SlideShare une entreprise Scribd logo

Asp.net membership anduserroles_ppt

Télécharger en tant que PPTX, PDF
Shivanand Arur
Shivanand Arur

This PPT explains in brief about Asp.Net Membership and Role Providers

Technologie
1  sur  17
ASP.NET Membership and User Roles
Topics  Introduction  Why Security is important?  Different ways to secure our Application  What is Authentication and Authorization?  What are Providers in Asp.Net?  What is MembershipProvider in Asp.Net?  Overview of Asp.Net Membership System  How to configure MembershipProvider in Web.config file?  What is Role Management and Role Providers?  How to configure Role Providers in Asp.Net?
Introduction – Why Security is Important? 1. Security is one of the most important part of any Website or a Web Application. 2. Hackers are waiting out there for us and use various ways to exploit a website / web-application. 3. Hacker can attack in many ways.  Brute Force  Sniffers  Spoofing  Social Engineering  SQL Injection
Introduction - Different Ways to Secure our Application  Design your Application well.  Encrypting the Data while storing.  Input Validation.  Forcing Users for Strong Passwords.  Authentication and Authorization.
What is Authentication?  “Authentication” means to “Check someone’s genuineness”  In ASP.NET – Authentication means the same. It is a process where you check a person’s credentials.  Example – Facebook, Yahoo, Gmail. What is Authorization?  Providing access to resource based on User’s role.  Authentication always preceeds Authorization
What is a Provider in Asp.Net?  ProviderBase Class is an “Abstract Class” which follows the “Provider Model”.  This class is very simple and contains very few methods which is inherited from the “Object” Class. This class is a part of the “System.Configuration.Provider” namespace  The ProviderBase Class implementation is a 2 step process.  First implemented by “Feature–specific Providers” (Membership / Role / Profile Providers)  Feature-specific Provider is implemented by “Implementation-specific Providers” (SqlMembership Provider) ProviderBase Class Implementation ProviderBase Membership / Role SQLMembership Class Provider Classes Provider Class
What is MembershipProvider in Asp.Net?  MembershipProvider is an Abstract class, which provides an abstraction over the data source.  Membership Provider is configured in the Configuration file.  Can be bound to multiple data sources.  Asp.net provides 2 membership providers to store data :-  Microsoft SQL Server – (AspNetSqlMembershipProvider)  Windows Active Directory  Asp.Net provides us to configure our own Custom Membership Provider. (Oracle Data Source, Other data source)  This class inherits from the abstract “ProviderBase” class and contains various methods and properties to “Create, Delete, Update, Validate – Users”, “Get User information”, “Change Password”
Image taken from - http://www.felix-colibri.com/
Overview of Membership System Other Login Controls :- Login Login View Login Status Controls Membership Membership Class Membership User Class API :- Providers :- Membership Provider Provider Base Class Membership SQLMembership Provider Other Membership Provider Providers :- Data Source :- SQL ORACLE SERVER
How to use Membership System? Sample Demo
Why do we need Membership System?  Membership System is configurable and easy to use.  Provides various classes, methods, properties to deal with users information easily.  Asp.Net provides built in Login Server Controls which encapsulates most of the Membership functionality and helps write less code.  Can be integrated with Forms Authentication.  Provides a feature to store useful information like passwords, etc in hashed format within the database.  No need to create tables and write stored procedures for maintaining the data.
ASP.NET USER ROLES
What is Role Management and Role Providers?  Process of managing authorization of Users is called “Role Management”.  Helps to synch users into a group, by assigning them Roles.  A process to decide which page or any other resource can be accessed by which User.  API helps the user to know, what is the role of the User or who the User is? Role Provider –  Yet another abstract class which inherits the “ProviderBase” class.  Provides various functions to “Create”, “Delete” roles. Check a specific role of a user.  Can create custom role providers based upon our application requirements.
 Asp.Net provides 3 different Role Providers  SQLRoleProvider  WindowsTokenRoleProvider  AuthorizationStoreRoleProvider
How to configure Role Providers in Asp.Net? Sample Code
THANK YOU!!!

Recommandé

SignalR for ASP.NET Developers
SignalR for ASP.NET DevelopersSignalR for ASP.NET Developers
SignalR for ASP.NET DevelopersShivanand Arur
 
Asp.Net Identity
Asp.Net IdentityAsp.Net Identity
Asp.Net IdentityMarwa Ahmad
 
Linq to sql
Linq to sqlLinq to sql
Linq to sqlShivanand Arur
 
Asp.Net Core MVC , Razor page , Entity Framework Core
Asp.Net Core MVC , Razor page , Entity Framework CoreAsp.Net Core MVC , Razor page , Entity Framework Core
Asp.Net Core MVC , Razor page , Entity Framework Coremohamed elshafey
 
Identity in ASP.NET Core
Identity in ASP.NET CoreIdentity in ASP.NET Core
Identity in ASP.NET Coreondrejbalas
 
Dependency Injection
Dependency InjectionDependency Injection
Dependency InjectionKnoldus Inc.
 
ASP.NET Core
ASP.NET CoreASP.NET Core
ASP.NET CoreAbhimanyu Singhal
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetShivanand Arur
 

Recommandé

SignalR for ASP.NET Developers
SignalR for ASP.NET DevelopersSignalR for ASP.NET Developers
SignalR for ASP.NET DevelopersShivanand Arur
 
Asp.Net Identity
Asp.Net IdentityAsp.Net Identity
Asp.Net IdentityMarwa Ahmad
 
Linq to sql
Linq to sqlLinq to sql
Linq to sqlShivanand Arur
 
Asp.Net Core MVC , Razor page , Entity Framework Core
Asp.Net Core MVC , Razor page , Entity Framework CoreAsp.Net Core MVC , Razor page , Entity Framework Core
Asp.Net Core MVC , Razor page , Entity Framework Coremohamed elshafey
 
Identity in ASP.NET Core
Identity in ASP.NET CoreIdentity in ASP.NET Core
Identity in ASP.NET Coreondrejbalas
 
Dependency Injection
Dependency InjectionDependency Injection
Dependency InjectionKnoldus Inc.
 
ASP.NET Core
ASP.NET CoreASP.NET Core
ASP.NET CoreAbhimanyu Singhal
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetShivanand Arur
 
Swagger
SwaggerSwagger
SwaggerNexThoughts Technologies
 
Introduction to Spring Framework
Introduction to Spring Framework Introduction to Spring Framework
Introduction to Spring Framework Serhat Can
 
ASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewShahed Chowdhuri
 
100.RED HAT SINGLE SIGN-ON
100.RED HAT SINGLE SIGN-ON100.RED HAT SINGLE SIGN-ON
100.RED HAT SINGLE SIGN-ONOpennaru, inc.
 
Introducing ASP.NET Core 2.0
Introducing ASP.NET Core 2.0Introducing ASP.NET Core 2.0
Introducing ASP.NET Core 2.0Steven Smith
 
Introduction to Swagger
Introduction to SwaggerIntroduction to Swagger
Introduction to SwaggerKnoldus Inc.
 
REST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsREST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsJon Todd
 
Dependency injection presentation
Dependency injection presentationDependency injection presentation
Dependency injection presentationAhasanul Kalam Akib
 
Singleton design pattern
Singleton design patternSingleton design pattern
Singleton design pattern11prasoon
 
Introduction to ajax
Introduction to ajaxIntroduction to ajax
Introduction to ajaxPihu Goel
 
Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Fahad Golra
 
Web controls
Web controlsWeb controls
Web controlsSarthak Varshney
 
How to Use JSON in MySQL Wrong
How to Use JSON in MySQL WrongHow to Use JSON in MySQL Wrong
How to Use JSON in MySQL WrongKarwin Software Solutions LLC
 
Layered Software Architecture
Layered Software ArchitectureLayered Software Architecture
Layered Software ArchitectureLars-Erik Kindblad
 
Understanding linq
Understanding linqUnderstanding linq
Understanding linqAnand Kumar Rajana
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol OverviewMike Schwartz
 
Asp Net Advance Topics
Asp Net Advance TopicsAsp Net Advance Topics
Asp Net Advance TopicsAli Taki
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - IntroductionKnoldus Inc.
 
