Click here to Skip to main content
Click here to Skip to main content
Articles » Web Development » ASP.NET » General » Downloads
 
Add your own
alternative version
Go to top

Extending ASP.NET role based Security with Custom Security Module (Permission Based, Page Level Authorization)

, 11 Nov 2011
This project intends to extend the default ASP.NET role based Security to include Permission Based / Page Level Authorization Layer. Works with both ASP.NET and ASP.NET MVC. Permission rules to Allow/Deny access to website resources (like "Folder/File.aspx" or "Controller/Action") are stored in DB.
AadhaarMS.zip
AadhaarMS
Aadhaar.Data
bin
Debug
Aadhaar.Data.dll
Aadhaar.Data.MS.dll
Castle.Core.dll
Castle.DynamicProxy.dll
Castle.DynamicProxy2.dll
Iesi.Collections.dll
log4net.dll
NHibernate.dll
NHibernate.JetDriver.dll
NHibernateProvider.dll
Entity
Components
Mapping
Helper
Properties
Util
ViewModel
Aadhaar.Web
Activities1
Activities2
App_Code
App_Data
AadhaarMS.MDF
AadhaarMS_log.ldf
Bin
Aadhaar.Data.dll
Aadhaar.Data.pdb
Castle.Core.dll
Castle.DynamicProxy.dll
Castle.DynamicProxy2.dll
Iesi.Collections.dll
log4net.dll
NHibernate.dll
NHibernate.JetDriver.dll
NHibernateProvider.dll
Controls
css
Global.asax
images
hdrLogo.jpg
i-bb.gif
i-blc.gif
i-brc.gif
i-l.gif
i-r.gif
i-tb.gif
i-tlc.gif
i-trc.gif
img01.jpg
spacer.gif
install
logs
Superadmin
AadhaarMVC.zip
AadhaarMVC
Aadhaar.Data
bin
Debug
Aadhaar.Data.dll
Aadhaar.Data.MS.dll
Castle.Core.dll
Castle.DynamicProxy.dll
Castle.DynamicProxy2.dll
Iesi.Collections.dll
log4net.dll
NHibernate.dll
NHibernate.JetDriver.dll
NHibernateProvider.dll
Entity
Components
Mapping
Helper
Properties
Util
ViewModel
Aadhaar.MVC
Aadhaar.MVC.csproj.user
App_Data
AadhaarMS.MDF
AadhaarMS_log.ldf
bin
Aadhaar.Data.dll
Aadhaar.Data.pdb
Aadhaar.MVC.dll
Aadhaar.MVC.pdb
Castle.Core.dll
Castle.DynamicProxy.dll
Castle.DynamicProxy2.dll
Iesi.Collections.dll
log4net.dll
NHibernate.dll
NHibernate.JetDriver.dll
NHibernateProvider.dll
Content
images
hdrLogo.jpg
i-bb.gif
i-blc.gif
i-brc.gif
i-l.gif
i-r.gif
i-tb.gif
i-tlc.gif
i-trc.gif
img01.jpg
spacer.gif
Controllers
Global.asax
Models
obj
Debug
Aadhaar.MVC.dll
Aadhaar.MVC.pdb
DesignTimeResolveAssemblyReferences.cache
DesignTimeResolveAssemblyReferencesInput.cache
ResolveAssemblyReference.cache
TempPE
Properties
Scripts
Views
Account
Admin
Error
Home
Shared
Aadhaar.suo
<?xml version="1.0"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
  <configSections>
    <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler,log4net"/>
    <section name="hibernate-configuration" type="NHibernate.Cfg.ConfigurationSectionHandler, NHibernate"/>
  </configSections>
  <appSettings/>
  <connectionStrings>
    <!--<add name="SqlServices" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|AadhaarMS.MDF;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient"/>-->
      <add name="SqlServices" connectionString="Data Source=.\sqlexpress;AttachDbFilename=|DataDirectory|AadhaarMS.MDF;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" />
  </connectionStrings>
  <system.web>
    <authentication mode="Forms">
      <forms name="crew-x-change" loginUrl="login.aspx"/>
    </authentication>
    <authorization>
      <deny users="?"/>
    </authorization>
    <!-- membership provider -->
    <membership>
      <providers>
        <clear/>
        <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="SqlServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" applicationName="Aadhaar"/>
      </providers>
    </membership>
    <!-- role provider -->
    <roleManager defaultProvider="AspNetSqlRoleProvider" enabled="true" cacheRolesInCookie="true" cookieName=".ASPROLES" cookieTimeout="30" cookiePath="/" cookieRequireSSL="true" cookieSlidingExpiration="true" cookieProtection="All">
      <providers>
          <clear/>
        <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="SqlServices" applicationName="Aadhaar"/>
      </providers>
    </roleManager>
    <!--Not enabled Yet because of some bug as unable to fetch data at "Profile.ByUserId"-->
      <profile defaultProvider="AspNetSqlProfileProvider">
          <providers>
              <clear />
              <add name="AspNetSqlProfileProvider"
                type="System.Web.Profile.SqlProfileProvider"
                connectionStringName="SqlServices"
                applicationName="Aadhaar"
                description="AspNetSqlProfileProvider for Aadhaar" />
          </providers>
      <properties>
          <add name="Name" type="string"/>
          <add name="Surname" type="string"/>
          <add name="Company" type="string"/>
          <add name="Phone" type="string"/>
          <add name="PostalCode" type="string"/>
        <add name="TimeZone" type="string"/>
      </properties>
    </profile>
    <!-- 
            Set compilation debug="true" to insert debugging 
            symbols into the compiled page. Because this 
            affects performance, set this value to true only 
