I have an extranet site (asp.net), we want that if an employee click on the link, it will automatically get them in. But if an external user does it, they will be redirected to a login page.
is it possible? how to know if a request come from internal user (employee) or external user (vendor).
I have a table that has three fields that hold the ID for vendors.They are vendor1, vendor2, and vendor3.These link to my vendor table on the ID.I want to select all three vendor names from the vendor table. when i do the following, it returns nothing
[Code]....
I was/am struggling with security for my first MVC applicaiton. It worked out great for me, but not for my users. I wanted to use Windows Authentication (and I seem to have that working). But when I was still trying to implement it, I was on one of our users computers where they were logged in. I navigated to the main Index page and used the supplied MVC login link and *MY* credentials. So now every time that user navigates to that page, it logs her in as me. We are using IE8, I have deleted all the cookies, passwords, forms information I can fine through Tools|Internet Options|Tool|Content|AutoComplete.
View 6 Repliesi am working in asp.net and csharp, we have 10 user, but certain user only need to put dataentry. how to enable and disable based on the user to access certain form ,like add, modify view options.
View 1 RepliesI need to be able to add an external js file for a user control (using
this.Page.ClientScript.RegisterClientScriptInclude("SuggestionSearch",
"~/Secure/Shared/SuggestionSearch.js");
syntax)
But it puts the javascript file on the page too early... is there a way to put the file at the bottom of the page?
Need to develop a Web application that will be used to authenticate and authorize internal and external users to log and then re-route to web applications for the organization. The login application should be able to provider smooth integration with any future applications that needs a secured authentication. Should I be using WIF - Claims based Identity/ADFS or asp.net Role membership provider to develop this app.?
View 1 RepliesI'm trying to allow logged user who are in department XYZ to perform some task for my third party App. I have two SQL tables named Users & UserList. The third party app (GoldMine) graps the USERNAME from the Users table and store it as UserID which I then referecnce SessionID. The UserList table has two columns (GM_UserName & Department) which I'm interested in. When a user login into the 3rd party app (GoldMine), i then compare the USERNAME (from Users table) to GM_UserName (from UserList table) and see whether GM_UserName is in = 'Dept XYZ'. Take a look at the SQL query below.
sqlDept = "SELECT USERNAME FROM Users LEFT JOIN UserList ON UserList.GM_UserName=Users.UserName WHERE UserList.Department ='Dept XYZ'"
I'm able to do this.
If Session("Userid") = "TestUser1" Or Session("UserID") = "TestUser2" Then Do this Else Do that End If
BUT unable to do this...
If user's Department = 'Department XYZ' Then
Do This
Else
Do that
End IF
I have implemented Forms authentication in an ASP.NET MVC 2 website
By using <%: Page.User.Identity.Name %> on the Site.Master page I can display the userid of the logged in user.
I would like to use this value and display other information about the user that is stored in a User table in a MsSQL database, like:
<%: GetFirstname(Page.User.Identity.Name) %>
I Have Question : Can I Edit Create User Wizard To Save Info To My Project Sql ? And Where Normal Create User Wizard Save Info Of Register?
View 5 RepliesI deployed a website where a logged user or an anonymous user can select data and download a XML file. The website generate the XML file in the server and then deliver it.
It works fine in my development environment, but after deployment, the anonymous user can download the file, but the logged user receive this error:
System.UnauthorizedAccessException: Access to the path 'd:HostsLocalUserheringerwebsiteUpload20110107094051.xml' is denied.
It is weird that as anonymous i can do it.
The website server help states this:
"Grant write, modify, delete access rights on website's folder
Your website executes under unique user account that by default has full control over the website's folder.
So your application can create, open, read, write and delete files and folders inside of your root folder.
There is no need and no way to change this permissions.
If, when running ASP.Net application, you still unable to create file or update it, you have to check your Web.Config file for "<Identity impersonate..." tag and remove it.
The only exception is when the application tries to modify a file or folder in "Application_Start" event of Global.asax file. This is by design that user authenticated only after the Application_Start even. Before the user is authenticated your website runs under an identity of Application Pool which is "Network services". That account doesn't have access to the folder of your website.
To make it work you eather have to move the code that tries to modify files or folders out of the "Application_Start" event of the Global.asax file or inside the event you'll need to impersonate your user by code."
But i am not using impersonate and the tag is not in my web.config.
I am createing user dynamially with the below code; string MyPassword = Membership.GeneratePassword(8,0).ToString(); Membership.CreateUser(TextBox7.Text, MyPassword, TextBox8.Text); but before I start creating, I would like to check if the user name is used before or not.
View 2 RepliesI facing a problem here. how can I make the create user wizard category all the new user become normal user role? I have created 2 role which is Manager and Normal User. Normal User can't view the Manager page. But after i create a new user account, i can view manager and normal user page. I want to make all the new member registration will be normal user role?
