Security :: Checking To See If The User Is An Admin?

Mar 17, 2010

i am currently checking to see if the logged in person is an admin, by putting a check in the page_load function. (same thing to see if the person is logged in at all)

is there a better way to do this? or should i just go ahead and put my check on every single page?

View 1 Replies


Similar Messages:

Security :: Admin And User Security Folder Setup

Mar 11, 2011

I am creating an application hosted on GoDaddy.com. The base files are kept in a folder called /sky while the Admin files and User files are kept in /sky/Admin and /sky/User respectively. I'm having difficulty configuring the security so that when a user tries to access Admin or User files they should be redirected to the login.aspx file in the /sky folder. I keep getting an error that its trying to access sky/sky/login.aspx instead of just sky/login.aspx.

Here are the relevant sections of my web.config file.

<?xml version="1.0"?>
<configuration>
...
<location path="sky/admin">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="user">
<system.web>
<authorization>
<allow roles="Admin,User" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="login" loginUrl="login.aspx" />
</authentication>
...
</system.web>
...
</configuration>

Can someone point me to articles or provide assistance with the proper configuration?

View 3 Replies

Security :: Difference Between Admin User And Others?

Dec 22, 2010

have table for users have a some attribute one of them admin attribute have a bit data type when the user is admin it is true and i have ligin page and control panal page i want throw login page check for the user to redirect him to control panal if the user is admin the control panal will be displayed with moreoptions any one how can i doing this with select statement

View 2 Replies

Security :: See All Online User In Admin Panel?

Aug 4, 2010

I am using SQL membership authentication and SQL Database for my ASP.NET Website and its using for my Organization (has multiple Branches in different cities).How I can get all user list which are recently online/Login in my system (WebSite) in my Admin Panel?

View 4 Replies

Security :: Two Roles (admin, User) And Two Folders?

Nov 15, 2010

In my project I have one folder called Administration (contains pages created for administrating the public part of the page) and in root I have public pages. What I want to do is to prevent anyone beside administrator to enter the Administration part and to make the Administration/Login.aspx default page for entering Administration part. This part makes me confused. I tried to create the access rules, but that wasn't the option because I upload the images to the Administration/Upload folder so if I deny the users the images on the public part can't be accessed.

The second problem I don't know how to solve is public part of the page where I want to allow commenting only to logged in users (users only, not the admin). How to check if user is logged in and authetificated and how to enable the commenting part of the form to him (textbox and submit button).

View 6 Replies

Security :: Redirecting User To Admin Page With Username

Mar 4, 2010

I have a directory structure root->admin-> admin operations admin page inherited from a ase page with principla security.demand role = "Admins" i am usinf forms authantication mode. i have also put a web.config file in admin folder, restricting other users. it is working normaly with siteroot/admin. I want to setup a mechanism to admin like siteroot/username/admin I can redirect to page admin but it gives security error, it should redirect to login page instead of if user did not sign in.

View 5 Replies

Security :: Checking User For Particular Role?

Jan 28, 2011

im using forms authentication and created roles.

while the user enters the credentials im authenticating the user with username and password

now i also want to check the particular user whether he is that role.

eg:

if username,password are true and role is Admin i redirect him to Adminhome.aspx

else to empHome.aspx.

im able to chek username and password but im unable to detect the role.

[Code]....

View 6 Replies

Security :: How To Create A User Login Control Without The Use Of Web Admin Tool

Apr 17, 2010

I'm looking for a way to create a login control without the use of web admin tool

Here are my system requirements

Windows 7 Visual Studio 2008 Professional Edition Microsoft SQL Server 2005 Express Edition ESET Anti-virus but SQL and Studio files excluded from being scanned. I have got a database. I've created the front end of the user login control manually not using the toolbox. Basically what I need is that once a user has registered. He then logs in. when he enters his username and password how do I code it so the database realises it's him/her and takes them to their LOGGED IN user

View 7 Replies

Security :: Create Admin Folder And Pages To Add User ,content ,authentication

Jan 13, 2011

i need some lessons in how to create admin folder and pages to add user ,content ,authentication, etc

View 2 Replies

Security :: Place To Store The User Logged-in ID (info) For Later Checking And Use?

Feb 1, 2010

I have read the post at http://forums.asp.net/t/1403132.aspx regarding login control. Is there a place to store the User logged-in ID (info) for later checking and use? I don't need to use the session object. I don't need the page to expire. I don't need the user to use a page saved in the favoites.

View 3 Replies

Security :: User Login And Admin Login On The Same Site?

Oct 21, 2010

I have a login page for my users. And I want my admin login to have its own page. Right now I have to login as an admin in the same page as the users.

How can I have 2 login on my site? I get an error if I have authentication forms on both my web.configs.

View 6 Replies

User Is In Role "admin" But (Authorize (Roles="admin")) Won't Authenticate

Mar 15, 2011

I found a great answer on SO describing how to set up custom user roles, and I've done the same in my project. So in my Login service I have:

public ActionResult Login() {
// password authentication stuff omitted here
var roles = GetRoles(user.Type); // returns a string e.g. "admin,user"
var authTicket = new FormsAuthenticationTicket(
1,
userName,
DateTime.Now,
DateTime.Now.AddMinutes(20), // expiry
false,
roles,
"/");
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(authTicket));
Response.Cookies.Add(cookie);
return new XmlResult(xmlDoc); // don't worry so much about this - returns XML as ActionResult
}
And in Global.asax.cs, I have (copied verbatim from the other answer):
protected void Application_AuthenticateRequest(Object sender, EventArgs e) {
var authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null) {
var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
var roles = authTicket.UserData.Split(new Char[] { ',' });
var userPrincipal = new GenericPrincipal(new GenericIdentity(authTicket.Name), roles);
Context.User = userPrincipal;
}
}
Then, in my ServicesController class, I have:
[Authorize(Roles = "admin")]
//[Authorize]
public ActionResult DoAdminStuff() {
...
}

I login as a user with the "admin" role, and that works. Then I call /services/doadminstuff - and I get access denied, even though when I put a breakpoint in Global.asax.cs, I can see that my roles do include "admin". If I comment out the first Authorize attribute (with roles) and just use a plain vanilla Authorize, then I can access the service.

View 1 Replies

Security :: Want Site Admin To Manage Users/security Online, How Is This Done

Mar 22, 2011

Working on my first asp.net webpage. i have followed video tutorials and implemented asp.net membership for login/security.Using Visual Studio 2010 i can open the Asp.net configuration page for management locally.But then if I want my site admin to manage users/security online, how is this done? Like manage through a web browser. I guess this asp.net configuration GUI is not available on the internet?

View 4 Replies

VS 2008 When Admin Register New User The Site Logs In As The User Who Was Just Created

Mar 4, 2010

This is what I have in the RegisterUser.aspx and yet when the admin registers a new user, then on clickiing the register button, the site logs in as the user who was just created.

protected void CreateUserWizard1_CreatedUser(object sender, EventArgs e)
{
Roles.AddUserToRole((sender as CreateUserWizard).UserName, "Department");
}

View 4 Replies

User Controls :: Checking Checkbox If Time Is Greater Than User Define

Apr 27, 2016

I have a checkbox on a templatefieled named chkbxlate. I want to write code to check a checkbox or all the checkboxes on that column if the system time is greater than 9:30am during roll call but I don't know how to go about it.

View 1 Replies

Security :: Running Cmd With Admin Rights?

Dec 12, 2010

if I have this code:

How can I run the cmd using and admin rights? Is it possible to run the command using an admin name and password?

[Code]....

View 1 Replies

Security :: Reset Password By Admin?

Jul 31, 2010

I have a small requirement i.e if any user forgot the passwordhe would like to reset the password by contacting an admin or mailing. Now if the admin logged in he will check for the user name if the user name matches i would like to send a mail to that user by resetting the password

View 2 Replies

Security :: Looking For Membership Admin Module?

Jan 8, 2010

I'm looking for a tutorial or starter kit whereas I can build an admin page for my website that was built with VWD 08. I'm using the ASPNETdb for membership. My main focus is an admin page where I can reset passwords, email one or all users, search by username,etc. Does anyone know where to point me?

View 5 Replies

Admin Terminating A User Session?

Jul 12, 2010

In our project, we have a situation where the administrator needs to 'force log off' a particular user under certain conditions. In other words, the admin user needs to have the ability to kill any other user's session.Is this possible? By using the session properties, we can kill the current session (the current user's session) but is it possible (for the admin user) to kill some other user's session?

View 1 Replies

Sitemap Admin Seeing What A User Sees

Jan 21, 2010

I am currently trying to figure out how to best go about implementing an administration side for my application.I have a user site, where users can log in, customize their profile, submit information etc.I would like administration users to be able to log in and be able to choose from a list of users. From there, the administrator can submit information for the user just like the user can.

Website Start Page > RogerRabbit > Submit Information
Website Start Page > BillyBob > Customize Profile

So my question is:

How should my pages be laid out?How should the Web.sitemap file look? Is there a nice way of creating a sitemap (maybe in memory?)Would this method have to use session variables?

View 2 Replies

C# - Error Creating New User By Admin?

Jun 18, 2010

I am creating a web application using Form Authentication of Asp.Net with C# and back end Sql Server. Here in my application administrator login and creates new users. I am using the create user wizard under login controls. My problem is when the new user is created by Admin he is automatically logged out and logged in with new user credentials which he has just created.

View 2 Replies

Security :: How To Set The Permission For Users From Admin Panel

Jan 3, 2011

I have several features in admin panel. like userslist,change password for the user,delete user... Still now only one admin user can handle all this.

Now I want to give some features to some users.. ie certain users can view the list ,certain user can edit items in the list etc...

View 3 Replies

Security :: Where Is The Right Place For Admin Page In Website

Mar 1, 2011

I am currently designing an ASP.Net web site where does not required any user login on the page. However, I do need to put an Admin page up along with this web page for my client use to manage the content on the page (e.g.: Change Pictures, Updating News). For security reason, I do not want to include a separate page sit reside in the site, so nobody can even try access to the page [URL]

View 6 Replies

Security :: Secure Admin Exception In Website

Jun 10, 2010

I have a secure admin section in my website, only logged in users can gain access to this section, its controlled from the web.config file like this

[Code]....

This has all works perfectly well until now. Ive created a page that has an accordian control on it from the ajax control toolkit, as soon as I place this control on a page and run the web page, I get this error

View 1 Replies

Security :: Create Super Admin Account?

Oct 21, 2010

On admin side how to create first secure admin account when there is no users/admin exists without manuall entry ?On any website how we can create Super admin account who will handle all the things? Except the entry in db manually. I c# or vb.net

View 1 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved