Is there any opensource project for managing users, roles etc for Asp.net Core Identity? Something similar to what was there for the old Asp.Net Membership.
You are looking for Identity Manager. But last time I looked on it (some time ago now), it had to be installed as a separate project, independent from your main application. Though this might have changed now.
In addition to the project wiki, here is a write-up about this project - you can start from there.
Related
I am writing an ASP.NET Core 6 application and have to have user logins. The choices are either ASP.NET Core Identity that is a part of the ASP.NET Core 6 framework or to use Active Directory.
This will all be hosted on Azure so if I use Active Directory it will be Azure Active Directory used solely for this application.
As I see it the trade-offs are:
ASP.NET Core Identity
Integrated into the framework - easier to use.
Active Directory
Supports more MFA options
Need it if I'm going to also have a Web API available too
Can connect another Active Directory to provide users eliminating the need for duplicate logins for users on associated systems.
Am I missing something here? Because it appears to me that it's a slam dunk to use Active Directory.
We are trying to implement single sign on, across multiple domains from MVC 4 application to .Net Core application.
MVC 4 to MVC 4 it's working fine with MachinKey, but not with .Net core.
How can we implement SSO to share the same authentication with all other application in MVC4 and .Net core application.
Identity Server can do this. Identity Server version 4 will be supported and free for as long as .NET Core 3.1 is supported. After that, you'll need Duende Identity Server, which is the next version, available on a commercial licence.
You can also do it with OpenID Connect (AKA OpenIddict) which is free for the foreseeable future, but that will probably need you to write a bit more code.
I have used both.
Both of them are agnostic to the type of client applications, so your clients can be MVC4, .NET Core, Xamarin, React, anything at all. Both of them have good templates that you can download and get started quite quickly with a simple scenario.
Unfortunately, in my experience, making meaningful extensions or changes to the templates (such as what you're proposing) was difficult and required in-depth knowledge of internet security concepts, studying the documentation and source code of whichever library that you choose.
I have tried really hard to learn but I still find it difficult, so I wish you good luck!
Here are the sample projects for IdentityServer4:
https://github.com/IdentityServer/IdentityServer4.Templates
And here is the documentation on how to get started:
http://docs.identityserver.io/en/latest/
Here are the sample projects for Open Id Connect:
https://github.com/openiddict/openiddict-samples
And here is the documentation:
https://openid.net/connect/
I created a MVC 4 project using MS Visual Web Developer 2010 Express. It by default uses "SimpleMembership" and it connects to a database (A) on my local SQL Server. I ran the web project and registered a trial user, and it was successful. When I checked the database A with Management Studio, the user was there.
However, when I turned on debug and opened the ASP.NET Web Application Administration Web Tool. It showed User: 0. Obviously the Admin Tool did not check the database A. Then I was able to create another user via the Admin Tool. Surprisingly it was found added to the "aspnetdb.mdf" in "App_Data" folder of my project.
My questions are:
how I can make the Admin Tool connect to the database A on my SQL Server instead of the "aspnetdb.mdf" file as I don't want to store my user profiles in two separate places.
Why "aspnetdb.mdf" uses ASP.Net Membership instead of "SimpleMembership"?
Thanks!
The Web Application Administration Tool was developed for SimpleMembership's predecessor ASP.NET Membership. When Microsoft released SimpleMembership they never bothered to provide support for any admin tool; you have to create one yourself. Take a look at this QA which explains in more detail.
Be aware that Microsoft has dropped SimpleMembership in MVC 5 for ASP.NET Identity. ASP.NET Identity is a much better solution, but it still does not come with an admin tool. I would move to ASP.NET Identity if possible. Here is an article on how to migrate to ASP.NET Identity.
I currently have a MVC 4 app with SimpleMembership, which works well. I feelt though that I might as well update now to MVC 5, while I am still developing rather than later.
I am wondering if it would be more practical to stay with SimpleMembership or move to ASP Identity. I have read that it is possible to get SimpleMembership to work. Link
I would have no problem moving to ASP Identity if I hadn't read that it forced the developer to implement most of the features older versions had themselves. Such as Login Attempts and Confirming Email. Here is one place this is stated
There may have been changes to ASP Identity since these posts, but I have a hard time finding documentation on it.
Any advice or personal experiences would be highly appreciated.
The open-source SimpleSecurity Project provides good examples on implementing features such as email confirmation using ASP.NET Identity. This project also provides an example of using SimpleMembership in MVC 5 and helps you through some of the hurdles I hit when trying to upgrade to MVC 5. The implementation of ASP.NET Identity in the SimpleSecurity project decouples it from the web application and provides an API similar to the WebSecurity class you are familiar with from using SimpleMembership. SimpleSecurity gives you both options with MVC 5, but since you are making the effort to upgrade to MVC 5 and you are still in development I would also make the effort to upgrade to ASP.NET Identity as this is the future of identity and access control in ASP.NET.
Here's a funny one - I suspect because I am using VS 2010 with MVC4.
Created an MVC4 App using the internet template. I get AccountController.cs and the basic pages allow me to register and add users. So far so good. However, the ASP.NET configuration tool (from Project menu) seems to be using a different database.
Web.config has this:
but my MVC project also has a ASPNETDB.MDF inside app_data. ASP.NET configuration tool seems to be using ASPNETDB.MDF, but run time seems to be using the one referenced by DefaultConnection.
Also, after doing some research on here and elsewhere, other people's Web.Config seem to have lots of entries for providers etc. which I don't have. Am I missing some update / NuGet package?
All I want to do is use MVC4 with users and roles, and was planning to use the configuration tool to setup the predefined roles and some basic users.
Thanks in advance,
Ray