            during development.
        -->
    <compilation debug="true"/>
    <!--
            The <authentication> section enables configuration 
            of the security authentication mode used by 
            ASP.NET to identify an incoming user. 
        -->
    <customErrors mode="RemoteOnly" defaultRedirect="error.aspx"/>
    <pages>
      <namespaces>
        <add namespace="System.Data"/>
        <add namespace="System.IO"/>
      </namespaces>
    </pages>
    <httpModules>
      <add type="Aadhaar.Security.ADHPermissionsModule, Aadhaar.Data" name="ADHPermissionsModule"/>
    </httpModules>
  </system.web>
  <hibernate-configuration xmlns="urn:nhibernate-configuration-2.2">
    <session-factory name="Aadhaar.Data">
      <property name="dialect">NHibernate.Dialect.MsSqlCeDialect</property>
      <property name="connection.provider">NHibernate.Connection.DriverConnectionProvider</property>
      <property name="connection.connection_string">Data Source=.\sqlexpress;AttachDbFilename=|DataDirectory|AadhaarMS.MDF;Integrated Security=True;User Instance=True</property>
      <property name="connection.driver_class">NHibernate.Driver.SqlClientDriver</property>
      <property name="show_sql">false</property>
      <property name="connection.release_mode">auto</property>
      <property name="adonet.batch_size">500</property>
      <property name="max_fetch_depth">1</property>
      <mapping assembly="Aadhaar.Data" />
    </session-factory>
  </hibernate-configuration>
  <log4net>
    <appender name="AdoNetAppender" type="log4net.Appender.AdoNetAppender">
      <bufferSize value="100"/>
      <connectionType value="System.Data.SqlClient.SqlConnection, System.Data, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
      <connectionString value="Data Source=.\sqlexpress;AttachDbFilename=|DataDirectory|AadhaarMS.MDF;Integrated Security=True;User Instance=True"/>
      <commandText value="INSERT INTO Log ([Date],[Thread],[Level],[Logger],[Message],[Exception]) VALUES (@log_date, @thread, @log_level, @logger, @message, @exception)"/>
        <parameter>
            <parameterName value="@log_date" />
            <dbType value="DateTime" />
            <layout type="log4net.Layout.RawTimeStampLayout" />
        </parameter>
        <parameter>
            <parameterName value="@thread" />
            <dbType value="String" />
            <size value="255" />
            <layout type="log4net.Layout.PatternLayout">
                <conversionPattern value="%thread" />
            </layout>
        </parameter>
        <parameter>
            <parameterName value="@log_level" />
            <dbType value="String" />
            <size value="50" />
            <layout type="log4net.Layout.PatternLayout">
                <conversionPattern value="%level" />
            </layout>
        </parameter>
        <parameter>
            <parameterName value="@logger" />
            <dbType value="String" />
            <size value="255" />
            <layout type="log4net.Layout.PatternLayout">
                <conversionPattern value="%logger" />
            </layout>
        </parameter>
        <parameter>
            <parameterName value="@message" />
            <dbType value="String" />
            <size value="4000" />
            <layout type="log4net.Layout.PatternLayout">
                <conversionPattern value="%message" />
            </layout>
        </parameter>
        <parameter>
            <parameterName value="@exception" />
            <dbType value="String" />
            <size value="2000" />
            <layout type="log4net.Layout.ExceptionLayout" />
        </parameter>
    </appender>
    <appender name="NHibernateFileLog" type="log4net.Appender.FileAppender">
      <file value="logs/nhibernate.txt"/>
      <appendToFile value="false"/>
      <layout type="log4net.Layout.PatternLayout">
        <conversionPattern value="%d{HH:mm:ss.fff} [%t] %-5p %c - %m%n"/>
      </layout>
    </appender>
    <logger name="NHibernate.SQL" additivity="false">
      <level value="ALL"/>
      <appender-ref ref="NHibernateFileLog"/>
      <appender-ref ref="AdoNetAppender"/>
    </logger>
    <logger name="Aadhaar" additivity="false">
      <level value="ALL"/>
      <appender-ref ref="AdoNetAppender"/>
    </logger>
  </log4net>
  <location path="Logout.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="Register.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="error.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
</configuration>

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Microsoft Public License (Ms-PL)

Share

About the Author

amitthk
Software Developer (Senior)
Singapore Singapore
I love programming, reading, and meditation. I like to explore management and productivity.
Follow on   Twitter

| Advertise | Privacy | Mobile
Web02 | 2.8.140926.1 | Last Updated 12 Nov 2011
Article Copyright 2011 by amitthk
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid