Security :: GetPassword Not Working?
Apr 20, 2010
building a site and the client wants an admin page, so that he can login and change passwords, delete users or create users.I have 3 subs, one for creating, one for deleting and one for changing passwords. The create user works fine. The delete user works fine but on the changing password is where I have the trouble. Here is the code:
[Code]....
View 5 Replies
Similar Messages:
Dec 9, 2010
I need to migrate existing users, I will be creating the users account and setting a dummy password for the first time login... My problem is that by doing this they will not have their security question and answer filled in... I am trying to create a page that will force the user to set up their question and answer at first long ... The problem that I am having is when i try to get the password i get the following error..
here is the code that I am using:
[Code]....
[Code]....
View 9 Replies
Dec 1, 2010
We are converting an ASP site (using DotNetNuke) to a new PHP site. The only thing we have right now is a full export of the existing database. One of the tables is called "aspnet_Membership" and contains the following fields:
Password (looks like base64)
PasswordFormat (always value 2)
PasswordSalt (looks like base64)
PasswordQuestion (always empty)
PasswordAnswer (always empty)
We would like to decode these passwords and hash them to fit our own framework. From what I understand from the .NET documentation these kind of passwords can be decrypted. Is there an algorithm available that can do this or is it more complicated than that? Will it be possible if we create an ASP script on the current server?
View 2 Replies
Oct 20, 2010
I find that the password can only retrieved by method GetPassword() in asp.net2.0 Membership.In fact, we can get the password when we get the user infomation from database and set it as a property of user(object of MemberhsipUser) just as user.Email, user.UserName, etc.
It's clear that adopting the second resolution(property) can reduce one trip between server and database and more convenient. But why Microsoft don't do like this? For secruity reason? Then why is it less secure to set the password as property?
View 2 Replies
Feb 21, 2011
I have a login control that is working beautifully on my localhost, but not working on the server. It validates my username & password - and gives me an error if I enter an invalid username/password. However, if I enter the correct username/password, the page refreshes, but does not redirect me to the "ReturnUrl" that I see in the URL. I've seen posts on this, but nothing that I tried worked. I've tried setting the 'MembershipProvider'attribute of the login control. I don't want to set the DestinationUrl...I want it to take what is in the ReturnUrl in the querystring. I don't think it's a web.config issue cuz it works on localhost??
View 3 Replies
Feb 8, 2011
am working with Login page,but is not working.so what can i do. This is my code.
string connect = ConfigurationManager.ConnectionStrings["CarsalesConnectionString"].ToString(); protected void btnLogin_Click(object sender, EventArgs e) { Session["Username"] = txtUsername.Text; Session["Password"] = txtPassword.Text; string status = "Active";
string Query = "Select * from tbl_User where Username = '" + txtUsername.Text + "' and Password = '" + txtPassword.Text + "' and Active = 1 and Status ='" + status + "' "; SqlDataAdapter cnAccess = new SqlDataAdapter(Query, connect); DataSet myAccessDataSet
= new DataSet(); cnAccess.Fill(myAccessDataSet, "tbl_User"); if (myAccessDataSet.Tables["tbl_User"].Rows.Count != 0) { //condition A lblErr.Text = "Invalid Username and Password!"; //Response.Redirect("~/Customer/CustomerForm.aspx"); //Response.Redirect("~/Mainpage.aspx");
} else { //condition B Response.Redirect("~/Mainpage.aspx"); //lblErr.Text = "Invalid Username and Password!"; }
View 2 Replies
Feb 10, 2011
look at the pic guys, im using visual studio 2010, and sql server 2008, the password field should turn into md5 code, but its not working, it changed into system.data.
View 1 Replies
Jun 30, 2010
I've added the identity tag for impersonation. I've configured my site under IIS 5.1. The identity i've added is my domain username/password. But when I run any exe file from my asp.net file, it still runs under "aspnet" user name.
View 1 Replies
Sep 2, 2010
I am using impersonation in my ASP.NET application to access network resources. It works fine when I run on my computer, however when I setup the site on IIS6, it does not work. Is there some extra configuration, I need make in IIS for it?1. I created an account "TestUser" with the privilege as "act as operating system" on a server that has the resources which I want to access.2. The impersonation works fine on my computer, when I run from visual studio. My computer is on the network under same domain where the "TestUser" is created.
