Security :: Child Portals Being Able To See Each Others Pages?
Nov 8, 2010
I have 1 existing portal that I am using SQL Roles for authentication. We are in the planning stages for a 2nd portal that will contain different information than the existing portal. I have been asked if it is possible to use the same roles and user names for both, which i am pretty sure I can. They would like to be able to see the web pages from either portal availble to them when they log in.
Is this possible for 2 child portals or would i have to just add the new pages to the existing portal?
I am converting a site that I built using just HTML and CSS to an ASP site using MasterPages. The site has tutorials for different things and the folder structure is devided up accordingly. Email tutorial has its own folder and its own master page. etc.
Within each tutorial there are several pages and there is a menu for the tutorial that is just page numbers.
Prev, 1, 2, 3, Next
This menu is built using CSS for the styling and it highlights the current page. The CSS relies on a Body ID in order to know what page it is on.
in my application i am using master page and child pages. my requirement is can i access the master page controls in child page exmaple in my master page i have a linkbutton how can access in childpage
I want to use jQuery in my ASP.NET 3.5 website that uses master pages and content pages. How do I do document ready() functions for the child pages for those that will use jQuery ? Where do I put the code?I figured the jQuery declarations should go in the master page, but don't know how to make sure any jQuery calls go into the HEAD of the resolved page.
this is probably something really simple but I cant see what! Any images I have in a masterpage aint showing in child pages, all i get is the box with the red cross in it. Dont think Ive done anything different from usual and its not something thats happened in other sites so im kinda scratchin my head with it.
I have a Accordion control which is having 3 panes but I am getting a collpsing problem when I click on Assign Associate link. I want to open the pane if I click on any of the child controls (Assign /Delete/ View Reports). I have provided similar code for my other two panes it is working as expected. what to change to make the pane in open mode if I click any of the child panes
I am working in a product which is developing using telerik rad controls. Site have a master page which includes rad toolbar for main menus like file, edit etc.
When the site worked in IE 8 the half of the menu got inside of the content page. I changed the compatability settings of IE 8 to comptabality view and it solved. So i can view the site correctly. But in firefox also have the same issue. There not any compactability settings like this ( i think). So how can solve this? I mean wat issue is this ? Any css issue or any control behaviour?
I have a web app that opens various child windows from one main window. The main window itself changes based on user selections. How do I detect and close any child windows when the main window closes? I suspect I could use the session object to track the instances.
i used security in login page which restricts all users who have not logged in to all pages. I need to restrict specific users to specific pages. I'm not using AspSqlService provider. So i cannot create roles and restrict automatically. And the pictures i use in login page are not visible @ runtime.
I have a site We have different Pages under one folder. we have stored these pages information in a database table with pageid. Then we have User access table. there we store userid and pageid , for which pages user has access. Now I need to provide access to that pages only .
I want to show some panel with a label, both located on a MasterPage, from inside it's child pages.. I already did the coding on the MasterPage:
public class MyMaster : MasterPage { public void ShowPanel(string pMessage) { labelInside.Text = pMessage; myPanel.visible = true; [code]...
This "works" ok, but it won't show nothing, since I need the page to be "refreshed" in an "ajax-way" like an UpdatePanel, which I can't use because the Trigger is in another page, right?I really need this to work.. even if you have another completely different way to do this,
I have created 3 different folders (admin, user, viewer) in my site and each has a different template (masterPage). I created user and roles which are admins, users, and viewers. I assigned each role to a user in .Net administration Tool.
What I need to do is to allow each user to access his page only and deny access to others , except for the admin who can access all pages.
I'm no programmer. I am a student majoring in Business Information Systems. My capstone course requires me to develop a web-enabled database that will allow a company to track their projects. I have set it up this far using the 3.5 dynamic data page. My database is fine, however I need to set it up so that Admins can view the entire site and have the ability to edit, view, and delete items, and where users can only edit projects that they are assigned. Is what I'm looking to do possible?
I have requested my web host provider to apply a SSL over the entire domain, as this is the only option available. The trouble is, I am not sure when the SSL is applied over the domain, how do I force certain web pages, the login page to SSL or even pages sitting in a directory. My web host service had mentioned when the SSL is applied over the domain, unless applying code the pages remain as http.
I am new to SSL and asp. I am using VB in my contract. Very confused. I have searched google and posts but have not found a simple clear access?
I'm using the following code which autheticates a user and redirect him to a members webpage. This works however if I access the protected page directly I bypass the security. Do I need a check in the OnLOAD for each page? My second question is how to say hello username on the members page. What variable can I reference to display the username?
I didn't really know where to post this so thought i'd postit where hopefully people understood the page cycle and what's going on when people perform logins.So I don't know if people have noticed before but Facebook uses an unencrypted page for login, albeit the page redirects to an encrypted page but that very first POST is clearly visible to everyone- I've looked using Tamper Data in Firefox.How is it they can get away with this, or am I missing something here? Have they decided that if people don't look after their own security then it's not their fault? I do't understand as eBay, Amazon etc all make you go to an SSL page to login, obviously because all request and post data is encrypted... Why can Facebook do away with this security measure? I don't understand.Just looking for some insight in being able to have login controls placed on unencrypted pages and then redirecting people to secure pages.. it still doesn't work out in my head though?
i have a website having a couple of pages,i'd like to allow all users to be able to browse some pages and deny them some web pages.I know it's something to do with creating an authorization tag and adding some allow or deny user,but i have no idea how to implement it.
I want to create a website that a user can logon and view their data. They should also be able to logout. I'm wondering how to achieve this WITHOUT using the Membership provider api provided by Microsoft. This is what I think should happen.
1. user enters name and password and clicks button.
2.If username and password are correct the user is redirected to a webpage with their details.
I'm using user membership and roles. Below is my web.config for subfolder restriction.
[Code]....
The way I have above, no one can access this folder, mySub, except Administrators, Editors, and Members. However, here's what I want. I want to allow all and any user to the default.aspx page of this mySub folder and denied any other pages if they're not Administrators, Editors, and Members. One last thing, also denied access to addWord.aspx if they're not Administrators and Editors. I know I can list all the pages and give them various permission but I do not want to list all the pages. What's the best and easist way to accomplish this?
Now that some of the Security matrix has been approved and site is somewhat more functional. We are going back thru adding the loginview to the pages that need it so we can control who can adn can't see the pages and data.
To keep it simple, here is what i have setup.. Because if this setup, i cant access my controls and the page wont display either template. Now even though the aspx code below is a very stripped down version of what i have, the code behind has references to controls that dont show in my example, but they are there in my actual page. I Just removed alot of information to make the post more clear.
I developed our feature rich web page which is constantly changing. I'm not much of a programmer but I know HTML and CSS pretty well. I have a need to create a couple of login page for prospects and end users to get to secured content. I put together a page that works perfectly in Microsoft Visual Web developer Express 2010. This includes a login page. Ironically, after learning how to do all this from a book, there is a web page that perfectly chronicles what I am trying to accomplish and the steps to do it. It's here: [URL]
I don't expect you to watch it, but there is a simple aspx page created for login and then users are created and the content is displayed after successful login. It works fine in m development environment, but when I post, nothing. Furthermore, twice in the last two days, after downloading my current site to my hard drive, and then posting back after adding this functionality, my FrontPage forms stopped working. I had to have my website restored from backup. The whole thing makes no sense and I can't find any precedence posted on any user forums. So any testing I do seems to wipe out my navigation structure.
I'm going to establish the site on a different server tonight and see if its configuration. If that works, I'm not sure where to g next. I'd appreciate any thoughts. The worst part is I can't post a test page or my Fropage contact forms stop working.
