asp.net-identity

问题 I created a customized IConfigurationDbContext in order to using IDS4 with Oracle. public class IdentityConfigurationDbContext : DbContext, IConfigurationDbContext { private readonly ConfigurationStoreOptions storeOptions; public IdentityConfigurationDbContext(DbContextOptions<IdentityServerDbContext> options) : base(options) { } public IdentityConfigurationDbContext(DbContextOptions<ConfigurationDbContext> options, ConfigurationStoreOptions storeOptions) : base(options) { this.storeOptions =

问题 Part of an app i'm building requires that admin users can let an employee access one page of the app to perform a task. After the employee has completed that task, they have no reason to return to the app. This app is hosted online and so the employee access needs to be secured with a logon. My question is, what is the best approach regarding providing a login account to a user who would only use the system once? As I see it, I have two options: Provide the admin users with one permanent

问题 Following blog series by @Taiseer Joudeh (http://bitoftech.net/2015/01/21/asp-net-identity-2-with-asp-net-web-api-2-accounts-management/) I've build simple WebApi with JWT authentication. I'm able to login and query my endpoint using token. I'm trying to change how my login mechanism works. Right now user must send his login and password to /oauth/token to get access token that will be send with every request to webapi. I'd like to be able to login user with password that will be send via SMS

问题 I'm working on a MVC application using Azure's AD authentication. I have been looking for a best practice or suggested way to 'extend' the user profile data. For example, I want the users to have a date of birth stored against themselves. I have looked at this but it doesn't really answer my question: Active Directory User Data Storage I can't find anything else kinda close to the solution either, all other solutions are for the other type of authentication. One thing to note is the

问题 I'm having same issue described here with no answer, just using Unity. I'm trying to register ISecureDataFormat<> in the lastest VS2013 (update 2) SPA/Web Api template. I've tried container.RegisterType(typeof(ISecureDataFormat<>), typeof(SecureDataFormat<>)); container.RegisterType<ISecureDataFormat<AuthenticationTicket>, SecureDataFormat<AuthenticationTicket>>(); container.RegisterType<ISecureDataFormat<AuthenticationTicket>, TicketDataFormat>(); It "works" but not really because then it

问题 I am using ASP.NET 4.5 OWIN Identity and attempting to block access to a directory for all but authenticated users. The directory contains raw files, so it isnt possible to wrap them in the ASP LoggedInTemplate tag. When I try and prevent access to the directory to anonymous users, it fails. I have tried adding the following to the main Web.config file: <system.web> <authorization> <deny users="?" /> </authorization> </system.web> <location path="/docs"> <system.web> <authorization> <deny

问题 After adding Simple Injector to my project to create an instance of my UserAppManager that will exist through the whole lifetime of a session I started to recieve errors: Error with no parameterless constructor: An error occurred when trying to create a controller of type 'AuthController'. Make sure that the controller has a parameterless public constructor. Error with a parameterless constructor: For the container to be able to create AuthController it should have only one public constructor

问题 So I have been bashing my head for a while with this problem. We have one web app that is using IdentityServer4 and AspNetIdentity to authenticate and register users ( this is working as intended ). In addition, we have an other API (inside the same solution) that is able to use IdentityServer4 to authenticate users accessing the API . However, the problem is, that besides authentication we cannot use the API to create new users . For instance, users should be able to create other users

问题 I saw a lot of examples online but none that I could use from top to bottom about merging my own DbContext with Asp.net IdentityDbContext. Can someone please walk me through it? I am at step 0, and what I want is to have the tables generated by ASP.net IdentityDbContext inside my own database, so that I can retain user data in my own database. How can I achieve that? Thanx in advance :) 回答1: If I got you correct, you are trying to use your existing database, tables and existing users with asp

问题 I have done a lot of research but am still not sure if I am doing this correctly. The best resource I found was here http://leastprivilege.com/2015/10/12/the-state-of-security-in-asp-net-5-and-mvc-6-authorization/ Given an ApplicationUser class extended to include a list of Authorized account numbers I want to restrict the user to only view statements (and other actions based) on their authorized accounts). I would think this is a very common design however most of the articles on the net