Upload
nigel-andrews
View
214
Download
0
Embed Size (px)
Citation preview
Most business applications require role-based security.
Role management lets you create groups of users as a unit
Roles give flexibility to change permissions and add and remove users.
Each Web page in the Web application can be assigned a security level
As you define more access rules for your application, roles become a more convenient way to apply the changes to groups of users.
Role Based Security
3
Manages users and credentials Simplifies forms authentication Provider-based for flexible data storage
Membership Service
4
Membership Schema
Membership API
MembershipData
ControlsLoginLogin LoginStatusLoginStatus LoginViewLoginView
Other MembershipProviders
Other MembershipProviders
Membership Providers
MembershipMembership MembershipUserMembershipUser
SqlMembershipProviderSqlMembershipProvider
OtherControlsOther
Controls
SQL ServerOther
Data StoresSQL Server
Express
5
Creating New Userstry { Membership.CreateUser ("Jeff", "imbatman!", "[email protected]");}catch (MembershipCreateUserException e) { // Find out why CreateUser failed switch (e.StatusCode) {
case MembershipCreateStatus.DuplicateUsername: ... case MembershipCreateStatus.DuplicateEmail: ... case MembershipCreateStatus.InvalidPassword: ... default: ... }}
7
Represents individual users registered in the membership data store
Returned by Membership methods such as GetUser and CreateUser
The MembershipUser Class
8
Configuring the Membership Service
<membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow = "00:15:00" hashAlgorithmType = "[SHA1|MD5]"> <providers> ... </providers></membership>
10
Using the Login Control
<html> <body> <form runat="server"> <asp:Login RunAt="server" /> </form> </body></html>
12
Displays content differently to different users depending on:◦ Whether user is authenticated◦ If user is authenticated, the role memberships he
or she is assigned Template-driven
◦ <AnonymousTemplate>◦ <LoggedInTemplate>◦ <RoleGroups> and <ContentTemplate>
The LoginView Control
13
Using LoginView
<asp:LoginView ID="LoginView1" Runat="server"> <AnonymousTemplate> <!-- Content seen by unauthenticated users --> </AnonymousTemplate> <LoggedInTemplate> <!-- Content seen by authenticated users --> </LoggedInTemplate> <RoleGroups> <asp:RoleGroup Roles="Administrators"> <ContentTemplate> <!-- Content seen by authenticated users who are administrators --> </ContentTemplate> </asp:RoleGroup> ... </RoleGroups></asp:LoginView>
14
Role-based security in a box Simplifies adding role-based security to sites
that employ forms authentication Provider-based for flexible data storage
Role Management Service
15
Role Management Schema
Roles API
Roles Data
SQL ServerOther
Data Stores
ControlsLoginLogin LoginStatusLoginStatus LoginViewLoginView
Other Role ProvidersOther Role Providers
Role Providers
RolesRoles
SqlRoleProviderSqlRoleProvider
SQL ServerExpress
OtherControlsOther
Controls
16
Provides static methods for performing key role management tasks
Includes read-only static properties for acquiring data about provider settings
The Roles Class
17
Creating a New Role
if (!Roles.RoleExists ("Developers")) { Roles.CreateRole ("Developers");}
Adding a User to a Role
string name = Membership.GetUser ().Username; // Get current userRoles.AddUserToRole (name, "Developers"); // Add current user to role
19
Configuring the Role Manager
<roleManager enabled="[true|false]" defaultProvider="AspNetSqlRoleProvider" createPersistentCookie="[true|false]" cacheRolesInCookie="[true|false]" cookieName=".ASPXROLES" cookieTimeout="00:30:00" cookiePath="/" cookieRequireSSL="[true|false]" cookieSlidingExpiration="[true|true]" cookieProtection="[None|Validation|Encryption|All]" domain="" maxCachedResults="25"> <providers> ... </providers></roleManager>
20
Role management is provider-based Ships with three role providers:
◦ AuthorizationStoreRoleProvider (Authorization Manager, or "AzMan")
◦ SqlRoleProvider (SQL Server)◦ WindowsTokenRoleProvider (Windows)
Use custom providers for other data stores
Role Management Providers
21
Configuring SqlRoleProvider
<roleManager defaultProvider="AspNetSqlRoleProvider" ...> <providers> <add applicationName="/" connectionStringName="LocalSqlServer" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, ..." /> </providers></roleManager>
22
http://www.c-sharpcorner.com/UploadFile/praveenalwar/PraveenAlwar07202006064726AM/PraveenAlwar.aspx
http://msdn.microsoft.com/en-us/library/5k850zwb.aspx
http://oudinia.blogspot.com/2007/11/aspnet-20-security-role-management.html
http://www.codedigest.com/Articles/ASPNET/78_LoginView_Controls_with_Roles_in_ASPNet_20.aspx
http://msdn.microsoft.com/en-us/library/aa478958.aspx
http://download.microsoftvirtuallabs.com/download/8/a/7/8a71365b-4c80-4e60-8185-8f12f59bf1d4/ASP.NET2.0MembershipLoginControlsandRoleManagement.pdf
References
24