I have a webapi 2.0 that implements bearer token.
In this moment I have two user tables that are not related AspNetUsers and anUser ( my custom table ).
I need to reference the two tables with the idUser field present in anUser table.
I know that I have to customize IdentityUser implementing ApplicationUser but in my solution this ApplicationUser is not present so I don't know how to start to customize It.
What I need to do is reference the two tables and return the information from anUser Table each time the user to the login and the token is sent...
What are the steps that I have to do ?
And how to check wich version of Identity thw webapi is implementing?
Thanks
I found all the answer in this post:
http://bitoftech.net/2015/01/21/asp-net-identity-2-with-asp-net-web-api-2-accounts-management/
Ciao
Related
We use the IdentityServer3 as our central authentication provider. Now I have a general question about the IdenityServer in an enterprise environment. I try to explain it with the following example:
If a user was successfully authenticated, he get a token from the provider. The token includes the unique ID of the user.
The authenticated user send a request to a WebApi, to create a new item (e.g a new product).
The WebApi extract the unique ID from the token and creates the new product in the database. Additionally the new product was linked with the unique user ID (e.g as creationUserId).
An other user send a request to the WebApi to get all available products.
The WebApi create a database query to retrieve all products. Additionally the WebApi wants to convert the creationUserId of each product to the correlating username. But that is not possible, because username is stored in the identity database which is an other database one than the application database (e.g for the products). Are there some best practices to solve this requirement?
Many thanks for your help!
Regards
Thank you for your answers. I see only one way to realize my requirements:
--> I store the username with the userId in the application database, because a API for translating is to slow.
I have question:
It is possible to customize query at authentication provider using jdbc-user-service ?
For example:
i have an application where users chose there roles when they insert there logins and passwords, so i want to create a query like this:
select login,password, enabled from xxxx where username=?
and after this query i want to attribute to this person (returned by this query),if exists, a role which is xxxx. I should also pass the role selected to this query.
xxxx is the role which is selected by user at first
I hope that you understand me and sorry if it is a stupid question , i'm still beginner.
I think you should consider writing custom authentication service class, instead of jdbc-user-service query. You hold the user role somehow and while building authorities of logged in user in UserDetails service, add appropriate role in the collection. OR The role of logged in user can be manipulated later. You are gonna have to try and manipulate spring security context. Read this forum page to know more.
I have an exisiting database which I used to create a Model usign the Database first approach. Please refer to the database diagram.
In my solution file, I have a Class Library of the model which has an ADO.NET connection to the database & and I a ASP.NET MVC 3 web application.
The funcitonality that I'm trying to get here is that - the information displayed once a user logs in is different for every user. How do I link the user login page to the 'user' table of the database? Is it directly using the connection string or do I need to go through the model that I created using the Database?
Add a field to your User table called "ProviderUserKey" or MembershipUserID, or something similar of type uniqueidentifier. You then call Membership.GetUser().ProviderUserKey and use that in your where clause of your User Table to select the correct User record based on the logged in user.
I am looking to see what is the best way to implement asp.net membership in an MVC 3 project. One thing to note is that I have a separate users table and would like to still use this. So can I link my users table to the asp.net memberships table?
Cheers,
Noel.
You can create an additional field (unique identified type) on your custom table and link it to the membership users table.
create new user, if succeed then get id for the newly created user and insert it to your custom table.
MembershipUser mUser= Membership.GetUser(username);
Guid myId = (Guid)mUser.ProviderUserKey;
...Insert my/id to your custom table.
Description
You can implement your own MembershipProvider. Then you have full control about
how authentification works and wich database / tables are relevant.
I think you dont need the default asp.net membership database.
More Information
Create a Custom Membership Provider?
I have an existing project that i'm working on that uses .net membership. We want to expand the project to allow anonymous users but we seem to have hit a snag as we use the UserId of the aspnet_Users table as a foreign key in many of our database tables.
The following call returns null as there is no record in the aspnet_Membership table for anonymous users
Membership.Provider.GetUser(Request.AnonymousID, false);
Is there any way to get the UserId of an anonymous user through the standard API's? or will I have to write an extension that can do it?
As far as I know it is about access. If your web site has modules or pages that do not need access. You need to create a user first in the aspnet users table. It could be that this anonymous user is not created correctly leading to the null value.
Additionally if you want to track these anonymous users, you have to set allowanonymous to true in your profile provider configuration.
See this article for more help
http://www.odetocode.com/Articles/440.aspx