Security :: GetRolesForUser By User Id?

Aug 23, 2010

Why there is no method to get user roles by their ID. I do not want to use name. So I'm just wondering do I have to write my own or somebody else already did it ?

View 11 Replies


Similar Messages:

Security :: Roles.GetRolesForUser(UserName) Not Working?

Oct 26, 2010

Roles.GetRolesForUser(UserName) .I have follwing codes in my Web.config,

<authentication mode="Forms">
<forms slidingExpiration="true" defaultUrl="admin/Welcome.aspx" timeout="60"/> </authentication>
<roleManager enabled="true" defaultProvider="SecurityTutorialsSqlRoleProvider">
<providers>
<add name="SecurityTutorialsSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" applicationName="SecurityTutorials" connectionStringName="SecurityTutorialsConnectionString"/>
</providers>
</roleManager>

View 2 Replies

Extending RoleProvider GetRolesForUser ()

Jun 3, 2010

The GetRolesForUser() method in the RoleProvider takes the user login name and returns the list of roles for that user. But in my application this is not enough, I need a few more pieces of information to be able to get the user's roles. How can I get this extra information into the method? I have it in the Session, but I found out that Session is not available in the RoleProvider.

What I had in mind was putting this extra info in some class that extends MembershipUser, assuming I can get to it inside the RoleProvider. But I don't know how to create the CustomMembershipUser and make it part of the MembershipProvider. Is this even possible? The easy way out would be using cookies, but I'm trying to keep away from it.

View 1 Replies

C# - GetRolesForUser Tries To Get Roles On Old Username?

Mar 24, 2010

I have a section on a page where a user can change their username. This is basically the code for that:

user.UserName = txtNewUserName.Text;
user.Save();

user is a class in my dbml and Save calls SubmitChanges on the data context.The name is changed in the database, so when it calls the following method, it fails because it is trying to get the user with the old username instead of the one that is in the database now.

public override string[] GetRolesForUser(string username)
{
return dc.Users.Where(u => u.UserName== username)
.SingleOrDefault().Roles
.Select(r => r.RoleName).ToArray<string>();
}

View 1 Replies

C# - Roles.GetRolesForUser(); Returns Blank?

Dec 18, 2010

using asp.net membership api when I call Roles.GetRolesForUser(); it returns nothing. When I make a call Roles.GetAllRoles() all the roles are returned. What is the problem? Also what is the correct way to authenticate users using the membership api?

View 2 Replies

Web Forms :: Login View - Avoid Unnecessary Queries To Db To GetRolesForUser?

Sep 10, 2010

I have built an asp.net web site with .net framework 3.5 and I am trying to avoid sending unncessary queries to my database in order not to have high server load. I have a login view in my master pages and it contains templates for anonymous users and members. To lighten my server load, I am using Sql Data Profiler and Database Tuning Advisor. I noticed that every page load triggers a stored procedure to get user role using
dbo.aspnet_UsersInRoles_GetRolesForUser stored procedure.

My question is that if it is necessary to check for every page load or I can store it somewhere and check later. is it Login View or Login Control sending queries? is it about access rules to member's pages? or is it because I used the login controls in my master page?

View 2 Replies

Security :: User Level Security - Enable And Disable Based On The User To Access Certain Form

Jun 26, 2010

i am working in asp.net and csharp, we have 10 user, but certain user only need to put dataentry. how to enable and disable based on the user to access certain form ,like add, modify view options.

View 1 Replies

Security :: Running Application Under The Security Context Of The Logged In User (LDAP Authentication)

Mar 17, 2011

We are using membership provider for LDAP authentication. It is working as it should.

But what all configuration settings I have to do so that
all the future requests to this application run under the security context of the Logged in user account not through the some default user set in IIS.

We need to have this working because all the permissions on the database are based on the logged in user.

We are using form authentication for LDAP authentication. And having impersonation = true in web.config.

View 1 Replies

Security :: Identity Impersonate + Integrated Security(DB) And Programatically Impersonating The User?

Nov 19, 2010

I have identity impersonate = true in the Web.config file. I have integrated security = true in the DB connection string in the Web.config file.Before identity impersonate was true,users were able to access the DB through the web service account (seemingly).Now I get an error which says " Login failed for ... " because I am aware there is no specific account for that user in the permissions for that DB instance.I needed to set identity impersonate = true because the web service does not have access to the Active Directory,which I need to retrieve certain user information.

My question is,does identity impersonate = true override the integrated security and attempt to user the authenticated user's account to connect to the DB? Is there a simple way to prevent this in the Web.config itself?If not,would programatically impersonating the user within the Active Directory query functions and setting identity impersonate = false do the trick here?

View 2 Replies

Security :: User Control Library Causing Security Exception?

Jul 22, 2010

I have created user web control library project and these controls i'm using in my web application. These User controls just works fine in my local machine but when i moved this project(including Library) to our Local server , it is throwing security exception

Error 1 Cannot register assembly "LocalServerLibraryDemoLibraryDemoLibraryinDebugLibrary.dll". Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. Library

Anybody knows why this error occuring...?

View 2 Replies

Security :: How To Manually Check A User's Security Question Answer

Jan 30, 2011

I simply want to know how to manually check if the value a user has provided for the answer to their security question matches their current answer on record. I want to use the build in support of the membership and membershipuser objects.

I see that via the passwordrecovery control that the actual answer can be returned. However I am currently not using this control and it would take a good bit to integrate it as it does not meet our user's requirements.

In a worst case scenario, getting the actual answer (like the passwordrecovery control does) and manually checking it in our application would be acceptable.

A best case scenario is some sort of API where I can pass in the user name and the answer to their security question that was provided and simply get an indication of whether answer was correct or not.

View 5 Replies

Security :: Enable User To Edit / Delete Based On User's Role Permission

Feb 24, 2011

I'm trying to allow logged user who are in department XYZ to perform some task for my third party App. I have two SQL tables named Users & UserList. The third party app (GoldMine) graps the USERNAME from the Users table and store it as UserID which I then referecnce SessionID. The UserList table has two columns (GM_UserName & Department) which I'm interested in. When a user login into the 3rd party app (GoldMine), i then compare the USERNAME (from Users table) to GM_UserName (from UserList table) and see whether GM_UserName is in = 'Dept XYZ'. Take a look at the SQL query below.

sqlDept = "SELECT USERNAME FROM Users LEFT JOIN UserList ON UserList.GM_UserName=Users.UserName WHERE UserList.Department ='Dept XYZ'"

I'm able to do this.

If Session("Userid") = "TestUser1" Or Session("UserID") = "TestUser2" Then Do this Else Do that End If
BUT unable to do this...
If user's Department = 'Department XYZ' Then
Do This
Else
Do that
End IF

View 2 Replies

Security :: Using Page.User.Identity.Name To Fetch User Information From A MsSQL Database?

Dec 23, 2010

I have implemented Forms authentication in an ASP.NET MVC 2 website

By using <%: Page.User.Identity.Name %> on the Site.Master page I can display the userid of the logged in user.

I would like to use this value and display other information about the user that is stored in a User table in a MsSQL database, like:

<%: GetFirstname(Page.User.Identity.Name) %>

View 2 Replies

Security :: VS - Where To Create User Wizard Save User And Pass And Info

Sep 7, 2010

I Have Question : Can I Edit Create User Wizard To Save Info To My Project Sql ? And Where Normal Create User Wizard Save Info Of Register?

View 5 Replies

Security :: Access Denied For Logged User (anonymous User Is Fine)

Jan 7, 2011

I deployed a website where a logged user or an anonymous user can select data and download a XML file. The website generate the XML file in the server and then deliver it.

It works fine in my development environment, but after deployment, the anonymous user can download the file, but the logged user receive this error:

System.UnauthorizedAccessException: Access to the path 'd:HostsLocalUserheringerwebsiteUpload20110107094051.xml' is denied.

It is weird that as anonymous i can do it.

The website server help states this:

"Grant write, modify, delete access rights on website's folder

Your website executes under unique user account that by default has full control over the website's folder.
So your application can create, open, read, write and delete files and folders inside of your root folder.

There is no need and no way to change this permissions.

If, when running ASP.Net application, you still unable to create file or update it, you have to check your Web.Config file for "<Identity impersonate..." tag and remove it.

The only exception is when the application tries to modify a file or folder in "Application_Start" event of Global.asax file. This is by design that user authenticated only after the Application_Start even. Before the user is authenticated your website runs under an identity of Application Pool which is "Network services". That account doesn't have access to the folder of your website.

To make it work you eather have to move the code that tries to modify files or folders out of the "Application_Start" event of the Global.asax file or inside the event you'll need to impersonate your user by code."

But i am not using impersonate and the tag is not in my web.config.

View 2 Replies

Security :: Dynamically Create Membership User And Check If User Name Is Valid Or Used?

