Role Management in .net Vinay Dhareshwar.

Slides:



Advertisements
Similar presentations
Managing User, Computer and Group Accounts
Advertisements

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.
Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.
Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.
Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
Authenticating Users in an ASP.NET Application. Web Site Administration Tool From VS 2008, click Website/ ASP.Net Configuration to open Web Site Administration.
Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Membership, Role Manager and Profile Membership, Role Manager and Profile Matt Gibbs ASP.NET Development Manager.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Delivering Excellence in Software Engineering ® EPAM Systems. All rights reserved. ASP.NET Authentication.
1 ASP.NET SECURITY Presenter: Van Nguyen. 2 Introduction Security is an integral part of any Web-based application. Understanding ASP.NET security will.
Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Membership in ASP.Net...if only Presented by: Patrick Hynds President, CriticalSites Microsoft Regional Director.

1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.
Forms Authentication, Users, Roles, Membership Svetlin Nakov Telerik Corporation
RECALL THE MAIN COMPONENTS OF KIM Functional User Interfaces We just looked at these Reference Implementation We will talk about these later Service Interface.
Sofia, Bulgaria | 9-10 October Developing Custom ASP.NET Providers For Membership And Role Manager Goksin Bakir Yage Ltd Microsoft Regional Director, MEA.
Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Copyright © 2013 Curt Hill Database Security An Overview with some SQL.
Dr. Mustafa Cem Kasapbaşı Security in ASP.NET. Determining Security Requirements Restricted File Types.
PS Security By Deviprasad. Agenda Components of PS Security Security Model User Profiles Roles Permission List. Dynamic Roles Static Roles Building Roles/Rules.
ASP.NET The Clock Project. The ASP.NET Clock Project The ASP.NET Clock Project is the topic of Chapter 23. By completing the clock project, you will learn.
Vinay Dhareshwar.  Introduction  Membership Service  Login Controls  Role Management Service 2.
Module 11: Securing a Microsoft ASP.NET Web Application.
Slide 1 ASP Authentication There are basically three authentication modes Windows Passport Forms There are others through WCF You choose an authentication.
ASP.NET 2.0: A Look Inside Membership, Role Management, and Profiles in ASP.NET 2.0 Sam Spencer Program Manager Microsoft – Web Platform & Tools DEV312.
Role Management in.NET Shree Shalini Pusapati CS /17/20151.
MEMBERSHIP AND IDENTITY Active server pages (ASP.NET) 1 Chapter-4.
Table of Contents TopicSlide Administrator Login 2 Administrator Navigations 3 Managing AlternativeDr.com Blogs 4 Managing Dr. Lloyd May Blogs 5 Managing.
Copyright © 2006, Infinite Campus, Inc. All rights reserved. User Security Administration.
1 CS 3870/CS 5870: Note 14. Prog5 Due 10 PM Wednesday, Oct 21 Authentication and Authorization 2.
A Lap Around New Enhancements for Web Developers in Visual Studio 2005 Alexander Holy Developer Evangelist, Microsoft EMEA
Module 6: Administering Reporting Services. Overview Server Administration Performance and Reliability Monitoring Database Administration Security Administration.
Securing Web Applications Lesson 4B / Slide 1 of 34 J2EE Web Components Pre-assessment Questions 1. Identify the correct return type returned by the doStartTag()
Security. Agenda ASP.NET security basics AuthenticationAuthorization Security principals Forms authentication Membership service Login controls Role Management.
Working with ASP.NET Controls What is ASP.NET Using server controls in your pages Allowing users to create their own accounts Creating a login page Letting.
Inquiry Tracking. Inquiry Tracking :: Logon Non-Weidmuller employees use the first initial of your first name and your full last name. (i.e. bjones for.
Justin Scheitlin Daisey Fahringer
Project Management: Messages
Security In your webSite.
Unit 7 Learning Objectives
Securing your ASP.NET Website
Agenda Introduction Security flow for a request Authentication
Welcome! To the ETS – Create Client Account & Maintenance
iShop Training Module Access & Security
Authentication and Authorisation in ASP.Net
ASP .NET MVC Authorization Training Videos
Security Basics and ASP.NET Support
Data Virtualization Tutorial… CORS and CIS
10 – 12 APRIL 2005 Riyadh, Saudi Arabia
Jim Fawcett CSE686 – Internet Programming Summer 2005
Searching Business Data with MOSS 2007 Enterprise Search
Common Security Mistakes
What Is Sharepoint? Mohsen Ashkboos
CS 3870 Prog6 Roles Management Due Monday, November 5 Group Assignment.
Manage your Interest Group
HC Hyper-V Module GUI Portal VPS Templates Web Console
Configuring Internet-related services
Office 365 Development.
This is the Sign In page for the Dashboard
AbbottLink™ - IP Address Overview
Administrator’s Manual
FCL – Administration Tool
Security - Forms Authentication
Presentation transcript:

