Story Details for tools

SecurityGuard.Mvc5 is released!

kahanu
Author:
Version:
Views:
4952
Date Posted:
9/21/2014 6:21:09 PM
Date Updated:
9/21/2014 6:21:09 PM
Rating:
4.67/3 votes
Framework:
ASP.NET MVC 5
Platform:
Windows
Programming Language:
C#
Technologies:
asp.net membership, system.web.providers
Tags:
securityguard, asp.net membership, ASP.NET MVC
Demo site:
Home Page:
https://github.com/kahanu/Security-Guard
Share:

Updates Below - December 1, 2014

SecurityGuard.Mvc5 is available!

This new version of the NuGet package addresses some differences in moving to ASP.NET MVC 5 and the 4.5 .Net Framework.  This NuGet package expects to work with Visual Studio 2013, ASP.NET MVC 5.2.0.0 and 4.5 .Net Framework.  It has not been tested with other combinations.

This should work without issues.  If you find any problems, please let me know as an issue on my github repository.  The link to github is at the top of this post.

Still some manual tasks

There continue to be some manual things you need to do to make this fully work:

  1. Remove the views for the view engine you are NOT using. 

That's it!  I resolved the web.config transformation issues in this new version. 

But since both ASPX and Razor views are created, you must delete the ones you are not using.  After that, you are all set to go.

Easy Installation

Since this is a NuGet package, its easy to install.  Just open your Package Manager Console and enter:

Updates

December 1, 2014
A few minor fixes were made.  You can make these changes in your application manually if you want.

SecurityGuard/MembershipController fix for empty form submission validation:

Before:

[HttpPost]
public virtual ActionResult CreateUser(viewModels.RegisterViewModel model)
{
    MembershipUser user;
    MembershipCreateStatus status;
    user = membershipService.CreateUser(model.UserName, model.Password, model.Email, model.SecretQuestion, model.SecretAnswer, model.Approve, out status);
 
    return routeHelpers.Actions.GrantRolesToUser(user.UserName);
}

After:

[HttpPost]
public virtual ActionResult CreateUser(viewModels.RegisterViewModel model)
{
    if (!ModelState.IsValid)
    {
        ModelState.AddModelError("", "You are missing required fields.");
        return RedirectToAction("CreateUser");
    }
    MembershipUser user;
    MembershipCreateStatus status;
    user = membershipService.CreateUser(model.UserName, model.Password, model.Email, model.SecretQuestion, model.SecretAnswer, model.Approve, out status);
 
    return routeHelpers.Actions.GrantRolesToUser(user.UserName);
}

Added the ModelState.IsValid conditional statement.

SecurityGuard/Views/Role/index.cshtml - fixed bad link under the "Get Users In Role" dropdown.  The link broke when trying to navigate to the member info page.  The fix is in the JavaScript at the bottom of the page.

Before:

function OnGetUsersInRoleSuccess(data) {
    ul.empty();
    if (data == "") {
        ul.append("<li>No user(s).</li>");
    } else {
        $.each(data, function (index, item) {
        ul.append("<li><a href=\"/SecurityGuard/Membership/Update/" + item + "\">" + item + "</a></li>");
    });
    }
}

After:

01.function OnGetUsersInRoleSuccess(data) {
02.    ul.empty();
03.    if (data == "") {
04.    ul.append("<li>No user(s).</li>");
05.    } else {
06.    $.each(data, function (index, item) {
07.        ul.append("<li><a href=\"/SecurityGuard/Membership/Update?userName=" + item + "\">" + item + "</a></li>");
08.    });
09.    }
10.}

The change is on line 7.

SecurityGuard/Views/Membership/index.cshtml - fixed a bad link when using the table radio button to navigate to the "Grant Roles to User" page.  The fix is in the JavaScript at the bottom of the page.

Before:

$(".userRadio").click(function () {
    // Get the value of the clicked radio button
    // which is the username.
    var userName = $(this).val();
 
    // Get a reference to the "href" of the link.
    //var href = anchor.attr("href");
    var href = '@Url.Action("GrantRolesToUser", "Membership")';
 
    // Concatenate the existing href value with the username
    var newHref = href + "/" + userName;
 
    // Replace the existing href value with the new one
    anchor.attr("href", newHref);
 
    // Remove the disabled attribute on the
    // Grant Roles to User link
    anchor.removeAttr("disabled");
});

After:

01.$(".userRadio").click(function () {
02.    // Get the value of the clicked radio button
03.    // which is the username.
04.    var userName = $(this).val();
05. 
06.    // Get a reference to the "href" of the link.
07.    //var href = anchor.attr("href");
08.    var href = '@Url.Action("GrantRolesToUser", "Membership")';
09. 
10.    // Concatenate the existing href value with the username
11.    var newHref = href + "?userName=" + userName;
12. 
13.    // Replace the existing href value with the new one
14.    anchor.attr("href", newHref);
15. 
16.    // Remove the disabled attribute on the
17.    // Grant Roles to User link
18.    anchor.removeAttr("disabled");
19.});

The change is on line 11.

Comments

  • jassen.tawil@gmail.com
    Posted By: jtawil
    On: 11/15/2014 3:39:53 AM
    Is there documentation or suggestions how to upgrade an existing SecurityGuard installation?
  • info@kingwilder.com
    Posted By: King Wilder
    On: 11/15/2014 8:42:29 AM

    @jtawil - unfortunately there is no easy way to upgrade from Mvc4 to Mvc5 since there's been several modifications to the assembly and many views, to accommodate differences in the .Net 4.5 framework and ASP.NET MVC 5.

    Have you upgraded your web application to ASP.NET MVC 5 from MVC 4.x?  If so, does the existing SecurityGuard not work?  As long as the web.config file still has the membership sections using the System.Web.Providers providers, SecurityGuard.Mvc4 should work.  Let me know.

    If you have not made any visual changes to the views in SecurityGuard, you could uninstall SecurityGuard.Mvc4 and then install SecurityGuard.Mvc5, BUT and here's the important point... make a copy of your web.config file first!!!  Since there are differences in the way ASP.NET MVC5 handles authentication, various elements are missing in ASP.NET MVC 5 that are used by SecurityGuard, so SecurityGuard.Mvc5 adds these elements back into the web.config.  If you already have your authentication element setup the way you want, it may be overwritten, so it's best to back it up before installing this version.

    I'll work on some documentation about possibly upgrading from a older version when I have a moment.

    Another option, is to create a blank ASP.NET MVC 5 project and install SecurityGuard.Mvc5 there and then copy over the new SecurityGuard.dll.  Then you can copy over the Area views and the SGAccount views, then make sure the web.config has all the configuration necessary.

    Sorry about the hassle, but I hope this helps.

  • jtawil@clevelandsightcenter.org
    Posted By: jtawil
    On: 11/16/2014 8:59:35 AM
    Thank you this is a helpful starting point for upgrading.
  • marc_sommer@gmx.de
    Posted By: marcsommer
    On: 1/27/2015 4:48:10 PM

    Hi, thanks for this wonderful piece of work.

    The installation went fine so far, but as soon as try to navigate to the login page I get the following error:

    Server Error for application /.
    The resource couldn't be found. HTTP 404 requested url : SGAccount/Login (the same for SGAccount/Register)

    All aspx pages have been deleted, the requested page is in Views/SGAccount/Login.cshtml
    Do you have any idea how to resolve this?

    Thanks a lot in advance

    Marc

  • marc_sommer@gmx.de
    Posted By: marcsommer
    On: 1/27/2015 4:48:10 PM

    Hi, thanks for this wonderful piece of work.

    The installation went fine so far, but as soon as try to navigate to the login page I get the following error:

    Server Error for application /.
    The resource couldn't be found. HTTP 404 requested url : SGAccount/Login (the same for SGAccount/Register)

    All aspx pages have been deleted, the requested page is in Views/SGAccount/Login.cshtml
    Do you have any idea how to resolve this?

    Thanks a lot in advance

    Marc

  • info@kingwilder.com
    Posted By: King Wilder
    On: 1/27/2015 6:13:15 PM

    @marcsommer - sorry you are having problems.  I'm not sure why this is happening.  Can you confirm that the SecurityGuard package is there with the SGAccountController in place and the SGAccount Views all there also?

    You can always uninstall and then re-install and that may fix the problem, but it should just work.

    Let me know.

  • marc_sommer@gmx.de
    Posted By: marcsommer
    On: 1/28/2015 2:08:52 PM

    Ok, found the mistake. I thought the visual studio publication process automatically recompiles the project just before publication to a website. Actually you have to manually do it! The view files have been copied as is, but the changes in the controller part did not find their way in to the assembly. So there was no SGAccount controller in the project dll published to the site. I had to decompile the published project to see this. Unfortunatelly the server error messages in most cases are pretty useless as they mostly don't give you a clue into which direction to go.

    But thanks nevertheless for dropping in :-)

  • darretking@gmail.com
    Posted By: DarretKing
    On: 6/24/2015 6:14:52 AM

    Hi,

    Whenever I build and run, it creates a database ASPNETDB.mdf for use with Security Guard.

    How do I get it to not create another database, but rather update my existing database in DefaultConnection?

    Thanks

  • info@kingwilder.com
    Posted By: King Wilder
    On: 6/24/2015 8:51:15 AM

    @DarretKing - you need to make sure that the membership provider sections in the web.config/system.web element have the correct connection string name for your database.  You should have four (4) sections in system.web: 

    1. Profile
    2. Membership
    3. RoleManager
    4. SessionState

    These are the providers that SecurityGuard uses for connection to your database.  So make sure the connectionStringName values are pointing to the name of your connection string for your database.  I hope that makes sense.

  • info@kingwilder.com
    Posted By: King Wilder
    On: 6/24/2015 8:51:15 AM
    @marcsommer - the behavior you are describing is not one that I have experienced.  Whenever I publish, Visual Studio has always compiled the entire application with any new changes.  You might want to try to get your situation to someone at Microsoft.
  • luke@lukebrewerton.com
    Posted By: LukeBrewerton
    On: 9/10/2015 8:02:21 AM

    I'm using the MVC5 version of SecurityGuard and MVCInstaller. When I run the app I get the following error:-

    Schema specified is not valid. Errors:
    (19,34) : error 0040: The Type image is not qualified with a namespace or alias. Only primitive types can be used without qualification.

    If it helps, i'm using MySQL and not SQL but this is because there is an existing database that the app will pull other info from.

    The MySQL connection is working fine, there are just none of the tables required for SecurityGuard which is why I installed MVCInstaller5 via NuGet.

  • info@kingwilder.com
    Posted By: King Wilder
    On: 9/10/2015 9:24:54 AM

    @LukeBrewerton - SecurityGuard is not supported with MySql, that doesn't mean it may not work, but there's probably a few things to get it to work, some of which I have never explored.  

    1. Membership tables - the membership tables must be in the database, whether MySql or SQL Server
    2. Connector - you probably need a MySql data connector to make this work, I'm not sure.

    To be clear, SecurityGuard does not install the required membership database tables, that has to be done by you and can be done in various ways.  SecurityGuard is simply a user-interface that allows you to manage the data in the membership database.

    I assume the application is ASP.NET MVC, but you are connecting to a MySql database.  Is there a reason you can't have SQL Server side-by-side that contains the membership tables?  That would work.  You would just need another connection string in your web.config for it.

    Apart from that, I don't know what else to do to help you, since as I mentioned, it is intended to be used with SQL Server.

  • luke@lukebrewerton.com
    Posted By: LukeBrewerton
    On: 9/10/2015 8:02:21 AM
    I havent got the tables setup but I was using MVCInstaller aswell to setup the schema, or have I misread what MVCInstaller is for?
  • info@kingwilder.com
    Posted By: King Wilder
    On: 9/10/2015 11:35:40 AM

    @LukeBrewerton - no, you didn't misread what MVC Installer does.  Just be aware, as the documenation states, it will update your web.config with the new connection string information and the membership providers.  All the other settings will be untouched.  So it's best to do this locally so the Mvc Installer app has permission to update your web.config.

    You can update the web.config manually, but this just automates it for you.

  • info@kingwilder.com
    Posted By: King Wilder
    On: 9/10/2015 11:35:40 AM

    Also, if you already have membership providers in your web.config, it will over write them.  Be sure that's what you want to occur before you proceed.

    If membership providers do already exist, and you are OK with MVC Installer updating the settings, there are occasions where it doesn't work correctly.  So it's best to remove the membership provider sections prior to running Mvc Installer.  I hope this helps.

  • luke@lukebrewerton.com
    Posted By: llukebrewerton
    On: 9/10/2015 11:41:36 AM

    Ok, No I dont have any membership providers in the web.config, MVCInstaller added these. I commented out the SQL connection it added but my MySQL connection is also named 'DefaultConnection' and this works with the rest of the Entity Framework.

    I think its my implementation rather that SecurityGuard itself. I cant run SQL side by side with the MySQL as the webhost my client uses only provides MySQL

  • info@kingwilder.com
    Posted By: King Wilder
    On: 9/10/2015 11:50:44 AM

    @LukeBrewerton - are the membership tables created in your MySql database?  If not, then it absolutely won't work.  I can't confirm that it will work even if you do have the table created in MySql because, again I've never tested it with MySql.

    If it still doesn't work, it may be because the membership providers I'm using, System.Web.Provider namespace probably requires SQLServer.  So you may not be able to use SecurityGuard with your application, unfortunately.

 

User Name:
(Required)
Email:
(Required)