working with MVC5 and trying to integrate AspNetSqlMembershipProvider than the default provider or simple membership provider.
Is that possible to use AspNetSqlMembershipProvider with MVC5? All login and register codes looks clumsy and I am not able to figure out what exactly UserManager. I did all necessary alterations in the web.config level, still my users are not validating with the SQL Database which we have created.
AspNetSqlMembershipProvider is deprecated.
ASP.NET Universal Providers is an updated version of ASP.Net Membership Provider.
Is that possible to use AspNetSqlMembershipProvider with MVC5?
Yes you can use ASP.NET Universal Providers in MVC5. If you have used ASP.Net Membership Provider in WebForm previously, they basically are same except you cannot get Async and Await.
All login and register codes looks clumsy and I am not able to figure
out what exactly UserManager.
You do not need to use UserManager which is used by ASP.net Identity.
Related
Can anyone provide direction on how to add a Rest API to an existing Azure .net website as an alternative to receive private information? Like many website, we already have good U&P authentication via .Net Identity Framework over SSL to protect the U&P and content.
There are a lot of .net C# websites that have implemented the .net U&P framework that works great over SSL. With the proliferation of Rest APIs, we need to provide these users capability to login with their already existing credentials via Rest API so how can we simply extend this?
I am making an API in .net that is using WebApi. The API is going to be consumed by an adroid native application. I would like to implement OAuth2 for authentication however I don't want to use Entity Framework and the baked in implementation when you create a project seems to use that. Is there an easy way to implement the OAuth2 modules without the Entity Framework integration or do I have to try and write my own classes that implement the same interfaces as the user classes in Entity Framework?
You don't need to. That's just there for convenience. First, you need to understand how OAuth works from an Authentication Server perspective. I have a feeling you are using OWIN.
In that case, you need to enable OAuthAuthentication and use their delegates to intercept when clients are calling your API for authentication (so that you can generate a token). Then you just authenticate against a database... worst case scenario you can do.. "SELECT u, p from Users where u = 'user' and p = 'password'.... My point is that you don't need Entity Framework at all. Once you have a valid user, then you create a token, add some claims to it and send it back. Done. There are plenty of examples online.
I want to create custom authentication in MVC4 and log by Facebook. Also how we can use MVC4 default authentication for role management. It create relevant tables when we create internet application but there are no way to manage roles. What is the best and flexible way to create log in?
If you're using ASP.NET MVC4, you can use OAuthWebSecurity. You don't even need to use the default user-role default management schema from ASP.NET.
I've been using for a while and it's flexible enough for me because my applications already had a user-role management, so I didn't need to change my code that already exists, I just needed to add features to allow external authentication by using OAuthWebSecurity.
There are some examples like this below
http://www.asp.net/mvc/tutorials/security/using-oauth-providers-with-mvc
http://galratner.com/blogs/net/archive/2012/09/27/use-mvc-4-and-oauthwebsecurity-to-post-into-your-users-facebook-timeline.aspx
http://brockallen.com/2012/09/04/using-oauthwebsecurity-without-simplemembership/
I am developing a Rest service with Web API. The service only requires one login credential as it is used by an application developed by a third party. If I use the project template with "Individual User Accounts", I have to have a SQL server running(?), which is an overkill to support a single username and password. How about the LocalDB comes with VS 2013 ?
"Windows Authentication" cannot be used because the service is accessed from the Internet.
What is the proper way to authenticate ?. Are there any "in memory" or config file providers that come with Web API ? I know there is Asp.net Identity package, but It uses entity framework as a provider. Can anyone please suggest ?
You can create a custom store for ASP.NET Identity and it could be memory or a config file. Here is a tutorial on creating a custom store in ASP.NET Identity. I would not put it in memory because you will most likely want to change the password and that would require a recompile and redeploy. Personally I would just use SQL Express or SQL Compact as they take minimal resources and rewriting the data store seems like a lot of work for little benefit in this scenario.
No matter how do you want to authorize the call, the users has to be present in a database or cache to check the validity of the provided user. Microsoft will offer you out of the box a solution based on SQL server or some of their own products.
If you want to implement you own user check, you will probably have to take care of the authentication by yourself. This means that you will have to check the HTTP header by yourself and reject or accept the request by yourself.
My question is, why do you want to use some "in memory" provider? The users has to be somewhere. Why not a SQL express?
We would like to use the new authorization/token system of Web API2 and have upgraded to MVC5/Web API2.
There is an internal REST API that does authentication already that we would like to reuse. Essentially it takes uid/pwd and some additional profile parameters and returns true/false.
Question: how to hook up an authentication filter against that service instead of the default Entity Framework 6 DB-based Identity store?
I looked at UserManager class and it is unclear this is the right path.
Hope following video answer your question.
http://www.pluralsight.com/training/Courses/TableOfContents/webapi-v2-security