Role Management in .net Vinay Dhareshwar

Agenda Introduction Membership Service Login Controls Role Management Service 2

Role Based Security Most business applications require role- based security. Role management lets you create groups of users as a unit Roles give flexibility to change permissions and add and remove users. Each Web page in the Web application can be assigned a security level As you define more access rules for your application, roles become a more convenient way to apply the changes to groups of users. Most business applications require role-based security. The business owner of an application usually wants certain groups to have full control of all screens, other groups to have full control of a few screens, and another group to have read-only access to a few screens. Role management lets you treat groups of users as a unit by assigning users to roles such as manager, sales, member, and so on. (In Windows, you create roles by assigning users to groups such as Administrators, Power Users, and so on.) Even if your application has only a few users, you might still find it convenient to create roles. Roles give you flexibility to change permissions and add and remove users without having to make changes throughout the site. Each Web page in the Web application can be assigned a security level. This is done by specifying what role is required to access the page. The syntax in the web.config file is very straightforward. After you have established roles, you can create access rules in your application. For example, your site might include a set of pages that you want to display only to members. Similarly, you might want to show or hide a part of a page based on whether the current user is a manager. By using roles, you can establish these types of rules independent from individual application users. For example, you do not have to grant individual members of your site access to member-only pages. Instead, you can grant access to the role of member and then just add and remove users from that role as people sign up or let their memberships lapse. To work with roles, you must be able to identify users in your application so that you can determine whether the user is in a specific role. You can configure your application to establish user identity in two ways: Windows authentication and forms authentication. 3

Membership Service Manages users and credentials Simplifies forms authentication Provider-based for flexible data storage Manages users and credentials Declarative access via WebSite Admin Tool Programmatic access via Membership API Simplifies forms authentication Provides logic for validating user names and passwords, creating users, and more Manages data store for credentials, e-mail addresses, and other membership data Provider-based for flexible data storage 4

SqlMembershipProvider Membership Schema Controls Login LoginStatus LoginView Other Controls Membership API Membership MembershipUser Membership Providers SqlMembershipProvider Other Membership Providers Ships with one membership provider SqlMembershipProvider (SQL Server and SQL Server Express) Use custom providers for other Membership data stores Membership Data SQL Server SQL Server Express Other Data Stores 5

Key Membership Methods Membership Class Provides static methods for performing key membership tasks Creating and deleting users Retrieving information about users Generating random passwords Validating logins Includes read-only static properties for acquiring data about provider settings

Creating New Users try { Membership.CreateUser ("Jeff", "imbatman!", "jeff@microsoft.com"); } catch (MembershipCreateUserException e) { // Find out why CreateUser failed switch (e.StatusCode) { case MembershipCreateStatus.DuplicateUsername: ... case MembershipCreateStatus.DuplicateEmail: case MembershipCreateStatus.InvalidPassword: default: Validating Users if (Membership.ValidateUser (UserName.Text, Password.Text)) FormsAuthentication.RedirectFromLoginPage (UserName.Text, RememberMe.Checked); 7

The MembershipUser Class Represents individual users registered in the membership data store Returned by Membership methods such as GetUser and CreateUser Represents individual users registered in the membership data store Includes numerous properties for getting and setting user info Includes methods for retrieving, changing, and resetting passwords Returned by Membership methods such as GetUser and CreateUser 8

Key MembershipUser Methods Works if Membership.EnablePasswordRetrieval is true ** Works if Membership.EnablePasswordReset is true Comment - Storage for user-defined data CreationDate - Date user was added to the membership data store Email - User's e-mail address LastLoginDate - Date user last logged in successfully LastPassword-ChangedDate - Date user's password was last changed ProviderUserKey - Unique user ID generated by membership provider UserName - User's registered user name

Configuring the Membership Service <membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow = "00:15:00" hashAlgorithmType = "[SHA1|MD5]" > <providers> ... </providers> </membership> 10

Login Controls Standard UI for logging in users Integrates with Membership service Calls ValidateUser automatically No-code validation and logins Also works without Membership service Incorporates RequiredFieldValidators

Using the Login Control <html> <body> <form runat="server"> <asp:Login RunAt="server" /> </form> </body> </html> Login Control Events LogginIn Authenticate LoggedIn LoginError 12

The LoginView Control Displays content differently to different users depending on: Whether user is authenticated If user is authenticated, the role memberships he or she is assigned Template-driven <AnonymousTemplate> <LoggedInTemplate> <RoleGroups> and <ContentTemplate> 13

Using LoginView <asp:LoginView ID="LoginView1" Runat="server"> <AnonymousTemplate> <!-- Content seen by unauthenticated users --> </AnonymousTemplate> <LoggedInTemplate> <!-- Content seen by authenticated users --> </LoggedInTemplate> <RoleGroups> <asp:RoleGroup Roles="Administrators"> <ContentTemplate> <!-- Content seen by authenticated users who are administrators --> </ContentTemplate> </asp:RoleGroup> ... </RoleGroups> </asp:LoginView> Things inside LoggedInTemplate will be shown only if the user is logged in where AnonymousTemplate will be visible if the user is not logged in. 14

Role Management Service Role-based security in a box Simplifies adding role-based security to sites that employ forms authentication Provider-based for flexible data storage Role-based security in a box Declarative access via WS Admin Tool Programmatic access via Roles API Simplifies adding role-based security to sites that employ forms authentication Maps users to roles on each request Provides data store for role information Provider-based for flexible data storage 15

Role Management Schema Controls Login LoginStatus LoginView Other Controls Roles API Roles Role Providers SqlRoleProvider Other Role Providers Roles Data SQL Server SQL Server Express Other Data Stores 16

The Roles Class Provides static methods for performing key role management tasks Includes read-only static properties for acquiring data about provider settings Gateway to the Role Management API Creating and deleting roles Adding users to roles Removing users from roles and more 17

Key Roles Methods

Creating a New Role Adding a User to a Role if (!Roles.RoleExists ("Developers")) { Roles.CreateRole ("Developers"); } Adding a User to a Role string name = Membership.GetUser ().Username; // Get current user Roles.AddUserToRole (name, "Developers"); // Add current user to role 19

Configuring the Role Manager <roleManager enabled="[true|false]" defaultProvider="AspNetSqlRoleProvider" createPersistentCookie="[true|false]" cacheRolesInCookie="[true|false]" cookieName=".ASPXROLES" cookieTimeout="00:30:00" cookiePath="/" cookieRequireSSL="[true|false]" cookieSlidingExpiration="[true|true]" cookieProtection="[None|Validation|Encryption|All]" domain="" maxCachedResults="25" > <providers> ... </providers> </roleManager> Role manager is disabled by default Enable it via Web.config: 20

Role Management Providers Role management is provider-based Ships with three role providers: AuthorizationStoreRoleProvider (Authorization Manager, or "AzMan") SqlRoleProvider (SQL Server) WindowsTokenRoleProvider (Windows) Use custom providers for other data stores 21

Configuring SqlRoleProvider <roleManager defaultProvider="AspNetSqlRoleProvider" ...> <providers> <add applicationName="/" connectionStringName="LocalSqlServer" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, ..." /> </providers> </roleManager> 22

Role Management 23

References http://www.c- sharpcorner.com/UploadFile/praveenalwar/PraveenAlwar072020 06064726AM/PraveenAlwar.aspx http://msdn.microsoft.com/en-us/library/5k850zwb.aspx http://oudinia.blogspot.com/2007/11/aspnet-20-security-role- management.html http://www.codedigest.com/Articles/ASPNET/78_LoginView_Con trols_with_Roles_in_ASPNet_20.aspx http://msdn.microsoft.com/en-us/library/aa478958.aspx http://download.microsoftvirtuallabs.com/download/8/a/7/8a7 1365b-4c80-4e60-8185- 8f12f59bf1d4/ASP.NET2.0MembershipLoginControlsandRoleMan agement.pdf 24