View 5 Replies
Sep 12, 2010
[Code]....
View 1 Replies
Sep 7, 2010
his is my app.config file:
[Code]....
and in my application a have this statment:
SqlRoleProvider roleProvider = new SqlRoleProvider();
eProvider.CreateRole("newRole");
View 2 Replies
Mar 9, 2010
I have a basic c# web application that I'm developing. I want to have users be authenticated based on their Windows domain logons, without actually logging in to my application. So, I configured my application to use the AspNetWindowsTokenRoleProvider per this article. This is what I did.
Set <authentication
mode="Windows" /> in web.config.
Added <roleManager
enabled="true"
defaultProvider="AspNetWindowsTokenRoleProvider"
/> to web.config directly under #1.
Created Windows groups on local machine. Added Roles.IsUserInRole(@"Windows Group Name") to code behind.
However, the IsUserInRole() function is always returning false. I've tried verifying the Windows group name, have verified that I'm in the group, etc. and it still won't work. Does anyone know what I'm missing?
View 7 Replies
Feb 7, 2011
I have a home.aspx page on which there is a register button. When the user clicks the register button, I used Response.Redirect to navigate the user to Register.aspx page.
Upon finishing the registration for a new user, the user is automatically getting redirected to the default.aspx page in a logged in state. However, I want that the user be returned to home.aspx page without being logged in..
There are 2 issues.
1) I have tried to use ContinueDestinationPageUrl property and set it to login.aspx page in the register.aspx page like this
<asp:CreateUserWizard ID="RegisterUser" runat="server" EnableViewState="false" OnCreatedUser="RegisterUser_CreatedUser"
ContinueDestinationPageUrl ="~/home.aspx">
<LayoutTemplate>
<asp:PlaceHolder ID="wizardStepPlaceholder" runat="server"></asp:PlaceHolder>
<asp:PlaceHolder ID="navigationPlaceholder" runat="server"></asp:PlaceHolder>
</LayoutTemplate>
2) How can I make sure that the user returns to the home.aspx page without being in a logged out state so that he has to put his credentials to login once he is registered.
View 5 Replies
Feb 6, 2011
I have done forms authentication a couples of times before but this time I cant get my head around something.Somehow altough the user authenticated,the destination page does not get this.The destination page is called Approval.aspx and is located in the /Admin directory which is secured by having its own web config with those settings:
[Code]....
If I remove the <deny users="?" />,then everything works fine but obviously everyone has access to that page.I only want that the user of role Admin can access it. I have implemented the standard VS 2010 login controland the user gets to the destination page with a response redirect:
[Code]....
Why does the destination page not realize that the user is authenticated and does not treat the useras a user in role "Admin"?
[Code]....
While debugging the login page I can see that the user has the right role "Admin".
View 9 Replies
Oct 11, 2010
I am working on a new application that will feed off my application's DB that was written with .net 3.5 (really 2.0, since thats where the aspnet_regsql.exe lives)... I open up the application settings page on my old VS2008 application, and see all my 4000+ users, but if i link the membership to that database in VS2010 with asp .net 4.0, it shows 0. I have verified the connections, and i also noticed there is a net aspnet_regsql.exe in the 4.0 framework folder.
Is there any way to make the old membership work, or a way to migrate my users? If not, i would think this would cause a LOT of issues with many .net applications with many forms based users.
View 3 Replies
Mar 9, 2011
give me a working snippet for logout..I'm fed up of using all session.abondon() bla bla.. Even after logout wen i click back button i can view my page.. How to over come this..
View 14 Replies
Aug 5, 2010
I am developing a small website in vs-2005.
Here I am using forms authentication and I have used an access database. I have put the db in App_Data folder and declared the connectionstring in web.config. The problem I am facing is that when I request any page without logging in the browser displays the requested page. At the bottom of the page there is a script error when I check the details it says Sys is not defined. Has this something to do with this issue??
In web.config file I have added the following lines in the <system.web></system.web> section.
