How do you implement role and membership providers in vNext?
Before you needed to define them in web.cfg but that file is gone and I can't even find the base classes for the providers.
So far I have found nothing on this topic. Can anyone help?
asp.net Identity is the new thing for users and roles.
Best way to understand it is to create an asp.net 5 web app in VS 2015, it will wire up Identity using Entity Framework 7 and you can see the moving parts in action in the Account and Manage controllers that are created.
It is also possible to implement your own UserStore and RoleStore if you don't want to use EF.
the source code for asp.net identity and the EF implementation are also instructive
Related
I have an ASP.NET 5 (RC1) application for which I am trying to set up authentication and authorization. However I am confused and overwhelmed by all the varying authentication and authorization information online in as it pertains to this platform. Much of it seems either hopelessly out of date or simply doesn't seem to apply in this particular usage scenario. Right now, I'm not even sure what the right 'terminology' to use for the question I am trying to ask, but I digress.
What I am trying to accomplish is a system whereby users are authenticated/authorized via Azure AD (B2C?), with additional user profile information stored in a database. However, the user context in the controllers is accessed in a consistent way using what I presume would be a custom ClaimsPrincipal/ClaimsIdentity? I would imagine this should be as simple as adding an 'authorize' attribute or something similar and accessing the ClaimsPrinciple.Current.Claims.
I have used ASP.NET Identity in the past, but many of the examples I have found aren't using that. Most are simply using the UseOpenIdConnectAuthentication middle-ware. I see that ASP.NET Identity is still available but I'm not sure it applies in this scenario. I also found a couple posts on here suggesting using a custom ClaimsIdentity to accomplish this, but I am having trouble finding useful up to date examples. BTW, I realize that much of this "profile" information can be stored as custom attributes in azure ad but the way some of the information is used within the application prohibits all of it from being in azure (i.e. EF linq joins and such).
Please, tell me if I am even close on some of this. I know this is a fairly new platform and the information is sparse, but certainly I'm not the only one asking these questions.
Just calling out an excellent article Identity management for multitenant applications in Microsoft Azure.
A lot of your questions are answered there.
e.g. you can augment the claim in the OWIN middleware AuthenticationValidated event.
ASP.NET Identity is claims-based in that the attributes are delivered as claims but authentication is on the DB, not via external IDP like Azure AD.
B2C is a special case in Azure AD - used for many (millions!) external users who can self-register and self-manage e.g. SSPR.
B2C uses a separate tenant to the normal Azure AD one and the users have no access to things like O365 or any SaaS applications.
I'm learning how to write simple websites with MVC 3. I have a little problem with loging on to my website. I created an account via ASP.Net Configuration site and there is no problem to log in unless I try to do this not on localhost. When I use log in form on my published online site, it takes a while and redirecting me to /shared/error. What did i wrong? Maybe I forgot about some libraries? I use default Account system, just this one which is created in new Web App project.
What are you using for persistence on the server? the ASP.Net Configuration is creating a user account in a database. If you don't explicitly specify a database, one is created for development purposes for you, but it is not copied to the server.
Also, there are some tables inserted into the database for you by the ASP.Net Configuration site for supporting users, roles, etc. These tables would need to be created on your server. see Creating the Membership Schema in SQL Server
If possible, you should consider MVC 4 instead of MVC 3, since the pre-built templates for it use Simple Membership instead of the full featured ASP.net Membership providers. Simple Membership uses only a few tables, and the views and stored procedures have been removed.
I have this in mind.
I just want to check if there is something like what I have in mind already done, or I should I want to work on:
MVC3 application using asp.net membership, that has single sign on (so it is a claims aware
app that will log on a STS).
I have seen http://identityserver.codeplex.com/ but not analized it in detail:
Is it a good solution to implement?
My question is:
Is there anything like that done?
Is it a common way of doing SSO? (using also membership?)
Thanks!..
IdentityServer is an STS not an application.
If you have a claims-aware application, it "emulates" the membership provider. You can configure ADFS to provide the roles and then use the standard .NET constructs
IsInRole() or
location>
...
allow role = ...>
in the web.config.
Single Application Page Asp.net MVC 4 temlplate uses default database to check Login and Register but I want to use my existing database in my SPA application. There are some table to store info like default database and some table to store other info in my database. So how can I do this? or I just have to use default database for Authorization and use my database to do business?
There are, as always several ways to accomplish this task.
Microsoft shows you an example using ASP.NET Membership and Roles as it's a powerful way to accomplish what you want, and it even provides you with a sample Database for that to work.
You have the ability to override all the methods that handle membership and roles in this way, you benifit from using ASP.NET Membership & Roles and use your own Database (or anything to keep your user information in a common place, like text File or Xml, you decide!)
For this, you can see my answer on how to create your own Membership Provider:
Custom MembershipProvider in .NET 4.0
I suggest that you read this answer to the end, as I have added a Video Tutorial on the subject that might help you seeing thing this in a different perspective and how easy is to implement this.
Or you can simple discharge the Provider and do and use your own method, like, validade user and password and keep a Session throughout the user livecycle that let you know the user information and if he's logged in or not...
As throughout this late years, Microsoft suggest that you use their way, but you have always the freedom to do things your way.
Does anyone know is there a way to implement Windows Live ID authentication into your ASP.NET MVC site. I am moving a project from Web Forms to a MVC solution and do not want to rebuild the database so ASP.NET Membership mentioned in windows-live-id-in-asp-net-mvc is not a valid solution.
And just to avoide this question the customer not want to use Open ID.
I don't fully understand your question, but here's an example of a MVC.NET app which uses LiveID but doesn't use an ASP.NET Membership provider:
http://blog.smarx.com/posts/actually-i-m-a-cia-agent