Role based authentication in the new MVC 4 Internet template using simplemembership

by

Found an answer here by Mehdi Golchin which seems to take care of:

[Authorize(Roles="admin,editor,publisher")]

If I also add this to the home controller:

 [InitializeSimpleMembership]

Because this attribute is on the Accounts controller, SimpleMembership database gets initialize only after the first use of the accounts controller like login/register. Even when the current user gets logged in from the cookie, the database is not initialized and so it throws an error. One solution is to put this attribute on the home controller which gets called when I launch my Website. But, then it needs to be placed on every controller because I check roles and display different menu items based on role.

This is poor design as the database should be initialized on the App_Start and not when first used.

I did try to put

WebSecurity.InitializeDatabaseConnection("DefaultConnection", "UserProfile", "UserId", "UserName", autoCreateTables: true);

in the Global.asax Application_Start(), and it takes care of role checking in menu items using User.IsInRole("admin"), but then throw error in any controller with [Authorize(Roles="admin")] attribute, even with additional attribute [InitializeSimpleMembership] is applied.

So right now the solution is to put `[InitializeSimpleMembership] on all controllers as a user may initially land on any page using external links.

It still can’t figure how to initialize the SimpleRolesProvider class to do more of the role management instead of just User.IsInRole().

These things do work better in the webmatrix webpages site and obviously the port ot MVC is not complete. It conflicts and gets confused with the default asp.net membership providers.

EDIT
OK I was not thinking [InitializeSimpleMembership] filter could be applied globally by putting this line in the FilterConfig.cs in the App_Start folder:

filters.Add(new InitializeSimpleMembershipAttribute());

That takes care of that problem. Now need a solution for SimpleRolesProvider initialization or else I will have to write my own roles provider.

UPDATE:

This post by Scott Allen has solved all my problems.

By including this in web.config:

<roleManager enabled="true" defaultProvider="simple">
  <providers>
    <clear/>
    <add name="simple" type="WebMatrix.WebData.SimpleRoleProvider,               WebMatrix.WebData"/>
  </providers>      
</roleManager>
<membership defaultProvider="simple">
  <providers>
    <clear/>
    <add name="simple" type="WebMatrix.WebData.SimpleMembershipProvider,                          WebMatrix.WebData"/>
  </providers>
</membership>

all the methods of Roles and Membership classes become available and can be initialized in code as follows:

var roles = (SimpleRoleProvider) Roles.Provider;
var membership = (SimpleMembershipProvider) Membership.Provider;

More Related Contents:

  1. How do I use my own database with SimpleMembership and WebSecurity? What is MVC4 security all about?
  2. Submit same Partial View called multiple times data to controller?
  3. ASP.NET MVC 4 Custom Authorize Attribute with Permission Codes (without roles)
  4. Pass data to layout that are common to all pages
  5. How to validate file type of HttpPostedFileBase attribute in Asp.Net MVC 4?
  6. How to add reference to System.Web.Optimization for MVC-3-converted-to-4 app
  7. Anti forgery token is meant for user “” but the current user is “username”
  8. How to add global ASP.Net Web Api Filters?
  9. unobtrusive validation not working with dynamic content
  10. Mixing Web Api and ASP.Net MVC Pages in One Project
  11. ViewModels or ViewBag?
  12. How to create ASP.NET Web API Url?
  13. ASP.NET 4.5 has not been registered on the Web server
  14. ASP.NET MVC 4 custom Authorize attribute – How to redirect unauthorized users to error page? [duplicate]
  15. The required anti-forgery form field “__RequestVerificationToken” is not present Error in user Registration
  16. MVC 4 Beta side by side installation error
  17. MVC 4 date culture issue?
  18. WebApi Json.NET custom date handling
  19. where should i place the js script files in a mvc application so jquery works well?
  20. What effect does the new precompile during publishing option have on MVC4 applications?
  21. ASP.NET MVC 4 Editor Template for basic types
  22. Automatic Migrations for ASP.NET SimpleMembershipProvider
  23. How to create custom additional fields in UserProfile in MVC4
  24. Problems implementing ValidatingAntiForgeryToken attribute for Web API with MVC 4 RC
  25. The anti-forgery token could not be decrypted
  26. When should I create a new DbContext()
  27. Using Cookie in Asp.Net Mvc 4
  28. JsonValueProviderFactory throws “request too large”
  29. jQuery: How to traverse / Iterate over a list of object
  30. Jquery post and unobtrusive ajax validation not working mvc 4

Leave a Comment