Permission On Admin Folder, Only For Role=admin?
Jun 13, 2010I have an Admin folder which contains 4-5 aspx pages. I want to that only user with role="admin" can view those files. What settings i need in web.config?
View 1 Replies
Similar Messages:
User Is In Role "admin" But (Authorize (Roles="admin")) Won't Authenticate
Mar 15, 2011I found a great answer on SO describing how to set up custom user roles, and I've done the same in my project. So in my Login service I have:
public ActionResult Login() {
// password authentication stuff omitted here
var roles = GetRoles(user.Type); // returns a string e.g. "admin,user"
var authTicket = new FormsAuthenticationTicket(
1,
userName,
DateTime.Now,
DateTime.Now.AddMinutes(20), // expiry
false,
roles,
"/");
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(authTicket));
Response.Cookies.Add(cookie);
return new XmlResult(xmlDoc); // don't worry so much about this - returns XML as ActionResult
}
And in Global.asax.cs, I have (copied verbatim from the other answer):
protected void Application_AuthenticateRequest(Object sender, EventArgs e) {
var authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null) {
var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
var roles = authTicket.UserData.Split(new Char[] { ',' });
var userPrincipal = new GenericPrincipal(new GenericIdentity(authTicket.Name), roles);
Context.User = userPrincipal;
}
}
Then, in my ServicesController class, I have:
[Authorize(Roles = "admin")]
//[Authorize]
public ActionResult DoAdminStuff() {
...
}
I login as a user with the "admin" role, and that works. Then I call /services/doadminstuff - and I get access denied, even though when I put a breakpoint in Global.asax.cs, I can see that my roles do include "admin". If I comment out the first Authorize attribute (with roles) and just use a plain vanilla Authorize, then I can access the service.
Security :: How To Set The Permission For Users From Admin Panel
Jan 3, 2011I have several features in admin panel. like userslist,change password for the user,delete user... Still now only one admin user can handle all this.
Now I want to give some features to some users.. ie certain users can view the list ,certain user can edit items in the list etc...
Configuration :: Cannot Access To Admin Folder In Web Host
Jan 27, 2011We have created an ASP.NET ( 3.5) application is configured to use FORM authentication and thus it has such a following items in Web.Config :
<location path="~/Admin/Default.aspx">
<system.web>
<authorization>
<allow roles="Manager,Member" />
<deny users="*" />
</authorization>
</system.web>
</location>
<location path="~/Admin/MyAccount.aspx">
<system.web>
<authorization>
the application runs OK on local web server box. Our ASP.net application is able to access Admin folder in local IIS application folder and its subdirectory. However, once uploaded to remote web host , user can login but when user wants to use any pages in ~/Admin subfolder, we get an exception that essentially states that access to the sub-directory is denied.
Deny Access To 'admin' Folder In Web.config?
Jan 28, 2011I am trying to deny access to my 'Admin' folder via web.config. I looked at another answer to a similar question and they recommend using the <location> folder, however when I insert "Admin/" into the path I get the following error:
[Code]....
Security :: URL Routing Doesn't Work For Files In Admin Folder
Jun 24, 2010I am using URL routing in asp.net application (not MVC) . I have Admin folder in my aaplication which has admin related aspx pages with seperate web.config. I have seperate login form for admin users which is placed in admin folder itself. My issue is whenever I hit [URL] (which I want to go to login form for admin)- it tries to authenticate and goes to login url mentioned in web.config of root folder.
Note: Admin folder has anonymous access in root config file. Also I have set default document in config of Admin folder. I have added following line in global.asax so that routing doesnt work for files in admin folder;
routes.Add(new
Route("admin/{*resource}",
new
StopRoutingHandler()));
I am really confused what is the issue? What I am missing?
MVC :: Control Admin Panel Users / How To Crease An Admin Panel
Feb 21, 2011i want to crease an admin panel. but i do not use asp.net default membership system.
i know actions enable access can be determine by [Authorize] attribute. but my admin has 10-20 controller and about 100 action.
i do not want to signature all of actions by [Authorize] attribute.
all controller must be required login if user did not login.
C# - Guest Denied Access To Admin Folder Redirected To Login.aspx
Jan 20, 2010I am using the following in my webconfig, so that only admin an access the admin folder.
<location path="Admin" allowOverride="true">
<system.web>
<authorization>
<allow roles="Administrators" />
<deny users="*" />
</authorization>
</system.web>
Now when the guest user tries to access this he is redirected to the Login page. I want the user to either sho a popup that user cannot access it or just stay on the same page with some error message in a label on that page... Here is more code in webconfig
<authentication mode="Forms">
<forms loginUrl="Login.aspx" protection="All" name="Cookie" timeout="120" path="/" slidingExpiration="true"
defaultUrl="Default.aspx">
</forms>
Security :: Create Admin Folder And Pages To Add User ,content ,authentication
Jan 13, 2011i need some lessons in how to create admin folder and pages to add user ,content ,authentication, etc
View 2 RepliesWeb Forms :: Create A Admin And Member Folder And Seperate The Links From The Masterpage?
Jan 12, 2011how are you able to create a admin and member folder and seperate the links from the masterpage .The login and register is not done using the asp.conf is done using a customer table
View 2 RepliesC# - Show List Of Roles In A Dropdown Box But Leave Out "Admin" Role?
