Security :: De-activate Account After A Period Not Being Used?
Mar 2, 2010I'm using membership provider (SQL) in my application. How do I set to de-activate user account automatically after a period not being used by the users?
View 4 Replies
Similar Messages:
Security :: Confirmation Mail To Activate An Account In The Membership Table?
Mar 10, 2011I work with an ASP.NET application and the standard Membership ASP.NET database to register user.
Could it be possible to explain or to give examples how to program the system to work with a confirmation mail so that the user need to click on the link to activate his account?I would like to do this to avoid SPAMMERS
Web Forms :: How To Use Activation Link To Activate Account
Oct 3, 2013i want to use activation link, as when user registered itself, i'll send activation link on his mail-id, and when he click that activation link, then his account will actived...?
View 1 RepliesActivation Link That User Will Press To Activate An Account
Nov 26, 2010Doing an activation link that the user will press to activate an account. What i wanted to ask is, the link will go to a page and it will hit the sql server to find out if it's valid.Now what i'm afraid of is that some boot can send thousands of get's in the page, forcing the sql to be active with useless data. So is there a way to protect against this? I was thinking the "lock ip" trick i did to stop users trying to log in to a site many times. Any other suggestions are welcome. Some other think also.I use a try catch in case of a get with not or wrong data.Will this affect the site in general? I mean i don't really care if someone post an invalid get and wait for the try catch, but does this affect the performance of the site in general or a session takes the memory by default and ignore any try catching that s stalling the page.
View 6 RepliesSecurity :: Possible To Suspend A User Account
Jan 16, 2011Is it possible to SUSPEND a user account? I want to do an application in which the admin retrieves a list of all the user accounts in the database, and select a particular one to suspend it. And, that suspended account would not be able to log in to the application?
View 4 RepliesSecurity :: How To Switch To Another User Account
May 30, 2010I have used membership provider to implement my system. The system administrator can list the users. What I want to do is, administrator should be able to sign-in as the selected user. I can sign out administrator by FormsAuthentication.Signout but how can I sign in as the selected user? Passwords are hashed so I can not retrieve the passwords.
View 5 RepliesSecurity :: Login Page Using Domain Account?
Feb 8, 2010I am trying to build a login page as follows.On the machine on which i want to host the application i have a windows administrators group in which some windows domain users are.Now on building the login page i only want those people to access the application on login. What is the best way to acomplish this.
View 1 RepliesSecurity :: Machine Account Gets Locked After Unlocking?
Jan 5, 2010We're running ASP.Net applicationon the server running Win2k AdvancedServer. Everytime server is rebooted the ASPNET account gets locked, even after unlocking the account, after few mins the account gets into locked mode.
View 7 RepliesSecurity :: Create A Service Account For An 2.0 Application
Jan 14, 2011I have a web application. This application needs to perform a search on folders located on 2 different machines. I can use impersonation for this. But -
a. I don't want to use network service account
b. I want to impersonate just the search part of the code.
c. Specifying encrypted user name / password in web.config is one option. But this would be the last option.
Can I use a custom service account for the application pool for this? If yes, then how to impersonate a specific part of code using this?
Security :: Running App Pool Under Administrator Account?
Mar 3, 2010We have a website that calls a utility from the command line to create thumbnails places them in a directory and then the page will display the contents of this folder to the user.The utility seems to only work when we run the application pool under an administrative account, we have tried the network service, local system, and local service all to no avail.Just wondered if anyone had an opinion on how secure/unsecure it would be if we ran the website under the administrative machine account? Does this open up a massive secuurity hole etc is it that likely that we are comprimising the network.
View 3 RepliesSecurity :: Authenticate With Other Computer's Windows Account?
Feb 18, 2010I face this problem when my client setting the LAN like this: the database server is in server A, the web application is in server B, and the windows login server control (is it what we call "windows domain"?) is in server C.
When I use windows authentication in the web application I built, it checked only the windows account in server B. How to authenticate with server C's windows account?
Security :: Sending E-mail After Account Creation?
Mar 22, 2010I am trying to send e-mail after an account with roles has been created, but I keep getting this error:
CS0123: No overload for 'RegisterUserWithRoles_CreatedUser' matches delegate 'System.EventHandler'.
This is the wizard I am using:
<asp:CreateUserWizard ID="RegisterUserWithRoles" runat="server"
ContinueDestinationPageUrl="~/Default.aspx"
onactivestepchanged="RegisterUserWithRoles_ActiveStepChanged"
LoginCreatedUser="False" oncreateduser="RegisterUserWithRoles_CreatedUser">
<MailDefinition BodyFileName="~/AccountCreated.htm"
From="myemail@gmail.com" IsBodyHtml="True"
Subject="Your account has been created!">
</MailDefinition>
<WizardSteps>
<asp:CreateUserWizardStep ID="CreateUserWizardStep1" runat="server">
</asp:CreateUserWizardStep>
<asp:WizardStep ID="SpecifyRolesStep" runat="server" StepType="Step"
Title="Specify Roles" AllowReturn="False">
<asp:CheckBoxList ID="RoleList" runat="server">
</asp:CheckBoxList>
</asp:WizardStep>
<asp:CompleteWizardStep ID="CompleteWizardStep1" runat="server">
</asp:CompleteWizardStep>
</WizardSteps>
</asp:CreateUserWizard>
This is the c# file:
protected void RegisterUserWithRoles_CreatedUser(object sender, System.Web.UI.WebControls.MailMessageEventArgs e)
Security :: Create Super Admin Account?
