I am new in MVC3. When i create a new default ASP.NET MVC 3 project template.
There is a AccountModels.cs and AccountController.cs C# class that handle data from a ASPNETDB.MDF DB file, there is a connection string (XML) in Web.config file, but i can't understand how it handle those data where is the Query or LINQ, How AccountModels.cs or AccountController.cs file know those DB tables Can anyone make me understand step by step? please someone help me please.
Sorry for my bad English.
It is using Microsoft Membership Provider.
From the doc:
ASP.NET membership gives you a built-in way to validate and store user
credentials. ASP.NET membership therefore helps you manage user
authentication in your Web sites. You can use ASP.NET membership with
ASP.NET forms authentication by using with the ASP.NET login controls
to create a complete system for authenticating users.
Basically it has quick straight forward configuration and creates a couple of tables in your database to keep user data.
It is flexible, but the interfaces are not very well segregated and if you need to extend it or plug your custom logic you may end up defining a tons of method throwing "Not Implemented" exception
Related
I have built a small web application with asp.net core 2.0 MVC. In this web application, I did not implement any authentication methods so far.
Right now I have an MSSQL database running in the background and I can add/view/edit/delete users from the database.
I adapted this tutorial and followed it pretty closely. However I also added some functionality like localization and stuff, and everything is running pretty smoothly.
My next goal is to enable authentication and authorization. The authentication part shall be straightforward. The goal is that the application will be running as an intranet solution. This means the authentication method just shall check if the Windows User is existing in the previously mentioned database. I don't want to create a separate login. However, it might be that there is a Windows user in the active directory, which is not part of the database. This User should just be able to see a default error page.
I made quite a huge research and I also tried a lot of different stuff, however, I do absolutely not find any "database first" tutorial for this part or any other documentation which explains what to do.
I actually "just" want to teach the asp.net core 2.0 identity framework that it shall look into my user-table and check if the current windows user is existent and if not to forward him to the error page.
A second step would be to load all the roles which this user is assigned to from the mapping table.
Any kind of help would be highly appreciated.
Dosc Microsoft has a lot of posts regarding authentication for ASP.NET Core. Here are some of the links to get you started:
ASP.NET Core Authentication
ASP.NET Core Authentication Identity
and a lot more.
In the past, my web applications use a MembershipProvider inherited from ActiveDirectoryMembershipProvider. With OWIN in place in MVC5, I understand we are not supposed to do it the old way.
The problem came when I tried to create a new application. It asks for "On-Premises Authority" and "App ID URI"!
In the past, our custom membership provider just make queries directly from the database. No WS service is in place. Is there a way we can do the same for an MVC5 application?
I am new to .Net and especially new Mvc.
I have a database from a senior in his own project that I must connect using the connection string, which I can connect successfully in web config of traditional web forms.
But now I want to connect that database in Mvc. I dont have local db in my pc but can access it through the id and password in the previous project as mentioned.
So is there any ways to connect and use it in Mvc? I would like to know exactly the source code that i need to put in which part. I am totally new and still blur after reading so many tutorials.
Thanks.
What have you tried? In MVC also there is a connection string. If you want to generate classes from DataBase then you can use EntityFramework. I think only with the tool EntityFramework it can create for you the connectionSttring. Generate Model. I hope it will help you.
I have some controllers that create, edit, and show details in my ASP.NET MVC 4 project. I want to authorize users who are in a SQL Server table. The table of the users is in the same database with the other users that I'm manipulating using my controllers.
I googled it, watched "MVC Forms Authentication with custom database" tutorials. I couldn't find anything to walk me properly.
Could anyone please help?
I found the answer in here.This video shows you how to create MVC custom log in system: youtube.com/watch?v=asKYOwd2p2w
I'm consuming a lot of WCF Services from a Silverlight application in a totally disconnected-way.
I want to ensure that I know the user who is calling every service and I don't know if there is a "standar way".
I've thought of a Login method to get a Token and then pass the username and its token in every call to ensure he/she is logged and has permissions to execute it.
Is there any "almost-done" way with ASP.NET authorization in my own SQL Server? Or I can only use its tables but I'll have to do it "manually"???
Thanks in advance!!!
It sounds like using ASP.NET Membership might be a good fit for you. There's two approaches you an use with this. The first is to use the default membership tables as generated by aspnet_regiis. This option has the advantage of being basically done for you. In this case, all you'd need to do is run the aspnet_regiis tool, then add the necessary portions to the Web.config for your WCF service as described here. Then, when calling the service you need to set credentials for your binding as described here - specifically the portion about setting ClientCredential for your binding when consuming the service.
The other option is to write your own custom membership provider as described here. This allows you to do whatever you want behind the scenes in terms of storing and managing your users, rather than using the pre-built ASP.NET mechanisms. This is a good approach if you're mating with an existing user base or want to have more control over how things are implemented.
Also, keep in mind that ASP.NET Membership isn't your only option for securing your WCF service. Spend some time reading up on your options, which include:
Windows Authentication and Windows Authorization via transport level security on basicHttpBinding
Windows Authentication and Windows Authorization via message level security on wsHttpBinding
UsernamePasswordToken Authentication with ASP.NET Membership and ASP.NET Role Authorization via message level security on wsHttpBinding
UsernamePasswordToken Authentication with custom validator via message level security on wsHttpBinding
Authorization using a custom Authorization Policy
Impersonation using Windows credentials
That list comes from this blog post, which is a good place for you to start exploring your options. Reading up on them will give you the opportunity to learn the strengths, weaknesses, and features of each so that you can choose the one that best suits your purposes. You can also begin with the MSDN articles on WCF security here.
In summary, yes there is an "almost-done" way to do it with ASP.NET Membership, and it shouldn't be too hard to implement, but take some time to explore your other options as well before just diving in with one, because they all have trade-offs and you don't want to have to re-implement it in the future if you decide the approach you chose is a bad fit.
One way to do this is if you can impersonate all users for that You need to add following in your service behaviour
<serviceAuthorization impersonateCallerForAllOperations="true" />
more details here http://msdn.microsoft.com/en-us/library/ms731090.aspx
and if you want to know the user then inside your service methods you can use
System.Threading.Thread.CurrentPrincipal.Identity.Name
to find the user name who is using your services
Edit:
You can use membership api details here
http://msdn.microsoft.com/en-us/library/ms731049.aspx
http://blogs.msdn.com/b/pedram/archive/2007/10/05/wcf-authentication-custom-username-and-password-validator.aspx
http://social.msdn.microsoft.com/forums/en-US/asmxandxml/thread/8a679fb2-e67e-44a9-b491-eb95d5144068