Security :: Different Users In A Business .net Website?
Mar 31, 2011
Im not sure what it is called, but I need help with this. I need some tips on how to get started on an ASP.net site that will have different users. When each user logs in, they will be able to enter their own personal information such as address, hours worked, their own timesheet etc. I want to have it so each user will be able to only see their own data, not any other data entered by other users. I hope I am describing it ok. Please let me know what this process is called, or any good ways to get started on this.
View 3 Replies
Similar Messages:
Jan 23, 2011
asp.net 3.5 IIS7 Hosted on Windows Server 2008 (virtual machine)
I have a website which have been running for about a year without any problems. Users have been able to login etc, but now I get reports about users not able to login while using Internet Explorer. Users using other internet browsers like FireFox, Chrome etc have no trouble logging in.
The website are using the standard Forms authentication.
Also lately another website has been setup in IIS7, but these sites are using application pool. I've stopped this webapplication in IIS, but that doesn't have any effect on my problem
I see that Windows Update have failed to install a lot of patches lately, not sure if that is related to this problem. But some of the windows patches are security patches.
View 5 Replies
Dec 14, 2010
I've created a website with users and passwords and such for authentication.When a user is created through the "administer website" function of asp.net 4.0 where are the passwords stored? Is there a way to manually change passwords in the database?
View 3 Replies
Jun 22, 2010
i have a search box, many text boxes which taken various inputs and save it to database using primitive methods such as "insert into....." executenonquerry etc.have read something that " a textbox by itself can prevernt attacks known as sql injections" is that true?if sohow to enable it?does it need extra coding?
View 1 Replies
Feb 9, 2010
I have an asp.net web app that uses forms-based authentication, a SqlMembershipProvider (using an encrypted password format), and a SqlRoleProvider. I need to know if it's possible to administer the users (create new users, assign them to roles, etc.) from a windows application - the powers that be don't want any administrative functionality in the web app itself.
Here is the membership provider definition from web.config:
[code]....
So, obviously, I have a Sql Server database that contains the users and roles for the web app. I'd like to create a separate windows app that references the web app assembly, and use the configured MembershipProvider, RoleProvider, and machineKey to create users, assign users to roles, etc. If that's not possible, I can duplicate the configuration settings from web.config within the windows app. But I don't know how to do this either.
View 3 Replies
Sep 16, 2010
Just wondering how to implement a user's list into website ? im using ASP.NET C#. I want to be able to:
add/delete usersadd/remove roles
View 2 Replies
Aug 26, 2010
Allow Admin Users to Access Basic Users Accounts?
View 4 Replies
Dec 6, 2010
[Code]....
after successful creation of 3 users on my web site now cannot create users
View 9 Replies
Oct 12, 2010
We have implemented the ASP membership and roles..and we would like to display the users currently logged in and also display the number of users online so we can display that on the page. The list of users woudl only be available to our admins. BUt the number of users will show for everyone.
View 9 Replies
Aug 4, 2010
I just realized after i created a test account i was not in any roles. Is there a way to automically add new users into the role Users? Have i missed this some where?
View 8 Replies
Dec 22, 2010
I built a website that tracks submissions online (SQL server express 08 edition). It has its own User table thats linked to other data tables specific to the business of the website. But I found out recently that I can save lot of time by integrating ASP.NET standard Login Controls that can automate lot of coding and make my life easier. Now since then, I added the login controls, integrated the work flow into my website (just user , role navigation so far) and noticed VS creates its own user tables , view, SPs etc. I am okay with that.I need all my submissions to be linked to a particular user that enters each sumission. Now since my user (userid) moved from my personal custom table to a standard ASPNETDB.mdf table... how do I link my original website database and tables to this Default User table / (ASPNETDB.mdf) created by VS.
View 5 Replies
Jun 23, 2010
i used security in login page which restricts all users who have not logged in to all pages. I need to restrict specific users to specific pages. I'm not using AspSqlService provider. So i cannot create roles and restrict automatically. And the pictures i use in login page are not visible @ runtime.
View 1 Replies
Mar 22, 2011
Working on my first asp.net webpage. i have followed video tutorials and implemented asp.net membership for login/security.Using Visual Studio 2010 i can open the Asp.net configuration page for management locally.But then if I want my site admin to manage users/security online, how is this done? Like manage through a web browser. I guess this asp.net configuration GUI is not available on the internet?
View 4 Replies
Feb 9, 2011
We have asp.net configuration tool to manage user's permission and role for our offline website,
it is working very fine.
Now, I have uploaded my website and aspnetdb.mdf
now i want to manage users and it security and roles online.
