ASP.NET membership is designed to enable you to easily use a number of different membership providers for your ASP.NET applications. You can use the supplied membership providers that are included with the .NET Framework, or you can implement your own providers.
There are two primary reasons for creating a custom membership provider.
- You need to store membership information in a data source that is not supported by the membership providers included with the .NET Framework, such as a MysQL database, an Oracle database, or other data sources.
- You need to manage membership information using a database schema that is different from the database schema used by the providers that ship with the .NET Framework. A common example of this would be membership data that already exists in a SQL Server database for a company or Web site.
In tis tutorial, we are going to implement and configure a custom Membership Provider using ASP.NET MVC4
A. Create a Custom MemberShip Application class Library
- Create a class Library Project (our sample Projet name is LogCorner.SoftwareStore.Security)
- Reference the assembly System.Web.ApplicationServices (Right Click Reference è Add reference => Select Assemblies => navigate to System.Web.ApplicationServices and add it)
- Create a Class CustomMembershipProvider and derive it from MembershipProvider
- Override ValidateUser as follow
For now we have what we need for our application security. To go further in the implementation of Custom Membership Provider, please see our tutorial Mastering Custum ASP.NET MemberShip Provider using ASP.NET MVC
B. Create an ASP.NET MVC4 application Client
1. Create an ASP.NET MVC4 application Client ( Add New projet è ASP.NET MVC4 Web Application è Select Template Internet Web Appliction and Click OK)
2. Open Web.config file
3. Add or Replace membership section as follow
4. Open HomeController and Authorize Attribute to Index ActionResult
5. Run the application ASP.NET MVC4 application Client, you ll have the errors below
6. do not panic, proceed as follows :
Add this in your web.config (in the appSettings section):
<add key="enableSimpleMembership" value="false"/>
<add key="autoFormsAuthentication" value="false"/>
7. Run the application ASP.NET MVC4 application Client, you ll have another error
8. To fix it Open AccountController and comment InitializeSimpleMembership , because we using Custom Membership Provider instead of Simple Membership
9. Override Login Action of AccountController as follow :
10. Run the application ASP.NET MVC4 application Client, you’ll have the form authentication below
11. Enter user credentials and click Log In, then you will have the execution workflow below :
C. Configuration of Custom Role Provider
To configure custom role provider, please proceed as follow :
- create a class CustomRoleProvider that inherits from RoleProvider
- Overrides GetRolesForUser method
- Now open web.config file of your client asp.net web application and add a RoleManager section
- Open HomeController and change Authorization as follow :
- Now test your sample. Only users who have approved login credentials and who belong to role Administrator can view Index page Thank you for reading us, our next tutorial is to configure Custom Membership Provider using ASP.NET MVC4 with external login like facebook, yahoo , google or other relying party accounts.
If you seek information about encoding and decoding password, please read our article ASP.NET Custom Membership Password Encoding and Decoding based on key SALT using SHA-3 algorithm