Jul 25, 2010

I am createing user dynamially with the below code; string MyPassword = Membership.GeneratePassword(8,0).ToString(); Membership.CreateUser(TextBox7.Text, MyPassword, TextBox8.Text); but before I start creating, I would like to check if the user name is used before or not.

View 2 Replies

Security :: How To Create User Account Belong To Normal User Automatically

Mar 25, 2010

I facing a problem here. how can I make the create user wizard category all the new user become normal user role? I have created 2 role which is Manager and Normal User. Normal User can't view the Manager page. But after i create a new user account, i can view manager and normal user page. I want to make all the new member registration will be normal user role?

View 6 Replies

Security :: How To Know If A Request Come From Internal User (employee) Or External User (vendor)

Mar 24, 2010

I have an extranet site (asp.net), we want that if an employee click on the link, it will automatically get them in. But if an external user does it, they will be redirected to a login page.

is it possible? how to know if a request come from internal user (employee) or external user (vendor).

View 2 Replies

Security :: Userid Of Newly Created User / To Store Additional Details Of The User In Another Database Table

Nov 10, 2010

Our application lets the administrator create new users. Since the administrator is logged in, I have set Logincreateduser = false so that the administrator is not logged out even after creating the new user.

The problem is :I need the userid of the newly created user to store additional details of the user in another database table. I see that i can get the username using Createuserwizard1.username; but how do I get the userID?

View 2 Replies

Security :: Store User Password In Custom Membership User

Aug 12, 2010

I have a custom membership user class and custom MembershipProvider working against database. Due to security reasons the user passwords are stored in the database as hashed values. So my procedure

public override bool ValidateUser(string username, string password) is
{
//select hashed password from db
return (EncodePassword(password) == dbpassword)
}
[code]....

View 4 Replies

Security :: Admin And User Security Folder Setup

Mar 11, 2011

I am creating an application hosted on GoDaddy.com. The base files are kept in a folder called /sky while the Admin files and User files are kept in /sky/Admin and /sky/User respectively. I'm having difficulty configuring the security so that when a user tries to access Admin or User files they should be redirected to the login.aspx file in the /sky folder. I keep getting an error that its trying to access sky/sky/login.aspx instead of just sky/login.aspx.

Here are the relevant sections of my web.config file.

<?xml version="1.0"?>
<configuration>
...
<location path="sky/admin">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="user">
<system.web>
<authorization>
<allow roles="Admin,User" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="login" loginUrl="login.aspx" />
</authentication>
...
</system.web>
...
</configuration>

Can someone point me to articles or provide assistance with the proper configuration?

View 3 Replies

Security :: Provide Security At User Level For Certain Pages

Sep 8, 2010

I have a site We have different Pages under one folder. we have stored these pages information in a database table with pageid. Then we have User access table. there we store userid and pageid , for which pages user has access. Now I need to provide access to that pages only .

View 8 Replies

Security :: Accessing User Id Immediately After User Signed Up

Jan 8, 2011

On our website users can sign up. The sign up controls (converted to a template) has the usual text boxes and then the create user button. When pressing this button the account is created. After reloading the website, the user can see his credentials in his 'my account' tab. Question: How can we access the newly created user (especially his userid) right after the create user button was clicked? Right now this does not work, we can only start accessing this after the page has been reloaded. But surely the account is created the instant the button was pressed. I have tried this:

MembershipUser myObject = Membership.GetUser();
UserID = (System.Guid)(myObject.ProviderUserKey);

But it looks as if the user is not yet logged in at this stage. Can this somehow be forced so that we can access the newly created userid right after the user has clicked the create user button?

View 2 Replies

Security :: Getting User Name Of Authenticated User In Session_Start Of Global?

Jan 6, 2011

I am using form authentication in my website. I have a scenario wherein the user is authenticated but the session has timed out. So, i would like to initialize some session variables in Session_Start of Global.asax (First i check if Request.IsAuthenticated=True). For that i required the name of the user who authenticated. On .aspx pages we can get it using Page.User.Identity.Name but how to get it in global.asax page.

View 1 Replies

Security :: Isolating The User Name In Page.User.Identity.Name?

Mar 4, 2010

Is there a simple way to just retrieve the user's name, and not the Domain name, when using this function:

string quizTaker = Page.User.Identity.Name.ToString();

Right now it returns "DOMAIN_NAMEUserName"

I would like to just use isolate and use the user's name, without the Domain name.

View 2 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved