Membership and Roles API and the WSAT

Last June 3rd I flew Saskatoon for the day and met with the .NET Users Group. It was good to see colleagues and ex-coworkers. I was presenting four demos regarding VS 2005 and SQL server 2005 with Service Broker. The presentation didn’t go very well as I had a hard drive error on one of my VPC images. Apart from that I noticed a great interest in the new technology, specially SQL Server 2005 Service Broker and web services support.
I also got very interesting questions from the audience. One of them was regarding the ASP.NEt Configuration tool or WSAT, Web Site Administration Tool.
The original question was:

We are planning to extend the Membership API to use it on our own intranet with existing databases; however, one of the advantages of using this API is also having the Web Site Administration Tool available to manage Memberships and Roles.

After a short investigation, especially reading this article:

http://msdn.microsoft.com/msdnmag/issues/05/04/Security/

and this one:

http://www.devx.com/codemag/Article/30087/0/page/3

we realized this WSAT tool is only available with VS 2005. We would like to know though, why isn’t this application available outside VS 2005. What dependencies are shared with VS 2005, so this application cannot be deployed as a stand alone solution?

You can call the tool outside VS 2005, by typing http://localhost/MyWebSite/Webadmin.axd on your web browser.

Juval Lowy’s replies:

In any event, I solved the problem you describe using my Credentials Manager tool described in this article:

http://www.code-magazine.com/Article.aspx?quickid=0511031

Unless you do some hacking, the admin pages (besides not providing all the required features) can only work with Cassini.

The WSAT does not use IIS both for security reasons and because many developers are not allowed to have IIS installed. The ASP.NET team recommends you use Credential Manager for real life admin.

You can use Credentials Manager freely (make sure you get the latest version from www.idesign.net) and even modify it as long as you maintain our copy rights and give credit to IDesign in your docs.

And Jeff Prosise’s replies:

WSAT was originally intended to work locally or remotely, but the ASP.NET team grew concerned about security, so in the final release, it only works against local Web servers. You can modify the source code to work against local servers, but in general your best bet is to use the membership and roles APIs to write your own targeted remote admin tool.

The source code is in the ASP.NETWebAdminFiles directory (e.g., C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles). You can install it in a virtual directory and run it without Visual Studio.

You can modify it to work against remote servers if you wish.

I hope this helps the Community and also stays here on this blog for my own future reference.
Thank you guys and thanks to Saskatoon .NET User Group for their understanding and support during the hard drive failure.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.