Activity diagram
Activity diagramActivity diagram
Activity diagramLOKENDRA PRAJAPATI
 
Introduction to spring boot
Introduction to spring bootIntroduction to spring boot
Introduction to spring bootSantosh Kumar Kar
 
User Management and Role Management in IT360
User Management and Role Management in IT360User Management and Role Management in IT360
User Management and Role Management in IT360K.Lakshmi Shankar Davey
 
Jumping Into WordPress Plugin Programming
Jumping Into WordPress Plugin ProgrammingJumping Into WordPress Plugin Programming
Jumping Into WordPress Plugin ProgrammingDougal Campbell
 

Contenu connexe

Tendances

Introduction to Spring Framework
Introduction to Spring Framework Introduction to Spring Framework
Introduction to Spring Framework Serhat Can
 
ASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewShahed Chowdhuri
 
100.RED HAT SINGLE SIGN-ON
100.RED HAT SINGLE SIGN-ON100.RED HAT SINGLE SIGN-ON
100.RED HAT SINGLE SIGN-ONOpennaru, inc.
 
Introducing ASP.NET Core 2.0
Introducing ASP.NET Core 2.0Introducing ASP.NET Core 2.0
Introducing ASP.NET Core 2.0Steven Smith
 
Introduction to Swagger
Introduction to SwaggerIntroduction to Swagger
Introduction to SwaggerKnoldus Inc.
 
REST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsREST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsJon Todd
 
Dependency injection presentation
Dependency injection presentationDependency injection presentation
Dependency injection presentationAhasanul Kalam Akib
 
Singleton design pattern
Singleton design patternSingleton design pattern
Singleton design pattern11prasoon
 
Introduction to ajax
Introduction to ajaxIntroduction to ajax
Introduction to ajaxPihu Goel
 
Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Fahad Golra
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol OverviewMike Schwartz
 
Asp Net Advance Topics
Asp Net Advance TopicsAsp Net Advance Topics
Asp Net Advance TopicsAli Taki
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - IntroductionKnoldus Inc.
 

Tendances (20)

Swagger
SwaggerSwagger
Swagger
 
Introduction to Spring Framework
Introduction to Spring Framework Introduction to Spring Framework
Introduction to Spring Framework
 
ASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with Overview
 
100.RED HAT SINGLE SIGN-ON
100.RED HAT SINGLE SIGN-ON100.RED HAT SINGLE SIGN-ON
100.RED HAT SINGLE SIGN-ON
 
Introducing ASP.NET Core 2.0
Introducing ASP.NET Core 2.0Introducing ASP.NET Core 2.0
Introducing ASP.NET Core 2.0
 
Introduction to Swagger
Introduction to SwaggerIntroduction to Swagger
Introduction to Swagger
 
REST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsREST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTs
 
Dependency injection presentation
Dependency injection presentationDependency injection presentation
Dependency injection presentation
 
Singleton design pattern
Singleton design patternSingleton design pattern
Singleton design pattern
 
Introduction to ajax
Introduction to ajaxIntroduction to ajax
Introduction to ajax
 
Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)
 
Web controls
Web controlsWeb controls
Web controls
 
How to Use JSON in MySQL Wrong
How to Use JSON in MySQL WrongHow to Use JSON in MySQL Wrong
How to Use JSON in MySQL Wrong
 
Layered Software Architecture
Layered Software ArchitectureLayered Software Architecture
Layered Software Architecture
 
Understanding linq
Understanding linqUnderstanding linq
Understanding linq
 
SAML Protocol Overview
SAML Protocol OverviewSAML Protocol Overview
SAML Protocol Overview
 
Asp Net Advance Topics
Asp Net Advance TopicsAsp Net Advance Topics
Asp Net Advance Topics
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - Introduction
 
Activity diagram
Activity diagramActivity diagram
Activity diagram
 
Introduction to spring boot
Introduction to spring bootIntroduction to spring boot
Introduction to spring boot
 

En vedette

User Management and Role Management in IT360
User Management and Role Management in IT360User Management and Role Management in IT360
User Management and Role Management in IT360K.Lakshmi Shankar Davey
 
