How to Implement Custom Role Provider in Asp.Net MVC

As I have discussed in earlier article that programmer need to implement custom provides to enable its own database works with in-built functionality. My previous article was to implement custom membership provider and in this article I will continue with custom role provider in MVC.

By following these simple steps we will complete the task:

• Create a class "Custom_RoleMembership" in Models folder in your MVC application.
• Inherit this from RoleProvider class exists in "System.Web.Security" namespace.
• Right click on RoleProvider and select on “Implement Abstract Class”, it will all the override function need to be implement by us.
• Just implement GetRolesForUser(string username) method and replace that function with the following code:
  
  public override string[] GetRolesForUser(string username)
  {
  //Get roles for this username and return in string array
  if(username=="admin")
  return new string[] { "Admin" };
  return null;
  }

• Go to HomeController and place an attribute like below:
  
  [Authorize(Roles = "Admin")]
  public ActionResult Index()
  {
  ViewBag.Message = "Modify this template to jump-start your ASP.NET MVC application.";
  return View();
  }
  
• Open web.config file and place below code under system.web tag
  
  <roleManager defaultProvider="Custom_RoleMembership" enabled="true">
    <providers>
  <clear />
  <add name="Custom_RoleMembership"
  type="CustomMembershipP.Models.Custom_RoleMembership"  />
    </providers>
  </roleManager>

Now run the application and open Index page, it will redirect you on login view. Login with username = admin and password = password and debug this application, it will check the above method GetRolesForUser(). If there is a role for this user then it will go to index view otherwise return to login page.

In my case I have used only one username and return admin only from the method. But you can check the roles in your database and return them in string array. If there is a role “admin” in your array then only it will open index page.

Implement Custom Membership Provider

How to Implement Custom Membership in Asp.Net MVC

In Asp.Net MVC, default membership works with pre-defined/specified data source where programmer don’t worry about anything related to authentication. To implement authentication with desired data source, programmer must implement custom membership as explained in the article. Using custom membership, programmer can easily authenticate user’s visit through self-written code.

This article will describe some simple steps to complete the task:

• Create a class named "Custom_Membership" in Models folder in your MVC application.
• Inherit this from MembershipProvider class exists in “System.Web.Security” namespace.
• Right click on MembershipProvider and select on “Implement Abstract Class”, it will all the override function need to be implement by us.
• Just implement ValidateUser() method and replace that function with the following code:
  
  public override bool ValidateUser(string username, string password)
  {
  if (username == "admin" && password == "password")
  {
  return true;
  }
  return false;
  }

• Go to AccountController >> Login action and change the login functionality as:
  
  public ActionResult Login(LoginModel model, string returnUrl)
  {
  if (ModelState.IsValid && Membership.ValidateUser(model.UserName, model.Password))
  {
  FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
  return RedirectToLocal(returnUrl);
  }
  ModelState.AddModelError("", "The user name or password provided is incorrect.");
  return View(model);
  }

• Open web.config file of the root and add following in system.web tag
  
  <membership defaultProvider="Custom_Membership">
    <providers>
  <clear/>
  <add name="Custom_Membership"
  type="CustomMembershipP.Models.Custom_Membership"/>
    </providers>
  </membership>

Run the MVC application and open Login page, it provide an error related to membership, to resolve through error just delete “[InitializeSimpleMembership]” attribute from AccountController.

Again run the application and enter username and password as provided above in ValidateUser() function. It will login successfully, now you can override any of the function in your custom membership class.