I would like to secure any URL below the http://MyServer/Admins and limit it to a specific role.
In webforms it was straight forward. I just put a child web.config in the /Admin/ folder and add <authorization> <allow roles> tags to it.
How would be the equivalent technique in MVC?
look at the attached web.config? The last part doesn't seem to work although the path is correct. I've tried logging on the site with a use which is in no groups, but it can still access the page...
[Code]....
I hope someone has a good answer to this stupid question I have. I'm trying to use impersonation in my asp.net 3.5 application within the web.config file to connect to my sql server 2008 database so I use:
When I run my app, I get this:
Configuration Error
Description: An error occurred during the processing of a configuration file required to service this request. review the specific error details below and modify your configuration file appropriately.
Parser Error Message: Could not create Windows user token from the credentials specified in the config file. Error from the operating system 'Logon failure: unknown user name or bad password.
Source Error:
impersonate="true" userName="testUser" password="test(ampersand sign, this forum actually does render it properly)amp;test" />
So basically it posts the password with the actual escape for ampersand rather than the actual ampersand. This leads me to believe it's processing it as a literal but validating it as xml, unfortunately I can't just use "test&test" in the web.config file because visual studio just won't compile it since it's marked as an error.
In my ASP.NET 3.5 Website which is published in shared hosting provider , I've configured my web.config file like this :
<customErrors mode="On" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="AccessDenied.htm"/>
<error statusCode="404" redirect="FileNotFound.htm"/>
[code]...
This is a yellow page which is not user friendly and we didn't expect . I'm wondering setting customeError in webconfig doesn't support this type of address or not ? How can i prevent users seeing this yellow page . Edit : solution you mentioned are about configuring IIS ,But as i mentioned earlier , my site has been published on shared hosting provider . I don't have those access at IIS , What should i do at this situation ?
I am working on url rewriting all is working fine on my local machine when i upload this site on production server the link of url rewrite which is extension less not work. i search the multiple solution in the google one solution is that insert the aspnet_isapi.dll in the properties->virtual directory tab->configuration->insert aspnet_isapi.dll site in working, but problem is that hosting provider refuse to add this dll. tell me alternate solution to add this dll from web.config file.
View 3 Repliesin my web.config file i've added an entry:
<httpModules>
<add type="HDI.HTTPFilter" name="HTTPFilter"/>
but the server where i've placed the website on is not reading this entry but in other servers the site works perfectly.what the problem might be?
I'm trying to develop my first web application using Web.Config transformations.Trying to run the app (building with the "Dev" build configuration)in the Asp.Net Debugging web server built into VS the site doesn't seem to work - the "Web.Dev.config" configuration doesn't appear to be seen by the application.
View 1 RepliesWe had some content restructure recently and I'd like to put in some redirect rules into web.config so bookmarks to the old pages can get routed to their new locations/pages.I tried using this approach:
<location path="~/product/productA.aspx">
<system.webServer>
<httpRedirect enabled="true" destination="~/product/category/productA.aspx" exactDestination="false" childOnly="true" httpResponseStatus="Permanent" />
</system.webServer>
</location>
But all I'm getting when I go to "[URL] is our http 404 page.Am I doing something wrong, or is the httpRedirect tag in web.config not supported in mono?
I'm simply adding to a set of rules on existing rewrite rules for our company website. We have a file that we need to restrict to only our internal IP addresses. The URL is http://oursite.com/internal/index.aspx?u=blahblah and need it restricted to IP ranges 10.1.X.X. I'm adding this and it's not doing anything. Even if I tried to capture all using .* for the pattern, it still ignores it. Is my syntax correct?
<rewrite>
<rules>
...
<rule name="Restrict URL" enabled="true" stopProcessing="true">
[code]...
I've been told by my host that I need to enable FullTrust in my webmatrix website because I keep getting an error. (BUT, I have used a different host, and everything on my site works perfectly with them without modification). Anyway, I used the code my host suppllies in their KB, but that just generates a different error. So I looked up full trust on google and used about 5 different code samples to enable full trust but they all generate errors! even the ones on MSDN. And googling "Full Trust WebMatrix" doesn't really bring anything helpful either.
How can I successfully add full trust to a web.config file that is made using WebMatrix?
[Code]....
I heard that DataReader works on forward only readonly fashion and at a time it willread a single record.Suppose when i execute the below code
SqlDataReader reader=cmd.ExecuteReader();
gv1.DataSource=reader;
gv.DataBind();
How the does the gridview populate all records?.As the reader is capable of reading one row per read,I thought only the last row is available for GridView to display.
Nifty and free asp.net controls that replicate the following databinding technique? [URL]
View 11 Repliesi have table contain two column id and word .word column may contain one word or two or three ex ( computer , computer software , computer software computer )i want search the text if it contain any word in that table .
View 2 RepliesWhich technique is used in handling multilingual implementation? What is the best way to implement it?
View 3 RepliesIn my new ASP.NET EF4 project, I find myself having to do a lot of maneuvering around null entities. For example, I may have a Project Entity with a related User Entity exposed through an Assignee property. Suppose I need to send an email to someone indicating who the Assignee is, I need to say:string x = "The Assignee is: " + TheProject.Assignee.Name;but I'll get an exception if there is no Assignee as the property is null (I want nulls by design) and I can't fetch the .Name property on that null.
View 4 RepliesI need to highlight active link in the menu. My menu is in the master page by the way. I'm looking for the best way to implement this?
View 3 RepliesI am looking at a design pattern which has come up in quite a few of my firm's projects.It has historically functioned correctly, however I have heard some other developers argue that there is a possibility of session corruption using this pattern. I'm looking for insight from other .NET developers here on Stack Overflow. Basically, there's a class -- usually either static or a Singleton pattern, depending largely on the developer who wrote it -- stored in App_Code.This class encapsulates access to the current session via properties.All of these properties take the form of:
[code]...
However,because this is just a static entry to HttpContext.Current.Session,it seems like it should be safe, as it is not fundamentally any different than the Page class encapsulating this in the Session property.As I said,no other site on which my company has worked that used this pattern saw it ever have any issues -- and that includes some pretty large and highly active userbases.But I want to just get a fresh perspective.
Are there potential multi-user issues, race conditions, or other failings/flaws which specifically could cause session corruption in the above pattern?
What's the best technique to hide part of a view depending of the credentials of the user?
To explain my self little better and as example i have the following code in my view:
<%= this.Model.Name %> <%=Html.ActionLink("Edit",....)%>
And i would like to hide the edit button for those that aren't administrators for instance...
Could you give me a hand?
I am working on a project that uses data scraping technique to retrieve some url links. I encounter this problem when i pass in the url of a [previous page button] link frm the html code and pass it in to httpWebRequest, the httpWebResponse that i get back is different form the actually content. i have been try to sovle this problem for days and no result, as anyone encounter similar problem and manage to sovle it? below is my sample code: [previous page button] [URL] note: i have change the domain name to a dummy address which is localhost
[Code]....
I have a repeater with about 100 rows, and 4 columns in each row. something like this table:
Username HasIpod HasGymMembership HasCar
``````````````````````````````````````````````````````````````
User1 chcekbox checkbox checkbox
User2 chcekbox checkbox checkbox
User3 chcekbox checkbox checkbox
User4 chcekbox checkbox checkbox
well, you get the idea.The admin can tick/untick any box anytime and click on a "Save" button at the end of page and thats when I need to update the database. I need to add a row in one of the table if a certain checkbox is checked, delete it if its unchecked.I can just loop through the repeater and VERY EASILY do it with each row. but my concern is that, at the worst case, this will use about 100 rows X 3 = 300 database accesses. Thats bad right?I thought of concatenating all values into a form of csv.. something like:user1id,1,0,1;user1id,0,1,1just a list of userid, its values separated with , and the next user's values separated with ; and in the database I can just use a split function and a bunch of while loop and update accordingly.but It just doesnt satisfy me for some reason. Is there a better way to deal with a such a situation? I am sure this is not a unique case, what do you guys do in a scenario?
Is there a jQuery technique to select all the page controls/divs with a non-zero scrollbar position?
I'm trying to solve a problem faced by many; essentially after a partial asp.net postback all the controls/divs that had a scrollbar with a non-zero value (ie: were scrolled down to some position) are reset to the zero (top of the scrollbar).
My approach is to have a jQuery script save all the scrollbar positions for all the controls/divs contained on a page and after the postback, restore all the scroll bar positions.Is it possible, can it even work? If it is, how do I use jQuery to select all the divs with scrollbars and then save those positions.
i have my own DLL (for the data access layer),,i use escaping characters technique to avoid the user input errors ,, but recently i decided to enhance my classes and using parametrized query to prevent all possible errors,Is the modification will be easy or difficult ??how to convert this way to use the parametrized query ..
View 1 RepliesI have Master Page and ascx user controls in my application.
how would I use the Cross-Page technique using the @ PreviousPageType directive.
useful links or samples to achieve this.
I am trying to use the Page class that exposes a property named PreviousPage from my User Control.
I am working with Parametrized Crystal Reports. There are only two page called Source.aspx and Target.aspx.
[code]...
Only One text box data shows Not 2nd One.Can any one help me with this by checking my code?
We have a fairly large system involving multiple applications running on Windows, written in .NET. These include a number of web applications using ASP.NET.
We have a number of unrelated web applications written in LAMP - Linux/Apache/MySQL/Php.
The greatest advantage we've seen in ASP.NET is the ease with which code can be shared between web applications, win-form applications, windows console applications, and windows services. We have signficant code in .NET assemblies that are shared across all of these environments.
Apache/Php has some significant advantages over ASP.NET as a web programming environment, but if there is anything in it that is equivalent to .NET when it comes to integrating code that is shared across non-web applications, I'm unaware of it.