asp.net-membership

问题 I try to implement ASP.NET Authentication and Authorization on top of our existing database. We have a website calling a webservice to fetch its data. To use the webservice, i need to provide the username and password. Knowing that, I decided to implement IIdentity and IPrincipal to store the encrypted password and be able to provide it when performing webservice calls. In the future, we might want to use more of the built-in security of asp.net, so I implement membership and role provider

问题 I need to slightly tweak the functionality of the ASP.NET Membership provider to add custom logging functionality. Instead of creating a wrapper class around the methods I wish to modify, I was toying with the idea or creating a custom Membership Provider and override a few of the methods. All the examples I could find would show how to create it from scratch. I don't want to overwrite everything... just override a few methods. Can somebody point me in the right direction? Thanks! EDIT: DOH!

问题 If I call user.ChangePassword(oldpass,newpass), and the old password is wrong, or the new password does not meet the provider's complexity requirement , the method fails without warning. is there any way i can find out if there is an error and what the error was. I can always put these checks in my code, but there should be a way to do it using the Membership APIs 回答1: Unfortunately not. The ChangePassword method only returns a simple bool for success/fail. Your best option on fail would be

问题 Im trying to user ASP.NET MVC3 with Entity Framework and ASP.NET Membership for authentication. I've set up an existing database as my application services database for membership. When i create the entity data model through the wizard it adds the following connection string to my web.config. <add name="DBEntities" connectionString="metadata=res://*/Models.DB.csdl|res://*/Models.DB.ssdl|res://*/Models.DB.msl;provider=System.Data.SqlClient;provider connection string="Data Source=PM\SQLEXPRESS

问题 So I'm making a asp.net login. I want the login name that people use to match an id in my SQL database. So that I can retrieve their information. But currently when I use the code below, from which I get the name of the computer I am currently on. However I would like the user Identity to be what they write in the username textbox at the login screen. If HttpContext.Current.User.Identity.IsAuthenticated Then Dim userName As String = HttpContext.Current.User.Identity.Name Response.Write

问题 One of the security requirements for my web based system is to prevent people logging in as the same user on different machines at the same time. E.g. to ensure that people cant all log in using the same password/share passwords. Is there a way to achieve this using the ASP.NET membership provider. Will I need to manually store info on each session and if so is this reliable? 回答1: Check System.Web.Security.MembershipUser.IsOnline when the users is logging in. 回答2: There are no good standard

问题 I'm looking to use a slightly modified ASP.Net Membership Provider to handle the standard user account creation/authentication/etc in a website. We have a fair amount of legacy data that I need to migrate in order to provide continuity with our existing users' saved information (like order history, wishlist, etc). [NOTE: We have to migrate anyway, so this is not the reason we're migrating data] I'm wondering what a sensible approach is for joining this additional data to the asp.net

问题 I'm somewhat confused by membership providers for .NET. I have built a MVC 3 web application, but obviously login pages don't work out-of-the-box because I need to wire up a membership provider. I would have expected this process to be easy, but when I search for help I find numerous articles on writing custom providers. Can't I just set up a table or two, wire up a few details in web.config and have things work based on some default MVC membership provider? I have no desire to re-invent the

问题 I'm somewhat confused by membership providers for .NET. I have built a MVC 3 web application, but obviously login pages don't work out-of-the-box because I need to wire up a membership provider. I would have expected this process to be easy, but when I search for help I find numerous articles on writing custom providers. Can't I just set up a table or two, wire up a few details in web.config and have things work based on some default MVC membership provider? I have no desire to re-invent the

问题 I have an existing project that i'm working on that uses .net membership. We want to expand the project to allow anonymous users but we seem to have hit a snag as we use the UserId of the aspnet_Users table as a foreign key in many of our database tables. The following call returns null as there is no record in the aspnet_Membership table for anonymous users Membership.Provider.GetUser(Request.AnonymousID, false); Is there any way to get the UserId of an anonymous user through the standard