I'm trying to create custom Roles for my MVC4 project. But I have found that there's little about it. I have found this example . But are there any other way of defined my own Authorization Roles. Because I liked to get the User Roles from a database instead of the IIS.
I needed a MembershipProvider and a RoleProvider. Also, I needed to add an extra value to my SetAuthCookie.
Related
I am new to working with Blazor and Authorization. Background is desktop apps in Vb.Net, so I have been reading everything I can on it, but it still is very confusing when I only want a specific subset of the options out there.
I have a very simple intranet Razor Server based app that is getting the windows user name correctly with default authentication. (I use the name in calls to stored procedures for logging, so I know that is working correctly.)
What I need is to implement authorization (role based would be fine) based on information I have already in the database tied to the user name).
Where and how does one add roles to an existing authstatetask or other object instantiated by the default processes?
Everything I have seen deals with the EF version of Identity or wants to override the authorization task.
I have Simple DB calls being made in Dapper which will return an identifier from which I can set roles.
I just need pointers to the proper method and where in the app I should put it. I have just a single .razor page being loaded, Navbar is disabled.
You can either :
Implement Identity stores for Dapper following instruction in this blog : ASP.NET CORE IDENTITY WITHOUT ENTITY FRAMEWORK
Use Policy-based authorization and create authorization handlers meeting your requirements
I am looking for days for the right solution. I am have user name and password stored in my DB.
I want only specific users to get access to some controller methods. How can I implement it, checking by User Id if he has permission or not?
Thanks!
You can implement basic authentication in web api , adding [Authorize] attribute on specific controllers which need provider user's credential . Please refer to below article for code samples :
https://codeburst.io/adding-basic-authentication-to-an-asp-net-core-web-api-project-5439c4cf78ee
https://beetechnical.com/rest-api/how-to-validate-rest-api-using-basic-authentication-in-web-api-net-core/
https://jasonwatmore.com/post/2019/10/21/aspnet-core-3-basic-authentication-tutorial-with-example-api
I'm logging in the user via an AccountController. The user is authenticated against Active Directory. A user claim is created with a name attribute with their user name. I'm using CookieAuthentication.
I want to authorize against an existing user table that will provide the role(s) for authorization. In ASP.NET MVC I set up a custom authorize attribute but that doesn't seem to be available. I've seen some very elaborate examples (using authorization policies, etc) for authorization. They look great but I'm actually doing something rather simple.
I want to be able to decorate the controller or action method with the role(s) required. For example:
[CustomAuthorize(Roles = "Admin")]
Could someone provide a simple example or point me in the right direction?
I have implemented IdentityServer4 in ASP.NET core with one application as Identity server and second one as client. I have couple of queries
1. I want to add roles to the profile information returned.
2. What are scopes there for ?
can someone provide a fair idea ?
To add roles, check out the IdentityServer4.AspNetIdentity nuget package. See Using ASP.NET Core Identity.
Scopes are used to create a relationship between ApiResources and Clients. Rather than say, associated the name of a client api (e.g. AccountingApi) to an ApiResource, we associated the client api to a scope (e.g. internalApis) and then associated the same scope to the ApiResource.
Can any one explain me how to create User Accounts under super admin with accesses and restrictions in ASP.Net MVC4.
You can have a look at this example in the asp.net website, which shows how to implement Membership and Authentication in MVC3 but this applies to MVC4 too.
You first need to setup your database for Membership
Create a SQL Database and call it what you want. If your application already uses one, you can use it for Membership too.
Assign and user and password to the Database.
Run the ASP.Net SQL Server Setup Wizard located in your .NET
Framework directory. The wizard is called aspnet_regsql.exe.
You can find more information about this process in this msdn article.
Once you have setup Membership, you would be able to designate Actions or Controllers that only SuperAdmins will have access to.
[Authorize(Roles = "Superadmin")]
public class SomeController : Controller
{
// Controller code here
}