I am finishing up my asp.net web application targeting .net 4.0. I am using VS2010.
I have deployed my application to a host server and now I am testing with multiple different browsers.
The first issue I ran into comes down to the following code:
[Code]....
If I use IE, login and click something that causes the above code to execute then currentUser is NOT null. However doing the exact same steps in FireFox currentUser is null, even though I know I am logged in as my name and other indications on the webpage confirms I am.
------------------------
Update
----------------------
Since originally posting this thread I have done more testing.
I placed a test button on a random page and the button click will update a label on that page indicating if the currentUser is null or not. This button works both in IE and in FireFox. Also both running locally and running on the host server.
----------------------
So now I am looking at what is different about the one place it appears not to work so let me try to make this clear.
I use a component called Uploadify to upload images into a database. That component calls a page/request called ImageUploader.ashx which inherits from IHttpHandler. Here is all the pertainent code from that file. [Code]....
The problem is when calling from FireFox, imgProvider.Status = null. This is a problem because the ImageProvider will try to insert a record into my database and the column for Status cannot be null so that causes it to crash. I made the change to detect if Status = null and return the user id if so as an error message to help me debug. To understand how Status is set you only have to look at a little code in the ImageProvider class:
[Code]....
You will notice when the ImageProvider is created it calls ClearFields(). Inside ClearFields() is where it gets the currentUser and if not null it sets the UserID property, which case the setter for UserID must set Status to either Approved or Pending. Whats happening is ONLY in FireFox, and after more testing, ONLY on the host server does currentUser = null even when I am logged in. but in other areas of code I can get currentUser and it works, also this works fine with IE, it also works fine with FireFox running locally. So I have icolated it down to this specific piece of code, when using FireFox, when running on Host server.
I have an Employee class in my App_Code folder. On my login page I am trying to create an Employee using the asp.net username as a parameter in my Employee constructor.
I have tried creating the employee in the page load event when it is a post back. I have tried doing it in the Login1_LoggedIn event. For some reason I cannot pull the username in either one of these places, but if I redirect after logging in and do the same thing on another page, it works.
I have an application that has been running for about 1.5 years. Suddenly, I got a bug report that the support team are receiving an InvalidCastException in the User ManagerUnable to cast object of type 'System.Guid' to type 'System.String'. The line this appears to be happening on is:
string queryStringID = Session["EditID"].ToString(); Guid providerUserKey = new Guid(queryStringID) MembershipUser user = Membership.GetUser(providerUserKey); <--- here
This is a rather strange error as the value of the queryStringID is in fact a Guid generated by the Membership.GetUser(UserName).ProviderUserKey on the previous page. It doesn't seem to make any sense at all. I'm using the built-in SqlMembershipProvider with no changes. It's as if it isn't picking up that it should be using the overloaded function Membership.GetUser(object providerUserKey)Anyone else ever seen anything like this? I wouldn't normally post here unless I was absolutely stuck but I can't seem to find any relevant information by Googleing this one. Also, it's just started doing this. There was never an issue before. Very strange
I am trying to create my own membership system. Therefore I created my own membershipuser class and membership provider class. But I am getting the following error on Createuser method of My membership provider class; no suitable method found to override
This is how my CreateUser method looks like:
public override MyMembershipUser CreateUser(string username, string password, string email, string status, int registerd_on, out UserCreationStatus creation_status)
I have a TableAdapter that queries a table by UserName. The TableAdapter works fine if I preview data and supply a username. I'm trying to become more familiar with BLLs . I can't find any good examples on using the BLL as the datasource and supply the membership.getuser().username to the DAL. Here is what I tried so far, but membership.getuser can not be a string.
Imports DataSet1TableAdapters Public Class UserProfilesBLL Private UserProfilesAdapter As UserProfilesTableAdapter = Nothing Protected ReadOnly Property Adapter() As UserProfilesTableAdapter Get If UserProfilesAdapter Is Nothing Then UserProfilesAdapter = New UserProfilesTableAdapter() End If Return UserProfilesAdapter End Get End Property Public Function GetDataByUserName(ByVal serName As String) As DataSet1.UserProfilesDataTable Dim u As MembershipUser u = Membership.GetUser().UserName.ToString Return Adapter.GetDataByUserName(u) End Function End Class
What are the differences between Membership.GetUser() and Context.User, and which is recommended for use in getting information about the current user?
This error is occuring randomly, and I can't seem to pinpoint what is causing it. For the most part, the code works fine. I'm confused why it works sometimes, but then suddently craps out on me, lol.It happens in the code when I call upon the asp.net membership provider. It only seems to happen when i use Membership.GetUser() to grab the logged in user's information.
I have a testproject and the forms timeout specified in web.config overrules the timeout which I set in FormsAuthenticationTicket. According the documentation, the timeout (expire date) in FormsAuthenticationTicket must override the timeout in web.config.
Documentation found on:
[URL]
[Code]....
Here is my code:
Web.config:
[Code]....
Login.aspc.cs:
[Code]....
Now, when I login, i get redirected after 1 minute of inactivity. This isn't supposed to happen, right? I have to be redirected after 2 minutes.
