What i want to do is code in Global.asax file to check if current date is greater than EndDate(appsetting) it will block access to rest of the pages as what happens when using [Code]....
Moreover it will be a licencing system which will block the application after its EndDate that will be mentioned in web.config.
[Code]....
[Code]....
I'm using the System.Web.Routing.UrlRoutingModule.
With that I'm writing:
routes.Add(new Route(@"cart/add", new RouteHandler("~/Order/CartAdd.ashx")));
routes.Add(new Route(@"cart/delete", new RouteHandler("~/Order/CartDelete.ashx")));
And I also have one route called:
routes.Add(new Route(@"{*url}", new RouteHandler("~/Error/PageNotFound.ashx")));
But if I go directy to /Order/CartAdd.ashx I never enter the routing. It goes directly to that handler. And if I go to /Order/ I get a 403.14 error.
How do I instead catch those urls with the routing?
After deploying our web application, one of the user was not able to login to the application. After checking, we could realize that his system date was worng, It was a greater than current date. If the system data was less than the current date we can still login. We are using asp.net membership
View 2 Replieswhile doing debugging i found a blue dotted corner around catch block, while hovering it is showing system.exception...what does it mean and what to do
View 1 RepliesI have a web page where I am denying anonymous users from accessing. In the web site I have a folder called FileManager. In the web app the usres have the ability to uploaded files and when they do a folder gets created under the filmanger and the files are saved. I have created a web.config in this folder that denies anonymous users. The problem is if the user knows the directory structure they can type in the url of the site add /FilManager/x/x/NameOfFile, where x are the sub directories. If the file is an image it shows the image in ie, if it is a .xls or .doc or what ever they get the prompt to either download or save the file. What am I doing wrong. Will the web.config file not stop an anonymous user from access files? I put a webpage in the folder and it is blocked and the user gets sent to the login screen, but files seem to be unsecured.
How do I block anonymous users from being able to access the files in this folder?
i have users who can logon to my site. I don't use the asp.net provider (i have my own user storage) but do use forms authentication. No i want to block users from log on twice to my app. Now what is the simplest thing to accomplish this? I thought about an extra field in the database in the user record but is there something simpler? is there a sort of 'session' for the entire application where i can remember who is logged on (and which is not flushed at a random time)? maybe in the cache (but the cache is sometimes flushed) i've seen an example where a file with the username was written to disk (and removed when logged out)
EDIT:
Good question was: what do you mean with logon twice. I mean when a user logs on on another computer or when another person logs on with the same credentials
I have a web site that is using windows authentication. 'Enable anonymous access' is unchecked. It works when I call it through Visual Studio but when I put the site on the server I get the following error:
Unable to cast object of type 'System.Security.Principal.GenericPrincipal' to type 'System.Web.Security.RolePrincipal'.
Here is the offending line:
System.Security.Principal.GenericPrincipal genericPrincipal = (System.Security.Principal.GenericPrincipal)HttpContext.Current.User;
use logging library.which one is better and why log4net vs enterprice library logging (application block)
View 2 Replieswe can download other site css like right clikc their websites and we can see the css src / js src, then if we providee that filename in the address bar then it'll download, how to avoid this?
View 2 RepliesI know how to impersonate a user for the entire site but how best to impersonate for a block of code; WindowsImpersonationContext or NetworkCredential?
And how would this code look like?
have a project where there are main 3 types of users i have to block them from accessing other pages but without using roles or membership is there any other way to do the same?
View 3 RepliesI'm doing a project in component management system. I need to block executable files from getting uploaded. Blocking should not be based on the extensions. For example, i've a file named abc.exe i'm going to change the file extension to abc.jpg in this case that abc file should not get updated. Similar to that in gmail file attachment.
View 2 RepliesOn my website, www.pakdev.net, I create screencasts to which are streamed through silverlight.
I create a custom handler to block the download of .wmv files from the url like [URL]
But the problem is now the silverlight has also stopped streaming files.
I'm doing a project in component management system. I need to block executable files from getting uploaded. Blocking should not be based on the extensions. For example, i've a file named abc.exe i'm going to change the file extension to abc.jpg in this case that abc file should not get updated. Similar to that in gmail file attachment.
View 1 Replies Can anyone tell me the differnce between
System.web.httpcontext.current.application["tag"]
or
System.Configuration.Appsettings["tag"]
I am making use of 3-Tier architecture while making my project. And in Data Access Layer I am making use of application block, but application gets a connection string from web.config; but ClassLibrary of Data Access Layer doesn't contain web config file. How can I access connection string from Data Access layer?
View 5 RepliesI'm trying to configure the logging settings to log all events in a database and event viewer but email only errors and warnings. Database and Event Viewer part works fine except that I'm not getting any email for errors.
Note: There isn't any problem with smtp settings because I get event's emails if I add the listener to "General" and "All events" in category sources.
Here is my config: (I'm using Microsoft.Practices.EnterpriseLibrary.Logging 3.1.0.0)
<loggingConfiguration name="Logging Application Block" tracingEnabled="true" defaultCategory="General" logWarningsWhenNoCategoriesMatch="false">
<listeners>
<add databaseInstanceName="LOGGING_DB" writeLogStoredProcName="WriteLog"
[Code]....
I know a user can use the following code to access the content of web.config
string connectionString = ConfigurationManager.ConnectionStrings["MyConnect"].ConnectionString;
If I set EnvironmentPermission, can I block user to access the content of web.config?
is there any java script that i can put it on my master page and block specific I.P address ? And navigate the user visiting from that blocked I.P address to a different page ?
View 8 RepliesThere seems to be an issue with the "Trust" level when executing within a "Cloud" environment. In order for the following app to work it needs a trust level of at least "Medium." This web app is developed using VB.NET 3.5, and Visual Studio 2008. The app works perfectly on my local sever but when deployed/published to the "Cloud" it returns the error: System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I have added all 4 required values, ConsumerKey, ConsumerSecret, OAuthToken, and OAuthTokenSecret to the web.config file in the "appSettings" section of the "configuration"
[Code]....
If found that by going to [URL] and signing into the account that is using the application, then go to the "Settings" page, go to the bottom of the page and click on the "API" menu option. Once the API page appears you will clik on the button "2", Register An App. On the right side on the new page, you will see a button "View Your Applications." If you have previously registered your app, click this button, If not fill out the appliction for a new app. Now at the View your Applications page, select the app you want to get the authorization keys for where is says "Edit Details". Now click on the button to the right that says, "Application Detail." Here you will find your Consumer Key and your Consumer Secret Key. On the right side of this page you will see the menu option "My Access Token", click it and you will find your oauth_token and your oauth_token_secret keys! Not that you have all the keys, put them in the "appSettings" section of the web.config file. Add "Dim twConn As New TwitterVB2.TwitterAPI" at the top of the page.
I then created a subroutine where I pass in the Tweet:
[Code]....
This code works great in an enviornment that allows at least a "Medium" trust level. However it appears that many of the "new" hosting envrionments such as "Cloud Hosting" and others do not allow this trust level automatically!However if the trust level is less than "Medium" on your host you will likely receive the error message: "Twitter Returned: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed." If anyone has found a fix for this "Trust Level"
I have a problem in my asp application. In my application I have an own authentication mechanism so in the web.config file I have <authentication mode="None"/>
Inside the application users can upload files to the folder I've created (App_Files). I would like to give access to the folder only once they are logged in (Session["Login"] is no null).
I dont want not logged in users to be able to access the files over a url address in the browser (like http://<server>/App_Files/Filename.pdf)
my page is very simple, one gridviews and one ObjectDataSource.here's my code :
<%@ Page Title="" Language="C#" MasterPageFile="~/site.Master" AutoEventWireup="true"
CodeBehind="default.aspx.cs" Inherits="cHospital._default" %>
[code]...
I also posted my question on another web site, one suggestion I got is move my codes to codebehind
(http://entlib.codeplex.com/Thread/View.aspx?ThreadId=245208)
But this is ObjectDataSources, my understanding is everything have to stay in Class file.
i developed one asp.net application.i published the application in iis server.then by using that url i am testing the application in my system the design is coming fine.But in other systems the design is vary.both the systems are having IE8 Browser and both are same versions.
why the designing is vary can u pls let me know.
and also button styles all are different changing in system to system.
I have menu item on my master page that has block around the text when the page is first run. I wrote in the css on the link and visited property to change the color to match the image color that it is on. When a menu item is clicked the color changes to the right color. How do I get it to the right color on when the page first opens or is there a way to get rid of the block or make it transperant?
View 1 Repliesin my web project i got an error that i couldnt find any solution. the error says: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. when i work in local there were no problem i put files to our server and i changed the database also. when i work in server in web application in Default.aspx i can connect db and get values without any problem using my DataLibrary
BUT the problem in my web service i also use my DataLibrary in webservice but when i try to run a method in web service it gives me the error which is : System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
my new db connection is
strConnectionString = "Data Source=OURSERVERNAME\SQLEXPRESS;Initial Catalog=DoveTR;Persist Security Info=True;User ID=sa;Password=123456789;Pooling=True";