Custom Role Provider Everthing Working Except Roles???
Apr 25, 2007
Hello Everyone,
I am trying to use a custom role provider, the main purpose so that I don't have to use a database file. My web.config file is posted below. My problem is that I think I have followed all the steps to create a custom role provider using both articles on MSDN and some written by Scott Gu. After Modifying my web.config file I went to the asp.net configuration to test the connection. Users are created in the remote database but roles are being picked up and created in the App_Data folder. Can anyone give me a hint at what I am doing wrong? thanks in advance.
<?xml version="1.0"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
I am new to SSIS but I am learning fast. Any help is greatly appreciated.
I have written a custom log provider derived from LogProviderBase. I want to programmtically add the custom log provider to my package, but when I try this:
myPackage.LogProviders.Add("ACustomLogProvider");
I get the following exception:
"The log provider type "ACustomLogProvider" specified for log provider "{..GUID..}" is not recognized as a valid log provider type. This error occurs when an attempt is made to create a log provider for unknown log provider type. Verify the spelling in the log provider type name".
I have followed the instructions in BOL and as suggested in this forum, adding the DtsLogProvider attribute:
This also gives me the same exception "The log provider type ""{..the actual GUID for ACustomLogProvider..}" specified for log provider "{..a different GUID..}" is not recognized as a valid log provider type....
My questions are: Is it possible to add a custom log provider programmtically or must it be done through the SSIS Designer?
Must I deploy my custom log provider class for it to work programmatically? (I had perhaps wrongly assumed I would not have to deploy if I don't want it to show up in the SSIS Designer).
I would prefer to use a custom log provider instead of just logging within the SSIS event handlers because I can override the OnPostExecute, etc. but I cannot (can I?) override the specific event handlers like PackageStart, PackageEnd, etc because they are not exposed through DTSEvents.
I am currently on XP x64 and am trying to run a .vbs file, which needs access to an access file when the following error pops up:
"Provider is not specified and there is no designated default provider" error code: 800a0ea9 source: ADODB.Connection
I have tried a bunch of stuff, but so far nothing has worked.
The following code is is question: set AccessDB = CreateObject("ADODB.Connection") AccessDB.Open("DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & sMSAccessDBPath)
any help would be appreciated......could I run this with cscript.exe (in the WoW64 folder) in through cmd.exe?
Can we create custom object wide roles? In the same manner that db_datareader in effect grants SELECT on all tables, can we create roles that affect all objects without having to explicitly grant the permission on every object?
I'm assisting in the creation of a development enviroment with SQL Server 2005, and I need to assign some custom roles, in particular, a Stored Developer Role should be able to create, modify and execute Stored Procedures but they should not be able to alter tables or views, but should be able to retrieve/insert data from those tables.
I've tried with the default roles in 2005 to no avail.
Is there a relatively easy way to accomplish this with a database alredy populated with objects of both kinds? (SP's and Tables / Views)
e.g. when the <UserID1> clicks on the "home" link show only "Client" folder and when <UserID1> clicks on the "Client" folder only "ClientReportA" will show.
Here is the accessable map for each user:
<UserID1> Client
ClientReportA
<UserID2> Client
ClientReportB Company
CompanyReportA CompanyReportB
Question: What is the best way to implement CheckAccess? At first I thought I can access the item names and I can test authorization through that, but AceCollection contains operation permission of the accessing object.
I am very frustrated. Everything works on the local host but when I upload to server I can login to the admin role I created, but when I try to access pages that have role priveleges I get the following error: The SSE Provider did not find the database file specified in the connection string. At the configured trust level (below High trust level), the SSE provider can not automatically create the database file. The ASPNETDB.MDF database was uploaded using the Database Publishing Wizard. Please help!
I have 5 cubes, and hierachy defined for all cubes. for example:geography database with 5 continents as cubes and contries as dimensions.Now when i am doing security restrictions on my dimension ex: In USA dimension if i want only to give access to texas region then i should be able to see only texas cities. But i cansee all the states under USA even after selecting only Texas region under Dimension data tab inside ROles section in SSMS.I have tried security at database ,cube level as well as dimension level.But still not working.is that because of some wrong design of cubes or something related to database design.? I am not able to undersand that except roles everything in my cubes or datawarehouse is working fine without and defect in data.
I am not sure why this is not working it clearly states in the MSDN that it should "
'role' Is the name of the SQL Server role being checked. role is sysname and can include the database fixed roles or user-defined roles but not server roles.
"
I have seen many questions revolving around this issue on this site and on the net about this but know one can answer it
I have created a new user defined database role called testrole with any owner
then created a new sql login and user (Sql Authentication)
add the user to the database role testrole
check IS_MEMBER and it returns 0
try this with a fixed database role and I get the desired result of 1
this is simple and should not be such a problem for every one
2. I deploy the signed assembly to the../../DTS/90/LogProviders directory & the GAC on both machine A & machine B.
3. I create a new package on machine A & go to enable logging for this new custom provider: I find it in the drop-down list of providers, and I can add it successfully.
4. I create a new package on machine B & go to enable logging for this new custom provider: I find it in the drop-down list of providers, but I can't add it. I get the following error:
'...failed to create log provider...the log provider type "_" specified for log provider "_" is not recognized as a valid log provider type. This occurs when an attempt is made to create a log provider for an unknown log provider type. Verify the spelling in the log provider type name (package)."
I created a SSIS log provider derived from LogProviderBase, it's appear in my VS2005 and work fine, the only one problem is, there is not a dropdown list of connections in the SSIS Log Configuration column, how can I add it?
I am trying to do custom log provider that will post events to Notification Services...The idea is that if I could post the "SSIS events" to Notification Services, with a Custom Delivery Channel in NS, I would be able to do NS Subscriptions with real time monitoring of SSIS packages..
I have tried to use the sample custom log provider code in MSDN. The problem is after I added the custom log provider dll to the C:Program FilesMicrosoft SQL Server90DTSLogProviders folder and install to global assembly using gacutil...
The custom log provider is not showing up in the Provider Type under Configure SSIS logs...
I found one post from the past asking this question, but didn't see an answer, so I am hoping someone can shed some more light on it:
I am writing a custom log provider in C#. Is it possible give this custom log provider access to the variables collection (via a variabledispenser object)? First glance at the log provider classes would tell me that this is not possible, though I would like confirmation. Also, if I am correct in thinking it is not possible, what was the reason for leaving this out?
can someone help me in this???? this function is throwing exception "sqlException unhandled in user code"."incorrect syntax near ?"
Public Overrides Sub UpdateUser(ByVal us As System.Web.Security.MembershipUser) Dim conn As New SqlConnection(connStr) Dim cmd As New SqlCommand("UPDATE users SET firstname = ?, lastname = ?, company= ?, address= ?, state= ? WHERE Username = ?", conn) Dim u As User = CType(us, User) cmd.Parameters.Add("@firstname", SqlDbType.VarChar, 50).Value = u.FirstName cmd.Parameters.Add("@lastname", SqlDbType.VarChar, 50).Value = u.LastName cmd.Parameters.Add("@company", SqlDbType.VarChar, 50).Value = u.Company cmd.Parameters.Add("@address", SqlDbType.NVarChar, 200).Value = u.Address cmd.Parameters.Add("@state", SqlDbType.VarChar, 50).Value = u.State cmd.Parameters.Add("@Username", SqlDbType.NVarChar, 64).Value = u.UserName Try conn.Open() cmd.ExecuteNonQuery() Catch e As SqlException Throw e 'Throw New Exception("Some Error occured during updation...") Finally conn.Close() End Try End Sub
...I guess that simply means that I can't access a package's variables within a custom log provider? Can anyone comment/confirm? Any other options/routes to achieving the same..?
I am interested in determining if package variables can be read from a custom log provider. I am able to pass the values into the custom log provider using an expression in a custom connection manager. My intention is to used the values of these variables upon package failure so I can capture the context of the failure. Unfortunately, if the value of the variable is changed at runtime, this update is not reflected in the custom log provider.
Is it possible to get direct access to the package variables from the custom log provider?
ASP.NET 2.0.... What is the proper way to rename the ASPNETDB.MDF to another name, such as TEST_ASPNETDB.MDF? I know you can rename the db in the IDE, BUT, there are other places you need to change so that ASPNETDB.MDF isn't recreated. Do I have to make a custom SQLExpress provider or something to that effect? Any examples? Thanks...
I'm trying to use an OLE DB connection manager from inside a custom log provider, but can't get the code to work - I get an exception "A first chance exception of type 'System.InvalidCastException' occurred in SSEALogProvider.dll" on the last line of the code below.
I know the connection is OLE DB from looking at .CreationName.
I've tried both with & without ToConnectionManager90(), but appearently not in the right way, both cases gives the same exception.
Any tips on what I'm missing? All the examples I've seen are either creating (instead of using) connection managers, or are file based connection managers. Any and all help much appreciated!
Thanks/Kristian
if (this.ConfigString.Length == 0 || connections.Contains(ConfigString) == false ||
infoEvents.FireError(0, "SSEALogProvider", "The ConnectionManager " + ConfigString + " specified in the ConfigString property cannot be found in the collection, or is of the wrong type (expected CreationName='OLEDB'.)", "", 0);
I have a package with a custom log provider, which runs in BIDS. However when I deploy the package onto SQL Server and run it on the deployed machine, if fails:
"failed to decrypt protected XML node DTS:Password...key not valid for use in specified state..."
Now this is definately to do with the custom log, as if I take it out & redeploy, I can run it on the deplyed server + also run it within a job. I have entered the custom log provider library (+ other required DLLs) in the GAC on the deployed machine, but I'm clearly missing something.
I have a custom assembly which has a strong name, and I have deployed it in the GAC. I have also raised its trust level to Full Trust.
I have added a reference to this assembly from report properties.
when I try to use it, I get the error
[BC30451] name 'myUtil' is not declared.
Here myUtil is the instance name of the my class. (All methods are instance methods in my class and there are no static methods).
I found many people facing this issue, and the solution involved copying of the assembly in some privateassemblies folder. However that should not be the case with me as I have the assembly in the GAC.
I am new user of SQL Server. I have some problems with these words. I want to make my database works in my specified permissions. I will specify permissions with schemas and these schema wants an owner. I want this owner should be my user. When creating a user it needs a valid login. I am selecting my login and it occurs and error says this login has an different user. I am specifying permissions with roles. But i can't make association all of them. I hope i told my problem to you as well. If you explain these words to me and tell me how can i do my database's works with my own schemas, users and roles i'll be grateful. Thanks for advices.
I have a SSRS report that uses a custom library. The custom library returns a string values, and I have tested this with a windows application.In the SSRS report. I have set the expression value for a text box as =CodeReportingLibrary.CodeReportingFunctions.GetImage(1232)
However, when i preview the report the text box value shows as #ERROR. I checked the error list and I get a warning message : Warning 1 [rsRuntime ErrorIn Expression] The Value expression for the textrun ‘Textbox5.Paragraphs[0].TextRuns[0]’ contains an error: Attempt by security transparent method 'CodeReportingLibrary.CodeReportingFunctions.GetReferenceImage(Int32)' to access security critical method 'Microsoft. TeamFoundation. Client. TfsTeamProjectCollection..ctor(System.Uri)' failed. Assembly 'CodeReportingLibrary, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' is partially trusted, which causes the CLR to make it entirely security transparent regardless of any transparency annotations in the assembly itself. In order to access security critical code, this assembly must be fully trusted.
I have updated the rssrvpolicy.config in ReportServer folder, to include my custom dll.
I'm trying to add a custom report format to ssrs 2005 as per this [URL] I've added the code snippets in the example to three different ssrs 2005 server RSReportServer.config files but it does not work i.e do not show up in the export drop down when rendering report.
I've tried starting and stopping reporting services and it still does not works.
I've also modified the existing csv extension with different options to see if it works but to no avail.However it works with SSRS2008 R2 . In fact it works right after I saved the config file, no restart needed.For SSRS2005 the file is in C:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesReportServer. I checked the registry setting just to make sure I'm looking at the correct installation 'HKEY_LOCAL_MACHINE', 'SOFTWAREMicrosoftMicrosoft SQL Server90ToolsClientSetup', 'SQLPath' The three ssrs2005 instances are in three different physical servers and the problem is with all of them so it is not an isolated incident. I've dbowner rights to all three servers. The server versions are 9.0.4060, 9.0.4035 and 9.0.4053
Apologies if my post does not fit into this forum. I initially tried the SQL Server Data Access forum but I now think my question is more security related.
Is it possible for a web user who has been successfully authenticated with forms authentication to be authorised to use a SQL Server 2000 role depending on a particular ASP.NET 2.0 role that they have been authorised to use? I understand that that I can assign a SQL Server 2000 role to the ASPNET or NETWORK SERVICE account but this will grant access to anonymous web users to the database role. I can ensure that I only call stored procedures which access sensitive data in web pages that are in restricted by ASP.NET roles. However, it would be nice to also restrict stored procedures via the ASP.NET 2.0 Forms Authentication roles.
If this is not possible have you got any bright ideas how I could restrict access to stored procedures who are anonymous web users.
I'm developing an ASP.NET2.0 application which accesses a SQL Server 2005 Express database. I plan to use integrated security for access to the database.
I'm confused about the relationships between Windows groups, the ASP.NET web.config file <allow roles=.../> and SQL Server roles.
I would like to create a Windows group to which I can assign multiple users and grant that group access to a Web Site using windows authentication and also grant that windows group access to the database my web application uses.
I have gotten the combination of Windows Authentication to the web site and to the database to work for a specific windows user but I am having trouble determining the combination of database security entities I must create to allow access to my database by members of the windows group.
For a Windows user:
1. Create Windows user
In SQL Express
2. CREATE LOGIN FROM WINDOWS WITH DEFAULT_DATABASE =
3. CREATE USER FOR LOGIN
4. CREATE ROLE
5. EXEC sp_addrolemember <role-name> <user-name>
For a Windows group, what would be the equivalent commands necessary to grant a windows group access to my database? Specifying the Windows Group name in sp_addrolemember does not appear to be sufficient even though the documentation states that a windows group name is a valid value for the member name argument.
After reading Books Online, I am still confused with Database Role vs Application role.
My intention is to control the end users' authority on the database, where the end users will access through Winforms client application. With proper assignment of schema and database roles to an user, I believe this will enough to control the permisison of an user.
If this is the case, why Application role exists? When and why should I use Application Role? How is it different from Fixed Database Role?
Hi! Can anyone say which ms sql server predefined roles are similar to the following oracle predefined roles: dba, connect, resource. I already know that sysadmin in MS SQL Server is the same as DBA in Oracle but what about the rest? Thanks a lot.
I am in the process of locking down the SQL Server in an environment that is considered to be in production (pilot stages) and there is no staging or test environment that mirrors it. I need assistance in determining the server and database roles to assign to existing logins, most of which currently have sa and dbowner rights. Because it is not a development environment, I need to be sure that downgrading the server and/or database level permissions will not break any functionality.
I'm starting with the logins that have the SA fixed server role. These logins need to be able to install applications that require the use of a backend database, which will be stored on SQL Server. In addition, through the installation process a new login/password for the newly created database(s) is normally created. For the existing logins with the SA fixed server role, will downgrading to the securityadmin and dbcreator roles be sufficient to facilitate those needs, or are those too much/ too little? And should any user account ever be granted the SA role? If so, what questions could I ask to determine this need?
Since these install process for these applications usually prompt to install using SA or local system account to authenticate to SQL to create the new database(s), that account should have securityadmin and dbcreator roles to create the database and its tables, as well as add a new login to that database.
Please address this question, keeping in mind that the logins will only be performing the described actions, installing apps using SQL Server as the backend database and adding a login to that database (which may or may not be done during the installation process).
Ive been reading over the documentation and some stuff online, but I still dont really understand what the difference is and when you would use one vs the other. Can someone put it in simple terms for this dummy (me) ?
I am creating a custom transformation component, and a custom user interface for that component.
In my custom UI, I want to show the custom properties, and allow users to edit these properties similar to how the advanced editor shows the properties.
I know in my UI I need to create a "Property Grid". In the properties of this grid, I can select the object I want to display data for, however, the only objects that appear are the objects that I have already created within this UI, and not the actual component object with the custom properties.
How do I go about getting the properties for my transformation component listed in this property grid?
I'm looking for some guidance/help regarding setting up a sa - lite account in SQL 2005. I need to give another admin rights to create/monitor maintenance plans, backup and restore databases, monitor performance/logins, but NOT be able to have any rights on several tables (and of course not being able to set user permissions).
I've tried using server and db roles but haven't been able to determine how to give someone w/o full sa rights access to maintenance plans.
If you can think of soemthing, please let m eknow.
