I have created a WCF service that is used for authentication. It uses an asp.net SQL membership provider for the accounts.I need a way for the client application to be able to register an account, change password ETC. The way I had originally planned and have started doing was basically interfacing the code within the service by creating matching methods that I could call from the client.
For instance to create the user I would create a method that has all the needed parameters and then within the code body I would access the membership provider so the client could just pass the details into it. So it is all actually done from within the same project/service.
Now that I have started I have began to wonder if I can access the sql membership provider directly from the client so I don't have to waste my time and interface the code.
If so could anyone point me in the right direction on how exactly I create an instance of the sql membership provider in another project so I can access it?
Microsoft has a standard framework that is targeted at what you're trying to do, it's called Client Application Services. There's a walkthrough on the MSDN site
Related
I have created a WCF service that is hosted within a web application. I want to add authorization to the service. Right now it uses a hardcoded username/password from a custom username password provider. What I am attempting to do is use the database that is by default in the web application to store users.
I went to the Web application configuration page and added a few users. So this means it must be going into a database. Where exactly is this stored? Or more precisely how exactly can I get the connection details for it? With the custom service I should be able to check against any DB with just some validation code and no other changes made to it, so could anyone show me an example of authorization through a DB in C#?
The databse is usually stored on you App_Data folder of you application
since you are using WCF here is the tutorial for you to implement a custom authentication provider for wcf.
I would like to know if it’s possible to do use authentication in Silverlight 5 without having to use RIA Services. I am using Entity Framework to connect to my database. I am also using the Business Application template. I have created a custom membership provider through which I am able to validate user credentials and can add new users. However, if I want to restrict content on the app based on which user is logged on, I have no way of doing. I believe that if I create a RIA Services Domain Context I can potentially check user information via WebContext.Current.User. Is there a way to get this type of information without RIA? Perhaps a WCF service of some sort?
Once I wrote a tutorial on how to share forms authentication between your web app and a silverlight app. This works without ria, uses guarded wcf. You can even fine tune the access to individual roles.
http://netpl.blogspot.com/2010/04/aspnet-forms-authentication-sharing-for.html
I have the requirement to setup authentication and authorization on a WCF Service, right now the service is created and working but no authentication.
There is also the need to authenticate existing users and passwords that are being stored in a SQL database and are already used by another web application, but since I do not have the source code for it, and being still adjusting do .NET I am having some dificulties.
I can read the database and found several aspnet_ tables in the database such as aspnet_Users, aspnet_Roles etc that so far seem to match with the ones used in the web application.
My question is how can I easily implement authentication and method authorization using the existing database.
Please note that I do not have access to the web-application source code.
Thanks.
MVC uses the standard ASP.Net membership provider. If you click the Log On button/register link - you can add a user. ASP.Net will create App_Data\ASPNETDB.MDF containing the membership information. You can move ASPNETDB.MDF to a remote DB server, but you must use the Membership provider schema/DB (unless you write your own provider).
A few MVC links to get you started.
http://www.asp.net/mvc/tutorials/older-versions/security/authenticating-users-with-forms-authentication-vb
http://weblogs.asp.net/fredriknormen/archive/2007/11/25/asp-net-mvc-framework-security.aspx
http://blog.wekeroad.com/blog/aspnet-mvc-securing-your-controller-actions/
The default authentication/authorization configuration added use ASP.NET standard membership and role manager service provider( the local SQL Express one). If your existing database(for user login) is also ASP.NET standard sql membership database, you can simply change the connection string of the membership section. Otherwise, you might need to create a custom membership provider which uses your own database tables for user authentication.
Implementing a Membership Provider
http://msdn.microsoft.com/en-us/library/f1kyba5e.aspx
Building Custom Providers for ASP.NET 2.0 Membership
http://msdn.microsoft.com/en-us/library/aa479048.aspx
Really no easy way to achieve your requirements. Here is the library you can use and follow stricktly steps described in this blog to setup authentication with SQL Membership provider for WCF services.
In my case I did small update to the library. I've commented out line of code
//if (!IsAnonymousAllowed)
I have built an internal Database for Clients. Its C# with an MS-SQL DB. I have integrated the ASP Website SQL Server and the Internal SQL Server to use the one database. Both the Website and the Internal Database are working.
I want to be able to automatically register a client to use the webpage once they have become a Client in my Internal Database. Using ASP (I am learning still) I see there is a membership provider and it seems to do all the validation and so on. Passwords are all handled and encrypted etc..
What would be the best way to add a user to the SQL Tables but keep the security and so on? Can I create a membership provider in my DB Client when adding a Client and use that to create the Clients Login to the Web Page?
I am using the default ASP .NET Web Application Template in VS 2010. The ASP Site is all standard config from the template.
Thanks!
You should call the methods on the membership provider. Don't get into the specifics of how the membership provider is working, the whole point of the provider model is that you can swap out the default SQL one for any other implementation.
If you look at the MembershipProvider base class (http://msdn.microsoft.com/en-us/library/system.web.security.membershipprovider.aspx) you can see the list of methods that it provides. You will need to call Membership.CreateUser() as part of your custom registration process, it has several overloads to choose between.
Looking at the default SQL Config and stored proceedures, we can use these.
See this.
The sample code by Chris Pels is excellent for helping with this solution. Thanks Chris!
We use an IBM database known as Universe that holds all of our user id's, passwords, and profile information in a table called USERINFO.
Can I use the Membership Provider to connect to this database and authenticate the user?
The database access is actually through a web service since we don't have a direct connect to the database.
We have a web service method called GetUserInfo which accepts a parameter of username. The method will return the password and profile information.
As mentioned above, you'll need to create a custom membership provider which a fairly straightforward. You'll create a .NET class that inherits from System.Web.Security.MembershipProvider. There are several methods that need to be overriden in your class, but most are not even used by the MVC account controller. The main method you'll want to override is ValidateUser(username, password) which will get a user logged in. After you've implemented your class you'll need to register it in web.config which is easy as well.
You can find a sample for a custom provider here:
http://msdn.microsoft.com/en-us/library/6tc47t75(VS.80).aspx
And a tutorial for the entire process here:
http://www.15seconds.com/issue/050216.htm
Keep in mind that the process for making a custom provider for MVC is the same for a standard ASP.NET web site, however MVC does not fully utilize all methods of the MembershipProvider class so it's much easier to implement.
You'll have to create a custom provider for that. It isn't very hard, as long as you can access the web service without an issue.
Have you investigated the UniObjects interface? It comes with Universe, but needs to be installed. It has complete access to all database functions. Logging in, Selecting files, reading, writing, deleteing, creating new files etc.