<authentication mode="Forms">
<forms name=".ASPXFORMSDEMO" loginUrl="Default.aspx" protection="All" path="~/" timeout="30"/>
</authentication>
<authorization>
<deny users="?"/>
<!--<allow users="*" />-->
</authorization>
On login button click after comparing userid & password I am using the foll stmts:-
If code = 0 Then ' code 0 means match for userid and pwd
FormsAuthentication.RedirectFromLoginPage(txtuserid.Text, False)
Else
Response.Redirect("~/Default.aspx")
End If
View 3 Replies
Mar 22, 2011
I have created a self signed certificate for IIS6 for my app. App works fine when I access it from the web server. But when I access the app from client machine it gives an error "The connection has timed out" on IE, and on Firefox it does not load the page.
View 4 Replies
Jul 8, 2010
I am working on an e-commerce project using ASP.Net and C#.Net (Visual Studio 2005-Windows XP).
I am facing problems in the login module. I created the login accounts using the roles and users in the ASP.Net Website Administration Tool. The login module is working fine when I test the website within the Visual Studio. I mean the login form is working properly under the Development Server integrated in the Visual Studio. What I want is to make this work properly under IIS (i.e. the Production Server). When I deployed the project to the IIS, the login form with the login control is displayed, but cannot login and gives a login failed message. . I have searched about this issue in Google and they are providing good tutorial links to solve this issue. Even after reading those I couldn't solve this as I am new to Web Development. Can you provide me a sample source code with the web.config and also a description of the major steps in configuring IIS to support the role based login?
I had gone through the following titles under google
"Always set the "applicationName" property when configuring ASP.NET 2.0 Membership and other Providers".
View 35 Replies
Apr 19, 2010
I am trying to use the asp.net contol recover password in my web page I cna load the page and enter the username and answer to the question fine but when I click on the submit button I get an error message saying System.Net.Mail.SmtpException: The operation has timed out
the stack trace is
[code]....
I have only put the recover password control on the web page I havn't added any formatting or code and all the other emails I have set to send work fine so can't see why the smtp setting would be wrong for this unless I need to add some code to my page.
View 5 Replies
Feb 24, 2011
I've found this article on enabling windows authentication within an intranet ASP.NET application. I did exactly what the article says, and when I go to the page on the server all it does is prompt me for a username and password, which I would assume means that it is seeing me as an anonymous user and not a windows user (which is not true).
In my application on the IIS i have the "Integrated Windows Authentication" box checked and this is what I have for my web.config file:
[Code]....
I've also tried this before and got the same results:
[Code]....
I have no idea what I need to do to get this to authenticate correctly. I've been banging my head off a wall for the past 2 days on this issue.
View 7 Replies
Feb 2, 2010
I have a basic intranet website for my company but there is one page that cannot allow anonymous as I need to grab the user's login. I created the site and everything works perfectly on my development machine. once moved to the production server it no longer works.
Here is the problem: I can get the login prompt when going to the secure page, but when trying to login I get a "401.1 - Unauthorized", even when trying to login as a server administrator. Here is the authentication portion in my web.config:
[Code]....
I have done this before and always gotten it to work. I hope I am just missing something very simple...
View 5 Replies
Nov 16, 2010
I have tried everything all day and cannot figure this out.
I tested the Insert Statement in MS Access and it works.
INSERT INTO user ([user_login], [email], [create_date]) VALUES ('user67', 'suesargis@yahoo.com', '11/15/2010 8:18:14 PM';
So how do I add the apostrophes in the string below to get the above when using executenonquery.? The string produces everything ok but it is missing the apostrophes.
string querystring = "INSERT INTO user ([user_login], [email], [create_date]) VALUES (" + CreateUserWizard1.UserName + ", " + CreateUserWizard1.Email + ", " + tbdate +";";
View 6 Replies
Jan 8, 2010
In my account controller I am calling FormsAuthentication.SetAuthCookie( emailAddress, rememberMe ).
Response.Cookies has my cookie. However, after the redirect the cookie is gone and the request is not authenticated.
View 6 Replies
Jun 18, 2010
I know that the login controls provide some powerful "straight out of the box" functionality for creating functionality for storing and logging in users. However, all of this fucntionality seems to be based upon having a unique username, and the users email address is stored separately. The login control, http://msdn.microsoft.com/en-us/library/system.web.ui.webcontrols.login.aspx, automatically creates a database http://msdn.microsoft.com/en-us/library/ms178329.aspx#the_login_control to store the user information, and looking at the table definitions, there are separate entries for the username and password in different tables.
View 5 Replies