Security :: Partitioning The User Store Into Applications And Utilizing That In One WebApplication?
Apr 15, 2010
I have a design issue with a new project, the web application I'm developing is suppose to serve three different segments of business, each segment has a sligthly different requirement, but in all they share most of the same business needs, so I'm creating only one web application.
I've created three "Application" in the asp.net web administration tool.
I want to be able to create users related in each segment with their associated "Application" in membership store.
and when a users login(there is only one login pag) to the application to be redirected to his specified application.
The thing is the web.config configuration alows you to define one "Application" name, and hence the membership APIs pick up only that application.
View 4 Replies
Similar Messages:
Jan 25, 2010
Ok, I almost hate to ask this because I'm sure it's been covered many times on this forum, but I'm starting to get too frustrated trying to get it to work, so I'm gonna ask anyway.I have setup forms authentication on my site and have it working without any issues. What I'm trying to do now is to add "Remember Me" functionality so that the users don't have to log in each time they access the site. I'm able to get the authentication part down, but the issue I'm having is that when the user logs in, I set certain attributes in Session variables for that user (name, site role, etc.). These values are obtained from a database after the user has been authenticated, based on the username. What I'm having problems with is getting at this username from the FormsAuthentication cookie.
After I authenticate the first time, I setup my cookie this way:
[Code]....
I have tried getting at the Username utilizing the User prinicipal, but it just returns blank.
View 2 Replies
Nov 10, 2010
Our application lets the administrator create new users. Since the administrator is logged in, I have set Logincreateduser = false so that the administrator is not logged out even after creating the new user.
The problem is :I need the userid of the newly created user to store additional details of the user in another database table. I see that i can get the username using Createuserwizard1.username; but how do I get the userID?
View 2 Replies
Aug 12, 2010
I have a custom membership user class and custom MembershipProvider working against database. Due to security reasons the user passwords are stored in the database as hashed values. So my procedure
public override bool ValidateUser(string username, string password) is
{
//select hashed password from db
return (EncodePassword(password) == dbpassword)
}
[code]....
View 4 Replies
May 19, 2010
I have this web application built. I am using windows authentication for this application. I have to log all the user activity as wells as site activity in this application. I have the below mentioned class established to log some activity regarding the user to an SQL server database table..
[code]....
I would still need to log many other items regarding the user and also the site, like the time spent by the user on the site, no: of currently logged in users on the site. Can anyone here suggest me as to how do I capture those items?? let me know if I am going in the right direction too.....?? If you can provide me with some links on this "user activity logging for windows authenticated applications".
View 3 Replies
Sep 5, 2010
We will put the active directory logon when the user access the website, the user needs to fill in his user name and password.
How do we store/get the details of the logon user once the user is logged in?
View 2 Replies
Mar 14, 2011
Roles: - administators
If it administator shows menu "Admin".
If I want to display the menu: "Create new employee ', have to create Roles: new_employee?
If so, how to choose a user and store specify their rights in c#?
View 3 Replies
Apr 26, 2010
Using visual studio 2010.
Dragged and dropped a login control onto a blank content page. Set up my web.config (i'll include the code for that at the end). It seems to want to use a sql database to store the info. I just want to use the web.config since it's just a single user and a simple site. I thought I could just drag and drop the login control to a page and that would be the end of it (besides setting up the web.config).
Here's what i have in the config file
[Code]....
View 2 Replies
Jul 2, 2010
Ive been exploring the tabls in the membership database to see how they are structured. If i add a new user or update an existing one i see it in the user and membership tables. But i dont understand how to use or store roles. I use the ASP.NET CONFIGURATION toll in the WEBSITE menu to create roles and create access rules, but those roles dont show up in the Roles table in the db!
Yet the roles are stored cause they keep apearing in the ASP.NET CONFIGURATION. How weird is not that? Where is it stored and how can i access it? I need to programatically check if the user who is logged in is in a certain role.
View 8 Replies
Oct 5, 2010
I have spent hours on the forum trying to find this answer. I have a requirement on a project. There is an internal (intranet employees only) site which has much more control over the data etc. and i have an external site (to allow customers to enter usage data). I am using forms auth and hitting a common sql server 2008 db with the standard aspnet schema. I have an internal web server and an external web server both windows 2003. The problem that i am having is that if you are logged into the external site and then open a new ie window and enter into the internal site, even as a different user it logs you out of the external and vice versa. I don't have access to update the machine config.
I started out as a single app in the db but now have seperated into 2 apps and i am able to log in as an external admin and see only the external users and vice versa. Creating a seperate security only db for the external app is not an option because i have a I have the application name listed in the web.config for both internal and external which matches the app name in the aspnet_applications table.
external app
[Code]....
[Code]....
View 2 Replies
Mar 8, 2010
I'm trying to find out how i store user names and passwords in the web.config file. I have tried looking for documentation on this but haven't found any so far.
I see in the class library it says that the Authenticate method of the FormsAuthentication class is for use in authenticating credentials against those stored in the config file, but i don't know how to store them there to begin with. I want to store two username:password pairs in the web.config file preferably encrypted.
one of these username:password pairs i want to be hard coded. The other i want to be able to be reset with a password reset form which I will code later. I guess there maybe a method for creating a sername:password entry in the web.config which could be used with my password reset form if such a method exists. But I need to know how to hand code the username:password entries into the web.config file to begin with and to beable to create the hard coded pair.
code I need to add to my web.config file i need to add and in what section?
also can you point me in the direction of a method used for creating username:password entries in web.config
View 6 Replies
Feb 10, 2010
I have created an asp.net site with anonymous access turned off. Its for an internal (intranet) system which uses User.Identity.Name.ToString() to get the users login windows ID and then displays some records from a datagrid depending on their login ID. Is this secure? Also i am struggling to workout how best to store the result of User.Identity.Name.ToString() as I am not keen on storing it in a hidden text field and would rather not call it all the time unless this is the best way?
View 3 Replies
Jul 29, 2010
I like to create a new user webform. I like to have multiple textbox fields for the new user to enter and would like to use the inbuilt ASP SQl express to administer. I read somewhere to use Membership.CreateUser API but not sure what that is?
Is it as simple as dropping textbox in a webform and in webconfig options place a line of code?
View 7 Replies
Sep 1, 2010
I am evaluating ASP.NET Membership for an intranet Silverlight app. I want users to be automatically authenticated for my application with their windows logon. Thus I configured Windows Authentication. I would like to store user settings like email-address in using the SqlMembershipProvider and not AD. It seems that storing user settings using the SqlMembershipProvider is not supported with Windows Authentication. Is this really so (using .NET 4)?
If so: What is the rationale behind this? IMHO authentication, user settings and authorization are distinct aspects. User settings could easily be stored (identified by user name) using the SqlMembershipProvider with authentication and password management being supplied by Windows. What is the recommended solution for my scenario?
View 2 Replies
Feb 19, 2010
I need to know how to change aspnetdb to store profile information unique to each user so that I can restrict records in an sql table to only show that user's records.
So if I make a "companyID" int, identity column where would I put it?
Also, when I write the where clause to companyID = profile (companyID) would that work?
View 1 Replies
Feb 1, 2010
I have read the post at http://forums.asp.net/t/1403132.aspx regarding login control. Is there a place to store the User logged-in ID (info) for later checking and use? I don't need to use the session object. I don't need the page to expire. I don't need the user to use a page saved in the favoites.
View 3 Replies
Apr 4, 2011
I have a web application which displays set of components in the form of grid view and gives the user ability to buy and download components from the web store. I'm considering using db4o for this ? What is your suggestion ? How is the support for db4o in visual studio 2008 ?
Can i have some tutorials/links on aligning datasource/databinding of gridview with db4o ?? How to start with db4o, create a table, using stored procedures / or similar concepts of it , connecting to database ? retrieving the data ?
View 1 Replies
Jul 12, 2010
Question: I have a web setup project.
It installs the webapp and puts it into the appropriate virtual directory.
So far so good.
My question now is: how do I set folder write permission?
My problem is, I can set the permissions programmatically, but I need to know the IIS user the application runs under, since it's that user that need the permissions.
View 1 Replies
Jul 22, 2010
I have a table that has more than 50 million records and which does not have any partition. But now i want to add a partition scheme to this table. This table has a primary key. But i want to partition it on another int column. How can i do it?
View 4 Replies
Mar 2, 2011
i have a web application which can be accessed via intenet the application is running on iis and configured using a router..i m looking for a good solution where i can give access to only authorized computers rest of the computers cannot access the applcation for eg:- if i have a users in office1 in sales dept. and he access the application from his office, so i want to deny the same user or any other user, that he cannot access the same application from home or antwhere else.
View 8 Replies
May 24, 2010
We have a couple transformations available for our web.config. How can I enable one of our staging or release configurations in my development environment? I'm trying to duplicate an issue from our staging environment in my development environment. Is this possible?
View 3 Replies
Jun 17, 2010
I have an ASP.NET Web Forms Application in migration process to ASP.NET MVC 1. Urls are as follows:
[URL]
(hxxp because stackoverflow thinks they are links and prevents me from posting so many)
"mvc" is another application inside my Web Site in IIS7.
I now need to be able to do this:
[URL]
Where 'subsiteName' can be anything and must be checked in runtime. I can't create directories for each subsiteName.
I thought of UrlRewriting, so /subsiteName/* rewrites to /*, but then I'd have to rewrite from WebForms to MVC.
I can't imagine a way to make a request to [URL]ever be taken by the MVC application in this scenario.
View 1 Replies
Jan 9, 2010
Is there a way that I can share membership (login, etc.) between two different web applications? I would like to create a smaller debug application to test some stuff in my database.
View 2 Replies
Feb 11, 2011
I recall some way to use a single instance of the the asp.net membership for multiple applications. For example...if I have a main single sign on portal, perhaps I'd like them to have access to Application A, B and F, but not C, D & E. Instead of maintaining different security for each application, can we have a single membership table maintaining all of the enterprise applications? So user 'John Doe' would have a single membership record, but have access to different applications.
View 3 Replies
Jan 27, 2011
I'm looking into building a web application platform which users will log into and be able to access other applications based on permissions. I've set up the membership provider and it is being shared between apps. Here is my problem: If I log into application A, and click on a link that takes me to application B, I have to log in again. Is there any way to share that session between applications so the user can log in once, and not have to do it every time they access a different application?
View 6 Replies