Jumping Into WordPress Plugin Programming
Jumping Into WordPress Plugin ProgrammingJumping Into WordPress Plugin Programming
Jumping Into WordPress Plugin ProgrammingDougal Campbell
 
Eclipse Overview
Eclipse Overview Eclipse Overview
Eclipse Overview Lars Vogel
 
Writing your Third Plugin
Writing your Third PluginWriting your Third Plugin
Writing your Third PluginJustin Ryan
 
Best Practices in Plugin Development (WordCamp Seattle)
Best Practices in Plugin Development (WordCamp Seattle)Best Practices in Plugin Development (WordCamp Seattle)
Best Practices in Plugin Development (WordCamp Seattle)andrewnacin
 
Building GPE: What We Learned
Building GPE: What We LearnedBuilding GPE: What We Learned
Building GPE: What We Learnedrajeevdayal
 
A Simple Plugin Architecture for Wicket
A Simple Plugin Architecture for WicketA Simple Plugin Architecture for Wicket
A Simple Plugin Architecture for Wicketnielsvk
 
jQuery Plugin Creation
jQuery Plugin CreationjQuery Plugin Creation
jQuery Plugin Creationbenalman
 
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14The Open-source Eclipse Plugin for Force.com Development, Summer ‘14
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14Salesforce Developers
 
Configuration as Code: The Job DSL Plugin
Configuration as Code: The Job DSL PluginConfiguration as Code: The Job DSL Plugin
Configuration as Code: The Job DSL PluginDaniel Spilker
 
So, you want to be a plugin developer?
So, you want to be a plugin developer?So, you want to be a plugin developer?
So, you want to be a plugin developer?ylefebvre
 
Building an Eclipse plugin to recommend changes to developers
Building an Eclipse plugin to recommend changes to developersBuilding an Eclipse plugin to recommend changes to developers
Building an Eclipse plugin to recommend changes to developerskim.mens
 
An easy guide to Plugin Development
An easy guide to Plugin DevelopmentAn easy guide to Plugin Development
An easy guide to Plugin DevelopmentShinichi Nishikawa
 
Plugin jQuery, Design Patterns
Plugin jQuery, Design PatternsPlugin jQuery, Design Patterns
Plugin jQuery, Design PatternsRobert Casanova
 

En vedette (15)

User Management and Role Management in IT360
User Management and Role Management in IT360User Management and Role Management in IT360
User Management and Role Management in IT360
 
Jumping Into WordPress Plugin Programming
Jumping Into WordPress Plugin ProgrammingJumping Into WordPress Plugin Programming
Jumping Into WordPress Plugin Programming
 
Eclipse Overview
Eclipse Overview Eclipse Overview
Eclipse Overview
 
Writing your Third Plugin
Writing your Third PluginWriting your Third Plugin
Writing your Third Plugin
 
Best Practices in Plugin Development (WordCamp Seattle)
Best Practices in Plugin Development (WordCamp Seattle)Best Practices in Plugin Development (WordCamp Seattle)
Best Practices in Plugin Development (WordCamp Seattle)
 
Building GPE: What We Learned
Building GPE: What We LearnedBuilding GPE: What We Learned
Building GPE: What We Learned
 
A Simple Plugin Architecture for Wicket
A Simple Plugin Architecture for WicketA Simple Plugin Architecture for Wicket
A Simple Plugin Architecture for Wicket
 
jQuery Plugin Creation
jQuery Plugin CreationjQuery Plugin Creation
jQuery Plugin Creation
 
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14The Open-source Eclipse Plugin for Force.com Development, Summer ‘14
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14
 
Configuration as Code: The Job DSL Plugin
Configuration as Code: The Job DSL PluginConfiguration as Code: The Job DSL Plugin
Configuration as Code: The Job DSL Plugin
 
So, you want to be a plugin developer?
So, you want to be a plugin developer?So, you want to be a plugin developer?
So, you want to be a plugin developer?
 