May 11, 2010I have a dropdown box showing a list of roles. I used Roles.GetAllroles() for showing all roles in the dropdown box but I don't want to show a role named "Admin" in the dropdown box. How can I keep it out?
View 2 RepliesData Controls :: Unable To Redirect To Root Page From Page Inside Admin Folder
Oct 21, 2015I am not able to redirect the user to "SimpleUserLoginAfterRegistration.aspx" page if Administrator is in any one of the .aspx file inside Administrator Folder.
I tried to use: Response.redirect("/SimpleUserLoginAfterRegistration.aspx") But, it is saying Page not found error.
Security :: Admin And User Security Folder Setup
Mar 11, 2011I am creating an application hosted on GoDaddy.com. The base files are kept in a folder called /sky while the Admin files and User files are kept in /sky/Admin and /sky/User respectively. I'm having difficulty configuring the security so that when a user tries to access Admin or User files they should be redirected to the login.aspx file in the /sky folder. I keep getting an error that its trying to access sky/sky/login.aspx instead of just sky/login.aspx.
Here are the relevant sections of my web.config file.
<?xml version="1.0"?>
<configuration>
...
<location path="sky/admin">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="user">
<system.web>
<authorization>
<allow roles="Admin,User" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="login" loginUrl="login.aspx" />
</authentication>
...
</system.web>
...
</configuration>
Can someone point me to articles or provide assistance with the proper configuration?
Give Access Only To Admin?
Mar 11, 2011i have created 5 pages which are back-end and should be accessible only to sitre admin that is me. how do i do it?
View 3 RepliesHow To Create The Admin Module
Feb 19, 2011we want to create website based on asp.net and we want to update data in my site dialy. told me about admin module . is their any tutorials and screen shots for admin module
View 4 RepliesCss - Layout For Admin Page
Jan 21, 2011I have to develop a admin page in asp.net. For that I need a master page template which looks like admin panel, menu, CSS. I am seeking layout for admin panel I am not sure if this is the right place to ask this question. If it is not I request moderators to move this question to appropriate place.
View 2 RepliesInsert Metatags From Admin?
Jan 4, 2010Would like to have done so I can edit my metatags on my pages from the admin section. The code I have now, just insert the metatags on the page I'm on. How do I add metatag to my other pages?
Here is the code I have so far.
// Description
PagemetaTag.Name =
PagemetaTag.Content = TextBox4.Text;
headTag.Controls.Add(PagemetaTag);
HtmlMeta PagemetaTag =
new
HtmlMeta();"description";
.net - Generating Admin Interfaces In MVC?
Feb 12, 2010Is there a Django-like admin interface generator for ASP.NET or ASP.NET MVC?If not, are there any tools that could assist in creating one?
View 2 RepliesTried To Run Webmatrix With Admin Right It Doesn't Change Anything?
Feb 20, 2011I have created a site with webmatrix. When I try to run it, it says it cannot because it needs admin right to make the connection to port.I tried to run Webmatrix with admin right it doesn't change anything.
View 2 RepliesAdmin Terminating A User Session?
Jul 12, 2010In our project, we have a situation where the administrator needs to 'force log off' a particular user under certain conditions. In other words, the admin user needs to have the ability to kill any other user's session.Is this possible? By using the session properties, we can kill the current session (the current user's session) but is it possible (for the admin user) to kill some other user's session?
View 1 RepliesSitemap Admin Seeing What A User Sees
Jan 21, 2010I am currently trying to figure out how to best go about implementing an administration side for my application.I have a user site, where users can log in, customize their profile, submit information etc.I would like administration users to be able to log in and be able to choose from a list of users. From there, the administrator can submit information for the user just like the user can.
Website Start Page > RogerRabbit > Submit Information
Website Start Page > BillyBob > Customize Profile
So my question is:
How should my pages be laid out?How should the Web.sitemap file look? Is there a nice way of creating a sitemap (maybe in memory?)Would this method have to use session variables?
Security :: Difference Between Admin User And Others?
Dec 22, 2010have table for users have a some attribute one of them admin attribute have a bit data type when the user is admin it is true and i have ligin page and control panal page i want throw login page check for the user to redirect him to control panal if the user is admin the control panal will be displayed with moreoptions any one how can i doing this with select statement
View 2 RepliesMVC DDD E-commerce - Admin And Front Separation?
Oct 7, 2010I'm going to write an ASP.NET MVC 2 application using Domain Driven Design. I'm trying to figure out how to separate the Admin from the store front. I could create 2 MVC projects, but regarding the services for them, should they be in separate projects as well or could I use the CatalogManager, for example, for both, Admin and the store front, and mix up all the services?Currently I have a class library for each part of my domain (services, infrastructure, model, etc.)
View 1 RepliesAdmin Site ASPDotNetStoreFront Not Opening?
Apr 29, 2010I am using ASPDotNetStoreFront demo and i cannot login to the admin site. If i try logging in using the admin user on the front end i can login so that means the credentials are correct. When i enter credentials on the admin login screen the same page is refreshed. I have tried setting it up on different machines, tested on different browsers but the same issue persists.
View 1 RepliesUsing Customer Website Admin Tool?
Oct 11, 2010How do you create your web site data admin for your customers. Do you do them programatically or do you use any specific tool?
I have been using AspMaker and is not a bad option but I'm sure there are a few more options out there. I've seen that MS has a Web Data Administrator but for me it looks more than an sql server web admin tool rather than a frontend that has the business logic.