asp.net-authentication

How do i get all users from a specific role? var users = Membership.GetAllUsers(); gets all users in all roles. it returns a list of MembershipUser , but there is no role property. Thanks You need to use the Roles class defined in System.Web.Security. It has a Roles.GetUsersInRole method. Here is the documentation. If you want to map the returned username to a MembershipUser you can use Membership.GetUser(string username) method on each of the returned values. Richard Roles are handled by the role provider not the membership provider (for separation of authorisation from authentication). So

How to use forms authentication without login control.I don't want to use asp.net login control in my site.But i have to implement forms authentication and to validate users in my database. I am assuming that instead of using a login control, you are using a few textboxes(eg username/password) and a logon button. The code could look something like this: In your aspx file <asp:Textbox runat="server" ID="Username"/> <asp:Textbox runat="server" ID="Password"/> <asp:Button runat="server" ID="Login" OnClick="Login_OnClick"/> <asp:Label runat="server" ID="Msg" > And on server side: public void Login

How do I implement an Automatic Logout Timer. So basically if the user is inactive for x minutes their session is ended? I have tried: <system.web> <sessionState timeout="1"/> </system.web> But it doesn't seem to work. Here is code that is in my startup: public void ConfigureAuth(IAppBuilder app) { // Enable the application to use a cookie to store information for the signed in user app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString("/Account/Login") }); } Which says that I am using cookie

I'm trying to add LinkedIn authentication to my ASP.NET Core 2.0 app but getting the following error: No authentication handler is configured to handle the scheme: LinkedIn Here's how I add LinkedIn/OAuth authentication in the ConfigureServices in Startup.cs : services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie("internal_cookie", options => { options.AccessDeniedPath = "/Account/Forbidden/"; options.LoginPath = "/Account/Login"; }) .AddCookie("external_cookie") .AddOAuth("LinkedIn", options => { options.SignInScheme = "external_cookie"; options.ClientId =

I understand that I can use claims to make statements about a user: var claims = new List<Claim>(); claims.Add(new Claim(ClaimTypes.Name, "Peter")); claims.Add(new Claim(ClaimTypes.Email, "peter@domain.com")); But how should I store "role-based" claims? For example: The user is a super administrator. claims.Add(new Claim("IsSuperAdmin, "true")); The value parameter "true" feels completely redundant. How else can this statement be expressed using claims? This is already done for you by the framework. When user is logged in, all user roles are added as claims with claims type being ClaimTypes

There are plenty of questions (and information) on setting up asp.net membership, role providers and the like. Whether or not you should use the built in platform provided by microsoft, or role extend the base classes and role your own. I have decided to extend the default providers and implement my own membership and role providers. Now my question, is specifically around role authentication. Traditionally, you would create roles maybe like 'Manager, Administrator, Employee, Super User' or whatever you have. But what would/should you do with respect to permissions which I consider to be a