Sharing your ASP.NET Security Provider Database between Applications
As a test over the last couple of days I tried to tie in a little test application to my Community Server install.
It was a bit of an experience and I thought I'd just do a quick write up in case someone else comes across
this. Mostly so I can look back on it the next time I approach this - as the information was out there on
some resources I'll point to, but it took me a while to understand what I was looking at.
Basically with the new instance of Community Server it isn't hard to share your Security settings in an
SQL Server at all, it's basically a few changes to your web.config file for your web application.
Adonis Bitar provides most of the details in this post which I found thanks to Google and David Burke
(you always know it's good information if db has added it to one of his Community Server news posts).
The only problem is I'm fairly new altogether to ASP.NET and I had no idea what I was looking at.
Basically, what the changes Adonis is doing here is when you have a copy of a web.config file
nested in a directory underneath another ASP.NET application, which has it's own web.config file
then it inherits the settings from the parent directory.
In this case if you put your application underneath a Community Server install then all of the
Community Server information is going to screw it up.
These changes to your applications web.config basically override and remove the changes that
Community Server makes to your environment.
Once you have those in play you then need to set your Provider settings to talk to your database.
In this instance we'll be talking to the Community Server membership tables, however, if you are
just looking at creating your own standalone tables then you can set up your application
by using the command: aspnet_regsql.exe which you will find under C:\Windows\Microsoft.NET\Framework\v2.0....
There's more information on doing that on Scott Guthrie's blog.
Also of interest for this is a post on Brian Mishler's blog:
Asp.Net Provider Model: ApplicationNames and the ApplicationID
So, what you will do is set up in your web.config the following:
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<connectionStrings>
<remove name="LocalSqlServer"/>
<add name ="LocalSqlServer"
connectionString="server=######;database=######;UID=######;pwd=######"/>
</connectionStrings>
<system.web>
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<clear />
<add name="AspNetSqlMembershipProvider"
connectionStringName="LocalSqlServer"
applicationName="dev"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
/>
</providers>
</membership>
</system.web>
</configuration>
What this does is overrides the initial provider and points it to the one you specify in the
connectionString (I have blanked out my settings, but you should be able to get the gist of it).
Of high importance is the second section and specifically the applicationName. When you
are talking to the same Security Provider for two different web applications and you want to
keep them separate you use separate applicationName settings.
In this instance we want to share the applicationName with Community Server, so you would
find out the applicationName that CS runs under, either from the web.config of your Community
Server installation or from the database you have it installed at in the dbo.aspnet_Applications
table - I believe the default will be "dev" (it was for me).
From there when you start setting up your pages with security you will be using the same
security as on your Community Server site including Logins, Passwords, etc.
Also of use is the fact you can use your Visual Studio to look at how you have users
and roles set up by going to the Admin console at: WebSite -> ASP .NET Configuration.
The next step for me is learning how to persist logins from Community Server to my application.
I'll include my web.config below for you to look over, but it should be fairly standard.
<?xml version="1.0"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<!-- Set up connection to SQL Server for Authentication -->
<connectionStrings>
<remove name="LocalSqlServer"/>
<add name ="LocalSqlServer"
connectionString="server=######;database=######;UID=######;pwd=######"/>
</connectionStrings>
<system.web>
<!-- Override Community Server install settings -->
<authentication mode="Forms"/>
<compilation debug="true"/>
<customErrors mode="Off"/>
<webServices />
<pages pageBaseType="System.Web.UI.Page" />
<httpModules>
<remove name="CommunityServer"/>
</httpModules>
<httpHandlers>
<remove verb="GET" path="Utility/redirect.aspx"/>
<remove verb="GET" path="aggbug.aspx" />
<remove verb="GET" path="avatar.aspx" />
<remove verb="GET" path="vcard.aspx" />
<remove verb="GET" path="r.ashx" />
<remove verb="GET" path="weblogsubscription-confirmation.ashx" />
<remove verb="GET" path="threadsubscription-confirmation.ashx"/>
</httpHandlers>
<!-- Define new Provider to use for Authentication -->
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<clear />
<!-- This is the applicationName space you can share, dev is used for
Community Server -->
<add name="AspNetSqlMembershipProvider"
connectionStringName="LocalSqlServer"
applicationName="dev"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
/>
</providers>
</membership>
<profile defaultProvider="AspNetSqlProfileProvider">
<providers>
<clear />
<add name="AspNetSqlProfileProvider"
connectionStringName="LocalSqlServer"
applicationName="dev"
type="System.Web.Profile.SqlProfileProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
<!-- An error message appears if you redefine the Profile provider without
initialising a property -->
<properties>
<add name="FirstName" defaultValue="??" type="string"
allowAnonymous="false" />
</properties>
</profile>
<roleManager defaultProvider="AspNetSqlRoleProvider">
<providers>
<clear />
<add name="AspNetSqlRoleProvider"
connectionStringName="LocalSqlServer"
applicationName="dev"
type="System.Web.Security.SqlRoleProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</roleManager>
</system.web>
<system.net>
<mailSettings>
<smtp from="######">
<network host="######" password="" userName=""/>
</smtp>
</mailSettings>
</system.net>
</configuration>
[Edit to add: Below there should be an attachment for you to download with this file.]
Similar Posts
- The XML page cannot be displayed
- Publishing a Microsoft Access Application (mde) with Clickonce
- SQL Code Camp - Day 2
Comments
Dave Burke on on 6.18.2007 at 5:22 AM
Andrew, Thanks for the kind words! This is an interesting topic and I'm still on a mission to work through the details of full membership sharing between CS and a subapp. You're right about the ApplicationName sharing and the error that occurs when redefining profile properties! Good stuff!
One item I found helpful that I didn't see here was to share the Form Authentication Cookie name, which gets us immediately into the door of the subapp. It also points to a shared login page url.
<authentication mode="Forms">
<forms name=".MyCSCookieName" protection="All" timeout="60000" loginUrl="../login.aspx" slidingExpiration="true" />
</authentication>
I'm subscribed to your blog, by the way, with the selfish intent of finding a new Community Server News source. :-)
Thanks,
-Dave