Asked 18/4, 2011 at 10:40 Answered 18/4, 2011 at 11:12

Solved asp.net asp.net-membership membership-provider

There are a few threads here at so about this matter but most of them are outdated and the reference links in them are even more outdated.

I got this website which I need to connect to an external sql server (mssql) with it's own table structure, using the default asp.net membership provider structure is not an option. The table layout is really simple and the usertable looks like this (it's called Individuals)

Individuals
- UserGuid (uniqueidentifier/guid, unique)
- Name (varchar)
- Password (varchar)
- HasAccess (tinyint/ 1 or 0)
- DateTime (datetime)
- Log (xml)

The required functionality is simply to log someone in, the rest is not necessary :)

I followed some guides but most of them are outdated and very complex. Unfortunately the msdn examples follows this pattern and the documentation is not very good.

So if anyone got some resources showing how to, or are willing to post codesamples or similar here I'd appreciate it.

Thanks!

Ashore answered 18/4, 2011 at 10:40 Comment(1)

I've searched for simple provider many times. And always found something overcomplicated. So I decided to create my own just 5 classes. See github.com/TesserisPro/ASP.NET-SImple-Security-Provider – Flurry 19/8, 2014 at 10:16

It's very simple really:

Create a new Class file (if you're not using a multi-layered system, in your project's Models folder) let's called MyMembershipProvider.cs
Inherit that class from System.Web.Security.MembershipProvider
automatically create the needed methods (period + space in the inherit class)

Done!

All methods will have the NotImplementedException exception, all you need to do is edit each one and put your own code. For example, I define the GetUser as shown below:

public override MembershipUser GetUser(string username, bool userIsOnline)
{
    return db.GetUser(username);
}

dbis my Database Repository that I added into the class as

MyServicesRepository db = new MyServicesRepository();

there, you will find the GetUser method as:

public MembershipUser GetUser(string username)
{
    OS_Users user = this.FindUserByUsername(username);

    if (user == null)
        return
        new MembershipUser(
            providerName: "MyMembershipProvider",
            name: "",
            providerUserKey: null,
            email: "",
            passwordQuestion: "",
            comment: "",
            isApproved: false,
            isLockedOut: true,
            creationDate: DateTime.UtcNow,
            lastLoginDate: DateTime.UtcNow,
            lastActivityDate: DateTime.UtcNow,
            lastPasswordChangedDate: DateTime.UtcNow,
            lastLockoutDate: DateTime.UtcNow);

    return
        new MembershipUser(
            providerName: "MyMembershipProvider",
            name: user.username,
            providerUserKey: null,
            email: user.email,
            passwordQuestion: "",
            comment: "ANYTHING you would like to pass",
            isApproved: true,
            isLockedOut: user.lockout,
            creationDate: user.create_date,
            lastLoginDate: user.lastLoginDate,
            lastActivityDate: user.lastActivityDate,
            lastPasswordChangedDate: user.lastPasswordChangedDate,
            lastLockoutDate: user.lastLockoutDate);
}

Do this for all the methods you use (debug the project and see which ones you need) - I only use some, not all as I don't really care about methods like ChangePasswordQuestionAndAnswer, DeleteUser, etc

just make sure that in your web.config you add the new Membership as:

<membership defaultProvider="MyMembershipProvider">
  <providers>
    <clear/>
    <add name="MyMembershipProvider" type="Your.NameSpace.MyMembershipProvider" connectionStringName="OnlineServicesEntities"
         enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
         maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
         applicationName="/" />
  </providers>
</membership>

You have a nice Video Tutorial from Chris Pels (dated 2007 but still mostly valid) and code for this as well, though Video Tutorial is in VB, but let's you understand the steps...

http://www.asp.net/general/videos/how-do-i-create-a-custom-membership-provider

I did not only create my own Membership Provider but I created my Roles Provider as well, witch as you can see from above code, is as simple as the MemberShip and let's you, in your application use things like:

[Authorize(Roles = "Partner, Admin")]
public ActionResult MyAction()
{

}

and

@if (Roles.IsUserInRole(Context.User.Identity.Name, "Admin"))
{
    <div>You're an ADMIN, Congrats!</div>
}

What is automagically create the needed methods (period + space in the inherit class)

You can either right-click, or have the cursor on the name and press Control + . and then space.

Sickle answered 18/4, 2011 at 11:12 Comment(8)

Thanks, do I still need to install the aspnet schemas (the ones used by the membership provider) and other stuff to my remote database? – Ashore 19/4, 2011 at 10:5

No... the class has no connection to the Database Schema, you implement that. For example, I requested my own Database / My own tables OS_Users in my example to give me the user and as long as you pass a MembershipUser you're fine. --> See that screencast Video that I posted in the answer first, so you get what's this is all about. – Sickle 19/4, 2011 at 10:18

Can anyone elaborate on #3 at the top, "automagically create the needed methods (period + space in the inherit class)"? I'm not familiar with that shortcut. What does that mean? – Hortensiahorter 19/12, 2011 at 20:38

@Hortensiahorter A few months late, but since I just figured this out myself yesterday, thought I'd share: you can "automagically" create the methods and properties that must be inherited by right-clicking "MembershipProvider" in your class heading (public class MyMembershipProvider : MembershipProvider) --- there will be an option to generate stubs for the necessary inherited stuff. All stubs automatically are filled in with NotImplementedExceptions(), which you can either leave that way, or remove and implement where necessary. – Waiter 7/2, 2012 at 0:13

instead of right-click, you can have the cursor on the name and press Control + . and then space. – Sickle 7/2, 2012 at 7:23

BTW, this requires a reference to System.Web.ApplicationServices.dll – Nkrumah 4/4, 2012 at 1:44

How would would handle the hashing of passwords in this case? Can the base Membership provider be tapped into to handle this? – Squires 12/7, 2012 at 5:25

@EricJ. also a reference to System.Configuration – Memphis 22/2, 2015 at 18:11

There are a few threads here at so about this matter but most of them are outdated and the reference links in them are even more outdated.

Since the introduction of ASP.NET in Framework 1.0 the Page.User/CurrentSession.User/IPrincipal/IIdentity model is unchanged. In Framework 2.0 the Membership provider was added. Those "outdated" reference remain valid guidance. MSDN

Hervey answered 18/4, 2011 at 10:56 Comment(0)

What is automagically create the needed methods (period + space in the inherit class)

Recommended topics

Hot tags