1 / 39

Developing Custom ASP.NET Providers For Membership And Role Manager

Developing Custom ASP.NET Providers For Membership And Role Manager. Goksin Bakir Yage Ltd Microsoft Regional Director, MEA. Agenda. Provider Model Extensibility scenarios Projecting Membership via web services Role caching with SQL Server 2005 Virtualizing applications

elma
Download Presentation

Developing Custom ASP.NET Providers For Membership And Role Manager

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Developing Custom ASP.NET Providers For Membership And Role Manager Goksin Bakir Yage Ltd Microsoft Regional Director, MEA

  2. Agenda • Provider Model • Extensibility scenarios • Projecting Membership via web services • Role caching with SQL Server 2005 • Virtualizing applications • Integrating Membership with custom data

  3. Membership service • Membership API • Membership providers • Role Management service • Roles class • Role caching • Role providers

  4. Membership Service • Service for managing users and credentials • Declarative access via Web Site Admin Tool • Programmatic access via Membership and MembershipUser classes • Membership class provides base services • MembershipUser class represents users and provides additional services • Provider-based for flexible data storage

  5. Membership Schema Controls Login LoginStatus LoginView Other Login Controls Membership API Membership MembershipUser Membership Providers AccessMembershipProvider SqlMembershipProvider Other Membership Providers Membership Data Access SQL Server Other Data Stores

  6. The Membership Class • Provides static methods for performing key membership tasks • Creating and deleting users • Retrieving information about users • Generating random passwords • Validating logins • Also includes read-only static properties for acquiring data about provider settings

  7. The MembershipUser Class • Represents individual users registered in the membership data store • Includes numerous properties for getting and setting user info • Includes methods for retrieving, changing, and resetting passwords • Returned by Membership methods such as GetUser and CreateUser

  8. Provider Configuration • Membership providers support a number of configuration settings • How should passwords be stored (cleartext, hashed, encrypted)? • Should password recovery be enabled? • Must each user have a unique e-mail address? • Exposed as properties of provider class • Initialized from CONFIG files

  9. Role Management Service • Role-based security in a box • Declarative access via Web Site Admin Tool • Programmatic access via Roles class • Roles class contains static methods for creating roles, adding users to roles, etc. • Maps users to roles on each request • Replaces Application_AuthenticateRequest • Provider-based for flexible data storage

  10. Role Management Schema Controls Login LoginStatus LoginView Other Login Controls Roles API Roles Role Providers AccessRoleProvider SqlRoleProvider Other Role Providers Roles Data Access SQL Server Other Data Stores

  11. The Roles Class • Gateway to the Role Management API • Provides static methods for performing key role management tasks • Creating and deleting roles • Adding users to roles • Removing users from roles and more • Also includes read-only static properties for acquiring data about provider settings

  12. Role Caching • Role manager caches roles data in cookies • Fewer accesses to data store • Better performance • Controlled via <roleManager> attributes and programmatically exposed thru Roles class • Should roles be cached in cookies? • Should role cookies be encrypted? • How long are role cookies valid?

  13. Role Management Providers • Role management is provider-based • AccessRoleProvider (Access) * Removed • AuthorizationStoreRoleProvider (AuthMan) • SqlRoleProvider (SQL Server) • WindowsTokenRoleProvider (Windows) • Use custom providers for other data stores

  14. Provider Model • Enable new functionality in a transparent fashion • Enable extensibility for • Web services • Browser based “Atlas” clients • Smart clients • Application services as pluggable building blocks • Decoupled via configuration • Use structural classes for your own features

  15. Static feature class Feature config. Provider instances Provider ModelFeature Lifecycle

  16. Provider ModelFeature Configuration public class QuotationsConfiguration : ConfigurationSection { [ConfigurationProperty("providers")] public ProviderSettingsCollection Providers { get; } [ConfigurationProperty("defaultProvider", DefaultValue = "StaticQuotationProvider")] public string DefaultProvider { get; set; } }

  17. Provider ModelCreating Provider Instances //Start with empty provider collection providerCollection = new QuotationsProviderCollection(); //Helper class converts configuration information into //concrete providers ProvidersHelper.InstantiateProviders( qc.Providers, //a ProviderSettingsCollection providerCollection, typeof(QuotationsProvider)); //Lock the provider collection providerCollection.SetReadOnly();

  18. Projecting Membership • Physical 3-tier deployments • May not allow web server to connect directly to Sql tier • “Atlas” and smart clients • Clients can only communicate over Http • Need app services to work across the Internet

  19. Projecting MembershipDesign Issues • Authenticating to the web service • Not all methods should be public • Serialization of MembershipUser • Read-only properties don’t serialize • WebMethod parameter constraints • Collection types and [out] parameters • Selecting from multiple providers • Choosing a non-default provider

  20. Projecting Membership3-Tier Flow Webservice server Web server .asmx Membership wrapper Application code Webservice provider SQL provider

  21. Internet client “login” Application Returns forms ticket pass ticket w/ each request Projecting MembershipAuthenticated Flow Webservice server .asmx Formsuth wrapper .asmx Membership wrapper Validate ticket and roles SQL provider

  22. Caching Role Data • Role Manager can cache user roles: • Cookie caching (not enabled by default) • Per-request in RolePrincipal • RolePrincipal caching • Results in at least one call to GetRolesForUser • Stored internally with HybridDictionary • Cookie caching limited to 4K of data • Option for persistent cookie

  23. Caching Role Data • Cache role data using SQL Server 2005 query notifications • Data is cached until SQL notifies you • Good for clients that cannot use cookies • Can handle apps with hundreds of roles

  24. Caching Role DataQuery Notification Specifics • Need to change “SET QUOTED IDENTIFIER” in ASP.NET SQL scripts to “ON” • Then recompile stored procedures • Custom provider must query ASP.NET tables directly • Cannot create notifications against SQL views

  25. Virtualized Applications • One physical ASP.NET application • Multiple “virtual” applications • Portal style applications • DotNetNuke portal provisioning • Self-registered forums and portals • Sharepoint • However providers are • “Application-centric” • Statically defined in configuration

  26. Virtualized Applications • Override ApplicationName property • Determine virtual application context dynamically (e.g. IHttpModule) • Retrieve it in the override • Cautionary Notes! • Prevent auth ticket re-use across apps • Don’t accidentally map roles in one virtual app to a user in a different virtual app • Turn off cookie caching for roles

  27. Setting Application Context Dynamically

  28. Integrating Custom Data • Need to integrate existing data • Don’t want to write a provider from scratch • May need to link to your own data • What can “safely” be referenced? • How do you handle transactions? • How do you pass extra data along?

  29. Integrating Custom DataCustom Provider Design Issues • Referential Integrity • Foreign key to aspnet_Users table • Use SQL views to lookup UserID • Transactional Integrity • Use the new ADO.NET 2.0 TransactionScope • Custom Data • Pass via HttpContext to CreateUser • Extend MembershipUser for other cases

  30. Summary • Rewrite or enhance features • Plug-in rich functionality independently from the presentation tier • Project current features onto other platforms via web services • Use the provider infrastructure for your own features

  31. Community Resources • INETA MEA ! • www.ineta.org • mea.ineta.org

  32. Community ResourcesProvider Links on the Web • Access providers from Beta 1 • Installs as a Visual Studio 2005 VSI template • Includes full source for Membership, Role Manager, Profile and Web Parts Personalization providers • Provider Toolkit • Extensive 120 page whitepaper • Sample providers for all provider based features • Both will be available at http://msdn.microsoft.com/asp.net/beta2/providers/default.aspx

  33. Community Resources • INETA MEA ! • www.ineta.org • mea.ineta.org • Speaker as a resource • goksin@yage.com.tr

  34. Summary • Rewrite or enhance features • Plug-in rich functionality independently from the presentation tier • Project current features onto other platforms via web services • Use the provider infrastructure for your own features

  35. Please fill out the survey forms!They are the key to amazing prizes that you can get at the end of each day Thank you!

More Related