Oct 21, 2010On admin side how to create first secure admin account when there is no users/admin exists without manuall entry ?On any website how we can create Super admin account who will handle all the things? Except the entry in db manually. I c# or vb.net
View 1 RepliesSecurity :: LDAP Authentication Using Service Account?
Aug 14, 2010I am looking for a code which does authentication using service account username and password. I mean username and password which has permission to access the active directory and then authenticate the actual username and password provided by end-user. Googled everywhere but could not find any suitable code.
View 1 RepliesSecurity :: .aspx Files Being Accessed By Wrong Account?
Jul 14, 2010Have I done something wrong ?I am running a web-site with simple .aspx files on a standalone workgroup Windows Server 2008 called 'Max'.I had assumed that the .aspx files were accessed by the 'Network Service' account.The application pool for the website is running with 'Network Service' as the process account.I was puzzled, since 'Network Service' had no permission on these .aspx files, and I coudln't understand how these files were being accessed at the file level.So I added event level auditing to the files, and I was suprised to learn that the .aspx files were being accessed by an account called Max$ (ie the computer account).Is this correct ?Why is the Network Service account not being used ??
View 11 RepliesSecurity :: No Impersonation - But Wrong Account Being Used To Access Files?
Aug 2, 2010I run a simple .aspx website on a Windows Server 2008 machine.There is no impersonation, and System.Security.Principal.WindowsIdentity.GetCurrent().Name returns NT AUTHORITYNETWORK SERVICE, which it the account which the application pool runs.I tried to test the security of the application and server by removing file permissions to the .aspx files. I was greatly worried when the website continued to run without problem (it should not have been able to read the .aspx files).By turning on file level auditing, I discovered that the .aspx files were being read by the machine$ account (if the machine is called Serv1, then the files would be read by the Serv1$ account, which seems to have access to all files on the local machine).Is this a security breach or is this behaviour by design ?
View 4 RepliesSecurity :: How To Create User Account For Big Group Of People
Aug 25, 2010I need to create individual account for a big group of people (around 200) from an Excel spreadsheet. What is the best practice? It will take too much time to create account using web form. I think there must be a way to do it. I tried to use Stored procedures created by ASP.NET.
View 2 RepliesSecurity :: Making Set Up A Way For Select People To Be Able To Create An Account?
Mar 12, 2010I am setting up a website, and I want to set up a way for select people to be able to create an account. What I want to do is make a field for a security code, that when entered, will take them to the create new user page. I do not want just everyone to be able to set up a user account, as it would expose wholesale prices to the general public.
For example, Business X wants to set up a wholesale account. They contact the business owner, and when the owner verifies the business is legitimate, she can give them the security code to enter. Once the correct security code is entered, it will then take them to the account set up page.
I have VWDEE2008, and have used the Administer Website tool, and am familiar with using that.
Security :: Connecting Web Service To Sql Server Using App Pool Account?
Jun 15, 2010I have a web service in which i am making connection to the database to get data..now i want that the app pool account should be used to make the connection and not the current user's credentials..can somebody tell me step by step what changes do i need to make like setting impersonation=true etc.
View 1 RepliesSecurity :: How To Create Separate Login Account For Members
Sep 22, 2010I have developed a web application in which i manage details of different companies,,,for that i as admin add companies and their details in my database...right now my role is administrator in my web application
The problem is everytime i have to update company details and other information
I want companies to update their own information...
so how i can create a role and create usernames for companies so that they can login to their individual accounts and update the company information by themselves ?
One important thing of my requirement: One company can have multiple usernames accounts..
Security :: Why Separate Account Data And User Info
Oct 2, 2010If I'm correct the membership functionality separates account and user (profile) data in two tables. Why not one table? What's the design priciple behind this?
View 5 RepliesSecurity :: Removing NT Authority (or Equivalent Account) From Web Server?
Aug 9, 2010i had NT authority user account on the web server (or simillar priviallge account with sid like s-1-5-21-1311... ).
recently, due to security issue, had to remove this account and the application hosted on the webserver stopped working.
the issue seems to be with the database connectivity. not able to analyse the issue as, this occuring only on production and not on development server.
Security :: Building Login Form Via Goolge Account?
Jan 5, 2010I'm trying to build a login form to authenticate google account using asp.net, I have read and found something but It's not clear.
View 3 RepliesSecurity :: Permission Problem On User Account Administrator ?
Sep 21, 2010I have a custom ASP.NET application which is hosted in the SharePoint _layouts directory. The code uses the object model to do certain actions on a SharePoint list. I'm receiving the following error when trying to perform
[code]...
When I give my user account administrator rights on the server it works fine, so it's a permission problem, but can't figure out what it is?
Security :: Login The Account With The Modified username properly?
Aug 31, 2010I have a site where I am using asp.net membership login. I have multiple companies creating login accounts, to minimize name collision I would like to append the company name on the end of the username during the login process. I can determine the company based on the url. I am able to authenticate the user in onauthenticate, but I am not sure how to actually login the account with the modified username properly.
Example: I use login JohnSmith
I append JohnSmith@company1 behind the scenes. And I authenticate the user in the onauthenticate event using validate user with this modified name.However, I really haven't stopped the JohnSmith account from being used so none of the Profile stuff works. this ability located in on loggingin or onlogged in events?
