Permission On Admin Folder, Only For Role=admin?

Jun 13, 2010

I have an Admin folder which contains 4-5 aspx pages. I want to that only user with role="admin" can view those files. What settings i need in web.config?

View 1 Replies


Similar Messages:

User Is In Role "admin" But (Authorize (Roles="admin")) Won't Authenticate

Mar 15, 2011

I found a great answer on SO describing how to set up custom user roles, and I've done the same in my project. So in my Login service I have:

public ActionResult Login() {
// password authentication stuff omitted here
var roles = GetRoles(user.Type); // returns a string e.g. "admin,user"
var authTicket = new FormsAuthenticationTicket(
1,
userName,
DateTime.Now,
DateTime.Now.AddMinutes(20), // expiry
false,
roles,
"/");
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(authTicket));
Response.Cookies.Add(cookie);
return new XmlResult(xmlDoc); // don't worry so much about this - returns XML as ActionResult
}
And in Global.asax.cs, I have (copied verbatim from the other answer):
protected void Application_AuthenticateRequest(Object sender, EventArgs e) {
var authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null) {
var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
var roles = authTicket.UserData.Split(new Char[] { ',' });
var userPrincipal = new GenericPrincipal(new GenericIdentity(authTicket.Name), roles);
Context.User = userPrincipal;
}
}
Then, in my ServicesController class, I have:
[Authorize(Roles = "admin")]
//[Authorize]
public ActionResult DoAdminStuff() {
...
}

I login as a user with the "admin" role, and that works. Then I call /services/doadminstuff - and I get access denied, even though when I put a breakpoint in Global.asax.cs, I can see that my roles do include "admin". If I comment out the first Authorize attribute (with roles) and just use a plain vanilla Authorize, then I can access the service.

View 1 Replies

Security :: How To Set The Permission For Users From Admin Panel

Jan 3, 2011

I have several features in admin panel. like userslist,change password for the user,delete user... Still now only one admin user can handle all this.

Now I want to give some features to some users.. ie certain users can view the list ,certain user can edit items in the list etc...

View 3 Replies

Configuration :: Cannot Access To Admin Folder In Web Host

Jan 27, 2011

We have created an ASP.NET ( 3.5) application is configured to use FORM authentication and thus it has such a following items in Web.Config :

<location path="~/Admin/Default.aspx">
<system.web>
<authorization>
<allow roles="Manager,Member" />
<deny users="*" />
</authorization>
</system.web>
</location>
<location path="~/Admin/MyAccount.aspx">
<system.web>
<authorization>

the application runs OK on local web server box. Our ASP.net application is able to access Admin folder in local IIS application folder and its subdirectory. However, once uploaded to remote web host , user can login but when user wants to use any pages in ~/Admin subfolder, we get an exception that essentially states that access to the sub-directory is denied.

View 3 Replies

Deny Access To 'admin' Folder In Web.config?

Jan 28, 2011

I am trying to deny access to my 'Admin' folder via web.config. I looked at another answer to a similar question and they recommend using the <location> folder, however when I insert "Admin/" into the path I get the following error:

[Code]....

View 1 Replies

Security :: URL Routing Doesn't Work For Files In Admin Folder

Jun 24, 2010

I am using URL routing in asp.net application (not MVC) . I have Admin folder in my aaplication which has admin related aspx pages with seperate web.config. I have seperate login form for admin users which is placed in admin folder itself. My issue is whenever I hit [URL] (which I want to go to login form for admin)- it tries to authenticate and goes to login url mentioned in web.config of root folder.

Note: Admin folder has anonymous access in root config file. Also I have set default document in config of Admin folder. I have added following line in global.asax so that routing doesnt work for files in admin folder;

routes.Add(new
Route("admin/{*resource}",
new
StopRoutingHandler()));

I am really confused what is the issue? What I am missing?

View 6 Replies

MVC :: Control Admin Panel Users / How To Crease An Admin Panel

Feb 21, 2011

i want to crease an admin panel. but i do not use asp.net default membership system.

i know actions enable access can be determine by [Authorize] attribute. but my admin has 10-20 controller and about 100 action.

i do not want to signature all of actions by [Authorize] attribute.

all controller must be required login if user did not login.

View 3 Replies

C# - Guest Denied Access To Admin Folder Redirected To Login.aspx

Jan 20, 2010

I am using the following in my webconfig, so that only admin an access the admin folder.

<location path="Admin" allowOverride="true">
<system.web>
<authorization>
<allow roles="Administrators" />
<deny users="*" />
</authorization>
</system.web>

Now when the guest user tries to access this he is redirected to the Login page. I want the user to either sho a popup that user cannot access it or just stay on the same page with some error message in a label on that page... Here is more code in webconfig

<authentication mode="Forms">
<forms loginUrl="Login.aspx" protection="All" name="Cookie" timeout="120" path="/" slidingExpiration="true"
defaultUrl="Default.aspx">
</forms>

View 3 Replies

Security :: Create Admin Folder And Pages To Add User ,content ,authentication

Jan 13, 2011

i need some lessons in how to create admin folder and pages to add user ,content ,authentication, etc

View 2 Replies

Web Forms :: Create A Admin  And Member Folder And Seperate The Links From The Masterpage?

Jan 12, 2011

how are you able to create a admin and member folder and seperate the links from the masterpage .The login and register is not done using the asp.conf is done using a customer table

View 2 Replies

C# - Show List Of Roles In A Dropdown Box But Leave Out "Admin" Role?