How can i have asp.net Configuration tool
View 2 Replies
Jan 12, 2010
I have a web page where I am denying anonymous users from accessing. In the web site I have a folder called FileManager. In the web app the usres have the ability to uploaded files and when they do a folder gets created under the filmanger and the files are saved. I have created a web.config in this folder that denies anonymous users. The problem is if the user knows the directory structure they can type in the url of the site add /FilManager/x/x/NameOfFile, where x are the sub directories. If the file is an image it shows the image in ie, if it is a .xls or .doc or what ever they get the prompt to either download or save the file. What am I doing wrong. Will the web.config file not stop an anonymous user from access files? I put a webpage in the folder and it is blocked and the user gets sent to the login screen, but files seem to be unsecured.
How do I block anonymous users from being able to access the files in this folder?
View 4 Replies
May 5, 2010
i have a gridview that displays a number of columns, there is some rows that are to be confidential for some users "secret" records, i.e some users will see some of the rows as access denied in the cells and they won't be able to click the row to take them to detail page. other users will be able to see these rows data in the cells and able to click on the row header to take them to detail page.
how to display data/links in grid view cells selectibaly without changing the data in database?
View 4 Replies
Nov 9, 2010
I got a requirement from client that he wants to know distinct users information from sites and it sub sites those have access to site. There are separate groups for each subsite (contribute, approval and full access). From these all groups find distinct user information.
How can we do that using Object model?
View 1 Replies
Nov 7, 2010
When I run my website through debug mode in visual studio everything looks great and all the images on the page show up fine. But once I deploy my website to an IIS7 web server (doubt that other versions would make any difference, but you never know) then users can't see the images on the site until they log in.The website is an asp.net MVC site and I'm new to MVC, though I do have lots of experience with asp.net forms. It seems that only authenticated users are allowed to access the images folder, and there is an authorization section in my web.config saying that only admins can access the site, so how do I make it so that all users, authenticated or otherwise can view the images?
View 3 Replies
Apr 20, 2010
anybody knows of blocking certain users (by IP) from accessing your website (website on asp.net mvc).
EDIT: I know that web-servers can do this as well, but I need this at the application level
View 3 Replies
Dec 26, 2010
I need to add the ability to register users in my web site. I'm sure that 1000's of programmers already did this, so why should I build from scratch? Does someone knows where can I find a module like this as well as other modules?
View 2 Replies
Jun 25, 2010
VWD 2010 Express. Windows 2003 Server. I decided to move my web site from the Inetpub folder on my C: drive to an Inetpub folder on my D: drive to free up space on C:. I moved three web sites. Two of the sites worked fine after the move (I went into IIS 6.0 and changed the home directory of all the sites). One site, which requires authentication using the Windows Active Directory (AD), did not work properly. I could access the site and login with any administrator login. But all other users, although they enter the correct credential, continue to be reprompted for their username and password. The site uses "basic authetication" to check users credentials against the AD. Can anyone think of a reason I would have this peculiar behaviour just because I move a web site's files from C:inetpub to D:Inetpub?
View 6 Replies
Feb 21, 2011
I am currently working on a project in which I am assigned to provide e-mail features to the users of our site. unlimited users can create there mail accounts dynamically with our servername say if the website address is www.xyz.com then the users of this site can create their mail boxes like user@xyz.com. My clients want to provide e-mail service like yahoo, gmail, aol, hotmail, rediffmail, zapakmail, etc...
View 4 Replies
Feb 20, 2010
I have a web application using Forms authentication provided by AD. I would like to know if it's possible to use EWS to send mail as the currently logged in user without having to supply credentials, or; would I be required to set up an account with impersonating access which will send mail on behalf of the currently logged in user?
View 1 Replies
Mar 1, 2011
I developed a website in asp.net,c# and SQL server2000. In each and every page I want to show the logged in users name with green color text.
I used Forms authentication.
View 4 Replies
Jan 29, 2010
I have a WCF service that runs in my web application that provides data to a Silverlight application and is defined as follows (with an appropriate .svc file)....
[ServiceContract(Namespace = "")]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
public class DispatchService [code]...
The idea is that the user logs into the website and is then authorised for all services. I do not want to have a login aspect to my Silverlight application to authenticate users.Therefore I dont want anyone to be able to call my service who is not authenticated.
Could I...Somehow determine this for each Operation Contract. I had a look inside the OperationContext object but couldnt find anthing that stood out as a way to determine who the user was.Somehow attribute the ServiceContract so that the method can only be used by authorised users?Put something in my web.config to stop unathorised users from being able to access the folder containing the services?
View 1 Replies
