Security :: How To Save Extra Information About The User In The Cookie
Mar 10, 2010
I'm using the ASP.NET membership framework in my ASP.NET application. I'd like to save a few extra pieces of information in the cookie so that when I need it, I don't have to go back to the database. I want to save user's email address, full name and time zone.How do I save this information in the cookie?
I am trying to collect extra information about a user when the user account is created using the Create User Wizard. This info will be stored in a new table in the standard ASP membership SQL database.I have read several books and loads of online tutorials on the subject and they all take different approaches and seem to make the process hard work.Is there any reason why I can't add an SQL datasource and a number of textboxes to the wizard step, 'connect' the values from the textboxes to the Insert Parameters and then put an Insert Statement in a suitable event handler to cause the insert?
I´m building a website and i need to store somehow some informations that i will use in the whole site depending of the user type logged in.3) Store those 2 or 3 fields that i will get in Database in a persistent way to use it in the whole site.My question is: Whats the best practices to do this?
I'm using the inbuilt dot net authentication to register users in a simple web site and trying to add some extra information to be collected on registration. It currently asks for Usernname, email, password, confirm password. I'd like to add some extra bits, something like "favourite colour" - just a simple stringIs there an easy way of doing this? Maybe a simple tutorial I could follow?
In my code I am using a popup window to display extra information. I also have the ability to export the information in the main window to Excel.The problem is, after the window pops up -> I see the info -> I close the popup window -> but if I try the export to Excel button, it throws the exception "null object referrence" (if I use a try/catch, the exception doesn't occur - but I don't get any information). In the export function I am doing something like this:
{ //some code .... here con.close(); session["dss"] = mydataset; }
In the export button click event:
system.data.dataset dss = (system.data.dataset)session["dss"]; //then some work on this
I think, probably when the popup window opens it ends the execution and that's why when I come back to the main window and try the export button the values for the tables and all goes out of scope.Also, if I refresh the main page after closing the popup window I don't have any issue and can export the data.
And a SQL Server database with ASP.NET Membership and Roles. I am using the LoginView control with the AnonymousTemplate and LoggedInTemplate to manage the user's interaction with logging in and out. The problem I am having is that I am authenticating the user against the database:
If Membership.ValidateUser(_userName, _txtLoginPass.Text) Then returns True and: FormsAuthentication.SetAuthCookie(_userName, False) sets the cookie correctly: FormsAuthentication.Decrypt(FormsAuthentication.GetAuthCookie(_userName, False).Values(0)) {System.Web.Security.FormsAuthenticationTicket} CookiePath: "/" Expiration: #1/21/2010 1:42:27 PM# Expired: False IsPersistent: False IssueDate: #1/21/2010 1:22:27 PM# Name: "jaymo " UserData: "" Version: 2 but when I check HttpContext.Current.User.Identity.IsAuthenticated it always returns False. If done this before and it worked fine. I cannot find any mistake I might have made or where something might have changed between ASP.NET 2.0 and 3.5.
I have a web application on IIS that will authenticate using windows authentication (Active Directory). So when they access the application http://iisserver/webappname/ it ask for username pwd and domain. (currently working) How can I get information of the authenticated user in the web app through c#?
I want to use the Control of ASP.NET (User wizard Control) to create user, but it only provide its default field like: -username, password, securityQuestion.All I want is the addtional information like Address, Company Name, Telephone number. And I know a solution by building it in 2 step, first the default username, passworld and the next step is the additional information. BUT i don't want to do like that.
I need to know how to change aspnetdb to store profile information unique to each user so that I can restrict records in an sql table to only show that user's records.
So if I make a "companyID" int, identity column where would I put it?
Also, when I write the where clause to companyID = profile (companyID) would that work?
I m trying to use the profile system to get information of the authenticated user form the data base, just like the session system : the user is authenticated then I set same variable with information of this user coming from data base !I am familiar with PHP so i m trying to do it like that !Also, i woul like to join my own data base and the asp.net membership database !
Im very new to ASP.net and have no experience with it at all.Im currently developing a website,and am confused about creating users.Im using the create user wizard,everything is working fine.However,I am worried about the security of user information.I believe the user information is stored in the APP_Data folder, am I right in believing that this folder is secure?
Exactly how is the user information stored when using the create a user wizard?In a database in the APP_Data folder?Is it encrypted automatically when a user signs up?
I am Trying To get information I stored in the cookie after create it , it's works fine when using IE8 in browsing website but i face problems in Mozilla
I am currently useing forms authenticantion with users set up with the Membership API and I have there other information like first name and work phone number stored useing the Profiles API. I want to create a company directory useing a grid view to display every user and there profile information. I can use Membership.GetAllUsers() or ProfileManager.GetAllProfiles() but it does not list any of the custom profile information like name and phone. What is the best way to get a grid view to show all the user information?
I am creating the user ,using asp.net + C#.there is the form (UI) who collects the information and send data to Business layer. now, while collecting the information from UI I want to also save the image of user, at file system in application domain.There is function in the business layer as SaveImage, which returns the path where it is saving. Scenario:1) Save image first and then save other information in DB.
i need this Profile to add Unique IP address that has been used by the UserName ,,,
meaning :
If i logged in for the first time , it will save my IP address , next time if my IP has changed and i logged in , i need to keep the old IP address and add to it with comma seperated the new IP ..
I have class LoginController, the action login and it run okie:
[Code]....
And on control LoginUserControl that inherits Logon model, I get cookie then login action, but while i debugging, it's cookie is null though login is success.
[Code]....
[Code]....
[Code]....
[Code]....
But variable userName always null, Although I add cookie,
I have a page that has a few controls inside a CollapsiblePanelExtender. What i need to do is save the state of the CollapsiblePanelExtender so that its easier for the user when they comeback to the page.
How would i go about saving the state of the CollapsiblePanelExtender to a cookie each time its expanded or collapsed?