If I want my button to go to another page instead of going to its own page, I can set the PostBackUrl to destination page.Howevery, I read in microsoft website that Server.Transfer is not good if you are concern with security and permission.Is PostBackUrl the same with Server.Transfer?Does the user will not be authenticated again in the new page?
View 6 Replies
I'm trying to use PostBackUrl on my asp.net form (insert mode) to go back to previous page. I'm hoping to use Request.UrlReferrer.AbsoluteURL or similar.The difficulty I have is how to assign value to link button (called InsertButton) property "PostBackURL".
Some examples show simply InsertButton.PostBackUrl = Request.UrlReferrer.AbsoluteURL but it my case it doesn't recognize the control. I'm using VS 2010 with asp.net 4.0
I am trying to use the membership feature but everytime I log in, or for example change my password or any of that membership items that I do, after I click Logi in button, or Continue button, etc. It will always transfer me to default.aspx. How do I change that?
For example, the login feature, I tried to edit template and set the button to redirect to the page I wanted, but then what happened is that it redirected to the other page even if the login has failed.
I need a div element to cause postback to the server. I can use window.location tough but then I think I won't be able to fire any event back on the server. How can I call the asp.net generated dopostback function properly?
View 1 RepliesI am using Itext sharp to create a pdf. I am adding an image and I keep getting this error
Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, ersion=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
it is this bit of code that is causing this
[Code]....
If i comment this out, the PDF builds and no errors are thrown (there is just no image)
I don't understand cause I am am trying to do is read a file.
Here is my code
[Code]....
"fileUpload" is the FileUpload ASP.NET control. The SaveAs method writes the user uploaded file to a specified location on the server. IT WORKS. That tells me that the ASP.NET process has the proper write permission to write to the file.The next line uses an assembly called PdfSharp which you can use to open PDF files and manipulate them. In this case, the line simply opens up the user uploaded file. That is where the error occurs. WTH?
It works on my production machine. It does not work on my local machine. It USED TO. It was never a problem before.So why would it be fine to WRITE to the server, but trying to open a file give an error? Makes no sense. Googling yields a suggestion to put <trust level="Full" originUrl="" /> under <system.web> in web.config. It does not work.
I develop one application that create folder with special permission.
It works, but when I install the application on server I can't set any permission.
I think because it needs domain admin to set this permission... I've one account of one domain admin but how can I do to impersonate when the application set (try to set...) the permission ?
i am mohammed working on website development,as i am having user,admin and employeeif the user enters the page he should see all the user pages,if admin he should see all the pages,if employee only specfic pagesso can i know where exactly i have to give the permissions in to login page,so dat when emplooyee loggs in he will be seeing only his pages,can any one let me know the code,as i am developing site in vb.net,its
PartialClass Users_login
Inherits System.Web.UI.Page
Protected
[code]...
I have a dll which i downloaded from a lightbox website. It is in the bin folder But i get the error permission cannot be acquired.can anyone assist?
View 1 RepliesI have several features in admin panel. like userslist,change password for the user,delete user... Still now only one admin user can handle all this.
Now I want to give some features to some users.. ie certain users can view the list ,certain user can edit items in the list etc...
I am new to ASP.NET security model, I need to perform a RIGHT-based security checking for every actions in my applications (e.g. CreateUser, UpdateUser, SearchUser....etc)
However, the built in ASP.NET security model only support ROLE-based security, and I would like to do something like that, but using RIGHTs.
Is there any idea, experience and post I can read and extends the ASP.NET Security Model to use RIGHT-based security to perform granular control.
e.g. How to I write my own HTTPModule, or make use of IPrincipal object.
If there any details steps/tutorial will be great, as I am very new to the ASP.NET.
I have a web application which is using IUSR_machineName, anonymous OFF, integrated windows authentication ON which will call a web service. The web service failed to be called if anonymous in web service is turned OFF. I was thinking to assign Credential programmatically from my web application via "DefaultCredential". But how could I know if IUSR_machineName has the permission to call the web service?
View 1 Repliesi have a situation where i need to develop a web system where sys. admin can create a shared folder in server and set who can access the shared folder programmatically.
i've manage to find example to create a shared folder from here:[URL]
and i also manage to find example to add user and set folder Security setting from here:[URL]
My problem is how can i add user in the Sharing permission setting since it is a shared folder. Default sharing setting is set to 'everyone'. This mean anyone in my company can browse to the shared file unless i set everyone security setting. I want to remove "everyone" and add users based on the user that i've already add at Security setting.
I am getting this error on my web site and it is preventing the site from compiling. The site is in full trust and the web site files are on the local drive. Web searches show that the only two issues are full trust not enabled or the files on a UNC path that is not trusted and neither is the case here. This site is on an Win2008/IIS7 server. Anyone have any ideas as to why this is happening or where to look for other trust level or security settings to resolve this.
View 2 Repliestwo weeks ago I read a MSDN(?) article how to grant/revoke permission for some users/roles/groups on a specific page or holder temporarily or with condion. The article shows how to do it Form_Load() in c#. But I can't find the link with googling or in MSDN library.
Please let me know if you know the url?
What I want to do is:
There is a folder called employeePDFs.
The folder will have 1000s employees' sub folder ({lastname}{firstname}{employeeID}). Each folder will have very personal indivual PDF files which are manually uploaded.
If an employee logs on, then the logon employee can view a page which has a list of PDF files in his own folder only.
Those PDF files can be assessed only by the user.
Currently i have membership and roles setup on my site. Now what is my next step to get more specific control.
Based on what i hav now, i have my pages setup so they are visible or not and links not visible and so on. But now on a more detailed level, say im setup as a user. As a user my default permissions is just to view data.. no editing. But say someone was let go, now instead of granting me full access to everything, i need to be able to go in and provide more permissions to the account.
Example:
Admins:
Add Users
Modify Users
Delete Users
Users:
View Users Detail (only the person that is logged in)
Since the the user that was let go was an admin. They had all the other options, but as a temporary thing, we need to be able to add say permission "Add Users" to the individual user account.
To accomplish this type of control, what do i need to look at to accomplish such a setup?
I have a custom ASP.NET application which is hosted in the SharePoint _layouts directory. The code uses the object model to do certain actions on a SharePoint list. I'm receiving the following error when trying to perform
[code]...
When I give my user account administrator rights on the server it works fine, so it's a permission problem, but can't figure out what it is?
I need to set folder permission programmaticcaly which is in my GoDaddy server. I have nearly 150 folders in my server so I cant change through server settings or IIS settings. I am using web application. My folder may go on increase in future.I have googled a lot of things.
1. Like Access Control List in System.SEcurity namespace
2.System.principl.security...
I cant able to change the file permission but not a directory.
I must allow all the users to write or move a file to the folder which is in read only mode. That should be done programmatically and should be dynamic.
i have three types of users and i want each one of them to reach only its pages not the othersi want to know what to do in database and the code
View 9 RepliesI have a very simple and stupid problem but I'm unable to find a solution. I'm trying to create folders and files locally through my code, however I get a permission exception when I try to write in a folder in my application. Normally I'd run this on a remote server, and ask the system administrator for writing permission on this specific folder, but I need to run this locally for the moment.
If I navigate to the file in windows explorer, and right click the folder and click on Properties, I can see that it's set as Read Only. However when I try to disable this tickbox and click on Accept, nothing happens. It ignores me, and next time I open the Properties of this same folder, it's still marked as Read Only.
I've googled this and found a solution which implies using MS-DOS and a command named "attrib". This is not working for me either. I also read about adding an ASP.NET account on my PC and granting the right permissions to this, but I'm not sure how to do is.
I'm trying to allow logged user who are in department XYZ to perform some task for my third party App. I have two SQL tables named Users & UserList. The third party app (GoldMine) graps the USERNAME from the Users table and store it as UserID which I then referecnce SessionID. The UserList table has two columns (GM_UserName & Department) which I'm interested in. When a user login into the 3rd party app (GoldMine), i then compare the USERNAME (from Users table) to GM_UserName (from UserList table) and see whether GM_UserName is in = 'Dept XYZ'. Take a look at the SQL query below.
sqlDept = "SELECT USERNAME FROM Users LEFT JOIN UserList ON UserList.GM_UserName=Users.UserName WHERE UserList.Department ='Dept XYZ'"
I'm able to do this.
If Session("Userid") = "TestUser1" Or Session("UserID") = "TestUser2" Then Do this Else Do that End If
BUT unable to do this...
If user's Department = 'Department XYZ' Then
Do This
Else
Do that
End IF
I am writing an internal web app for a company who wont to use their existing Active Directory Logins (rather than a seperate SQL Database User Login Table).
To do this I have done the following
web.config
<authentication mode="Windows">
<identity impersonate="true"/>
<authorization>
<deny users="?"/>
<!-- Allow Public Users to Access -->
<allow users="*"/>
</authorization>
<roleManager enabled="true"
defaultProvider="AspNetWindowsTokenRoleProvider"/>
End
This seems to work on my localhost but I have a couple of questions for you guys.
1) How does this process know which active directory to authenticate against? I know in code you can do
LdapAuthentication adAuth = new LdapAuthentication("LDAP://Server");
But there seems to be no way to do this in the web.config (I'm guessing it will just use the active directory on current machine it's running on?). Is there away to specify which active directory I'd like it to authenticate against?
2) If a user tries to access this remotely (i.e. not on their native windows account) what will happen, will it just default to a login form or just throw a "Permission Denied" error?
I want to create and write file in "C:windowssystem32" this path.some computer give the error access denied.i want some code in C# who give the permission to folder.
View 5 Repliesin my web project i got an error that i couldnt find any solution. the error says: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. when i work in local there were no problem i put files to our server and i changed the database also. when i work in server in web application in Default.aspx i can connect db and get values without any problem using my DataLibrary
BUT the problem in my web service i also use my DataLibrary in webservice but when i try to run a method in web service it gives me the error which is : System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
my new db connection is
strConnectionString = "Data Source=OURSERVERNAME\SQLEXPRESS;Initial Catalog=DoveTR;Persist Security Info=True;User ID=sa;Password=123456789;Pooling=True";
I'm currently intigrating with the SagePay merchant gateway and I'm come accross a little problem. I have a reg form that gets all the information I need to send to SagePay together. To split the reg form up into manageable chunks I've used an asp:Wizard control. So, In the final step of my wizard control I need to post the values off to sage. It's quite frustrating that I can't just substitute inishDestinationPageUrl="" for something like FinishDestinationPostBackUrl="" because that's what I need to do and would rather expect it to be that easy.
View 6 Replies