Building an Eclipse plugin to recommend changes to developers
Building an Eclipse plugin to recommend changes to developersBuilding an Eclipse plugin to recommend changes to developers
Building an Eclipse plugin to recommend changes to developers
 
An easy guide to Plugin Development
An easy guide to Plugin DevelopmentAn easy guide to Plugin Development
An easy guide to Plugin Development
 
Cryptography
CryptographyCryptography
Cryptography
 
Plugin jQuery, Design Patterns
Plugin jQuery, Design PatternsPlugin jQuery, Design Patterns
Plugin jQuery, Design Patterns
 

Similaire à Asp.net membership anduserroles_ppt

Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCMindfire Solutions
 
Cache Security- Configuring a Secure Environment
Cache Security- Configuring a Secure EnvironmentCache Security- Configuring a Secure Environment
Cache Security- Configuring a Secure EnvironmentInterSystems Corporation
 
Authentication and Single Sing on
Authentication and Single Sing onAuthentication and Single Sing on
Authentication and Single Sing onguest648519
 
Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101IDERA Software
 
2009 - NRW Conf: (ASP).NET Membership
2009 - NRW Conf: (ASP).NET Membership2009 - NRW Conf: (ASP).NET Membership
2009 - NRW Conf: (ASP).NET MembershipDaniel Fisher
 
.NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19 .NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19aminmesbahi
 
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio TavillaOpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio TavillaLorenzo Carnevale
 
C# and ASP.NET Code and Data-Access Security
C# and ASP.NET Code and Data-Access SecurityC# and ASP.NET Code and Data-Access Security
C# and ASP.NET Code and Data-Access SecurityDarren Sim
 
SAP_HANA_SECURITY_overview_online_Resear.docx
SAP_HANA_SECURITY_overview_online_Resear.docxSAP_HANA_SECURITY_overview_online_Resear.docx
SAP_HANA_SECURITY_overview_online_Resear.docxjuancusa
 
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio TavillaOpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio TavillaLorenzo Carnevale
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - APIChetan Gadodia
 
Network Device Database Management with REST using Jersey
Network Device Database Management with REST using JerseyNetwork Device Database Management with REST using Jersey
Network Device Database Management with REST using JerseyPayal Jain
 
Asp net whitepaper
Asp net whitepaperAsp net whitepaper
Asp net whitepaperZayar Shwe
 

Similaire à Asp.net membership anduserroles_ppt (20)

Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVC
 
Cache Security- Configuring a Secure Environment
Cache Security- Configuring a Secure EnvironmentCache Security- Configuring a Secure Environment
Cache Security- Configuring a Secure Environment
 
Authentication and Single Sing on
Authentication and Single Sing onAuthentication and Single Sing on
Authentication and Single Sing on
 
Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101
 
Cache Security- The Basics
Cache Security- The BasicsCache Security- The Basics
Cache Security- The Basics
 
2009 - NRW Conf: (ASP).NET Membership
2009 - NRW Conf: (ASP).NET Membership2009 - NRW Conf: (ASP).NET Membership
2009 - NRW Conf: (ASP).NET Membership
 
.NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19 .NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19
 
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio TavillaOpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio Tavilla
 
Where should I be encrypting my data?
Where should I be encrypting my data? Where should I be encrypting my data?
Where should I be encrypting my data?
 
C# and ASP.NET Code and Data-Access Security
C# and ASP.NET Code and Data-Access SecurityC# and ASP.NET Code and Data-Access Security
C# and ASP.NET Code and Data-Access Security
 
Java Security Framework's
Java Security Framework'sJava Security Framework's
Java Security Framework's
 
SAP_HANA_SECURITY_overview_online_Resear.docx
SAP_HANA_SECURITY_overview_online_Resear.docxSAP_HANA_SECURITY_overview_online_Resear.docx
SAP_HANA_SECURITY_overview_online_Resear.docx
 
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio TavillaOpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio Tavilla
 
Idm Workshop
Idm WorkshopIdm Workshop
Idm Workshop
 
Web security
Web securityWeb security
Web security
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - API
 
Network Device Database Management with REST using Jersey
Network Device Database Management with REST using JerseyNetwork Device Database Management with REST using Jersey
Network Device Database Management with REST using Jersey
 
Mvc by asp.net development company in india - part 2
Mvc by asp.net development company in india - part 2Mvc by asp.net development company in india - part 2
Mvc by asp.net development company in india - part 2
 
Data Base
Data BaseData Base
Data Base
 
Asp net whitepaper
Asp net whitepaperAsp net whitepaper
Asp net whitepaper
 

Dernier

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 

Dernier (20)

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 

Asp.net membership anduserroles_ppt

  • 2. Topics  Introduction  Why Security is important?  Different ways to secure our Application  What is Authentication and Authorization?  What are Providers in Asp.Net?  What is MembershipProvider in Asp.Net?  Overview of Asp.Net Membership System  How to configure MembershipProvider in Web.config file?  What is Role Management and Role Providers?  How to configure Role Providers in Asp.Net?
  • 3. Introduction – Why Security is Important? 1. Security is one of the most important part of any Website or a Web Application. 2. Hackers are waiting out there for us and use various ways to exploit a website / web-application. 3. Hacker can attack in many ways.  Brute Force  Sniffers  Spoofing  Social Engineering  SQL Injection
  • 4. Introduction - Different Ways to Secure our Application  Design your Application well.  Encrypting the Data while storing.  Input Validation.  Forcing Users for Strong Passwords.  Authentication and Authorization.
  • 5. What is Authentication?  “Authentication” means to “Check someone’s genuineness”  In ASP.NET – Authentication means the same. It is a process where you check a person’s credentials.  Example – Facebook, Yahoo, Gmail. What is Authorization?  Providing access to resource based on User’s role.  Authentication always preceeds Authorization
  • 6.
  • 7. What is a Provider in Asp.Net?  ProviderBase Class is an “Abstract Class” which follows the “Provider Model”.  This class is very simple and contains very few methods which is inherited from the “Object” Class. This class is a part of the “System.Configuration.Provider” namespace  The ProviderBase Class implementation is a 2 step process.  First implemented by “Feature–specific Providers” (Membership / Role / Profile Providers)  Feature-specific Provider is implemented by “Implementation-specific Providers” (SqlMembership Provider) ProviderBase Class Implementation ProviderBase Membership / Role SQLMembership Class Provider Classes Provider Class
  • 8. What is MembershipProvider in Asp.Net?  MembershipProvider is an Abstract class, which provides an abstraction over the data source.  Membership Provider is configured in the Configuration file.  Can be bound to multiple data sources.  Asp.net provides 2 membership providers to store data :-  Microsoft SQL Server – (AspNetSqlMembershipProvider)  Windows Active Directory  Asp.Net provides us to configure our own Custom Membership Provider. (Oracle Data Source, Other data source)  This class inherits from the abstract “ProviderBase” class and contains various methods and properties to “Create, Delete, Update, Validate – Users”, “Get User information”, “Change Password”
  • 9. Image taken from - http://www.felix-colibri.com/
  • 10. Overview of Membership System Other Login Controls :- Login Login View Login Status Controls Membership Membership Class Membership User Class API :- Providers :- Membership Provider Provider Base Class Membership SQLMembership Provider Other Membership Provider Providers :- Data Source :- SQL ORACLE SERVER
  • 11. How to use Membership System? Sample Demo
  • 12. Why do we need Membership System?  Membership System is configurable and easy to use.  Provides various classes, methods, properties to deal with users information easily.  Asp.Net provides built in Login Server Controls which encapsulates most of the Membership functionality and helps write less code.  Can be integrated with Forms Authentication.  Provides a feature to store useful information like passwords, etc in hashed format within the database.  No need to create tables and write stored procedures for maintaining the data.
  • 14. What is Role Management and Role Providers?  Process of managing authorization of Users is called “Role Management”.  Helps to synch users into a group, by assigning them Roles.  A process to decide which page or any other resource can be accessed by which User.  API helps the user to know, what is the role of the User or who the User is? Role Provider –  Yet another abstract class which inherits the “ProviderBase” class.  Provides various functions to “Create”, “Delete” roles. Check a specific role of a user.  Can create custom role providers based upon our application requirements.
  • 15.  Asp.Net provides 3 different Role Providers  SQLRoleProvider  WindowsTokenRoleProvider  AuthorizationStoreRoleProvider
  • 16. How to configure Role Providers in Asp.Net? Sample Code