Presentation is loading. Please wait.

Presentation is loading. Please wait.

Role Management in .net Vinay Dhareshwar.

Published byمتین فرجی Modified over 5 years ago

Similar presentations

Presentation on theme: "Role Management in .net Vinay Dhareshwar."— Presentation transcript:

1 Role Management in .net Vinay Dhareshwar

2 Agenda Introduction Membership Service Login Controls
Role Management Service 2

3 Role Based Security Most business applications require role- based security. Role management lets you create groups of users as a unit Roles give flexibility to change permissions and add and remove users. Each Web page in the Web application can be assigned a security level As you define more access rules for your application, roles become a more convenient way to apply the changes to groups of users. Most business applications require role-based security. The business owner of an application usually wants certain groups to have full control of all screens, other groups to have full control of a few screens, and another group to have read-only access to a few screens. Role management lets you treat groups of users as a unit by assigning users to roles such as manager, sales, member, and so on. (In Windows, you create roles by assigning users to groups such as Administrators, Power Users, and so on.) Even if your application has only a few users, you might still find it convenient to create roles. Roles give you flexibility to change permissions and add and remove users without having to make changes throughout the site. Each Web page in the Web application can be assigned a security level. This is done by specifying what role is required to access the page. The syntax in the web.config file is very straightforward. After you have established roles, you can create access rules in your application. For example, your site might include a set of pages that you want to display only to members. Similarly, you might want to show or hide a part of a page based on whether the current user is a manager. By using roles, you can establish these types of rules independent from individual application users. For example, you do not have to grant individual members of your site access to member-only pages. Instead, you can grant access to the role of member and then just add and remove users from that role as people sign up or let their memberships lapse. To work with roles, you must be able to identify users in your application so that you can determine whether the user is in a specific role. You can configure your application to establish user identity in two ways: Windows authentication and forms authentication. 3

4 Membership Service Manages users and credentials
Simplifies forms authentication Provider-based for flexible data storage Manages users and credentials Declarative access via WebSite Admin Tool Programmatic access via Membership API Simplifies forms authentication Provides logic for validating user names and passwords, creating users, and more Manages data store for credentials, addresses, and other membership data Provider-based for flexible data storage 4

5 SqlMembershipProvider
Membership Schema Controls Login LoginStatus LoginView Other Controls Membership API Membership MembershipUser Membership Providers SqlMembershipProvider Other Membership Providers Ships with one membership provider SqlMembershipProvider (SQL Server and SQL Server Express) Use custom providers for other Membership data stores Membership Data SQL Server SQL Server Express Other Data Stores 5

6 Key Membership Methods
Membership Class Provides static methods for performing key membership tasks Creating and deleting users Retrieving information about users Generating random passwords Validating logins Includes read-only static properties for acquiring data about provider settings

7 Creating New Users try {
Membership.CreateUser ("Jeff", "imbatman!", } catch (MembershipCreateUserException e) { // Find out why CreateUser failed switch (e.StatusCode) { case MembershipCreateStatus.DuplicateUsername: ... case MembershipCreateStatus.Duplicate case MembershipCreateStatus.InvalidPassword: default: Validating Users if (Membership.ValidateUser (UserName.Text, Password.Text)) FormsAuthentication.RedirectFromLoginPage (UserName.Text, RememberMe.Checked); 7

8 The MembershipUser Class
Represents individual users registered in the membership data store Returned by Membership methods such as GetUser and CreateUser Represents individual users registered in the membership data store Includes numerous properties for getting and setting user info Includes methods for retrieving, changing, and resetting passwords Returned by Membership methods such as GetUser and CreateUser 8

9 Key MembershipUser Methods
Works if Membership.EnablePasswordRetrieval is true ** Works if Membership.EnablePasswordReset is true Comment - Storage for user-defined data CreationDate - Date user was added to the membership data store - User's address LastLoginDate - Date user last logged in successfully LastPassword-ChangedDate - Date user's password was last changed ProviderUserKey - Unique user ID generated by membership provider UserName - User's registered user name

10 Configuring the Membership Service
<membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow = "00:15:00" hashAlgorithmType = "[SHA1|MD5]" > <providers> ... </providers> </membership> 10

11 Login Controls Standard UI for logging in users
Integrates with Membership service Calls ValidateUser automatically No-code validation and logins Also works without Membership service Incorporates RequiredFieldValidators

12 Using the Login Control
<html> <body> <form runat="server"> <asp:Login RunAt="server" /> </form> </body> </html> Login Control Events LogginIn Authenticate LoggedIn LoginError 12

13 The LoginView Control Displays content differently to different users depending on: Whether user is authenticated If user is authenticated, the role memberships he or she is assigned Template-driven <AnonymousTemplate> <LoggedInTemplate> <RoleGroups> and <ContentTemplate> 13

14 Using LoginView <asp:LoginView ID="LoginView1" Runat="server">
<AnonymousTemplate> <!-- Content seen by unauthenticated users --> </AnonymousTemplate> <LoggedInTemplate> <!-- Content seen by authenticated users --> </LoggedInTemplate> <RoleGroups> <asp:RoleGroup Roles="Administrators"> <ContentTemplate> <!-- Content seen by authenticated users who are administrators --> </ContentTemplate> </asp:RoleGroup> ... </RoleGroups> </asp:LoginView> Things inside LoggedInTemplate will be shown only if the user is logged in where AnonymousTemplate will be visible if the user is not logged in. 14

15 Role Management Service
Role-based security in a box Simplifies adding role-based security to sites that employ forms authentication Provider-based for flexible data storage Role-based security in a box Declarative access via WS Admin Tool Programmatic access via Roles API Simplifies adding role-based security to sites that employ forms authentication Maps users to roles on each request Provides data store for role information Provider-based for flexible data storage 15

16 Role Management Schema
Controls Login LoginStatus LoginView Other Controls Roles API Roles Role Providers SqlRoleProvider Other Role Providers Roles Data SQL Server SQL Server Express Other Data Stores 16

17 The Roles Class Provides static methods for performing key role management tasks Includes read-only static properties for acquiring data about provider settings Gateway to the Role Management API Creating and deleting roles Adding users to roles Removing users from roles and more 17

18 Key Roles Methods

19 Creating a New Role Adding a User to a Role
if (!Roles.RoleExists ("Developers")) { Roles.CreateRole ("Developers"); } Adding a User to a Role string name = Membership.GetUser ().Username; // Get current user Roles.AddUserToRole (name, "Developers"); // Add current user to role 19

20 Configuring the Role Manager
<roleManager enabled="[true|false]" defaultProvider="AspNetSqlRoleProvider" createPersistentCookie="[true|false]" cacheRolesInCookie="[true|false]" cookieName=".ASPXROLES" cookieTimeout="00:30:00" cookiePath="/" cookieRequireSSL="[true|false]" cookieSlidingExpiration="[true|true]" cookieProtection="[None|Validation|Encryption|All]" domain="" maxCachedResults="25" > <providers> ... </providers> </roleManager> Role manager is disabled by default Enable it via Web.config: 20

21 Role Management Providers
Role management is provider-based Ships with three role providers: AuthorizationStoreRoleProvider (Authorization Manager, or "AzMan") SqlRoleProvider (SQL Server) WindowsTokenRoleProvider (Windows) Use custom providers for other data stores 21

22 Configuring SqlRoleProvider
<roleManager defaultProvider="AspNetSqlRoleProvider" ...> <providers> <add applicationName="/" connectionStringName="LocalSqlServer" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, ..." /> </providers> </roleManager> 22

23 Role Management 23

24 References sharpcorner.com/UploadFile/praveenalwar/PraveenAlwar AM/PraveenAlwar.aspx management.html trols_with_Roles_in_ASPNet_20.aspx 1365b-4c80-4e f12f59bf1d4/ASP.NET2.0MembershipLoginControlsandRoleMan agement.pdf 24

Download ppt "Role Management in .net Vinay Dhareshwar."

Similar presentations

Managing User, Computer and Group Accounts

Managing User, Computer and Group Accounts
Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.
Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.

Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.
Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.

Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.
Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.

Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
Authenticating Users in an ASP.NET Application. Web Site Administration Tool From VS 2008, click Website/ ASP.Net Configuration to open Web Site Administration.

Authenticating Users in an ASP.NET Application. Web Site Administration Tool From VS 2008, click Website/ ASP.Net Configuration to open Web Site Administration.
Administering Active Directory

Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Membership, Role Manager and Profile Membership, Role Manager and Profile Matt Gibbs ASP.NET Development Manager.

Membership, Role Manager and Profile Membership, Role Manager and Profile Matt Gibbs ASP.NET Development Manager.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Delivering Excellence in Software Engineering ® 2006. EPAM Systems. All rights reserved. ASP.NET Authentication.

Delivering Excellence in Software Engineering ® EPAM Systems. All rights reserved. ASP.NET Authentication.
1 ASP.NET SECURITY Presenter: Van Nguyen. 2 Introduction Security is an integral part of any Web-based application. Understanding ASP.NET security will.

1 ASP.NET SECURITY Presenter: Van Nguyen. 2 Introduction Security is an integral part of any Web-based application. Understanding ASP.NET security will.
Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Membership in ASP.Net...if only Presented by: Patrick Hynds President, CriticalSites Microsoft Regional Director.

Membership in ASP.Net...if only Presented by: Patrick Hynds President, CriticalSites Microsoft Regional Director.

1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.

1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.
Forms Authentication, Users, Roles, Membership Svetlin Nakov Telerik Corporation www.telerik.com.

Forms Authentication, Users, Roles, Membership Svetlin Nakov Telerik Corporation
RECALL THE MAIN COMPONENTS OF KIM Functional User Interfaces We just looked at these Reference Implementation We will talk about these later Service Interface.

RECALL THE MAIN COMPONENTS OF KIM Functional User Interfaces We just looked at these Reference Implementation We will talk about these later Service Interface.

Similar presentations

Ads by Google