role management in.net shree shalini pusapati cs 795 11/17/20151
TRANSCRIPT
![Page 1: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/1.jpg)
Role Management Role Management in .NETin .NET
Shree Shalini PusapatiCS 795
04/21/23 1
![Page 2: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/2.jpg)
AgendaAgenda
Understanding Role Management
Membership Services
Login Control
Role Management Services
Demo
04/21/23 2
![Page 3: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/3.jpg)
IntroductionIntroduction
04/21/23 3
![Page 4: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/4.jpg)
Understanding Role ManagementUnderstanding Role Management
Roles give flexibility to manage permissions
Manage Authorization
Assigning users to Roles
Lets you create Access Rules
Rules independent of individual user
04/21/23 4
![Page 5: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/5.jpg)
Role Management in .NETRole Management in .NET
Define Users – Membership Services
User Identification – Login Control
Define Roles & Assign Members to Roles – Role Management
04/21/23 5
![Page 6: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/6.jpg)
Membership ServicesMembership Services
04/21/23 6
![Page 7: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/7.jpg)
Membership ServicesMembership Services
Manages users and credentials◦Declarative access via WS Admin Tool◦Programmatic access via Membership API
Simplifies forms authentication◦Provides logic for validating user names and
passwords, creating users, and more◦Manages data store for credentials, e-mail
addresses, and other membership data
Provider-based for flexible data storage
04/21/23 7
![Page 8: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/8.jpg)
Membership SchemaMembership Schema04/21/23
Membership API
MembershipData
ControlsLoginLoginLoginLogin LoginStatusLoginStatusLoginStatusLoginStatus LoginViewLoginViewLoginViewLoginView
Other MembershipOther MembershipProvidersProviders
Other MembershipOther MembershipProvidersProviders
Membership Providers
MembershipMembershipMembershipMembership MembershipUserMembershipUserMembershipUserMembershipUser
SqlMembershipProviderSqlMembershipProviderSqlMembershipProviderSqlMembershipProvider
OtherOtherControlsControls
OtherOtherControlsControls
SQL ServerSQL Server OtherOtherData StoresData Stores
SQL ServerSQL ServerExpressExpress
8
![Page 9: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/9.jpg)
The Membership ClassThe Membership Class
Provides static methods for performing key membership tasks◦Creating and deleting users◦Retrieving information about users◦Generating random passwords◦Validating logins
Includes read-only static properties for acquiring data about provider settings
04/21/23 9
![Page 10: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/10.jpg)
Key Membership MethodsKey Membership Methods
Name Description
CreateUser Adds a user to the membership data store
DeleteUser Removes a user from the membership data store
GeneratePassword Generates a random password of a specified length
GetAllUsersRetrieves a collection of MembershipUser objects
representing all currently registered users
GetUser Retrieves a MembershipUser object representing a user
UpdateUser Updates information for a specified user
ValidateUser Validates logins based on user names and passwords
![Page 11: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/11.jpg)
Creating New UserCreating New User04/21/23
try { Membership.CreateUser ("Jeff", "imbatman!", "[email protected]");}catch (MembershipCreateUserException e) { // Find out why CreateUser failed switch (e.StatusCode) {
case MembershipCreateStatus.DuplicateUsername: ... case MembershipCreateStatus.DuplicateEmail: ... case MembershipCreateStatus.InvalidPassword: ... default: ... }}
11
![Page 12: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/12.jpg)
The MembershipUser ClassThe MembershipUser Class
Represents individual users registered in the membership data store
Includes numerous properties for getting and setting user info
Includes methods for retrieving, changing, and resetting passwords
Returned by Membership methods such as GetUser and CreateUser
04/21/23 12
![Page 13: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/13.jpg)
Key MembershipUser MethodsKey MembershipUser Methods
Name Description
ChangePassword Changes user's password
ChangePassword-QuestionAndAnswer
Changes question and answer used for password
recovery
GetPassword* Retrieves a password
ResetPassword** Resets a password by setting it to a new random password
UnlockUser Restores suspended login privileges
* Works if Membership.EnablePasswordRetrieval is true** Works if Membership.EnablePasswordReset is true
![Page 14: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/14.jpg)
Membership ProvidersMembership Providers
Membership is provider-based◦Provider provides interface between
Membership service and data store
Ships with one membership provider◦SqlMembershipProvider (SQL Server and SQL
Server Express)
Use custom providers for other Membership data stores
04/21/23 14
![Page 15: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/15.jpg)
Configuring SqlMembershipProviderConfiguring SqlMembershipProvider
04/21/23
<membership defaultProvider="AspNetSqlMembershipProvider"> <providers> <add name="AspNetSqlMembershipProvider" connectionStringName="LocalSqlServer" enablePasswordRetrieval="[true|false]" enablePasswordReset="[true|false]" requiresQuestionAndAnswer="[true|false]" applicationName="/" requiresUniqueEmail="[true|false]" passwordFormat="[Clear|Encrypted|Hashed]" maxInvalidPasswordAttempts="5" passwordAttemptWindow="10" passwordStrengthRegularExpression="" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" type="System.Web.Security.SqlMembershipProvider, System.Web, ..." /> </providers></membership>
15
![Page 16: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/16.jpg)
Login ControlsLogin Controls
04/21/23 16
![Page 17: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/17.jpg)
Login ControlsLogin Controls
Name Description
ChangePassword UI for changing passwords
CreateUserWizard UI for creating new user accounts
Login UI for entering and validating user names and passwords
LoginName Displays authenticated user names
LoginStatus UI for logging in and logging out
LoginView Displays different views based on login status and roles
PasswordRecovery UI for recovering forgotten passwords
![Page 18: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/18.jpg)
The Login ControlThe Login Control
Standard UI for logging in users
Integrates with Membership service◦Calls ValidateUser automatically◦No-code validation and logins
Also works without Membership service
Incorporates RequiredFieldValidators
Highly customizable UI and behavior
04/21/23 18
![Page 19: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/19.jpg)
Using the Login ControlUsing the Login Control
<html> <body> <form runat="server"> <asp:Login RunAt="server" /> </form> </body></html>
04/21/23 19
![Page 20: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/20.jpg)
Customizing the Login ControlCustomizing the Login Control
<asp:Login ID="LoginControl" RunAt="server" CreateUserText="Create new account" CreateUserUrl="CreateUser.aspx" DisplayRememberMe="false" PasswordRecoveryText="Forgotten your password?" PasswordRecoveryUrl="RecoverPassword.aspx" LoginButtonText="Do It!" TitleText="Please Log In"/>
04/21/23 20
![Page 21: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/21.jpg)
Login Control EventsLogin Control Events
Name Description
LoggingIn
Fired when the user clicks the Log In button. Purpose: to
Prevalidate login credentials (e.g., make sure e-mail
address is well-formed)
Authenticate
Fired when the user clicks the Log In button. Purpose: to
Authenticate the user by validating his or her
login credentials
LoggedIn Fired following a successful login
LoginError Fired when an attempted login fails
![Page 22: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/22.jpg)
The LoginView ControlThe LoginView Control
Displays content differently to different users depending on:◦Whether user is authenticated◦If user is authenticated, the role memberships
he or she is assignedTemplate-driven
◦<AnonymousTemplate>◦<LoggedInTemplate>◦<RoleGroups> and <ContentTemplate>
04/21/23 22
![Page 23: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/23.jpg)
Using LoginViewUsing LoginView
<asp:LoginView ID="LoginView1" Runat="server"> <AnonymousTemplate> <!-- Content seen by unauthenticated users --> </AnonymousTemplate> <LoggedInTemplate> <!-- Content seen by authenticated users --> </LoggedInTemplate> <RoleGroups> <asp:RoleGroup Roles="Administrators"> <ContentTemplate> <!-- Content seen by authenticated users who are administrators --> </ContentTemplate> </asp:RoleGroup> ... </RoleGroups></asp:LoginView>
04/21/23 23
![Page 24: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/24.jpg)
The LoginName ControlThe LoginName Control
Displays authenticated user namesUse optional FormatString property to
control format of output
<asp:LoginView ID="LoginView1" Runat="server"> <AnonymousTemplate> You are not logged in </AnonymousTemplate> <LoggedInTemplate> <asp:LoginName ID="LoginName1" Runat="server" FormatString="You are logged in as {0}" /> </LoggedInTemplate></asp:LoginView>
04/21/23 24
![Page 25: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/25.jpg)
The LoginStatus ControlThe LoginStatus Control
Displays links for logging in and out◦"Login" to unauthenticated users◦"Logout" to authenticated users
UI and logout behavior are customizable
<asp:LoginStatus ID="LoginStatus1" Runat="server" LogoutAction="Redirect" LogoutPageUrl="~/Default.aspx" />
04/21/23 25
![Page 26: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/26.jpg)
LoginStatus PropertiesLoginStatus Properties
Name Description
LoginText Text displayed for login link (default="Login")
LogoutText Text displayed for logout link (default="Logout")
LoginImageUrl URL of image used for login link
LogoutActionAction to take following logout: Redirect,
RedirectToLoginPage, or Refresh (default)
LogOutPageUrl URL of page to go to following logout if LogoutAction="Redirect"
![Page 27: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/27.jpg)
Role ManagementRole Management
04/21/23 27
![Page 28: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/28.jpg)
Role Management ServiceRole Management Service
Role-based security in a box◦Declarative access via WS Admin Tool◦Programmatic access via Roles API
Simplifies adding role-based security to sites that employ forms authentication◦Maps users to roles on each request◦Provides data store for role information
Provider-based for flexible data storage
04/21/23 28
![Page 29: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/29.jpg)
Role Management SchemaRole Management Schema
Roles API
Roles Data
SQL ServerSQL Server OtherOtherData StoresData Stores
ControlsLoginLoginLoginLogin LoginStatusLoginStatusLoginStatusLoginStatus LoginViewLoginViewLoginViewLoginView
Other Role ProvidersOther Role ProvidersOther Role ProvidersOther Role Providers
Role Providers
RolesRolesRolesRoles
SqlRoleProviderSqlRoleProviderSqlRoleProviderSqlRoleProvider
SQL ServerSQL ServerExpressExpress
OtherOtherControlsControls
OtherOtherControlsControls
04/21/23 29
![Page 30: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/30.jpg)
The Roles ClassThe Roles Class
Gateway to the Role Management APIProvides static methods for performing
key role management tasks◦Creating and deleting roles◦Adding users to roles◦Removing users from roles and more
Includes read-only static properties for acquiring data about provider settings
04/21/23 30
![Page 31: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/31.jpg)
Key Roles MethodsKey Roles Methods
Name Description
AddUserToRole Adds a user to a role
CreateRole Creates a new role
DeleteRole Deletes an existing role
GetRulesForUser Gets a collection of roles to which a user belongs
GetUsersInRole Gets a collection of users belonging to a specified role
IsUserInRole Indicates whether a user belongs to a specified role
RemoveUserFromRole Removes a user from the specified role
![Page 32: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/32.jpg)
Creating a New RoleCreating a New Role
if (!Roles.RoleExists ("Developers")) { Roles.CreateRole ("Developers");}
04/21/23 32
![Page 33: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/33.jpg)
Adding a User to a RoleAdding a User to a Role
string name = Membership.GetUser ().Username; // Get current userRoles.AddUserToRole (name, "Developers"); // Add current user to role
04/21/23 33
![Page 34: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/34.jpg)
Enabling the Role ManagerEnabling the Role Manager
Role manager is disabled by defaultEnable it via Web.config:
<configuration> <system.web> <roleManager enabled="true" /> </system.web></configuration>
04/21/23 34
![Page 35: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/35.jpg)
Configuring the Role ManagerConfiguring the Role Manager
<roleManager enabled="[true|false]" defaultProvider="AspNetSqlRoleProvider" createPersistentCookie="[true|false]" cacheRolesInCookie="[true|false]" cookieName=".ASPXROLES" cookieTimeout="00:30:00" cookiePath="/" cookieRequireSSL="[true|false]" cookieSlidingExpiration="[true|true]" cookieProtection="[None|Validation|Encryption|All]" domain="" maxCachedResults="25"> <providers> ... </providers></roleManager>
04/21/23 35
![Page 36: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/36.jpg)
Role Management ProvidersRole Management Providers
Role management is provider-based
Ships with three role providers:◦AuthorizationStoreRoleProvider (Authorization
Manager, or "AzMan")◦SqlRoleProvider (SQL Server)◦WindowsTokenRoleProvider (Windows)
Use custom providers for other data stores
04/21/23 36
![Page 37: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/37.jpg)
Configuring SqlRoleProviderConfiguring SqlRoleProvider
<roleManager defaultProvider="AspNetSqlRoleProvider" ...> <providers> <add applicationName="/" connectionStringName="LocalSqlServer" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, ..." /> </providers></roleManager>
04/21/23 37
![Page 38: Role Management in.NET Shree Shalini Pusapati CS 795 11/17/20151](https://reader035.vdocuments.us/reader035/viewer/2022081512/56649f2a5503460f94c44598/html5/thumbnails/38.jpg)
DemoDemo
04/21/23 38