I have a problem....if one user try to go to a page where he isn't autorized, the application rediredt he at the login page...
how I can redirect in an other page, where i write "Access denied"??
I am working on an application that resides on a development server on our internal network. The application was originally written to use Membership and Roles. We got busy almost a year ago before the app was finished, and now we are trying to get it ready to use internally.
The login page works just fine, but I have lost the ability to controls users and roles. I am running Visual Studio 2010 Professional now on a Windows 7 VM. I can open the application fine but there is no Web Administration Tool available for me to manage users or roles. If I go to Website -> in Visual Studio, there is no option for ASP.NET Configuration in the drop down menu. It simply isn't there.
How can I regain access to manage users and roles for this application? We are using Forms authentication and the database resides on a SQL Server 2005 instance on a separate box from the web server and my local VM.
I have a web application that is using siteminder for authentication.
I want to redirect to application that is siteminder enabled. This application might be using site minder forms authentication.
What parameters i need to pass to that application? And what details i will need of that application.
Working on my first asp.net webpage. i have followed video tutorials and implemented asp.net membership for login/security.Using Visual Studio 2010 i can open the Asp.net configuration page for management locally.But then if I want my site admin to manage users/security online, how is this done? Like manage through a web browser. I guess this asp.net configuration GUI is not available on the internet?
View 4 RepliesWe have asp.net configuration tool to manage user's permission and role for our offline website,
it is working very fine.
Now, I have uploaded my website and aspnetdb.mdf
now i want to manage users and it security and roles online.
How can i have asp.net Configuration tool
i like to design a asp.net application(app1) where we can create role and actions. here action is such as create student details and delete student details... this both actions comes underneath to a role1.. so, the application will have some roles with set of actions. This roles and action will be used later in another applications(app2 and app3).
i have designed app1 with single sign on for all the application(app2,app3). when a user enter into app2, he/she will be redirected login page which resides in app1. There user validation will take place. once validated, authentication ticket will be send back to requested application(app2).
Once app2 receive the ticket, it will make another request app1 to get the roles and action belongs to singed user. the app2 should behave based the actions belongs to role.
*A user can have more roles.
how to control the user activities based on the actions?
Is there any framework to achieve this model?
I want to create a multi-tenant application that uses the hostname to determine the customer.
For example:
CustomerOne.myapp.com
AnotherCo.myapp.com
AndOneMore.myapp.com
I can do the database and security side with no problems, I can also get the hostname from the URL, but what I am struggling to find out is how to create the basic plumbing that would allow a new customer to sign up online, provide their company name, and for the application to create the new URL, ready to be used straight away.
I'm designing an ASP.NET 4.0 Web application where administrators may create an auction with an expiration. The expiration time would be stored in a database. How can I ensure that the auction ends at the predetermined time, considering the fact that an application instance may not be running when it is time? The application will be hosted with IIS7. I am considering Windows service, but I am wondering what other options are out there.
View 3 RepliesWe have used Session heavily in our application, we have created core classes (which have many properties) and store objects of core class in the session.
1) What could be the best solution for reflector activity?
2) What could be the best way to manage session in an application which has 100 pages?
We have chosen the asp.net 3.5 on creating our thesis project, building a mall website. Our first step was very simple, we've worked on the layout of the website, building the interface of the home page. and we are about to create some on the back-end part, which is creating a user-level maintenance and store maintenance.
View 2 RepliesI am using loginview control to manage membership loggled in data and anonymous data. But since I have to copy entire data to login view template. I think it is not perfect solution in case i just have few differences in all type of templates. I tried to use loginview whenever I actually need it. But it supports just after form declaration.
Also what if I need to have multiple loginviews. Is there any way to do this manually. I just dont like to copy entire design for each template and just like to manage identical changes.
my application is running under asp.net 2.0 and in iis 5.0 (Windows XP) in my machine.config, i have the following setting
[code]...
whenever i go to my default.aspx page, it seems it doesn't redirect to login.aspx.
I have Web Application which uses the Logged In User (Authenticated User) to query his Profile Data from Adabas/Unix using OLEDB. The application provides the user with about 21 different pages (Basic Info, Employment Info, Education, Dependants, Financial Info ...).
The web application has a master page, and each profile data page is based on a User Control loaded in the Child ASPX Page.
The Data Layer of this Web Application will have to undergo major modification, since we are migrating our legacy applications from Adabas/Unix to SAP, the development Team has prepared web services to query for the same Profile Data from SAP using Web Services. Now, we have to modify the web application to consume the web services instead of using OLEDB to query Adabas.
Since we are in the testing phase, and we have only very limited data in SAP, I have to provide temporary control to allow test query the Staff Profile for a Specified User (instead of the Authenticated User) and to select the Source:
1. SAP, or
2. Adabas.
So I am thinking to add the following "Control Section" in the Master Page:
[Code]....
See image below to clarify:
[URL]
Becuase the users defined in SAP are based on Dummy Data, so we want to allow the user to Enter the required SAP User, and he will select "SAP" from the Drop-Down-List. In this case, the program will query for Staff Profile Data from SAP for the specified "Staff ID" (txtSAPStaffID) instead of the Authenticated User. But, if "Adabas" is selected for the "ddlDataSource" then, it will default to the Authenticated User.
I noticed that when I am following the above technique, if I press "Go", the Staff Profile Data Page is disappeared, and when I navigate from page to another, the selection on the values entered in the "Control Section" in the master page are reset to default value, ie, the last values are not maintained.
Questions:
1. What is your feedback on the method I followed above ? Any other recommendations? I need very simple method.
2. Why the data page (the child page of the master page) is cleared (disappears) when I press the Go button ?
3. How to maintain the values selected when I navigate from one page to another ?
I'm using vs 2005 and asp.net 2.0 to create my website. Recently, I thought about applying membership instead of my customized security system in order to achieve higher security level and performance. At first thing went well, since it was easy to create/manage users and Role names from behind code, but when I came upon the "Access Rules" I faced what you can call it an 'obstacle' at least from my opinion.
The thing is, I don't want to use Asp.net Web Site Administration Tool to create and manage my access rules which I'm going to assign to each of my dynamically created Roles. What I want to be able to do is make a page where the Admin can create/manage his desired Role(s) and also, create/manage the Access Rules, then add such Access Rules to the previously created Role(s).
Now, what I need to know first is... is it even possible to do such thing in the first place? Because the way i understand it is, since the access rules are stored in the web.config of each folder/directory that you apply them on then it shouldn't be allowed to modify it from the running/published website.
I'm building a solution where 2 applications are involved. One of them handles the login and user management, and and other provides the service itself. I need a way to send the user from the first app to the second, along with some data that derives from the whole login process. The data has to be sent in such a way that it can't be tampered with; or a way to check if it's legit has to be available.
Some more details:
The solution consists of 2 ASP.NET (Webforms) websites Although both websites are sitting on the same server, a solution that doesn't rely on this is prefered.
I got an application to support, it's an asp.net web project, on the 1.1 dot.net framework.It's all ok, with the application, when it runs on web brownsers, and when I try run it from inside a blackberry mobile phone it runs ok too, except when I try to execute an Response.Redirect("some_page_of_my_app.aspx").It always goes to the default page (login page), and ask for login again, and I never can do a redirect.
View 1 RepliesI am developing a mobile web application using System.Web.Mobile namespace of ASP.NET.I am facing problem with redirect to a different aspx page using Response.Redirect() while testing with dotmobi emulators with the error message: The requested item could not be loaded (status code 502)
View 3 RepliesI have a login page. Once a user is authenticated they are redirected to another page, (called pg2). I don't want just anyone typing in the url and getting to pg2. If they are not authenticated I want them to redirect to login.aspx. To achieve this, I'm using this code below. But it's not working. I am using a nested master page and I don't know if this is causing the problem.
[Code]....
What is the simplest way to redirect a web request to an ASP.NET application to a subdomain?If a request comes into the URL http://somesite.com/foo.aspx, the new destination URL should behttp://www.somesite.com/foo.aspx or http://blog.somesite.com/foo.aspxHow can you programmatically redirect the request to the subdomain, keeping the rest of the URL intact?
View 2 RepliesI have a web service method in .net as below:
[WebMethod(Description = "Adds two numbers", MessageName = "AddMessage")]
public string Add(string x)
{
string retVal = x;
string fileLoc = @"D:KumareshCreateFile.xml";
StreamWriter sw = new StreamWriter(fileLoc);
sw.WriteLine(retVal);
HttpResponse response = HttpContext.Current.Response;
response.Redirect(http://www.google.co.in", true);
sw.Close();
return retVal;
}
I deployed my webservice in IIS server. I have created another .net application, and called the webservice method from the new application. My problem is I am unable to redirect to the specified link[google.co.in]. I am getting the following error: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.Web.HttpException: Response is not available in this context. at System.Web.UI.Page.get_Response() Sometimes I get the error as: "Object moved here". "here" is shown as a hyperliink, If I click here, i am redirected to the specified link.
I am using ASP.Net's forms authentication, but do not want the default behavior of redirecting to a login page when a restricted area is accessed. Instead I would like to invoke a javascript JQuery dialog for the login on the current page, preventing the content behind from loading.My only issue is that by default the forms authentication wants to redirect. Is there a handler that I can hook into, or some other option to prevent the redirect?
View 3 RepliesOk, I have been trying with this for many days now and read countless posts on this subject but I still cannot get it working.
I have created 2 roles and memberships one for admin and one for users, as you can guess I want to direct admins to a admin page and users to a user page. When a user logs on, it works fine, whether it's an admin or user, but they both present the home page, default.aspx
I know you have to have a redirecturl, to direct the user to the relevant page, either admin or user, but where and which webconfig would you put this in? I have seen in some post that you need a protected void or a role line in a webconfig file, but I have tried both these and countless other bits of code in different webconfig files. Before you ask about validation, I know this works as the user can log in, but just wont go to the relevant page.
Directorty structue I have is as follows:
Account folder contains - ChangePassword.aspx, ChangePasswordSuccess.aspx, Login.aspx, Register.aspx, Web.config
Webconfig contains
[Code]....
Admin folder contains - default.aspx, Web.config
webconfig contains
[Code]....
Registered folder contains - default.aspx, Web.config
webconfig contains
[Code]....
I am currently having a spot of bother in something im trying to create. I want it so when a user who is in a certain role logs in they are directed to a certain page, and any other normal users are directed to another page.
I think i have this sorted via code but...
-The first time it will work, the 'admin' user will get directed to the appropriate page
-I then log out and log in as a normal user and get directed to the appropriate page
-then when i log out of that users account and back into the admin one i get directed to the normal users page instead.
-additional to this, I tried it on a different machine logging in as the admin user only to be redirected to the normal users page (is my session being stored somewhere?)
Ive traced through the problem and the user name and password being subbmitted are what they should be, yet it skips the true part of my IF statement for being in that role.
Here is my code I am using on the login form:
[Code]....
-When stepping through if seen it work and not work with the same values, I cant understand the logic of its inconsistency
the code i am using for the logout is (this is on my masterpage):
[Code]....
I'm no programmer. I am a student majoring in Business Information Systems. My capstone course requires me to develop a web-enabled database that will allow a company to track their projects. I have set it up this far using the 3.5 dynamic data page. My database is fine, however I need to set it up so that Admins can view the entire site and have the ability to edit, view, and delete items, and where users can only edit projects that they are assigned. Is what I'm looking to do possible?
View 4 RepliesI have the following web.config file in my MemberPages directory:
<configuration>
<system.web>
<authorization>
<allow roles="member" />
<deny users="*" />
</authorization>
</system.web>
</configuration>
If the User is a "member", he/she is allowed access to web pages in the MemberPages directory. Otherwise, he/she is denied access. The mechanism works. However, when the User is denied access, the following very unfriendly message appears:
Server Error in '/MyWebSite' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies)could have been removed, had its name changed, or is temporarily unavailable. the following URL and make sure that it is spelled correctly.
Requested URL: /MyWebSite/MemberPages/member_page.aspx
How can I redirect the User to a more friendly page if he/she is denied access?
<configuration>