Security :: Get Information From IP And Change Content?
Jan 5, 2010When user come to site we know user IP. but how I can know country, reagion, city and etc. about this user.
Example If I know country I need show special content for it.
When user come to site we know user IP. but how I can know country, reagion, city and etc. about this user.
Example If I know country I need show special content for it.
while creating users/groups using web site administration tool, is there a way to configure it to store to a specific database rather than store to a Microsoft SQL 2005 Server Express Edition by default in the App_Data folder?
View 2 RepliesI am building a website in which all of the site layout is in Master page and the content of the site is in the inherited pages. I have various links for navigation in which i simple use Response.Redirect to transfer to different pages. Now the problem is that I want to put the content place holder inside Ajax Update panel so that the postbacks are Asynchronous and I want to show the postback by an animated image inside Update Panel progress control. The problem is that I am unable to achieve this result and the entire page is posted back and rendered again. I have placed the content place holder inside the Ajax control toolkit's Update panel but it does not work. Is there any way that I can change the content of the content place holder to a new page with asynchronous postback.
View 9 Replieshow to read content information from a saved image in SQL image column. I do not want to read the image and display it I know how to do that, what I am trying to accomplish is read the content of that images already saved in the SQL image field, for instance I have a saved image (.JPG, .GIF, PNG, BMP etc) that contains customer demographic information such as (name,address,phone etc) and also contains sensitive data such as (SSN, DOB etc) I just want to retrieve the demographic information and display it on the screen leaving out the sensitive data.
View 1 RepliesI have an application that has a user Login Control (provided by ASP). I am just now working with the integration of a dataBase created in MS visual studio 2010, to a developed website created in MS visual web developer 2010. My main goal is to create an authentication ticket that enables a user to be able to see a dataBase information only after that user has been successfully authenticated.
Up to now I'm able to see the dataBase when i run the website even if I'm not log-in, how i can create a home page that tells the user to log-in and once that user has successfully log-in it redirects the user to another page where the user can see the database and how I can add information to that dataBase only to specific members
How do I get information that does not change?
For security reasons I get rather than IP information, which does not change.
IP is changing, if the dynamic.
I need information that does not change.
I am doing a project using asp.net/C# in three tier architecture .I have created a gridview with textboxes inside I have to get the name in the textbox by selecting the ID in another textbox. I have done the autocompletion in the textbox for ID using Ajax .Now I have to set the corresponding name to the selected ID retrieved from the database as the content of the textbox for name .I have tried to get the ID but I dont know in which event should i write the coding and how to get it .
View 2 Repliesi have an .aspx website, within the site am planing on having a staff directory, i have setup the search, the results and also a more feature to display all there information.
When you click the More button it is supose to display the text with an image of the person. the images are located on a server and are named via staff ref. below is the code i am trying to use to display but am having no luck so far
[Code]....
I have a web application on IIS that will authenticate using windows authentication (Active Directory). So when they access the application http://iisserver/webappname/ it ask for username pwd and domain. (currently working) How can I get information of the authenticated user in the web app through c#?
View 3 RepliesI want to get the certificate information of a website. I means that i've a textbox on a page. When i enter a url in that textbox and press the button. The certificate information of that website should be returned.
Say, i've entered the [URL], Then it should return the Certificate authority, Validation period etc.
I am looking to get the data from any given domain names SSL certificate. For example I want to put in any website address e.g. "www.asp.net" and my code would firstly check if an SSL certificate exists. If it does then I want it to pull out the Issuer, Subject, Valid From and Valid Until etc. The intention is to create an SSL certificate checker similar to this: [URL]
How can I do this ASP.net???? - I have looked up loads of different things such as RequestCertificateValidationCallback and ClientCertificates etc.
would I create a HTTPWebRequest and then somehow request the client certificate and specific elements that way?
I am useing asp.net membership to store my users and under each users profile there is a field for their supervisor. I would like to get a list of all the users with the supervisor "Jon Doe". Is there an easy way to do this or would I just have to loop through each user and see if there supervisor = "Jon Doe" then if it is store there username in a list?
View 1 Replieswhere the login information is stored in our directory?
View 4 Repliesif i have database contain table:
1-student
2-accounts
and i make tthe page for login , if the student is record login successfully, how can make page to display information for this student who is logged on the rest of the data without viewing the other students who are in the database. Note:I used the session in the login page .
how to add more information in the registration data? I want to add in addition to username and password, another TextBox.
