asp.net-roles

I have basic Single Sign-On working across 2 MVC sites (call them SiteA and SiteB) using something along the lines of the following method: http://forums.asp.net/p/1023838/2614630.aspx They are on sub-domains of the same domain and share hash\encryption keys etc in web.config. I've modified the cookie so it is accessible to all Sites on the same domain. All of this seems to be working ok. The sites are on separate servers without access to the same SQL database, so only SiteA actually holds the user login details. SiteB has a membership database, but with empty users. This works fine for my

I'm in a bit of a bind with implementing Roles in ASP.NET MVC 5. I am attempting to log in as a user that does not have a role required to access the area of the application I'm trying to reach. What I would expect in this scenario is, I'm redirected to the login page again, and will be until I enter a set of credentials that do have access or I navigate to another area of the application. What is actually happening is that the application appears to go into a login redirect loop, debugging through reveals that the Login action is being called multiple times. Here is the login action:

There are plenty of questions (and information) on setting up asp.net membership, role providers and the like. Whether or not you should use the built in platform provided by microsoft, or role extend the base classes and role your own. I have decided to extend the default providers and implement my own membership and role providers. Now my question, is specifically around role authentication. Traditionally, you would create roles maybe like 'Manager, Administrator, Employee, Super User' or whatever you have. But what would/should you do with respect to permissions which I consider to be a

Assume like this is my SampleController action method public ActionResult AdminView() { return View() } If want this controller method to be called if the logged in user belongs to admin role, otherwise this method call should be blocked and the user should get an some custom unauthorized access error page. In my asp .net mvc web application, when the user logs in, I am storing the user role in a session as a string. And whenever there is a need to validate the user role, I compare the value stored in the session against a constant say "ADMIN_ROLE". But I am writing that piece of code to check

In MVC4 i used Roles.IsUserInRole to check if a given user is in some role. However, with MVC5 i can't do it anymore... At first, it asked me to enable RoleManager at the web.config but then i discovered that microsoft moved away from Web.Security to Microsoft.AspNet.Identity. My question now is, with Microsoft.AspNet.Identity how do i do an action similar to Roles.IsUserInRole? And/or create a relation between the Role and the User. By the way, i'm still trying to understand the new authentication methods (ClaimsIdentity?). You should read http://typecastexception.com/post/2014/04/20/ASPNET

I created a new MVC application in the new VS2013 IDE. I added the following to the Login Action on the AccountController as I wanted to create a default user dynamically: var admin = new ApplicationUser() { UserName = "administrator" }; var result = UserManager.Create(admin, "administrator"); This works great, I then wanted to put this default user into a new default role: user = UserManager.FindByName("administrator"); var roleresult = UserManager.AddToRole(user.Id,"admin"); The second line errors because obviously it can't find the role "admin" as it doesn't exist yet, but I can't find a