Best IT Recipes

Add Role in ASP.NET Identity

How to add a role to the new ASP.NET Identity (1.0) system? There is a UserStore class, but not a RoleStore class.

I can not find documentation on this issue.

+34
asp.net-identity
Oct 23 '13 at 12:01
source share
4 answers
 RoleManager = new RoleManager<IdentityRole>( new RoleStore<IdentityRole>(new MyDbContext())); var roleresult = RoleManager.Create(new IdentityRole(roleName));
+38
Oct 23 '13 at 12:24
source share

Starting with the .NET Framework 4.5, the Windows Identity Foundation (WIF) is fully integrated into the .NET Framework.

I would advise to consider the possibility, in my opinion, preferable, to perform authorization through claims ( expression of roles as claims ).

When the IsInRole () method is called, a check is performed to check if the current user has this role. In applications supporting applications, the role is expressed by the type of application for the role, which should be available in the token.

The role request type is expressed using the following URI: " http://schemas.microsoft.com/ws/2008/06/identity/claims/role "

So, from UserManager you can do something like this (without RoleManager):

 var um = new UserManager(); um.AddClaimAsync(1, new Claim(ClaimTypes.Role, "administrator"));

Claims can simplify and improve the performance of authentication and authorization processes. You can use the roles stored as claims to exclude internal requests each time authorization occurs.

Using claims, you will no longer need RoleStore (at least for equivalent authorization purposes ...)

+33
Feb 03 '14 at 1:10
source share

I used below snippets on a single asp.net page_load webpage to understand how ASP Identity works

  UserManager userManager = new UserManager(); var roleStore = new RoleStore<IdentityRole>(new ApplicationDbContext()); var roleManager = new RoleManager<IdentityRole>(roleStore); var applicationRoleAdministrator = new IdentityRole("superadmin"); if (!roleManager.RoleExists(applicationRoleAdministrator.Name)) { roleManager.Create(applicationRoleAdministrator); } ApplicationUser applicationUserAdministrator = userManager.FindByName(User.Identity.Name); if (!userManager.GetRoles(applicationUserAdministrator.Id).Contains("superadmin")) { Response.Redirect("~/account/login.aspx?ReturnUrl=" + Request.Url.AbsolutePath); }

Of course, below ApplicationDbContext is automatically created using ASP.NET 4.5+ templates, as shown below

  public class ApplicationDbContext : IdentityDbContext<ApplicationUser> { public ApplicationDbContext() : base("DefaultConnection") { } }

Also create an application role manager class

 public class ApplicationRoleManager : RoleManager<IdentityRole> { public ApplicationRoleManager(IRoleStore<IdentityRole, string> roleStore) : base(roleStore) { } public static ApplicationRoleManager Create(IdentityFactoryOptions<ApplicationRoleManager> options, IOwinContext context) { //return new ApplicationRoleManager(new RoleStore<IdentityRole>(context.Get<ApplicationDbContext>())); return new ApplicationRoleManager(new RoleStore<IdentityRole>(new ApplicationDbContext())); } }

also add the line below to your startup.Auth.cs => ConfigureAuth (IAppBuilder method)

  app.CreatePerOwinContext<ApplicationRoleManager>(ApplicationRoleManager.Create);

I'm new to this Identity Stuff, and I'm not sure if this is necessary, or I make it clean and right, but these steps worked for me

+2
Nov 18 '16 at 14:32
source share

ASP.NET authentication is a role-related statement. This really confused me, because in the previous system you configured the membership and role providers in web.config.

The problem for me is that I have this code:

 HttpContext.Current.User.IsInRole("some role")

Fortunately, this logic still works. You can see the logic in the CreateAsync function in ClaimsIdentityFactory.cs, which is located in Microsoft.AspNet.Identity.Core . One of the arguments is UserManager . He asks him if he is SupportsUserRole , and if so, he calls GetRolesAsync and adds each role as a claim to ClaimIdentity . There is no need to do it yourself.

IsInRole uses statements as described here:

http://msdn.microsoft.com/en-us/library/hh545448.aspx

+1
Mar 06 '14 at 15:40
source share


More articles:


All Articles