Security :: Forms Based Authentication Allow Only Specific Users From Database Table?

Oct 1, 2010

I have the following implementation and I'm sure there is an easy way to do what I want to do but I can't figure it out.

1. I use forms based authentication to authenticate to my site

2. I use active directory to authenticate the users

3. I use the Allow Users="xxx" tag to authorize the users limited to the list that can access my site. (e.g.. even though Mary is an AD user she can't access my site unless I put her credentials in the allow users tag in the web.config file)

All is working well but I want to move the users access list (e.g.. <allow users="john" />" from the web.config to a database table so that I can create a user maintenance page for my admins to add and delete user access. For the life of me I can't figure out how to do this and I can't seem to find an article on it either.

[code]....

View 1 Replies


Similar Messages:

Security :: Security And Authentication - Add Information To That DataBase Only To Specific Members?

Sep 21, 2010

I have an application that has a user Login Control (provided by ASP). I am just now working with the integration of a dataBase created in MS visual studio 2010, to a developed website created in MS visual web developer 2010. My main goal is to create an authentication ticket that enables a user to be able to see a dataBase information only after that user has been successfully authenticated.

Up to now I'm able to see the dataBase when i run the website even if I'm not log-in, how i can create a home page that tells the user to log-in and once that user has successfully log-in it redirects the user to another page where the user can see the database and how I can add information to that dataBase only to specific members

View 4 Replies

Allow Access For Unathenticated Users To Specific Page Using Forms Authentication

Sep 2, 2010

I am using ASP.Net Forms Authentication. My Web.config looks like this.

[code]....

So currently every aspx page requires authentication.

I want to allow access to even unauthenticated users to a specific page named special.aspx. How can I do this?

View 2 Replies

Security :: How To Use Forms Authentication On Specific Aspx Pages

Feb 15, 2010

I want to use the login component with forms authentication, but i don't want to use the whole package. I have a database with users in it, and i create the users manually, through another section of my site. I will authenticate them using my own functions, in the Authenticate event.

But, specifying the forms authentication in web.config, i seem to recall having seen somewhere, that i could add pages that were protected, while the rest of the site wasn't.

How do i do this? Currently, i have only 1 page that i want to protect.

View 2 Replies

Security :: Using AD Authentication With Form Based Authentication & AzMan

Sep 2, 2010

I needed information regarding the capabilities & integration of AzMan tool with Asp.net.Currently, I got a Sharepoint 2007 website along with ASP.NET 2008 where I am using Form Based Authenication.Now, the requirement is any user within a domain registered in AD should be able to login in website through intranet.

Can I acheive this using AzMan, or I need to create two websites one with FBA for internet users and the other one for the intranet users with AD authenication. Also my intenet website is deployed and in use where usermapping and roles are already created, so using this tool what will be the impact on existing webiste.

View 2 Replies

Security :: Windows Forms Authentication But Not For All Users?

Jan 5, 2010

I am trying to create an Intranet application and I want my users to be able to log in with their windows account. However my organisation has over 150000 employees but I only want the 10-12 people in my department to be able to log in.

How do I do this? Do I need to store the 10-12 users in a database?

View 2 Replies

Security :: Forms Authentication Users Expire Randomly?

Mar 11, 2010

I set up forms authentication in my asp.net application, and everything works apparently without problems. However from time to time some of the users trying to log in inform me that suddenly they cannot enter anymore as their user seems to be deactivated. Even if they try the forgot password entry, they get "user not found" response, but if I check the user is still there, and according to asp.net configuration it is even active.The only solution I found until now to reactivate the user is to remove it and create it again, and then it works. But it cannot work like this of course.

View 5 Replies

Forms Authentication For Users And Windows For Database?

Jun 14, 2010

On our production servers, the admins created a WebUser active directory account which is users for anonymous access to IIS and is also used to authenticate database access with our SQL Server instances using Integrated Security=SSPI in the connection string and identity impersonate="true" in the web.config.

