WCF RIA Services to apply user roles to elements of the UI... good stuff, Andrea. Virtualization in Silverlight 4 RC Radenko Zec has a post out at SilverlightShow where he explains UI and Data Virtualization then gives some examples of their use in Silverlight 4RC, and some issues as well. MS Word Mail Merge with Silverlight 4 COM Automation Andrej Tozon has a post up at SilverlightShow that I missed in the rush of MIX10. He's doing MailMerge with COM automation and Silverlight 4... actually prett cool stuff and all the source! KISS and Tell - MVVM and the ViewModelLocator Bobby Diaz is blogging about a very popular subject right now: ViewModelLocator. He's not showing production code, but it's a thought... check it out. Silverlight 4 + RIA Services - Ready for Business: Validating Data I'm running behind, but Brad Abrams' next post in his series is about validating data in the business application. He also discusses setting up shared code validation. A One-stop Shopping XAML Namespace for Silverlight Client SDK Controls Wolf Schmidt at the Silverlight SDK has a post up highlighting the SL4 XAML namespace prefix. He starts with SL3 then demonstrates the feature's use in SL4. Binding a Silverlight 3 DataGrid to dynamic data via IDictionary (Updated) Colin Eberhardt has an update to his previous article of the same title. This one is a bug fix on an upgrade to SL3 and also an expansion of the previous post. Demo Apps from MIX10 on Windows Phone 7 Anand Iyer posted links to all the WP7 demos used at MIX10 and at least in the case of FourSquare, the source is on CodePlex. XAML Files for Location Visualizations in Silverlight and WPF Matthias Shapiro has graciously provided XAML for us for Silverlight and WPF for a bunch of different US maps... too cool, now we don't have to be asking 'where did you get that map?'... thanks Matthias! Theming in Windows Phone Jaime Rodriguez has a post up that deep-dives theming in general and demonstrates using it on WP7... end-user configurations and developer stuff. Space Rocks game step 7: Moving the ship It appears that in the heat of battle (blogging) I said Bill Reiss' Space Rocks game he's building is for WP7... obviously it's not, but it's a game folks... :) THis is Episode 7 and he's moving the ship now. SL4(RC) RichTextBox and Access Violation Lee has some code that looks like it should work for a RichTextBox in SL4RC, and it's throwing an error... see if you have a solution for him... or is it a bug? Stay in the 'Light! Twitter SilverlightNews | Twitter WynApse | WynApse.com | Tagged Posts | SilverlightCream Join me @ SilverlightCream | Phoenix Silverlight User Group Technorati Tags: Silverlight    Silverlight 3    Silverlight 4    Windows Phone MIX10

    Read the article

  • ASP.NET Web Site Administration Tool unkown Error ASP.NET 4 VS 2010

    - by Gabriel Guimarães
    I was following the MVCMusic tutorial with an machine with full sql server 2008 r2 and full visual studio professional and when I got to the page where it sets up membership (near page 66) the Web administration tool wont work, i got the following error: An error was encountered. Please return to the previous page and try again. my web config is like this: <connectionStrings> <clear /> <add name="MvcMusicStoreCN" connectionString="Data Source=.;Initial Catalog=MvcMusicStore;Integrated Security=True" providerName="System.Data.SqlClient" /> <add name="MvcMusicStoreEntities" connectionString="metadata=res://*/Models.Store.csdl|res://*/Models.Store.ssdl|res://*/Models.Store.msl;provider=System.Data.SqlClient;provider connection string=&quot;Data Source=.;Initial Catalog=MvcMusicStore;Integrated Security=True;MultipleActiveResultSets=True&quot;" providerName="System.Data.EntityClient" /> </connectionStrings> <system.web> <membership defaultProvider="AspNetSqlMembershipProvider"> <providers> <clear /> <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="MvcMusicStoreCN" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" passwordFormat="Hashed" /> </providers> </membership> <profile> <providers> <clear /> <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="MvcMusicStoreCN" applicationName="/" /> </providers> </profile> <roleManager enabled="true" defaultProvider="MvcMusicStoreCN"> <providers> <clear /> <add connectionStringName="MvcMusicStoreCN" applicationName="/" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" /> <add applicationName="/" name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" /> </providers> </roleManager> </system.web>

    Read the article

  • asp.net mvc custom membership provider - define application

    - by ile
    I created custom membership provider for asp.net mvc applications and it all works fine except one thing: when logged in to my application, I am also logged in to all other asp.net mvc applications that I run using Visual Studio. I suppose this data is being pulled from cache because when I logout and try to login again in other application, I'm being rejected. In webconfig, I added applicationName in order to solve this but it didn't work: <membership defaultProvider="SAMembershipProvider" userIsOnlineTimeWindow="15"> <providers> <clear/> <add name="SAMembershipProvider" type="ShinyAnt.Membership.SAMembershipProvider, ShinyAnt" connectionStringName ="ShinyAntConnectionString" applicationName="MyApp" /> </providers> </membership> <roleManager defaultProvider="SARoleProvider" enabled="true" cacheRolesInCookie="true"> <providers> <clear/> <add name="SARoleProvider" type="ShinyAnt.Membership.SARoleProvider" connectionStringName ="ShinyAntConnectionString" applicationName="MyApp" /> </providers> </roleManager> Is there any method that I forgot to implement that is dealing with this problem or it is something else?

    Read the article

  • Unable to initialize provider. Missing or incorrect schema. for MySql.Web connector

    - by Jreeter
    Hey guys and gals running into a little issue here.. I'm trying to use MySql Connector 6.2.2.0 for membership and role providers.. The issue I'm having is: Unable to initialize provider. Missing or incorrect schema. <authentication mode="Forms"/> <roleManager defaultProvider="MySqlRoleProvider" enabled="true" cacheRolesInCookie="true" cookieName=".ASPROLES" cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All" > <providers> <clear /> <add name="MySqlRoleProvider" type="MySql.Web.Security.MySQLRoleProvider, MySql.Web, Version=6.2.2.0,Culture=neutral, PublicKeyToken=c5687fc88969c44d" connectionStringName="mySQL" applicationName="capcafe" writeExceptionsToEventLog="true" /> </providers> </roleManager> <membership defaultProvider="MySqlMembershipProvider"> <providers> <add connectionStringName="mySQL" applicationName="capcafe" minRequiredPasswordLength="5" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" minRequiredNonalphanumericCharacters="0" name="MySqlMembershipProvider" type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=6.2.2.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" /> </providers> </membership> Here is the line it doesn't seem to like: Line 57: type="MySql.Web.Security.MySQLRoleProvider, MySql.Web, Version=6.2.2.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" I have both MySql.Web and MySql.Data referenced and in my bin! Any help resolving this issue will be very much appreciated

    Read the article

  • SiteMap control based on user roles doesn't works

    - by nCdy
    <siteMapNode roles="*"> <siteMapNode url="~/Default.aspx" title=" Main" description="Main" roles="*"/> <siteMapNode url="~/Items.aspx" title=" Adv" description="Adv" roles="Administrator"/> .... any user can see Adv page. That is a trouble and a qustion : why and how to hide out of role sitenodes. but if I do HttpContext.Current.User.IsInRole("Administrator") it shows me if user in Administrator role or not. web config : <authentication mode="Forms"/> <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="20"> <providers> <add connectionStringName="FlowWebSQL" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" passwordFormat="Hashed" applicationName="/" name="SqlProvider" type="System.Web.Security.SqlMembershipProvider"/> </providers> </membership> <roleManager enabled="true" defaultProvider="SqlProvider"> <providers> <add connectionStringName="FlowWebSQL" name="SqlProvider" type="System.Web.Security.SqlRoleProvider" /> </providers> </roleManager>

    Read the article

  • Authentification-None for one folder(page) when the project is under FormsAuthentifications

    - by Sirius Lampochkin
    I have a WebApplication on asp.net 2.0 with namespace Admin. I have Form Authentification mode for the project. <authentication mode="Forms"> <forms name="ASP_XML_Form" loginUrl="Login.aspx" protection="All" timeout="30" path="/" requireSSL="false" slidingExpiration="true" cookieless="AutoDetect"> </forms> </authentication> Now, I try to share one folder (one inside page) for not Authentificatied users: <location path="Recovery"> <system.web> <roleManager enabled="false" > </roleManager> <authentication mode="None"> </authentication> <authorization> <allow users="*" /> </authorization> <httpHandlers> <remove verb="GET" path="image.aspx" /> <remove verb="GET" path="css.aspx" /> </httpHandlers> </system.web> </location> But when I create the page inside the shared folder, it can't get access to the assembly. And I see the error like this: Could not load file or assembly 'Admin' or one of its dependencies. The system cannot find the file specified. It also shows me the error: ASP.NET runtime error: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS. Does anybody know how to share (Authentification None) one folder(page) when the project is under FormsAuthentifications?

    Read the article

  • Asp.net Web Site Administration Tool with SqlCeMembership

    - by Riderman de Sousa Barbosa
    I am developing an application in MVC 3. I installed this provider via Nuget . Basically, it allows to use any part of memberships, rules and profiles with a .sdf (compact) database. I need the "Web Site Administration Tool" use this provider. But I can not use it. Already checked the web.config and everything is ok. When I open the "Web Site Administration Tool" on the Security I click test (any provider) and the error happens. The following images. Error when clicking test "Could not establish a connection to the database. If you have not yet created the SQL Server database, exit the Web Site Administration tool, use the aspnet_regsql command-line utility to create and configure the database, and then return to this tool to set the provider." Here part of my web.config <authentication mode="Forms" /> <membership> <providers> <add connectionStringName="SqlCeServices" applicationName="/" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Hashed" writeExceptionsToEventLog="false" name="SqlCeMembershipProvider" type="ErikEJ.SqlCeMembershipProvider, ErikEJ.SqlCeMembership" /> </providers> </membership> <profile enabled="false"> <providers> <clear /> <add name="SqlCeProfileProvider" type="ErikEJ.SqlCeProfileProvider" connectionStringName="SqlCeServices" applicationName="/" /> </providers> </profile> <roleManager> <providers> <add connectionStringName="SqlCeServices" applicationName="/" writeExceptionsToEventLog="false" name="SqlCeRoleProvider" type="ErikEJ.SqlCeRoleProvider, ErikEJ.SqlCeMembership" /> </providers> </roleManager> <connectionStrings> <add name="SqlCeServices" connectionString="data source=|DataDirectory|\SqlCeAspnetdb.sdf" /> </connectionStrings>

    Read the article

  • Converted PowerBuilder to ASP.Net browsing Errors

    - by user493325
    I had a powerbuilder application which i converted to web application in the format of ASP.Net (aspx) files. after deploying and publishing the converted web application (copy it and add ASP.Net and network Service AND IUser permissions to enable users to access it) in IIS V6.0 over Windows server 2003 and The ASP.Net version is 2.0 The error messages I get when I browse default.aspx web page are as the following:- Server Error in '/' Application. Runtime Error Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off". <!-- Web.Config Configuration File --> <configuration> <system.web> <customErrors mode="Off"/> </system.web> </configuration> Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL. <!-- Web.Config Configuration File --> <configuration> <system.web> <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/> </system.web> </configuration> Another error message appears on the server is:- Server Error in '/' Application. Configuration Error <roleManager enabled="true"> <membership> </roleManager> Thanks in Advance...

    Read the article

  • LoginControl not working correctly with Firefox, requires double login attempt.

    - by CmdrTallen
    Any idea why LoginControl requires users authenticate twice with FireFox but works correctly (once) with IE? I am using a custom MembershipProvider and RoleProvider, if that matters. Authentication portion of my web.config; <authentication mode="Forms"> <forms timeout="50000000" protection="All" requireSSL="false" slidingExpiration="true" cookieless="AutoDetect" domain="" enableCrossAppRedirects="true"> <credentials passwordFormat="SHA1" /> </forms> </authentication> Membership section; <membership defaultProvider="CustomMembershipProvider"> <providers> <add name="CustomMembershipProvider" type="CustomCrateMembershipProvider" connectionString="" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="5" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/> </providers> </membership> <roleManager defaultProvider="CustomRoleProvider" enabled="true"> <providers> <add name="CustomRoleProvider" type="CustomRoleProvider"/> </providers> </roleManager> Only code behind related to login; protected void OnLoggedIn(object sender, EventArgs e) { } protected void OnLoggingOut(object sender, EventArgs e) { }

    Read the article

  • very simple WebForm with masterpage

    - by Ryan
    I use method=get to send my data from one webform to the other. But I don't want to have in the URL querry things like: Search.aspx?_EVENTTARGET=&_EVENTARGUMENT=&_VIEWSTATE=%2FwEPDwUKLTYwODIwNTg5MQ9kFgJmD2QWAgIDDxYCHgZtZXRob2QFA2dldGRkGOirvzjoAxt%2BfOb915%2FpsYZXmAxLZZdpnK6UW7A9%2Fk83D&_PREVIOUSPAGE=cog5Yzt_1GerH9r2ERTIPbLWMCwMFYteZjmDYCbBO3vobCG4C_mWM7GZMNuBesyAjw77cvuNKl_aSUYzeajiW6W0CjI0tLB6ikjcM4t5Kbg1&__EVENTVALIDATION=%2FwEWAgKYsPjPDQKY24%2FQBBH4CPejKl3spy0A%2BtpMxb%2BCGVGJf73dYtmaEnIFF4IR&name=Amy&state=24&ctl00%24MainContent%24submit=Searchbut i only want the name and the state to be in the Get querry like: ?name=Amy&state=24 <configuration> <authentication mode="Forms"> <forms loginUrl="~/Account/Login.aspx" timeout="2880" /> </authentication> <membership> <providers> <clear/> <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" /> </providers> </membership> <profile> <providers> <clear/> <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/> </providers> </profile> <roleManager enabled="false"> <providers> <clear/> <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" /> <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" /> </providers> </roleManager> </system.web> <system.webServer> <modules runAllManagedModulesForAllRequests="true"/> </system.webServer> </configuration>

    Read the article

  • Custom RoleProvider with MVC 2.0 webconfig

    - by Farrell
    I have a custom MembershipProvider and a custom RoleProvider. I created the custom MembershipProvider by creating a SimpleMembershipProvider class which implements the MembershipProvider class. After that I changed my web.config and works. So I used the same approach creating a custom RoleProvider. Nothing special, just creating a SimpleRoleProvider class which implements the RoleProvider class. But then when I changed the web.config file and runs the solution I get the following error message: Web.Config <membership defaultProvider="DashboardMembershipProvider"> <providers> <clear/> <add name="SimpleMembershipProvider" type="Dashboard.Web.Controlling.Account.SimpleMembershipProvider" /> </providers> </membership> <roleManager enabled="true" defaultProvider="DashboardRoleProvider"> <providers> <clear/> <add name="DashboardRoleProvider" type="Dashboard.Web.Controlling.Account.DashboardRoleProvider" /> </providers> </roleManager> Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: No parameterless constructor defined for this object. Source Error Line 78: <add name="SimpleRoleProvider" Line 79: type="Dashboard.Web.Controlling.Account.SimpleRoleProvider" /> So I searched the web. And tried on the type attribute, which generates the following errors: Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: Could not load file or assembly 'Dashboard.Web.Controlling.Account' or one of its dependencies. The system cannot find the file specified. Source Error: Line 78: <add name="SimpleRoleProvider" Line 79: type="Dashboard.Web.Controlling.Account.SimpleRoleProvider,Dashboard.Web.Controlling.Account" /> Any suggestions on how I would be able to get this CustomRoleProvider working? Any help is greatly appreciated!

    Read the article

  • Web.Config issue with Unit Testing

    - by LeeHull
    I am trying to unit test a lot of my MVC controllers, but unfortunately it keeps failing because it needs a lot of settings from the web.config.. Which I copied over but does not read it, what I'm needing is the membership and rolemanager but I can't just add it to the app.config either, which I've been able to get the connection strings and application settings to work with.. Any idea how to get the web.config to work with MSTest?

    Read the article

  • Table prefix for MySqlMembershipProvider

    - by choudeshell
    I have MySqlMembershipProvider working with Asp.Net MVC. My question is how can I configure the table prefix... so instead of 'my_aspnet_' prefix on the tables, I want this to be either none or defined by me. My web.config: <?xml version="1.0"?> <add name="ApplicationServices" connectionString="server=localhost;user id=root;Password=*********;database=sparkSources" providerName="MySql.Data.MySqlClient"/> <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="2880" /> </authentication> <membership defaultProvider="MySqlMembershipProvider"> <providers> <clear/> <add name="MySqlMembershipProvider" type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=6.3.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" autogenerateschema="true" tablePrefix="ss" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" applicationName="sparkSources" /> </providers> </membership> <profile> <providers> <clear/> <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" /> </providers> </profile> <roleManager enabled="false"> <providers> <clear/> <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" /> <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" /> </providers> </roleManager> <pages> <namespaces> <add namespace="System.Web.Mvc" /> <add namespace="System.Web.Mvc.Ajax" /> <add namespace="System.Web.Mvc.Html" /> <add namespace="System.Web.Routing" /> </namespaces> </pages>

    Read the article

  • Forms Authentication works on dev server but not production server (same SQL db)

    - by Desmond
    Hi, I have the same problem as a previously solved question however, this solution did not help me. I have posted the previous question and answer below: http://stackoverflow.com/questions/2215963/forms-authentication-works-on-dev-server-but-not-production-server-same-sql-db/2963985#2963985 Question: I've never had this problem before, I'm at a total loss. I have a SQL Server 2008 database with ASP.NET Forms Authentication, profiles and roles created and is functional on the development workstation. I can login using the created users without problem. I back up the database on the development computer and restore it on the production server. I xcopy the DLLs and ASP.NET files to the server. I make the necessary changes in the web.config, changing the SQL connection strings to point to the production server database and upload it. I've made sure to generate a machine key and it is the same on both the development web.config and the production web.config. And yet, when I try to login on the production server, the same user that I'm able to login successfully with on the development computer, fails on the production server. There is other content in the database, the schema generated by FluentNHibernate. This content is able to be queried successfully on both development and production servers. This is mind boggling, I believe I've verified everything, but obviously it is still not working and I must have missed something. Please, any ideas? Answer: I ran into a problem with similar symptoms at one point by forgetting to set the applicationName attribute in the web.config under the membership providers element. Users are associated to a specific application. Since I didn't set the applicationName, it defaulted to the application path (something like "/MyApplication"). When it was moved to production, the path changed (for example to "/WebSiteFolder/SomeSubFolder /MyApplication"), so the application name defaulted to the new production path and an association could not be made to the original user accounts that were set up in development. Could your issues possibly be the same as mine? I have this already in my web.config but still get the issue. Any ideas? <membership> <providers> <clear/> <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" applicationName="/"/> </providers> </membership> <profile> <providers> <clear/> <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ApplicationServices" applicationName="/"/> </providers> </profile> <roleManager enabled="false"> <providers> <clear/> <add connectionStringName="ApplicationServices" applicationName="/" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/> <add applicationName="/" name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/> </providers> </roleManager> Any help is greatly appriciated.

    Read the article

1 2  | Next Page >