asp.net-membership

问题 I'm running a website based on asp.net mvc 5. My website implements an authentication mechanism (email address with password). My database is stored in Azure SQL. As part of my login method, I'm using this code: // ... var result = await SignInManager.PasswordSignInAsync(user.UserName, model.Password, model.RememberMe, shouldLockout: true); This code line takes 35 seconds to be executed (!). This is too much... In the user experince, it seems like the web page is stuck. I also tried the Non

问题 I have a project and apparently the designers of the software didn't put security into consideration. The passwords are stored in plain text and transmitted through plain text. So I am left with the task to fix this. I am a bit rusty on security, so my question is: for online user password authentication is it better to use hashing/salting techniques or is it better to use AES encryption? Could I have the pros and cons. Would it be better to somehow use the ASP.NET membership provider? Would

问题 I have asp.net mvc 3 site deployed on shared hosting. My problem is that my site frequently logged out user automatically after 5 to 10 min. Although i have set the time to 200 min in web.config and application_start as shown below <forms loginUrl="~/Account.mvc/index" slidingExpiration="true" timeout="200" protection="All" /> HttpCookie authCookie = FormsAuthentication.GetAuthCookie(userName, rememberMe); FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value);

问题 I'm currently re-writting an entire website in .Net. The current website is written in foxpro and uses custom logic, validation rules, and Sql server tables to store and authenticate users. I want to use Membership Provider but I have one major problem that I'm not sure how to overcome. Both, the new site and the old site have to share users and credentials. The users will have to be able to use both sites during the transition phase without having to update their profiles separately. What is

问题 Using ASP.NET membership, if I want to get information for the current user, I can call MembershipUser.GetUser() So, somehow the system must know the ID of the current user. If this is correct, and all I want is the ID of the current user, is there a way to get it without returning all the user information from the database? I know I can get the username of the current user using User.Identity.Name , but I need the ID. 回答1: The short answer is no you can't get only userID without retrieve

问题 I have an ASP.NET MVC 4 web application. Running locally, it works fine, but on the web host (which uses shared hosting), the logged on user is frequently logged out by being redirected back to the home page. In most cases, the user is logged out after performing only a few actions. The web host suggested that my application could be using up too much memory but I used a program to profile the memory usage and I confirmed that it wasn't using excessive amounts of memory - in fact the

问题 I have a library project that should be the base for several web applications. I am trying to implement System.Web.Security.MembershipProvider but for some reason Visual Studio cannot find it. It manages to find System.Web.Security.SqlMembershipProvider but not MembershipProvider. Any idea why? I am using Visual Studio 2010 with .NET 4. 回答1: Starting in .NET 4, MembershipProvider is declared in System.Web.ApplicationServices.dll (strangely enough), so you need to add a reference to that

问题 Hello guys I having been keeping searching for answers for a few days and read couple of posts already but still quite confused. I am using a user table with fields including First Name, Last Name, Email, Password, RoleID and other stuff like phone numbers etc. Also I have a "role table" which has a Field standing for "Role Name" in string and few other fields stands for different Accesses of Boolean type such as "AccessToAlterItemInformation" which if a user with such roles who having

问题 Here is my Web.config file <membership> <providers> <clear /> <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="8" minRequiredNonalphanumericCharacters="0" passwordStrengthRegularExpression="^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])|(?=.*[a-z])(?=.*[A-Z])(?=.*[!%,.;:])|(?=.*[a-z])(?=.*[0-9])(?=.*[!%,.;:])|(?=.*[A-Z])(?=.*[0-9])(?=.*[!%,.;:])$"

问题 How do you add the option to upload a profile image to the default RegisterModel in MVC 4? 回答1: This answer converts the image to a byte array so that you can then save it in a database. It can easily be modified if you wanted to save the image to file store. The code for the View Model. The important part is the multipart/form-data attribute: @using (Html.BeginForm("Register", "Account", null, FormMethod.Post, new { enctype = "multipart/form-data" })) { @Html.AntiForgeryToken() @Html