Joseph Michael Pesch
VP Programming

Calendar

Mo	Tu	We	Th	Fr	Sa	Su
27	28	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31	1	2
3	4	5	6	7	8	9

Month List

2008
- August (18)
- September (5)
- October (9)
- November (4)
- December (11)
2009
- January (3)
- February (4)
- March (11)
- April (4)
- May (1)
- July (6)
- August (6)
- October (3)
- November (5)
- December (1)
2010
- January (6)
- February (5)
- March (7)
- April (5)
- May (1)
- June (14)
- July (6)
- August (16)
- September (6)
- October (5)
- November (11)
- December (4)
2011
- January (8)
- February (3)
- May (13)
- June (7)
- July (2)
- August (7)
- September (8)
- October (9)
- November (1)
- December (4)
2012
- January (13)
- February (3)
- March (3)
- April (2)
- May (1)
- July (2)
- August (3)
- September (3)
- October (8)
- November (1)
- December (2)
2013
- January (1)
- February (2)
- March (2)
- April (3)
- June (3)
- July (6)
- August (4)
- September (2)
- October (1)
- November (6)
- December (2)
2014
- January (2)
- February (1)
- April (1)
- May (2)
- June (3)
- July (2)
- September (2)
- November (1)
- December (1)
2015
- January (1)
- February (3)
- March (4)
- April (1)
- May (2)
- June (1)
- July (1)
- August (5)
- September (2)
- October (2)
- December (1)
2016
- January (3)
- February (2)
- March (2)
- April (4)
- August (2)
- September (2)
- October (3)
- November (1)
- December (1)
2017
- January (4)
- February (1)
- May (1)
- July (1)
- October (1)
- November (1)
2018
- February (6)
- September (1)
- November (2)
2019
- January (1)
- May (3)
- August (3)
- September (3)
2020
- May (1)
- June (1)
- September (1)
- November (1)
2021
- March (2)
2022
- May (1)

Declarative Security Checks for User Name and/or Role Permission

by joe.pesch 6. January 2009 18:46

[PrincipalPermissionAttribute(SecurityAction.Demand, Name =  "UserName", Role = "UserRole")]
publicstaticvoid SecurityTestEntryPoint(bool flag)
{
if (flag)
{
    // This is more secure code...
    SecurityTest(flag, "");
}
else
{
    // This is less secure code...
    SecurityTest(flag);
}
}
[PrincipalPermissionAttribute(SecurityAction.Demand, Role = "ManagerRole")]
publicstaticvoid SecurityTest(bool flag, string MoreSecure)
{
// This is more secure code...
}
[PrincipalPermissionAttribute(SecurityAction.Demand, Role = "ManagerRole")]
[PrincipalPermissionAttribute(SecurityAction.Demand, Role = "UserRole")]
publicstaticvoid SecurityTest(bool flag)
{
// This is less secure code...
}

NOTE: You can stack multiple attributes for an OR condition, however, you cannot create an AND condition. As in the example above the less secure method will let both "ManagerRole" users and "UserRole" users access itself.

Topic Links:

http://msdn.microsoft.com/en-us/library/dswfd229(VS.71).aspx

http://bytes.com/groups/net-c/267605-cas-multiple-permissions

07d3c772-5c02-439b-97ef-0caa469076fa|0|.0|96d5b379-7e1d-4dac-a6ba-1e50db561b04

Tags: C#, Windows

C# | Security

aspnet_... Security Configuration

by joe.pesch 21. November 2008 19:36

Consists of SQL script to install database objects along with ASP.Net web site components.

Run %systemroot%\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe to install the ASP.Net user framework objects (tables, procs, etc.) into a SQL server database.

Script to create database objects (in lieu of running the exe above): aspnet_Security.sql (238.96 kb)

Backup copy of emtpy database containing just the standard security objects: aspnet_Security.bak (1.83 mb)

Script to export data from: aspnet_Applications, aspnet_Users, aspnet_Membership, aspnet_Roles and aspnet_UsersInRoles tables: aspnet_SecurityDataExport.sql (4.80 kb)

See sample web.config and Login.aspx with some security features in code-behind: Sample.zipx (2.81 kb)

Adding a user to basic security roles:

EXEC sp_addrolemember 'aspnet_Membership_BasicAccess', 'usernamehere'
GO
EXEC sp_addrolemember 'aspnet_Personalization_BasicAccess', 'usernamehere'
GO
EXEC sp_addrolemember 'aspnet_Profile_BasicAccess', 'usernamehere'
GO
EXEC sp_addrolemember 'aspnet_Roles_BasicAccess', 'usernamehere'
GO
EXEC sp_addrolemember 'db_datareader', 'usernamehere'
GO
EXEC sp_addrolemember 'db_datawriter', 'usernamehere'
GO

Script to add new user to application and role (adds the application and role also if necessary)

declare
@appName varchar(50)
, @userName varchar(50)
, @emailAddress varchar(100)
, @roleName varchar(50)

select
@appName = 'ApplicationNameHere'
, @userName = 'UserNameHere'
, @emailAddress = 'UserEmailHere@Something.com'
, @roleName = 'RoleNameHere'

declare
@appId uniqueidentifier
, @userId uniqueidentifier
, @roleId uniqueidentifier

select @appId = ApplicationId from dbo.aspnet_Applications where ApplicationName = @appName
if(@appId is null) begin
set @appId = newid()
insert into aspnet_Applications values(@appName, lower(@appName), @appId, @appId)
end

select @roleId = RoleId from dbo.aspnet_Roles where RoleName = @roleName
if(@roleId is null) begin
set @roleId = newid()
insert into aspnet_Roles values(@appId, @roleId, @roleName, lower(@roleName), @roleName)
end

set @userId = newid()
insert into aspnet_Users values(@appId, @userId, @userName, lower(@userName), null, 0, '1/1/1900')
insert into aspnet_Membership values(@appId, @userId, '5lxSnTx3kTUzWgnLr8C2xHXOZYM=', 2, 't8DHyWEWq+/Yr/RNBvo6hw==', null, @emailAddress, lower(@emailAddress), null, null, 1, 0, getdate(), '1/1/1900', '1/1/1900', '1/1/1900', 0, '1/1/1900', 0, '1/1/1900', null)

insert into aspnet_UsersInRoles values(@userId, @roleId)

97ff4416-4971-4b12-b2da-7556045b84bb|0|.0|96d5b379-7e1d-4dac-a6ba-1e50db561b04

Tags: HTML

ASP.Net | Security

Mo	Tu	We	Th	Fr	Sa	Su
27	28	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31	1	2
3	4	5	6	7	8	9

Mo	Tu	We	Th	Fr	Sa	Su
27	28	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31	1	2
3	4	5	6	7	8	9

Calendar

Month List

Newsletter

Thank you

Blogroll

Category list

Page List

Declarative Security Checks for User Name and/or Role Permission

aspnet_... Security Configuration

Mo	Tu	We	Th	Fr	Sa	Su
27	28	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31	1	2
3	4	5	6	7	8	9