18

I am creating an ASP.NET MVC 4 web application. I googled about custom membership, but I couldn't find good resources or video lectures.

Most of them are either outdated or dead links. Please could you suggest some resources about how to start writing a membership and role provider.

Rudi Visser
  • 21,350
  • 5
  • 71
  • 97
Mukesh Sharma
  • 8,914
  • 8
  • 38
  • 55
  • 1
    How about: https://www.google.com/search?q=msdn+custom+membership+provider You even got a sample provider there. – jgauffin Feb 14 '13 at 10:08
  • I wrote ***You even got a sample provider there*** – jgauffin Feb 14 '13 at 10:15
  • 3
    You don't need MVC specific examples. MVC is built on top of ASP.Net and works with the existing providers. See http://stackoverflow.com/q/735571/173225. – Colin Young Feb 15 '13 at 20:55
  • check here https://docs.asp.net/en/latest/security/authentication/identity.html – unique Jul 29 '16 at 15:00
  • Honestly, check out how http://www.mvcforum.com/ does it. They use a custom membership provider using the code-first approach. It's a fantastic learning resource! – pookie Aug 11 '16 at 07:47
  • The comments are correct. We wrote a custom membership and role provider a while back for a client when we were using WebForms and were able to use the exact same provider when they switched to MVC 4. Web.Config still looks the same along with all the SQL tables. – BasicIsaac Sep 15 '16 at 01:53
  • For a several years in my web projects I use a perfect membership solution that you may find in NopCommerce project. The code is available in opensource and has all the features that one can use building the flexible membership solution including users, roles, permissions and many more like external authorization. Here is the link [link](http://www.nopcommerce.com/) – Roman Aug 03 '17 at 09:17

4 Answers4

1

Understanding about membership and roles was pretty difficult for me too, as you said there are not many reliable and detailed content you will find on web. I tried watching several videos to Understand about this topic but wasn't clear. But then two articles from a website called Code Project came for the rescue. I am sharing these Link where you can see a step by step guide about customize membership

Link 1
The link 1 will help you to replace an email with username for login authentication this is one of the most common customization the developers need in the microsoft provided Identity Module.

Link2

The second article will help you understand adding and attaching roles to the created user and how to limit the access of user registration page to an Admin only. This way with the help of these two articles I hope that you will Understand the Basics of Authentication and Authorization.

Abdul Hannan
  • 424
  • 1
  • 6
  • 20
1

I suggest using ASP.Net Identity instead of old membership.ASP.Net Identity is a way better and more flexible than old membership, it also supports role-based authentication using action filters and you can implement your own customized providers (such as role and user providers).

see links below

https://weblog.west-wind.com/posts/2015/Apr/29/Adding-minimal-OWIN-Identity-Authentication-to-an-Existing-ASPNET-MVC-Application

http://www.c-sharpcorner.com/article/create-identity-in-simple-ways-using-asp-net-mvc-5/

Code_Worm
  • 4,069
  • 2
  • 30
  • 35
0

The ASP.NET MVC 4 Internet template adds some new, very useful features which are built on top of SimpleMembership. These changes add some great features, like a much simpler and extensible membership API and support for OAuth. However, the new account management features require SimpleMembership and won't work against existing ASP.NET Membership Providers

Check out resources for ASP.NET Identity here:

http://www.asp.net/identity/overview/getting-started/aspnet-identity-recommended-resources

Ha Doan
  • 611
  • 6
  • 20
0
http://logcorner.com/how-to-configure-custom-membership-and-role-provider-using-asp-net-mvc4/

**for creating a CustomerMemberShipClass** your class must implement System.Web.Security.MembershipProvider abstarct class. and you override the method ValidateUser()
in this ValidateUser() you have to write your own logic based on which you want authenticate user and return true or false according to it.

Sample ValidateUser method 
  public override bool ValidateUser(string username, string password)
        {
           int count=db.GetAll().Where(x => x.UserEmail == username && x.password == password).Count();
           if (count != 0)
               return true;
           else
               return false;
        }

later in web.config file you have add the fallowing under <sytem.web> element


<membership defaultProvider="MyMembershipProvider">
      <providers>
        <clear/>
        <add name="MyMembershipProvider" type="Write your class name that is implementing membershipproviderclas"/>
      </providers>
    </membership>

after doing this you can validate user using **MemberShip.Validate(Username,password)** which returns true or false based on ur code in ValidateUser() in CustomMemberShipProvider class and this will also set **[Authorize] attribute**

**for creating a CustomRoleProviderClass** your class must inherit System.Web.Secuirty.RoleProvider and override the appropriate method to get the roles for the user

SAmple method for getting roles for user


 public override string[] GetRolesForUser(string username)
        {
            string[] str={db.GetAll().Where(x=>x.UserEmail==username).FirstOrDefault().Role};
            return str;
        }

after this you must add the fallowing in web.config file in <system.web> element

<roleManager enabled="true" defaultProvider="MyRoleProvider">
      <providers>
        <clear/>
        <add name="MyRoleProvider" type="BLL.DoctorAppointmentRoleProvider"/>
      </providers>
    </roleManager>

 and after this u can check the role of the user using attribute **[Authorize(role="admin"])** and in Razor view you can check using User.IsinROle("A").
Lakshmi Bindu Kambam
  • 1
  • 1