Security :: Access Data Source Always Requires Authentication?
May 19, 2010
I am new to developing asp.net. I have a Microsoft Access database file (.mdb) I am including as a data source on a form. This populates a drop down list on the page. When I run the page in a browser it immediately asks for authentication. If I put in my windows username and password the page pulls up fine, and the drop down is populated with the data. If I don't, it just give me a 403 error and says I'm not authorized. I cannot figure out how to make this page stop requiring authentication. I have only tried one thing. In the web.config file there is an attribute called authentication. It was set to "Windows" I tried setting it to "None" but that did not appear to have any effect. It still asked for my username and password. How can I make an asp web page using a Microsoft Access data source not reqire user authentication to view the web page?
This could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.
I'm writing a simple Intranet application using windows authentication. I want to restrict access to Safe/UCantSeeMe.aspx. I am aware of the AuthorizeAttribute, but this only works on methods. I also found a good post on doing this with the MVC pattern, but I'm not using MVC. This can be done with roles in forms based security. I read on MSDN that using windows based security means roles are based on groups, but it doesn't go into any detail. how can I restrict access to Safe/UCantSeeMe.aspx?
I created a website and i restrired the website such a way that i can be acessed from a IP i configured.I did this as shown in below steps which i got from:
http://support.microsoft.com/kb/324274
Under IP Address and Domain Name Restrictions, click Edit.
Do one of the following:To deny access, click Granted Access, and then click Add. In the Deny Access On dialog box that appears, specify the option that you want, and then click OK.The computer, group of computers, or domain that you specified is added to the list. To grant access, click Denied Access, and then click Add. In the Grant Access On dialog box that appears, select the option that you want, and then click OK.
The computer, group of computers, or domain that you selected is added to the list. Click OK.
But its not working . I am able to browse from other machine which have a different ohter IP. Do i have to configure somewhere else ?
I need to put windows authentication on a site (so when a user access the site they are prompted with a username/password box) but I need certain IP addresses to bypass this authentication.
I have a production web application that uses <authentication mode="Windows"/> I have added an .asmx page with a method in it. I'd like to test making calls to it from a separate client web app. When I do this I get the error: The request failed with HTTP status 401: Access Denied What do I need to do in my client app to access this webservice?
I have a website developed in ASP.NET created by someone else, sitting on another server... until now... a simple(ish) setup with login to update content. The site was zipped up and I was told it would be a simple case of uploading all the files onto the new server. I've managed to upload the site and it works fine... but I can't access the editing pages as it will no longer accept the username and password when I go to login. The host server is running ASP.NET v4 and IIS v7. Hosting is with [URL] so I'm also getting used to their way of doing things.
1. How do i limit access to admin directory to only admin roles ?I logged in with a user whose role is Customer and went to the url of mysite.com/admin/ and it shows be the directory listing for that directory.
2. Have I implemented the roles/web.config correctly ?
I have a web site that is using Windows Integrated Security for authentication. Under the site in the IIS there is a virtual directory that inherits these security definitions. Assuming I have several pages under the virtual directory, is it possible to apply anonymous access on on 1 (one) of them?
I need to have a root web site using Windows Authentication and subweb under it as Forms Authentication. But when I access the subweb it still ask me for the Windows Authentication.
I have a database which has form authentication tables for an website [let say website A], now I have attached a new website [Website B] to the same database, in this website [Website B] also I have to provide login/authentication which would be separate from the website A authentication system. So I want to have separate table for the users of new website. Specification:
[code]....
will there be any open source membership provider like we have .NET membership provider [form authentication].
I have a web app, which contains a folder Uploads, to which users (authenticated) upload their files (for some reason it has to be a folder in the root of the web app).I want to deny access to this folder and files to all non-authenticated users.
In my web.config I have:
[Code]....
and everything seems to work in development, but on a staging server it redirects non-authenticated users to login page ONLY from aspx pages, but not when entering the url to the file in Uploads folder.
I have a problem in my asp application. In my application I have an own authentication mechanism so in the web.config file I have <authentication mode="None"/>
Inside the application users can upload files to the folder I've created (App_Files). I would like to give access to the folder only once they are logged in (Session["Login"] is no null).
I dont want not logged in users to be able to access the files over a url address in the browser (like http://<server>/App_Files/Filename.pdf)
I have an intranet site that i set up to windows authentication. It works fine most of the time but some departments wont be able to access the site and will be asked to enter user name and password.I checked their Active Directory account and the only difference i could see was that the organizational unit parameter was different than the rest of the users.
Using VS 2010 RC, VB, and Forms authentication to allow access to the site, depending on the login rights of a user, I want to turn on and off access to certain pages. I can turn on and off buttons to access the pages, but a user can type the page into the url, and it will still go to them.
My web application need to list the network share information. The return code is '5' after I call NetShareEnum[Netapi32.dll] in windows integrated authentication.
I found that currently I am using Kerberos protocol to authenticate the access users and the token is grenerated with [TokenImpersonationLevel.Impersonation].
Who know how to resolve this problem? Is there any way to get a token with [TokenImpersonationLevel.Delegation] in Kerberos? BTW, I am sure about that the access user has the Access privilege to list the network share in target server.
Using MS article http://msdn.microsoft.com/en-us/library/ms998317.aspx, I created a web site to develop a forms authentication solution for our web app. The server is Win 2003 w/IIS 6 and the app is VB.NET. The web.config was updated for forms authentication and settingsappear below:
i have a problem with forms authentication. i have a website and want to restrict access to an especific folder. i want the access to this folder be made via the login form this is what i have in the web.config
I am building a page which has to search an access table with the text input entered by the user. The thing that is puzzling to me is that the functionality works only when a '%' is explicitly added to the text input at the begginning and end.
If I add '%' programattically in the code behind file, it does not work. code snippet ( asp page):
<asp:AccessDataSource ID="AccessDataSourcex" runat="server" DataFile="~/App_Data/company.mdb" SelectCommand="SELECT [ID], [emp name] AS emp_name, [emp title] AS emp_title FROM [EmpMain] WHERE ([emp name] like [code]...
//the below line is of no use, the % char has to be in the text input
//txtSearch.Text = "%" + txtSearch.Text + "%";
GridView1.DataBind(); <---- this works fine
<--- this does not work, even if I add % chars programatically..
My question is: why does it not work when I programattically add the '%' chars to the search string..
We are currently migrating our test databases to a new server and I am switching one of our sites over to use them. When running the application from my development box it hits the database just fine. However when I compile and push the code out to our test server and try to use the same datbase I get the ExecuteNonQuery requires an open and available Connection. The connection's current state is closed error. I cannot seem to figure out why. Also when I point the site at our old test server it works just fine.
Basically I want to take the following:And make it match the styling of the rest of the application.I am creating a custom error page in my C# based project and I want it to be able to show the same information that is displayed in the ASP.NET default error page. From fiddling with reflector I can see that this is generated through HttpException.GetHtmlErrorMessage() but when I try to use this in my exception it returns null.
This is my code and i am only able to edit the one data under the category school.But what i nd is to edit the other categories like the name,email...etc..how do i modify my code in the update command.Another thing is to delete the data how do i do that?
So I've created an asp.net web application on the same server the sharepoint site is located on. If I create an Access view of a list on the sharepoint site, which will then create an Access Database, can I then use that Access database in an access data source in my web application?
If not, what's the best method of attack to access sharepoint list data from thisasp.net app?