role management in net n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Role Management in PowerPoint Presentation
Download Presentation
Role Management in

Loading in 2 Seconds...

play fullscreen
1 / 24

Role Management in - PowerPoint PPT Presentation


  • 102 Views
  • Uploaded on

Role Management in .net. Vinay Dhareshwar. Agenda. Introduction Membership Service Login Controls Role Management Service. 2. Role Based Security. Most business applications require role-based security. Role management lets you create groups of users as a unit

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Role Management in' - ryder-watts


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
role management in net

Role Management in .net

Vinay Dhareshwar

slide2

Agenda

  • Introduction
  • Membership Service
  • Login Controls
  • Role Management Service

2

slide3

Role Based Security

  • Most business applications require role-based security.
  • Role management lets you create groups of users as a unit
  • Roles give flexibility to change permissions and add and remove users.
  • Each Web page in the Web application can be assigned a security level
  • As you define more access rules for your application, roles become a more convenient way to apply the changes to groups of users.

3

slide4

Membership Service

  • Manages users and credentials
  • Simplifies forms authentication
  • Provider-based for flexible data storage

4

slide5

Membership Schema

Controls

Login

LoginStatus

LoginView

Other

Controls

Membership API

Membership

MembershipUser

Membership Providers

SqlMembershipProvider

Other Membership

Providers

Membership

Data

SQL Server

SQL Server

Express

Other

Data Stores

5

slide7

Creating New Users

try {

Membership.CreateUser ("Jeff", "imbatman!", "jeff@microsoft.com");

}

catch (MembershipCreateUserException e) {

// Find out why CreateUser failed

switch (e.StatusCode) {

case MembershipCreateStatus.DuplicateUsername:

...

case MembershipCreateStatus.DuplicateEmail:

...

case MembershipCreateStatus.InvalidPassword:

...

default:

...

}

}

7

slide8

The MembershipUser Class

  • Represents individual users registered in the membership data store
  • Returned by Membership methods such as GetUser and CreateUser

8

slide10

Configuring the Membership Service

<membership defaultProvider="AspNetSqlMembershipProvider"

userIsOnlineTimeWindow = "00:15:00"

hashAlgorithmType = "[SHA1|MD5]"

>

<providers>

...

</providers>

</membership>

10

slide12

Using the Login Control

<html>

<body>

<form runat="server">

<asp:Login RunAt="server" />

</form>

</body>

</html>

12

slide13

The LoginView Control

  • Displays content differently to different users depending on:
    • Whether user is authenticated
    • If user is authenticated, the role memberships he or she is assigned
  • Template-driven
    • <AnonymousTemplate>
    • <LoggedInTemplate>
    • <RoleGroups> and <ContentTemplate>

13

slide14

Using LoginView

<asp:LoginView ID="LoginView1" Runat="server">

<AnonymousTemplate>

<!-- Content seen by unauthenticated users -->

</AnonymousTemplate>

<LoggedInTemplate>

<!-- Content seen by authenticated users -->

</LoggedInTemplate>

<RoleGroups>

<asp:RoleGroup Roles="Administrators">

<ContentTemplate>

<!-- Content seen by authenticated users who are administrators -->

</ContentTemplate>

</asp:RoleGroup>

...

</RoleGroups>

</asp:LoginView>

14

slide15

Role Management Service

  • Role-based security in a box
  • Simplifies adding role-based security to sites that employ forms authentication
  • Provider-based for flexible data storage

15

slide16

Role Management Schema

Controls

Login

LoginStatus

LoginView

Other

Controls

Roles API

Roles

Role Providers

SqlRoleProvider

Other Role Providers

Roles Data

SQL Server

SQL Server

Express

Other

Data Stores

16

slide17

The Roles Class

  • Provides static methods for performing key role management tasks
  • Includes read-only static properties for acquiring data about provider settings

17

slide19

Creating a New Role

if (!Roles.RoleExists ("Developers")) {

Roles.CreateRole ("Developers");

}

Adding a User to a Role

string name = Membership.GetUser ().Username; // Get current user

Roles.AddUserToRole (name, "Developers"); // Add current user to role

19

slide20

Configuring the Role Manager

<roleManager enabled="[true|false]"

defaultProvider="AspNetSqlRoleProvider"

createPersistentCookie="[true|false]"

cacheRolesInCookie="[true|false]"

cookieName=".ASPXROLES"

cookieTimeout="00:30:00"

cookiePath="/"

cookieRequireSSL="[true|false]"

cookieSlidingExpiration="[true|true]"

cookieProtection="[None|Validation|Encryption|All]"

domain=""

maxCachedResults="25"

>

<providers>

...

</providers>

</roleManager>

20

slide21

Role Management Providers

  • Role management is provider-based
  • Ships with three role providers:
    • AuthorizationStoreRoleProvider (Authorization Manager, or "AzMan")
    • SqlRoleProvider (SQL Server)
    • WindowsTokenRoleProvider (Windows)
  • Use custom providers for other data stores

21

slide22

Configuring SqlRoleProvider

<roleManager defaultProvider="AspNetSqlRoleProvider" ...>

<providers>

<add applicationName="/"

connectionStringName="LocalSqlServer"

name="AspNetSqlRoleProvider"

type="System.Web.Security.SqlRoleProvider, System.Web, ..."

/>

</providers>

</roleManager>

22

slide24

References

  • http://www.c-sharpcorner.com/UploadFile/praveenalwar/PraveenAlwar07202006064726AM/PraveenAlwar.aspx
  • http://msdn.microsoft.com/en-us/library/5k850zwb.aspx
  • http://oudinia.blogspot.com/2007/11/aspnet-20-security-role-management.html
  • http://www.codedigest.com/Articles/ASPNET/78_LoginView_Controls_with_Roles_in_ASPNet_20.aspx
  • http://msdn.microsoft.com/en-us/library/aa478958.aspx
  • http://download.microsoftvirtuallabs.com/download/8/a/7/8a71365b-4c80-4e60-8185-8f12f59bf1d4/ASP.NET2.0MembershipLoginControlsandRoleManagement.pdf

24