When a user logs in I check whether they have the minimum profile info entered. If they do not then I want to redirect them to the account maintenance page, otherwise I want to redirect them to the page where the login link was clicked. To accomplish this. I am trying to override DestinationPageUrl at the LoggedIn event. Isn't working ... the redirect is always to the page where the login link was clicked. Here's my (relevant) code:
Here's my environment,Win2003 Standard SP2, IIS 6.0, MOSS 2007, .NET 2.0.50727
IIS website uses MOSS 2007 "Team Site" template and has only IWA enabled. Web.config has Windows auth w/ Impersonation: <authentication mode="Windows" /> <identity impersonate="true" />[code]...
I'm using the KerbS4U extension to create a new WindowsIdentity which is then used to create a WindowsPrincipal for the new/overriding user:[Code]....
These succeed and I set the new principal to HttpContext.Current.User & Thread.CurrentPrincipal without errors. I've defined both Application_AuthenticateRequest() and Application_PostAuthenticateRequest() functions in global.asax. These show the "new" Identity in the HttpContext.Current.User & Thread.CurrentPrincipal, but the "Welcome <DOMAINusername>" in the upper-right menu of the default.aspx homepage itself still shows the name from the initial IWA!
I was able to get the "Welcome <name>" to reflect the new user only when using GenericIdentity and GenericPrincipal, but this is a problem as I need to use impersonation to backend services (which can be done using constrained delegation using KerbS4U).
I was hoping some of you would entertain my XmlSiteMapProvider question. I have a portal site that has multiple ASP.NET Role Providers. One for each child web application. I need to basically change the role provider on the fly. Does anyone know if this is possible? My approach is to maybe override the XmlSiteMapProvider and add an attribute indicating which Role Provider to use. Then, in the IsAccessibleToUser method, I was planning on dynamically change the role provider some how based off the new attribute.
Again, is this approach seem reasonable/doable or am I in the weeds here? I'm open to alternatives if anyone has one.
I'm working on a website where it should be possible for registered users to upload word documents. The administration of users is done through Membership and Profiles. When the documents have been uploaded, the following needs to be achieved:Non-registered users should not be allowed to download documents I should be able to control which users that has access to which documents I should be able to register which user downloads which documents I should be able to track how many times a document has been downloaded Can this be achieved be using Membership and Profiles?
I'm trying to use the Membership.CreateUser method without passing a security question and answer. I set them to string.empty, but no go. I have my provider set to not require a question in my web.config. What am I doing wrong?
This is my first membership provider; I converted the sample provider [URL] to SQL. I created a vb class provider and put it into the App_Code folder. After it was created I tried to modify my webconfig but the error pops up. I don't know what else to try, I don't know if I have missed something
I have started to implement asp membership. I go the administration page and click provider. I have a database on a server on the local network that i want to install my members tables in. When i run the
aspnet_regsq.exe it doesn't ask me what SQL database i want to use and seems to default to my local SQL Server 2005 installation. How I change this to use my SQL Express database on a local server?
I have to implement a small webshop. Basically it's just a website with a huge backend ERP System and with the possibility to sell one (yap, really only one!) product on the website. The only requirement is a MySQL Server. The backend is almost finished (about 95%) and is secured with the .net MemberShip Provider for MySQL (the one in MySql.Web from the MySql Connector .NET).
Now to my question: I can set up the membership system easily but I do not need such things like username or password-question but I would need a reference to an address table to store the users home address. So, it is possible to change or customize the membership system to for eg. a unique customer id instead of the username column and set this in codebehind when the user is creating a new account? And is it possible to insert new users/customers from codebehind in an easy way? (I mean without checking each foreign key and inserting the customer reference to the userinrole table and so on...)
I am building a site and I want to use the default membership controls provided with asp.net like Login View Control etc. I don't want to use the ASP.Net Membership DB as I want to use my own Security structure and I don't want to inherit the ASP.Net membership class either. In my case how can I use these controls to aid me like how will a login view control detect if someone is authenticated or not.
I've set up a system with forms based authentication and using the asp:Login control. When I put in an invalid password I get the approriate invalid password message. However when I put in a valid password, it does nothing...just returns to the login page again. I'm triple checked the login info. There is no error message, and the invalid attempts counter doesn't increment. When I put a break point in the Login_LoggedIn event of the Login form, it hits it, but User.Identity.IsAuthenticated is false. I'm not 100% sure it should be true at this point, as I'm pretty new to .NET but it seems kind of odd.
My user database is stored in a sqlserver 2005 db that already existed. I've added a new connection for it.In the authorization I have
I created a soultion and used membership for login and I have the site working fine you can log in and out and I can see that my roles are working. I created a folder called Admin and I created a webpage in there that I can edit my data table that I wanted to be able to edit when I am logged in as a user with Admin role thats working... well it works...
anyone can get to this webpage and edit my data. I have it set in the membership using the role managment to deny users * and allow users with Admin role however I can open up a new browser with out login into my site and type in the web information and it pops right up says Welcome:Guest [LOGIN] theres my data and I can edit it see do whatever and this page shouldn't be able to be seen.
am working on an asp.net application with membership controls and the SQL Server database. I have this put together, however it appears that adjustments need to be made to enhance security. Many websites have membership features, so I was wondering if there are some blog posts that describe the steps that need to be made to enhance security.
why cant i type the following code on the masterpage's vb code behind?I am abel to do it on a normal aspx's code behing, why not on the masterpage'si am trying to use the following code in the page_load event