View 4 RepliesI'm working on a project for a large company that wants to create a crypto toolbox for cross-platform signing and encrypting and am constantly running into problems concerning the cryptographic abilities in the .Net framework. The blazing inferno that I need to put out this time is that SignedCms and EnvelopedCms don't seem to work with a Cryptographic Service Provider that doesn't store the private-key on the Windows machine. I'm working with a network HSM and certicates that have only a public key, that is, no private-key and no information in the store as to where that private-key resides or how you can access it (a RSA public/private key pair is created on the machine, using the HSM supplier's CSP, and a certificate signing request is generated and used to create a public-key certificate signed by the CA). Theoretically the private key gets picked up from the HSM (referenced actually) using the CspParameters given when instantiating the class, which specifies the CSP provided by the HSM supplier. Unfortunately, up to now this only works with CAPI, where can associate the cryptographic service provider with the signing certificate (usign CertSetCertificateContextProperty with CERT_KEY_PROV_HANDLE_PROP_ID). (We're using CAPI for PKCS#7 signing because the .Net framework only supports signatures up to SHA1 and we have a minimum of SHA256). Surprisingly enough CmsSigner accepts a CSP in it's constructor but it cannot get the key, it throws an exception during instantiation from method CreateDummyCertificate for some reason (with the message "Process completed." no less!??). I use the following CspParameters:
[Code]....
CmsSigner cmsSigner = new CmsSigner(cspParams);
This process works great with certificates and key pairs created by MakeCert. With MakeCert you can associate the CSP information with the Certificate upon creation (-sk, -sp, -sy). The private key still resides in the HSM but specifying the provider during the creation of the certificate seems to have persisted the CSP information somewhere, somehow. Exactly how that's done I don't know, but if could do that, my problem would be solved.
I have a WCF service which accepts X.509 certificate signed incoming messages. As per my understanding the client will send the message with signature encrypted using his private key and web services will decrypt the signature with client's public key. This ensures that the sender of the message is holder of the private key and that he is certified by the server trusted CA as "He is what he claims to be".
It's being a highly secure application I need to give access to only certain clients regardless of whether they are trusted or not. (This is to take care of good turned bad scenario :-)) How do I achieve this? Is there any way to get the client information as subject name etc from his certificate in C# code? Is there any example of this usage?
I have a website that is associated with a PC Application.
The website uses forms security to restrict access to the Information on the PC Application to users with a specific role.
Is it possible to have a link to a page that has sufficient information contained in it to automatically log in and display a page in a restricted area?
I am thinking of something like the confirmation emails you get when registering with a website. They often have encrypted text as part of the link and automatically log you back in to the website when clicked.
How can I get a user's geolocation information (City and Country - internet service provider and internet speed would also be great) based on their IP address?
I've searched and found several tools for doing this but I seem to run into problems using them with asp.net mvc. Many of them relate to using json and the "security risk" involved in cross domain ajax calls.
In my application I am using the aspnetdb membership for authorizing users. I created a new table UserProfiles that will hold their profile information. The UserID is linked to aspnet_users UserID with a foreign key. One of the columns in the table represent CompanyID (int). I want to be able to restrict logged in users to only see records from their company based on the CompanyID. There can be more than one user with the same CompanyID to the UserID would not work. I can restrict their access by UsedID to only see records they created by using code behind:
[Code]....
and my select statement is:
[Code]....
How would be the best way to restrict the selected data to UserProfiles.CompanyID?
I have a site I'm working on where the values being stored in user profiles can change so I need to iterate through all available profile options and display them (say in a label or gridview for instance). Here is an example of a web.config I threw together
<profile enabled="true">
I'm authenticating my users using the following code for the login event:
[Code]....
The following code runs in global.asax at Application_AuthenticateRequest:
[Code]....
Everything works great so far. Next thing that I need to do is add additional user information to the forms authentication ticket using user profile. When I try to add it right after the login code above, I end up getting an error message about anonymous profile. On the other hand, HttpContext.Profile is read only and doesn't seem to work. Is there any workaround for this?
I have created a custom user creation wizard to store custom user information, This is working fine. I am now trying to create a new page to give the newly created user to create users in there own company, so i need to retrieve the company information from the user profile created and automaticlly fill that information into the new create user wizard. ie User from A company logs in. (company_id from profile is stored in session)
User A wants to make another user in company A (but cannot make a user in company B) User A fills in details for new user, Company A information is autofill into new user info. (possibly from session)
I have read alot about storing membership. info into session but i cannot find any code examples of how to do this. I need to find a way to store Company_id into session and then use that for creating a new user with the same Company_id.
I have created a login form through VS 2008 using C#. There are 5 different aspx pages in my application.
1)Default.aspx: It contains only a hyperlink to direct the user to login.aspx page.
2)Login.aspx: This page has texbox for Username and Password, sign in button, textbox for displaying error and hyperlink (Create an Account) if the user does not created an account yet.
Here is Login.aspx code:
[Code]....
Now, I want to do following with my application.
If the user already has an account, he can put his username and password and click on the sign in button. If the username is existed in databse, application should compare the user input with database and if both are matched then the application should redirect the user to "welcome.aspx". If username does not exist it should show that Username does not exist.
I had three web applications and each one has its own login page , now i want to build web portal which allow members to login and choose one of these applications to redirect to it .
Is there any way to passing user information across secure connection??