Security :: Linking Asp Membership To An External System?
Oct 7, 2010
I've had a look through the forums but I couln't find a concrete answer - I found some things that point me in the right direction but I would like to just ask for some clarification.My requirements are as follows:I have an external system, with an API that allows me to log in a user, and returns whether or not it was successful. This can only be done through the API, it can not be done with a direct DB connection.I want to create a site that can only be accessed by someone who has a login to this external system. Through the site they will only be able to log-in, there will be no possibility to change password etc, this is all done in the external system by an admin.I like the ASP membership system, and the way it works with anonymous and member views and would like to continue to use it. My question is, how do I do this? Do I create a custom membership provider that overrides all the methods of the usual membership provider? And how will the fact that all I actually want to do is allow the user to login affect things? There will be no ability to change details etc.
View 6 Replies
Similar Messages:
Apr 21, 2010
I need to convert a web site using traditional ASP.Net login,membership/role with SQL to a custom system. I need to use a third party (CAS) authentication system while still using membership and roles to control access to content and User.Identity functions.What would be the best way to accomplish this? I use the <deny> and <allow> user throughout the site to control page access.
View 3 Replies
Jan 13, 2010
is there a way to snag the database id of a newly created user after CreateUser has been called? I need to be able to tie that id to another database table. From what my book shows me, it looks like member info is encrypted, so merely looking at the membership database table.
View 11 Replies
Jul 19, 2010
I am trying to create my own membership system. Therefore I created my own membershipuser class and membership provider class. But I am getting the following error on Createuser method of My membership provider class; no suitable method found to override
This is how my CreateUser method looks like:
public override MyMembershipUser CreateUser(string username, string password, string email, string status, int registerd_on, out UserCreationStatus creation_status)
[code...]
View 6 Replies
Aug 18, 2010
I m trying to use the profile system to get information of the authenticated user form the data base, just like the session system : the user is authenticated then I set same variable with information of this user coming from data base !I am familiar with PHP so i m trying to do it like that !Also, i woul like to join my own data base and the asp.net membership database !
View 1 Replies
Sep 25, 2010
I want to maintain different user authorization lists for different environments. I know that connectionstrings can be broken out in an external file with configSource, but how would I do this for the following?
<authorization>
<allow users="someuser1"/>
<allow users="someuser2"/>
<allow users="someuser3"/>
<deny users="*"/>
</authorization>
View 1 Replies
Nov 12, 2010
I have a web site that is using windows authentication. 'Enable anonymous access' is unchecked. It works when I call it through Visual Studio but when I put the site on the server I get the following error:
Unable to cast object of type 'System.Security.Principal.GenericPrincipal' to type 'System.Web.Security.RolePrincipal'.
Here is the offending line:
System.Security.Principal.GenericPrincipal genericPrincipal = (System.Security.Principal.GenericPrincipal)HttpContext.Current.User;
View 3 Replies
Nov 8, 2010
I am having problems with the asp membership system when uploading it to the web.
I uploaded the database to the web, which works fine, but when i try to login in using the log in control on one page, i get the error:
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - No such host is known.)
what would cause this? what have i done wrong?
View 2 Replies
Jan 26, 2011
I'm looking to implement a membership system using OpenID for my ASP.NET application, similar to the system used here on StackOverflow. I'm aware that the OpenAuth library is generally recognized as the way to go, but I'm having trouble figuring out how to implement it.
I use NHibernate to persist my domain objects. I have a Users table with a username column, email column, etc. I'm not sure how to integrate OpenID with my own users table, and I haven't found any good tutorials on this. Does anyone have any experience with this? What is the best way to go about doing it?
View 3 Replies
Mar 3, 2011
I have a website that is associated with a PC Application.
The website uses forms security to restrict access to the Information on the PC Application to users with a specific role.
Is it possible to have a link to a page that has sufficient information contained in it to automatically log in and display a page in a restricted area?
I am thinking of something like the confirmation emails you get when registering with a website. They often have encrypted text as part of the link and automatically log you back in to the website when clicked.
View 5 Replies
Apr 14, 2010
I'm calling an external Web service that requires a certificate to be passed. This works perfectly fine for a stand-alone Windows Forms application, but when I attempt to do the exact same thing through an ASP.NET Web Application, it throws the following error:
"No connection could be made because the target machine actively refused it"
I found this MS article that describes what appears to be the exact issue I'm having, but it only applies to .NET 1.0:
[URL]
I'm using .NET 3.5, so surely it must be fixed by now!
I've attempted to change permissions on the certificate and fooled around with the app pool identity, but nothing seems to work.
View 2 Replies
May 6, 2010
Our conn strs reside in an external file <connectionStrings onfigSource="ConfigurationConnectionStrings.config" />Is there a way to encrypt this external file either using aspnet_regiis or System.Configuration?
View 4 Replies
Mar 28, 2011
I have setup Windows Authentication on a project but I need a windows login or something to appear when its accessed externally, how can I do this?
View 5 Replies
Jun 9, 2010
I am using a thrid party website for a service. I transfer control and data to an external URL provided by the service provided. Once the service provider processes the data, it transfers the results and control back to a page in my website. I would like to allow only the service provided URL/page to redirect to my website. Is there any way to do this?
I am using hidden variables on a form and a button control with the PostBackUrl attribute set to the service provier URL, to submit the data and control to the external webpage.Will Service Variables help me achieve the above objective?
View 3 Replies
Sep 9, 2010
I'm working on a website where it should be possible for registered users to upload word documents. The administration of users is done through Membership and Profiles. When the documents have been uploaded, the following needs to be achieved:Non-registered users should not be allowed to download documents I should be able to control which users that has access to which documents I should be able to register which user downloads which documents I should be able to track how many times a document has been downloaded
Can this be achieved be using Membership and Profiles?
View 1 Replies
Jun 18, 2010
How to protect our web.config file from external access.
I mean some sort of password protection.
View 3 Replies
Dec 7, 2010
We have an issue with an internal application, where accessing it from LAN (private n/w) works fine, while access from external n/w throws up erratic behavior.
The Current System :
an aspx page (asp version 1.0) hosted on the IIS server (6.1). The front end is a vb form that connects to a sql 2000 database.
Users' credentials authorized using NTLM security.
Access from an external n/w - a reverse proxy configured with an ISA server 2006 to authenticate credentials.
Domain Controller - Windows Server 2008 R2 x64
The issue when accessed from external n/w :
everytime an entry from a drop-down is selected from an Ajax enabled control, instead of the fields populating, the page gets refreshed and the content of the box are cleared.
Also, clicking on other items that normally hyperlink to other pages, results in nothing happening.
Upon investigation, we realized that :
Everytime it fails, a string - "&AuthResend" followed by an alpha numeric string is attached, which attempts to authenticate the user's credentials everytime a request is made to the server.
ISA error logs yielded the following error msg :
"12210 Internet Server API ( ISAPI ) has finished handling the request. Contact your system administrator. "
This behavior is inconsistent except when accessed from Google Chrome, where it fails each time.
We have applied all the recommended hot fixes from Microsoft's KB pages.
View 1 Replies
Feb 28, 2011
I'm trying to use the Membership.CreateUser method without passing a security question and answer. I set them to string.empty, but no go. I have my provider set to not require a question in my web.config. What am I doing wrong?
[Code]....
View 2 Replies
Jan 5, 2011
This is my first membership provider; I converted the sample provider [URL] to SQL. I created a vb class provider and put it into the App_Code folder. After it was created I tried to modify my webconfig but the error pops up. I don't know what else to try, I don't know if I have missed something
webconfig:
[code]....
View 1 Replies
Jul 12, 2010
in my web project i got an error that i couldnt find any solution. the error says: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. when i work in local there were no problem i put files to our server and i changed the database also. when i work in server in web application in Default.aspx i can connect db and get values without any problem using my DataLibrary
BUT the problem in my web service i also use my DataLibrary in webservice but when i try to run a method in web service it gives me the error which is : System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
my new db connection is
strConnectionString = "Data Source=OURSERVERNAME\SQLEXPRESS;Initial Catalog=DoveTR;Persist Security Info=True;User ID=sa;Password=123456789;Pooling=True";
View 1 Replies
Feb 9, 2010
I have started to implement asp membership. I go the administration page and click provider. I have a database on a server on the local network that i want to install my members tables in. When i run the
aspnet_regsq.exe it doesn't ask me what SQL database i want to use and seems to default to my local SQL Server 2005 installation. How I change this to use my SQL Express database on a local server?
View 6 Replies
Aug 10, 2010
I have to implement a small webshop. Basically it's just a website with a huge backend ERP System and with the possibility to sell one (yap, really only one!) product on the website. The only requirement is a MySQL Server. The backend is almost finished (about 95%) and is secured with the .net MemberShip Provider for MySQL (the one in MySql.Web from the MySql Connector .NET).
Now to my question: I can set up the membership system easily but I do not need such things like username or password-question but I would need a reference to an address table to store the users home address. So, it is possible to change or customize the membership system to for eg. a unique customer id instead of the username column and set this in codebehind when the user is creating a new account? And is it possible to insert new users/customers from codebehind in an easy way? (I mean without checking each foreign key and inserting the customer reference to the userinrole table and so on...)
View 10 Replies
Apr 14, 2010
I am building a site and I want to use the default membership controls provided with asp.net like Login View Control etc. I don't want to use the ASP.Net Membership DB as I want to use my own Security structure and I don't want to inherit the ASP.Net membership class either. In my case how can I use these controls to aid me like how will a login view control detect if someone is authenticated or not.
View 7 Replies
Jan 24, 2011
This error is occuring randomly, and I can't seem to pinpoint what is causing it. For the most part, the code works fine. I'm confused why it works sometimes, but then suddently craps out on me, lol.It happens in the code when I call upon the asp.net membership provider. It only seems to happen when i use Membership.GetUser() to grab the logged in user's information.
View 9 Replies
Jun 3, 2010
I am using Itext sharp to create a pdf. I am adding an image and I keep getting this error
Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, ersion=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
it is this bit of code that is causing this
[Code]....
If i comment this out, the PDF builds and no errors are thrown (there is just no image)
I don't understand cause I am am trying to do is read a file.
View 2 Replies