View 6 RepliesI want to bind data(For ex: Employee name, Employee ID from Employee) to a dropdownlist and the data should be displayed in dropdownlist as two columns. I don't want to separate this columns by using any special characters like | or '-'. I want to display them as different columns in a dropdownlist.
How can i achieve this using .net and the data i need to retrieve using SQL server 2008.
Our application lets the administrator create new users. Since the administrator is logged in, I have set Logincreateduser = false so that the administrator is not logged out even after creating the new user.
The problem is :I need the userid of the newly created user to store additional details of the user in another database table. I see that i can get the username using Createuserwizard1.username; but how do I get the userID?
I have a custom membership user class and custom MembershipProvider working against database. Due to security reasons the user passwords are stored in the database as hashed values. So my procedure
public override bool ValidateUser(string username, string password) is
{
//select hashed password from db
return (EncodePassword(password) == dbpassword)
}
[code]....
have a web in which there are different areas i have a 1 admin which manage all things like news, Events, Notices, Logs, Forums, Publications etc.........i want assign user rights that select user view only Noticesselect user view only Logsselect user view only Newsetc....
View 7 RepliesI am developing a user control (ascx) in ASP.NET which uses javascript for manipulating controls. Currently the javascript code is inlined and uses <%= somecontrol.ClientID %> to get the control it needs.
I want to put the javascript file in external file but from external file I cannot use the above syntax for retrieving controls. I have read about possible solutions in this and this answers but the problem is that the user control can be placed multiple times on page. This means that the Controls array (mentioned in the answers) will be rendered several times with different items. As a result the script will not be able to retrieve the id it needs. If I put <%= ClientId %> in the name of array that holds items then I will have the same problem as I am trying to solve.
On our website users can sign up. The sign up controls (converted to a template) has the usual text boxes and then the create user button. When pressing this button the account is created. After reloading the website, the user can see his credentials in his 'my account' tab. Question: How can we access the newly created user (especially his userid) right after the create user button was clicked? Right now this does not work, we can only start accessing this after the page has been reloaded. But surely the account is created the instant the button was pressed. I have tried this:
MembershipUser myObject = Membership.GetUser();
UserID = (System.Guid)(myObject.ProviderUserKey);
But it looks as if the user is not yet logged in at this stage. Can this somehow be forced so that we can access the newly created userid right after the user has clicked the create user button?
I am using form authentication in my website. I have a scenario wherein the user is authenticated but the session has timed out. So, i would like to initialize some session variables in Session_Start of Global.asax (First i check if Request.IsAuthenticated=True). For that i required the name of the user who authenticated. On .aspx pages we can get it using Page.User.Identity.Name but how to get it in global.asax page.
View 1 Replies Is there a simple way to just retrieve the user's name, and not the Domain name, when using this function:
string quizTaker = Page.User.Identity.Name.ToString();
Right now it returns "DOMAIN_NAMEUserName"
I would like to just use isolate and use the user's name, without the Domain name.
I used the Create User Control to make a new user.
Is there a similar tool (I did not see one) that allows the user to edit their own profile?
If not what is the best way to do it? I have created user tables in AWAT.
i want to get the username of the people who login suscess in to a textbox, i try to make it through the session , but it s not work , i do it in aspx.vb VS2010
View 19 RepliesModerator Note:Post split from this thread[http://forums.asp.net/t/1403132.aspx]
Q: Im a novice with ASP.net. I want to append a UserID to the Context.Identity.User.Name field.
Something like:
FormsAuthentication.RedirectFromLoginPage(UserName+UserID, false);
Where can I set this code while still using asp.net membership and the login control.
Is it possible to set this in an OnLogin or OnAuthenticate event handler.
Is there someway to see the "login control" code, that way I can just copy it but append my own value when setting the name.
how can I find out if one of the user is the member of any role? For the logged user, I use User.IsInRole("Admin"), but how to find out if the nonlogged user is in the role?
View 2 RepliesI'm customizing a NopCommerce store, and am using a gridview to display and sort the products. All that works well. I like how the external pager (user control) works with the gridview, with one exception -- it uses the hyperlink control, so I lost viewstate, which I need to retain for both the search page and to retain the gridview sort options. Based on the page selected (from the pager control), I query the database and rebind the gridview. So, I switched the user control to use LinkButtons instead of Hyperlinks. This is the sample code for one of the buttons:
[Code]....
I set a breakpoint inside the lbCommandClick method, but it never gets hit. Reading other posts tells me that I would have to add the dynamic controls in the OnLoad method, but since this all happens based on other data on the page (say search results), I don't think I can do it onLoad. However, the link buttons do work to cause a postback, and my viewstate is saved correctly. The only problem is that I do not know which button was clicked. I could check Request.Params["__EVENTTARGET"] onLoad, but that is kind of a hack -- I'd much rather be able to set the event handler in the user control and use the CommandArgument property. But, what I have tried so far fails.
Especially one that would allow me to set the EventHandler in the User Control? (e.g. OnlbCommand="PagerLBPageChange" )
