How To Manage Role And Its Permission In Application
Apr 29, 2010
i like to design a asp.net application(app1) where we can create role and actions. here action is such as create student details and delete student details... this both actions comes underneath to a role1.. so, the application will have some roles with set of actions. This roles and action will be used later in another applications(app2 and app3).
i have designed app1 with single sign on for all the application(app2,app3). when a user enter into app2, he/she will be redirected login page which resides in app1. There user validation will take place. once validated, authentication ticket will be send back to requested application(app2).
Once app2 receive the ticket, it will make another request app1 to get the roles and action belongs to singed user. the app2 should behave based the actions belongs to role.
*A user can have more roles.
how to control the user activities based on the actions?
Is there any framework to achieve this model?
View 2 Replies
Similar Messages:
Feb 24, 2011
I'm trying to allow logged user who are in department XYZ to perform some task for my third party App. I have two SQL tables named Users & UserList. The third party app (GoldMine) graps the USERNAME from the Users table and store it as UserID which I then referecnce SessionID. The UserList table has two columns (GM_UserName & Department) which I'm interested in. When a user login into the 3rd party app (GoldMine), i then compare the USERNAME (from Users table) to GM_UserName (from UserList table) and see whether GM_UserName is in = 'Dept XYZ'. Take a look at the SQL query below.
sqlDept = "SELECT USERNAME FROM Users LEFT JOIN UserList ON UserList.GM_UserName=Users.UserName WHERE UserList.Department ='Dept XYZ'"
I'm able to do this.
If Session("Userid") = "TestUser1" Or Session("UserID") = "TestUser2" Then Do this Else Do that End If
BUT unable to do this...
If user's Department = 'Department XYZ' Then
Do This
Else
Do that
End IF
View 2 Replies
Jun 13, 2010
I have an Admin folder which contains 4-5 aspx pages. I want to that only user with role="admin" can view those files. What settings i need in web.config?
View 1 Replies
Oct 31, 2010
I have deployed an web application in my system which is having public IP. I am able to log in to the application using some user id and passwords which where created earlier. But when i use another user id and pasword it is showing the below message:
"The user does not have permission to log in to the application. contact your administrator"
I have checked the database there was no changes made to set the settings for these users. It is not coming for all the users but it is coming for certain users only.
View 3 Replies
Jan 30, 2010
I have two .NET applications X and Y
a. I want to have User A as a common user for both application X and Y.
b. User A can have different roles on X and Y. Eg. Read permission on Y and Write Permission on Y.
How do i configure ASP.NET membership to achieve about functionality.
View 3 Replies
Jan 12, 2010
I have a problem....if one user try to go to a page where he isn't autorized, the application rediredt he at the login page...
how I can redirect in an other page, where i write "Access denied"??
View 2 Replies
Apr 26, 2010
Our team has recently implemented a role permission based authorization so that we can have granular control. This is similar to what Rockford Lhotka suggests herehttp://www.lhotka.net/weblog/PermissionbasedAuthorizationVsRolebasedAuthorization.aspx I have also read about the Claims based authorization which to me looks very similar to what we have. Can some one put in simple terms what the advantages of claims based authorization are.
View 1 Replies
Nov 12, 2010
I have a web application with a textbox and a button. When i click the button with a folder name in textbox a .xml file should be created in C: folder getting all the data from a method which retrives data from DAL. But clicking on button gives the error of access denied. I dont have sufficient permission. But when i run visual studio as administrator, this permission error does not occur, instead some other error i get. How can i get this permission to run this application?
View 3 Replies
Apr 7, 2010
I want to create a multi-tenant application that uses the hostname to determine the customer.
For example:
CustomerOne.myapp.com
AnotherCo.myapp.com
AndOneMore.myapp.com
I can do the database and security side with no problems, I can also get the hostname from the URL, but what I am struggling to find out is how to create the basic plumbing that would allow a new customer to sign up online, provide their company name, and for the application to create the new URL, ready to be used straight away.
View 1 Replies
Sep 28, 2010
I'm designing an ASP.NET 4.0 Web application where administrators may create an auction with an expiration. The expiration time would be stored in a database. How can I ensure that the auction ends at the predetermined time, considering the fact that an application instance may not be running when it is time? The application will be hosted with IIS7. I am considering Windows service, but I am wondering what other options are out there.
View 3 Replies
Aug 11, 2010
We have used Session heavily in our application, we have created core classes (which have many properties) and store objects of core class in the session.
1) What could be the best solution for reflector activity?
2) What could be the best way to manage session in an application which has 100 pages?
View 9 Replies
Sep 23, 2010
I am working on an application that resides on a development server on our internal network. The application was originally written to use Membership and Roles. We got busy almost a year ago before the app was finished, and now we are trying to get it ready to use internally.
The login page works just fine, but I have lost the ability to controls users and roles. I am running Visual Studio 2010 Professional now on a Windows 7 VM. I can open the application fine but there is no Web Administration Tool available for me to manage users or roles. If I go to Website -> in Visual Studio, there is no option for ASP.NET Configuration in the drop down menu. It simply isn't there.
How can I regain access to manage users and roles for this application? We are using Forms authentication and the database resides on a SQL Server 2005 instance on a separate box from the web server and my local VM.
View 1 Replies
Aug 31, 2010
I have Web Application which uses the Logged In User (Authenticated User) to query his Profile Data from Adabas/Unix using OLEDB. The application provides the user with about 21 different pages (Basic Info, Employment Info, Education, Dependants, Financial Info ...).
The web application has a master page, and each profile data page is based on a User Control loaded in the Child ASPX Page.
The Data Layer of this Web Application will have to undergo major modification, since we are migrating our legacy applications from Adabas/Unix to SAP, the development Team has prepared web services to query for the same Profile Data from SAP using Web Services. Now, we have to modify the web application to consume the web services instead of using OLEDB to query Adabas.
Since we are in the testing phase, and we have only very limited data in SAP, I have to provide temporary control to allow test query the Staff Profile for a Specified User (instead of the Authenticated User) and to select the Source:
1. SAP, or
2. Adabas.
So I am thinking to add the following "Control Section" in the Master Page:
[Code]....
See image below to clarify:
[URL]
Becuase the users defined in SAP are based on Dummy Data, so we want to allow the user to Enter the required SAP User, and he will select "SAP" from the Drop-Down-List. In this case, the program will query for Staff Profile Data from SAP for the specified "Staff ID" (txtSAPStaffID) instead of the Authenticated User. But, if "Adabas" is selected for the "ddlDataSource" then, it will default to the Authenticated User.
I noticed that when I am following the above technique, if I press "Go", the Staff Profile Data Page is disappeared, and when I navigate from page to another, the selection on the values entered in the "Control Section" in the master page are reset to default value, ie, the last values are not maintained.
Questions:
1. What is your feedback on the method I followed above ? Any other recommendations? I need very simple method.
2. Why the data page (the child page of the master page) is cleared (disappears) when I press the Go button ?
3. How to maintain the values selected when I navigate from one page to another ?
View 3 Replies
May 11, 2010
In my application. I have a master page where i have a menu control. After login i get the application role in a session. Now based on the application role I need to remove some of the items which are not required for general users.How can we check the menu and remove in master page. I tried below code but its not working.
[Code]....
View 7 Replies
Jan 16, 2011
I am new to asp.net and developing an application where there will be some roles like (admin, entry user, maker, checker) one user can have all or can have partial roles based on the provided roles and the page should restrict functionality based on the user role.
What is the best way of implementing it without memberships in asp.net ..
View 1 Replies
Feb 9, 2010
I have a custom role provider class that is currently being used by a web application. We are now in the process of migrating several windows applications from VB6 to VB.Net. From preliminary research, I understand that I can use the custom role provider in win forms as well and came across Client Application Services. I understand how the Client Application Services is setup, but can't seem to find how the custom role provider code will be shared between the web apps and the windows apps.
View 3 Replies
Jul 12, 2011
I have an asp.net application. This is a role based authorization. Basically, if the user's are in a specific AD group, it should allow them to look at the webpage. Otherwise it should error out saying "not authorized".
In the web.config file, I have the following lines of code. I made sure I am in the Apr-Sales-Writers AD group.
Code:
<authorization>
<allow roles="Apr-Sales-Writers"/>
<deny users="*"/>
</authorization>
Issue: when I go to default.aspx page, it prompts for a userid and password and even though I put correct password and userid, it says "not authorized error".
Code:
Access is denied.
Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.
Error message 401.2.: Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server. Contact the Web server's administrator for additional assistance.
In the IIS project (on IIS server), I configured it to be a "Integrated windows authentication".
View 1 Replies
Dec 23, 2010
I am looking for an opensource .Net 4.0 user profile and role management module. I need to manage basic user profile updates and management. Does any body know if such a thing exist?
View 1 Replies
Nov 13, 2010
Usually in sub-folder we will limit the access right to some roles and this feature requires pre-defined database schema.
However, if i still want to use this role feature of asp.net, but I do not like the pre-define database schema, I want to extract role information from my own database table and bind it to the role.
View 2 Replies
Mar 18, 2011
Why asp.net sql role provider does not allow to update the role name , whats its reasons.
View 5 Replies
Nov 3, 2010
When adding a role (making use of asp.net's role provider), i cannot find a method to add a role including a description.the asp.net Role table in SQL makes provision for a role description, however the only method available is:Roles.CreateRole(string RoleName);here is no overload to include a description.Is there an out of the box way of including the description? or should i go about this myself?
View 1 Replies
Feb 10, 2010
How can i get the role id, rather than the role name?
For instance with the code below
Dim roles1 As String() = Roles.GetAllRoles()
GridView1.DataSource = roles1
GridView1.DataBind()
I can access the role name in the gridview like below, but how could I get the ID to pass in a hyperlink?
<asp:Label ID="lbl1" runat="server" Text='<%#Container.DataItem.ToString() %>' Visible="false" />
View 1 Replies
Jan 13, 2010
I am in the process of creating a user control that enables content areas of our web application to be editable. The control utilizes the asp.net membership/role providers and incorporates a LoginView that only displays the edit link if a user has logged in and is a member of the desired role. What I would like to be able to do is pass the "role" as a property of the control so it can be set dynamically and does not have to be hard coded into the control if I use elsewhere in another application.
View 3 Replies
Dec 3, 2010
I need the settings in web.config file of my asp.net application through which i can set permission for particular folder outside IIS. I need this functionality through settings in web.config.
Edited: I need to know that how can we apply impersonation in web.config file
View 1 Replies
Oct 8, 2010
I have created an ASP.Net application using .Net framework 4.0. I need to save an xml file on any location on same server (if file not already exists) and want to access then after always. But I dont want to set write permission to any folder. Is it possible to write a file to any location for Network service account without specifying write permission? Does Network service account have default write permission to any location?
View 2 Replies
