I am using MVC 2 right out of the box, and the control gives the login and seems to work wonderfully. Now I am trying to find out the userId of the person who is logged in, so that i can retrieve information that is only needed for that one person. How do i find out how is logged in?
I am very new to asp.net and SQL server. I am helping out my team by researching the possibility for any user to download reports into Word and Excel from the SQL database by simply clicking a button.
I have a website that is associated with a PC Application.
The website uses forms security to restrict access to the Information on the PC Application to users with a specific role.
Is it possible to have a link to a page that has sufficient information contained in it to automatically log in and display a page in a restricted area?
I am thinking of something like the confirmation emails you get when registering with a website. They often have encrypted text as part of the link and automatically log you back in to the website when clicked.
I have created a login form through VS 2008 using C#. There are 5 different aspx pages in my application.
1)Default.aspx: It contains only a hyperlink to direct the user to login.aspx page.
2)Login.aspx: This page has texbox for Username and Password, sign in button, textbox for displaying error and hyperlink (Create an Account) if the user does not created an account yet.
Here is Login.aspx code:
[Code]....
Now, I want to do following with my application.
If the user already has an account, he can put his username and password and click on the sign in button. If the username is existed in databse, application should compare the user input with database and if both are matched then the application should redirect the user to "welcome.aspx". If username does not exist it should show that Username does not exist.
I had three web applications and each one has its own login page , now i want to build web portal which allow members to login and choose one of these applications to redirect to it .
Is there any way to passing user information across secure connection??
I have a third party company that we need to allow they users to pass into our website without loging in. TO keep it easy I was thinking of having them post to a custom login page on my site.
So their code would be something like this:
[Code]....
My landing/login page would do soemthign liek this.
[Code]....
My question is whether there are any security issues when using this kind of method? I am not sure yet what their site is written in. I figured that they could figure out how to do the post as long as I have the landing page for them and there is no security issues.
i have a secure ASP.net application ,login page and all these stuffs, i want to create a windows desktop application for some resones but i want to use the same security of the asp.net , is there anyway to get the login information of the asp.net to login to my windows desktop application?
It has been a while since I've built an entire ASP.NET web application from the ground up but I'm about to jump in again. I've built many individual pages, controls, web parts, etc. recently, but nothting 'soup to nuts' for a couple of years. My question is in regards to login security control. I do not want to use the built in ASP.NET Memberhip functionality for various reasons and already have custom code that authenticates the user, controls passwords, login attempts, etc. I am really concerned though about how to validate that the user is logged in (and the best way to do it). For instance, right now I use a Base page that all of my .aspx pages inherit from. In the OnInit() method, it executes code which includes:
[Code]....
I set the Session["LoggedIn"] object to "true" after the user has successfully been authenticated at the Login.aspx page. So, when a user attempts to access any page in the application, if that Session object isn't true, they will be redirected (you can't visit any page without being logged in). This all works great, but I'm thinking I need something more and that brings me here. First, do I need more? Is this enough? I was thinking about creating a cookie with a GUID value and the SessionID (both encrypted perhaps?) and adding that to my Base page so it checks both the current Session["LoggedIn"] value and the values in the cookie.
I´m building a website and i need to store somehow some informations that i will use in the whole site depending of the user type logged in.3) Store those 2 or 3 fields that i will get in Database in a persistent way to use it in the whole site.My question is: Whats the best practices to do this?
I have a online game (written in ASP) which i have finally decided to convert to ASP.NET. However i cannot seem to link the login ID's of users to their specific details in the database. I.E when Joe Bloggs logs in, he will be shown the team information for just his club, not every club. in ASP I use code similar to this below
[Code]....
im not convinced that is the right syntax to be using, but when i execute the code in Query Builder it is showing me the correct data (that i expect to see). So im wondering if there is something else im missing? Is there something extra that i need to be adding in Web.Config file or elsewhere?
I m very new in VS (ASP.NET) and using C# in code behind file. I want to define global variables to use in whole application. EXAMPLE
I want to save some information in LOGIN Page and display it in other pages line UserName or AccessRights etc. Is there anyway to do this without using Cookies and Seassion ?
My web application will be launched through existing thick client applications. When launched, an HTTP POST request will be generated including information like the userID and additional context information (basically stuff like the target user's name, birthday, etc.).
My plan for authentication is for there to be a look-up table in the database. If the username is already there, automatically login the user, but if there is no entry in the database, redirect the user to an initial login page which will be used to create that database entry.
My question is how to secure this against MITM and other security holes. How can the request generated through the thick client be on an SSL connection? Doesn't an SSL connection have to be authenticated with the username (and password) first? And if so, will the additional context information be publicly exposed until the user is logged in?
Is there a build in library in .NET that can compute secure one-way hash ? I mean a library that implements SHA-2 cryptographic hash function or something similar.
If is there is no SHA-2 implementation some weaker hash funcion would be sufficient. If there are more options I prefer the most secure one.
provide a use example e.g. provide the code that returns one-way hash for string mySampleString.
I am making an online form (literal form) that needs to have a certain function: when the user enters a 5-digit number, the form should automatically query the MS SQL DB and retrieve information associated to that number and populate other form elements (text boxes, etc.) accordingly.
So say the # was 12345 and in the DB, the record matching 12345 has name=Fred. So, when I enter 12345 into the form textbox, the name text box should be automatically populated with Fred in it.
If this is not easily achievable, I guess a submit button beside the 5-digit number text box can do.
I am still learning my way around ASP.NET and Visual Studio 2005, however I have ample experience with HTML, CSS, JavaScript, C/C++. The ASP.NET app is to be written in C#.
i'm a beginner web programmer. I've been coding desktop applications primarily. Right now, i have created this web app, in Silverlight, that uses a web service of my own for querying the database. The thing is, one of the app functionalities is the ability to open PDF files. I know that silverlight won't let you do this, but using an IFrame on top of the silverlight application you are able to display a page with de pdf file (using acrobat plug in). So here's the problem, my silverlight app passes the pdf path to the web service and, in return, the web service would create a new Page and pass the new page URI back so that it can be displayed on the IFrame:
What is the best way to get the value of a dropdownlist control before it has been changed and after it has been changed. Can it be done in one routine? In other words, if a user clicks on a dropdownlist control and changes it's value, I need to get the old value and the new value and send both these values as input parameters to a stored proc.