May 11, 2010

I have a dropdown box showing a list of roles. I used Roles.GetAllroles() for showing all roles in the dropdown box but I don't want to show a role named "Admin" in the dropdown box. How can I keep it out?

View 2 Replies

Data Controls :: Unable To Redirect To Root Page From Page Inside Admin Folder

Oct 21, 2015

I am not able to redirect the user to "SimpleUserLoginAfterRegistration.aspx" page if Administrator is in any one of the .aspx file inside Administrator Folder.

I tried to use: Response.redirect("/SimpleUserLoginAfterRegistration.aspx") But, it is saying Page not found error.

View 1 Replies

Security :: Admin And User Security Folder Setup

Mar 11, 2011

I am creating an application hosted on GoDaddy.com. The base files are kept in a folder called /sky while the Admin files and User files are kept in /sky/Admin and /sky/User respectively. I'm having difficulty configuring the security so that when a user tries to access Admin or User files they should be redirected to the login.aspx file in the /sky folder. I keep getting an error that its trying to access sky/sky/login.aspx instead of just sky/login.aspx.

Here are the relevant sections of my web.config file.

<?xml version="1.0"?>
<configuration>
...
<location path="sky/admin">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="user">
<system.web>
<authorization>
<allow roles="Admin,User" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="login" loginUrl="login.aspx" />
</authentication>
...
</system.web>
...
</configuration>

Can someone point me to articles or provide assistance with the proper configuration?

View 3 Replies

Give Access Only To Admin?

Mar 11, 2011

i have created 5 pages which are back-end and should be accessible only to sitre admin that is me. how do i do it?

View 3 Replies

How To Create The Admin Module

Feb 19, 2011

we want to create website based on asp.net and we want to update data in my site dialy. told me about admin module . is their any tutorials and screen shots for admin module

View 4 Replies

Css - Layout For Admin Page

Jan 21, 2011

I have to develop a admin page in asp.net. For that I need a master page template which looks like admin panel, menu, CSS. I am seeking layout for admin panel I am not sure if this is the right place to ask this question. If it is not I request moderators to move this question to appropriate place.

View 2 Replies

Insert Metatags From Admin?

Jan 4, 2010

Would like to have done so I can edit my metatags on my pages from the admin section. The code I have now, just insert the metatags on the page I'm on. How do I add metatag to my other pages?

Here is the code I have so far.

// Description
PagemetaTag.Name =
PagemetaTag.Content = TextBox4.Text;
headTag.Controls.Add(PagemetaTag);
HtmlMeta PagemetaTag =
new
HtmlMeta();"description";

View 4 Replies

.net - Generating Admin Interfaces In MVC?

Feb 12, 2010

Is there a Django-like admin interface generator for ASP.NET or ASP.NET MVC?If not, are there any tools that could assist in creating one?

View 2 Replies

Tried To Run Webmatrix With Admin Right It Doesn't Change Anything?

Feb 20, 2011

I have created a site with webmatrix. When I try to run it, it says it cannot because it needs admin right to make the connection to port.I tried to run Webmatrix with admin right it doesn't change anything.

View 2 Replies

Admin Terminating A User Session?

Jul 12, 2010

In our project, we have a situation where the administrator needs to 'force log off' a particular user under certain conditions. In other words, the admin user needs to have the ability to kill any other user's session.Is this possible? By using the session properties, we can kill the current session (the current user's session) but is it possible (for the admin user) to kill some other user's session?

View 1 Replies

Sitemap Admin Seeing What A User Sees

Jan 21, 2010

I am currently trying to figure out how to best go about implementing an administration side for my application.I have a user site, where users can log in, customize their profile, submit information etc.I would like administration users to be able to log in and be able to choose from a list of users. From there, the administrator can submit information for the user just like the user can.

Website Start Page > RogerRabbit > Submit Information
Website Start Page > BillyBob > Customize Profile

So my question is:

How should my pages be laid out?How should the Web.sitemap file look? Is there a nice way of creating a sitemap (maybe in memory?)Would this method have to use session variables?

View 2 Replies

Security :: Difference Between Admin User And Others?

Dec 22, 2010

have table for users have a some attribute one of them admin attribute have a bit data type when the user is admin it is true and i have ligin page and control panal page i want throw login page check for the user to redirect him to control panal if the user is admin the control panal will be displayed with moreoptions any one how can i doing this with select statement

View 2 Replies

MVC DDD E-commerce - Admin And Front Separation?

Oct 7, 2010

I'm going to write an ASP.NET MVC 2 application using Domain Driven Design. I'm trying to figure out how to separate the Admin from the store front. I could create 2 MVC projects, but regarding the services for them, should they be in separate projects as well or could I use the CatalogManager, for example, for both, Admin and the store front, and mix up all the services?Currently I have a class library for each part of my domain (services, infrastructure, model, etc.)

View 1 Replies

Admin Site ASPDotNetStoreFront Not Opening?

Apr 29, 2010

I am using ASPDotNetStoreFront demo and i cannot login to the admin site. If i try logging in using the admin user on the front end i can login so that means the credentials are correct. When i enter credentials on the admin login screen the same page is refreshed. I have tried setting it up on different machines, tested on different browsers but the same issue persists.

View 1 Replies

Using Customer Website Admin Tool?

Oct 11, 2010

How do you create your web site data admin for your customers. Do you do them programatically or do you use any specific tool?

I have been using AspMaker and is not a bad option but I'm sure there are a few more options out there. I've seen that MS has a Web Data Administrator but for me it looks more than an sql server web admin tool rather than a frontend that has the business logic.

View 1 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved