I'm using the Aspnet_regsql.exe for roles in my app. I want to grant someone temporary permission to access some of the pages in this site for a limited amount of time. I would like to grant a user permission for a couple days or so, then revoke these permissions. Or create a user with full permissions that would only last a couple days.
Is there a way to do this?
I am getting this error on my web site and it is preventing the site from compiling. The site is in full trust and the web site files are on the local drive. Web searches show that the only two issues are full trust not enabled or the files on a UNC path that is not trusted and neither is the case here. This site is on an Win2008/IIS7 server. Anyone have any ideas as to why this is happening or where to look for other trust level or security settings to resolve this.
View 2 Repliestwo weeks ago I read a MSDN(?) article how to grant/revoke permission for some users/roles/groups on a specific page or holder temporarily or with condion. The article shows how to do it Form_Load() in c#. But I can't find the link with googling or in MSDN library.
Please let me know if you know the url?
What I want to do is:
There is a folder called employeePDFs.
The folder will have 1000s employees' sub folder ({lastname}{firstname}{employeeID}). Each folder will have very personal indivual PDF files which are manually uploaded.
If an employee logs on, then the logon employee can view a page which has a list of PDF files in his own folder only.
Those PDF files can be assessed only by the user.
I want to put my dlls on web site.
I don't know how doing so,
since I got a message :
Could not load file or assembly 'aDllFile, Version = 1.0.0.0, Culture = neutral, PublicKeyToken = null' or one of its dependencies. Failed to grant minimum permission request.
Now I am checking it on my own computer (Windows7).
I am following this link:
http://msdn.microsoft.com/en-us/library/aa701256(office.11).aspx to research on Excel project.
Everything works fine during development. When I publish to local computer IIS, I cannot open the excel file. The error is:
Could not load file or assembly 'DiagramOrder, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. Failed to grant permission to execute. (Exception from HRESULT: 0x80131418)
I think it is related to Security Configuration and found this link: http://msdn.microsoft.com/en-us/library/zdc263t0(VS.80).aspx. I use step
To grant full trust to an assembly or folder on your local computer and also
To grant full trust to an assembly or folder on a network computer or mapped drive.
I also refer to
http://msdn.microsoft.com/en-us/library/9w6bd8f1(VS.80).aspx to add Msosec.dll
to have Full Trust.
After all the settings, I do restart computer. All the steps taken just cannot resolve the problem.
I am not try using caspol utility because I think it should same as what I did using UI. Correct me if I'm wrong.
Notes:
- Using ASP .NET Framework v2.0.50727 (.NET Framework 3.5 actually)
- IIS v5.1
the following will clearly show the steps i have taken to achieve a connectivity to database "123" such that the remote user who is using sql login verification can do whatever he wants with the "123" database, and thee remote user cannot change anything of any other database.
?the permission u see granted in the pictures is just guest work, IT WORKS! but i would like to know the required correct permission to grant and not more permissions (to the point permission- DO ANYTHING WITH DATABASE "123" AND THATS IT- DONT EVEN SEE THE OTHER DATABASES)
?how shall i stop this remote user or deny this remote user from even viewing the other databases. a you can see the remote user cannot change anything in other databases but he can see them! I DOT WANT Him to VIEW THEM.
please give your comments and guidence "to achieve the above goals LIKE A PROFESSIONAL WOULD"
and a site link explaining these many permissions in sql server 2005 management studio express would be helpful.
I'm developing a managed module for IIS7. Assembly with my code is placed in GAC and worked fine within 2.0 pipeline. But with .NET 4.0 pipeline (and Medium Trust Level chosen) there are no permissions to read registry and code is unable to read/write
"C:Program Files<Folder>MyAppConfig.file"
Is there any way to grant my assembly with proper permissions to do this?
i have create a local Group (on server2003) name: Group_Test
SQL-Server:
i want to grant execute on usp_test. i have to specify the group with hostname
i tried
[Code]....
but it doesn`t work
I have wav/mp3 files that I want to grant access to only users after signing into my webapp. I have the user credentials being checked through a mySQL db. I do not want the files to be able to be accessed by url. I have found that adding the mime type to the web.config section at
[Code]....
will disallow access to the files by url, but how can I allow access programmically to the files after signing in?? Currently using godaddy hosting.
I need to allow my asp.net application to read and write from and to a folder.
View 2 RepliesI'm using Visual Studio 2008 on my local PC. My Code kept on network Drive. when i am trying to run it from my local machine i am getting below security exception.is there anyway i can Grant Permissions to network folder?
*Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
I have a web app that uses AD to authenticate the user which works great. But i received a request where a user that is outside of the Ad needs access to the application.
Is there a way to add this user manually (Maybe in web.config) to allow them to access the application?
I have an MVC 3 application which uses asp.net authentication. I have just created a custom errors controller and a couple of views for unknown errors and 404's. This works fine when I am logged into the application but if an internal server error happens during logon I would like to display the error/unknown view. However I just keep getting redirected back to the login as I am not authenticated.
I have added a location path for 'Views/Error' to my Web.config to allow access to all users but I am guessing it's the controller access that is causing the redirection.
Is there any way you can allow this in MVC or do I need to think of another solution? Just did not want to add a generic message to the login page as that's what my unknown error view is for.
I want to grant access to some ressources located on server only for specified web pages, how could I do this?
For example I have an image www.mysite.com/images/image.jpg and something like <img src="www.mysite.com/images/image.jpg" /> should only work on site asp.net.
Is it possible with web.config or maybe with some C# code?
I've a default.aspx page in my application's root folder. I added a a page in the root of inetpub that redirects requests to the default page. The idea is that the user need only enter the server name to get to the default page. How can I set things up so that all users have access to the default.aspx and that they only have access to the other pages once they've been authenticated?
I am using Windows Integrated Security and the users are being challenged and authenticated properly. I want them to be able to access Default.aspx without any challenges.
(On a side note which may answer this question, when using WIS does the user *allows* have to be challenged? Isn't it possible to pass through their Windows User and ID without the prompt?)
c: inetpubwwwroot
edirect.aspx (set as default document in IIS and simple executes Response.redirect("sites/mercury/default.aspx")
c:documents and settingsall usersdocumentswebsitesmercurydefault.aspx (home page for the site & server)web.config includes
[Code]....
We have a web application that runs on a WIndows Server 2008 64 bits machine. The app's ApplicationPool is running under the ApplicationPoolIdentity and configured for .net 2 and Classic pipeline mode.
This works fine up to the moment that XmlSerialization requires creation of Serializer assemblies where MEF is being used to create a collection of knowntypes.
To remedy this I was hoping that granting the ApplicationPoolIdentity rights to the ASP.Net Temporary Files directory would be enough, but alas..
What I did was the run the following command from a cmd prompt:
icacls "c:windowsmicrosoft.netframework64v2.0.50727Temporary ASP.NET Files" /grant "IIS AppPoolMyAppPool":(M)
Obviously this did not work, otherwise you would not be reading this :)
Strange thing is that whenever I grant the Users or even more specific, the Authenticated Users Group those permissions, it works. What's weird as well (in my eyes) is that before I started granting access the ApplicationPoolIdentity was already a member of IIS_IUSRS which does have Modify rights for the temporary asp files directory.
And now I'm left wondering why this situation requires Modify rights for the Authenticated Users group. I thought it could be because the apppool account was missing additional rights (googling for this returned some results, so I tried those), but granting the ApplicationPoolIdentity modification rights to the WindowsTemp directory and/or the application directory itself did not fix it.
For now we have a workaround, but I hate that I don't know what is exactly going on here, so I was hoping any of you guys could shed some light on this.
i want to create a temporary zip file under iis, so i can access it by an http request. in addition i want to delete this file after download it. N.B. : i'm using asp.net 3.5 framework.
View 1 RepliesI have a database with tons of SP. Is there a way to grant a new user access to all SP so the user can execute then?If the SP inserts data in a table do I have to grant the the user that executes the SP so he/she is allowed to insert data
View 2 RepliesI have to show the pdf files ,by the same time it should not get sotred in Temporary Files in the client Pc. Is there any control for this requriment.
View 5 RepliesI want to save a picture from my computer in database on the server. I want to show this picture before I save it in database . I used this code.
[Code]....
The picture is saved on the server. I do not want this.
my aspx web app needs to allow clients to load files (excel files) to some place in the server, to be able to open and read content via OLEDB immediataly after upload. Are there any "best practices" or suggestions about location, naming and security of temporary files folders? Also I need these files to be automatically deleted after use, I would like to be sure they always are. VS 2008/ .net 3.5 framework/ Windows server 2003 and 2008
View 2 RepliesRecently I was working on displaying workflow diagram images in our web application. I managed to use the rehosted WF designer and create images on-the-fly on the server, but imagining how large the workflow diagrams can very quickly become, I wanted to give a better user experience by using some ajax control for displaying images that would support zoom & pan functionality.
I happened to come across the website of seadragon, which seems to be just an amazing piece of work that I could use. There is just one disadvantage - in order to use their library for generating deep zoom versions of images I have to use the file structure on a server. Because of the temporary nature of the images I am using (workflow diagrams with progress indicators), it is important to not only be able to create such images but also to get rid of them after some time.
Now the question is how can I best ensure that the temporary image files and the folder hierarchy can be created on a server (ASP.NET web app), and later cleaned up. I was thinking of using the cache functionality and by the expiration of the cache item delete the corresponding image folder hierarchy, or simply in the Application_Start and Application_End of Global.asax delete the content of the whole temporary folder, but I'm not really sure whether this is a good idea and whether there are some security restrictions or file-system-related troubles. What do you think ?
Can i make a bulk insert into the temporary table by calling a stored procedure from the front end.
Am using BulkCopy command to write data to server
bulkcopy.destinationtablename="#TempTableName";(here i want to give the tempoary tablename which is created in the database)
bulkcopy.Writetoserver(datatable dt);
How to do this?
(OR)
Is there anyway to create a temporary table from C# and set the destinationtable as #TemPTableName and then write to server.
I'm starting to learn MVC 2.0 and I'm trying to create a site with a quiz: user is asked a question and given several options of answer. If he chooses the right answer he gets some points, if he doesn't, he looses them.
I tried to do this the following way
public class HomeController : Controller
{
private ITaskGenerator taskGenerator = new TaskGenerator();
private string correctAnswer;
[Code]....
But I have a problem: when user answers the cotroller class is recreated and I loose correct answer. So what is the best place to store correct answer? Should I create a static class for this purpose?
I have a few ideas on how to accomplish this, but before I make a big mess perhaps there's an obviously easy solution I'm not seeing.
So I have on my site software (.NET 2, C#) a calendar, and I've recently added some code to generate a temporary iCalendar file from an event, and e-mail it to the logged in user. That part works great; the temp file is created, a MailMessage is created with teh attachment, it's sent, and then the temp file is deleted.
I want to change this into a "download" as opposed to an e-mail. So I generate the temp file, but present it to the user as a download instead (so they can open/save it immediately). That's all fine, but where I'm stuck is how to "know" the download has been completed, so I can then delete the tempoary file.
I have "hacky" options like timers and whatnot to do cleanup, but I'm wondering if I'm missing a better solution.