I've often come across situations where I would like to or even need to use forms authentication. However, I using forms authentication, Integrated Security seems to use the logged in user's credentials to authenticate against the database. In these cases I have changed the connection string to use the credentials of a SQL Server users instead. I would prefer to not have a hard coded username and password in the connection string or rather worse in code. Is it possible to use forms authentication just for user authentication for users and windows authentication with the IIS user for database access? What would be the best practice in such a situation?

View 1 Replies

Security :: Forms Authentication - Users Logged Out Before Cookie Expiration?

Jun 16, 2010

For some reason my users are logged out of the system every 10-15 minutes or so...regardless of the configuration below....am I missing something?

[code]....

View 1 Replies

Web Forms :: Display User Specific Information From Database - Based On Login ID

Jan 7, 2011

I have a online game (written in ASP) which i have finally decided to convert to ASP.NET. However i cannot seem to link the login ID's of users to their specific details in the database. I.E when Joe Bloggs logs in, he will be shown the team information for just his club, not every club. in ASP I use code similar to this below

[Code]....

im not convinced that is the right syntax to be using, but when i execute the code in Query Builder it is showing me the correct data (that i expect to see). So im wondering if there is something else im missing? Is there something extra that i need to be adding in Web.Config file or elsewhere?

View 30 Replies

Security :: How To Collect All Users From A Specific Role

Mar 6, 2010

How can I collect all user (guid) from a specific role?

View 3 Replies

Security :: Use A Forms Based Authentication When Using A Role Manager?

Nov 30, 2010

is possible or do you have to use a forms based auth when using a role manager?

View 1 Replies

Security :: Setting Up Form Authentication For A Specific Folder?

Oct 5, 2010

I have an "Admin" folder in my application that will include pages that I would not like to have anonymous access to. When a user attempts to load a page that resides in this folder, I would like to redirect them to a login page. Here is what I have in my config so far.

[Code]....

[Code]....

View 12 Replies

Security :: Form Level Authentication On Specific Folder?

Oct 27, 2010

Following is my directory structure of my web application which is also configured in IIS as virtual directory

Web Site Root

|MasterPage (file)
|Web Config (file)
|Public Contents (directory)
|ShowNewWallpapers.aspx
|Admin (directory)
| Login.aspx
|WebSiteStat.aspx
|WebConfig file (need form security here)

How is configure my both web configs to solve my issue. currently i am getting following error

It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.

my root web config has default settings and my Admin directory has following settings

<system.web>

View 2 Replies

Security :: How To Provide Authentication No.of Users

Nov 4, 2010

am developing website in that website no.of users are there every user contain related data, the data should be in xml files ,how to provide authentication every user by using xml files .how to write xml file names in web.config in sql we can use connectionstring
,in xml how we can write them give examples.

View 4 Replies

Security :: Redirect To Specific Web Page Based On Roles?

Oct 26, 2010

Is there a tutorial on how to redirect user to a specific web page based on his/her role? For example, I have teacher role and student role. When the teachers login, it will redirect the teacher to the teacher web page and the students redirected to the student web page.

View 1 Replies

Create A View In Database To Fetch Username And Password Of All Users Having A Particular Role (Forms Authentication)

Apr 29, 2010

I am using ASP.NET Forms Authentication for my application. I have made my Password Format "Clear", so no problems with the password encryption. I need to create a view(in SQL server) to display all Administrators in my System. ie aspnet_Roles.LoweredRoleName='administrator' The fields needed are UserName and Password

View 1 Replies

Security :: Windows Authentication For Anonymous Users?

Feb 14, 2011

I am using windows authentication in my web application. All we need is when the application will be executed it will launch login.aspx page. If users put correct userid and password(checked from active server directory) it will be redirected to a difference page. But if any unauthenticated user tries to access any other page in the application by typing the Url on the address bar it will be again redirected to the login page. We have to do this by changing our web.config file.I can achieve this using form authentication but not windows. But our requirement is windows. The requirement is very basic but all effort is just not working.

View 2 Replies

Security :: Website With Users And Passwords And Such For Authentication?

Dec 14, 2010

I've created a website with users and passwords and such for authentication.When a user is created through the "administer website" function of asp.net 4.0 where are the passwords stored? Is there a way to manually change passwords in the database?

View 3 Replies

Security :: How To Redirect To Specific Page Based On User Roles

Sep 12, 2010

I am using Formsauthentication. My situation is as per below:

the login form has codebehind :

protected void LoginButton_Click(object sender, EventArgs e)
{
TextBox uname = Login1.FindControl("UserName") as TextBox;
TextBox pass = Login1.FindControl("Password") as TextBox;
CheckBox rm = Login1.FindControl("RememberMe") as CheckBox;
Literal fail = Login1.FindControl("Literal1") as Literal;
if (Membership.ValidateUser(uname.Text, pass.Text))

[Code].....

Now the problem is that when I try to login with proper credentials it first redirects to default.aspx( there is no such page in my project), after login again with same credentials it properly redirects to the correct page. Why such problem arises? to fix this?

View 6 Replies

Security :: Redirect User Based On Role To Specific Web Page?

Apr 22, 2010

I'm not sure if this is possible or not, I'm using Roles to limit what pages a user can access based on there assigned Role. My question, is there anyway to redirect the user to a specific web page based on thier role after they login.

For example:

If Bob logs in with Role="Automotive", I want him to be redirected to Auto.aspx.If sue logs in with Role="Clothing", i want her to be redirected to cloths.aspx.

View 8 Replies

Security :: Login Users With Active Directory Authentication VB.NET?

Nov 5, 2010

I want to know how to do Active Directory Authentication in my intranet web application,

So far I created a simple login page and I am using the login control. my questions are how do I configure the application, how do I interface the login control so it will take the user to next page once they input their usual active directory username and password.

View 5 Replies

Security :: Use Token Based Authentication?

Mar 2, 2010

How to create Uniue Token with properties like expiration time,

Any standars method provided by Microsoft,

View 2 Replies

Security :: Authenticate Users Based On Three Parameters Using Membership?

Jan 13, 2011

I need to authenticate users based on three parameters such as username, password and officename instead of just username and password. User name is unique only across the single office and not across the application.

Can I achieve this using Membership class and if yes do I need to write any custom code for that?

View 1 Replies

Show User Specific Data From Database Based On LoginID Username?

Jan 21, 2011

I am attempting to convert an online game i have written in ASP into ASP.NET,, but I am failing at a very early and probably a very amateurish stage.

I am using a Sample ASPX project. There is an ASPNETDB database included, when i register my username is added to the DB along with a userID and various other fields. This is stored in a table called aspnet_Users.

The Login Control is stored in a Site.Master file

<div class="loginDisplay">
<asp:LoginView ID="HeadLoginView" runat="server" EnableViewState="false"
onviewchanged="HeadLoginView_ViewChanged">
<AnonymousTemplate>
[ <a href="~/Account/Login.aspx" ID="HeadLoginStatus" runat="server">Log In</a> ]
</AnonymousTemplate>
<LoggedInTemplate>
Welcome <span class="bold"><asp:LoginName ID="HeadLoginName" runat="server" /></span>!
[ <asp:LoginStatus ID="HeadLoginStatus" runat="server" LogoutAction="Redirect" LogoutText="Log Out" LogoutPageUrl="~/"/> ]
</LoggedInTemplate>
</asp:LoginView>

I have created a new table called tblClubs, which stores information such as ClubName, StadiumCapacity etc
I added a field called 'Owner' and this is directly related to the UserName field in the aspnet_Users table

What I am trying to solve is to show user specific information from the database, based on their LoginID.

i.e

My username is Laclerque and my club is called Racing Mongoose, the stadium capacity is 9500.. the information for each User needs to be different and just show the information that is relevant to them.

obviously in the longer term, there is going to be 100's of these associations required for the full game, but not until i can get my head around the basics of how to set this information. I tend to work better when i can see a working sample, and then adapt things to suit my needs.

View 1 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved