Security :: Security And Authentication - Add Information To That DataBase Only To Specific Members?
Sep 21, 2010
I have an application that has a user Login Control (provided by ASP). I am just now working with the integration of a dataBase created in MS visual studio 2010, to a developed website created in MS visual web developer 2010. My main goal is to create an authentication ticket that enables a user to be able to see a dataBase information only after that user has been successfully authenticated.
Up to now I'm able to see the dataBase when i run the website even if I'm not log-in, how i can create a home page that tells the user to log-in and once that user has successfully log-in it redirects the user to another page where the user can see the database and how I can add information to that dataBase only to specific members
View 4 Replies
Similar Messages:
Oct 1, 2010
I have the following implementation and I'm sure there is an easy way to do what I want to do but I can't figure it out.
1. I use forms based authentication to authenticate to my site
2. I use active directory to authenticate the users
3. I use the Allow Users="xxx" tag to authorize the users limited to the list that can access my site. (e.g.. even though Mary is an AD user she can't access my site unless I put her credentials in the allow users tag in the web.config file)
All is working well but I want to move the users access list (e.g.. <allow users="john" />" from the web.config to a database table so that I can create a user maintenance page for my admins to add and delete user access. For the life of me I can't figure out how to do this and I can't seem to find an article on it either.
[code]....
View 1 Replies
Apr 28, 2010
Our site has a page for maintenance of existing members (e.g. adding / changing roles, etc.)This page currently uses a gridview to show a complete list of all members, based on GetMembers() method to populate it.However, as the number of users has grown to several hundred, it has become difficult to locate a particular user by paging through several pages.Is there a way to narrow down this list, maybe with a filtering textbox, so that as you start typing into that textbox, only members whose name contains the typed characters will show up in the gridview?
View 8 Replies
Feb 15, 2010
I want to use the login component with forms authentication, but i don't want to use the whole package. I have a database with users in it, and i create the users manually, through another section of my site. I will authenticate them using my own functions, in the Authenticate event.
But, specifying the forms authentication in web.config, i seem to recall having seen somewhere, that i could add pages that were protected, while the rest of the site wasn't.
How do i do this? Currently, i have only 1 page that i want to protect.
View 2 Replies
Oct 5, 2010
I have an "Admin" folder in my application that will include pages that I would not like to have anonymous access to. When a user attempts to load a page that resides in this folder, I would like to redirect them to a login page. Here is what I have in my config so far.
[Code]....
[Code]....
View 12 Replies
Oct 27, 2010
Following is my directory structure of my web application which is also configured in IIS as virtual directory
Web Site Root
|MasterPage (file)
|Web Config (file)
|Public Contents (directory)
|ShowNewWallpapers.aspx
|Admin (directory)
| Login.aspx
|WebSiteStat.aspx
|WebConfig file (need form security here)
How is configure my both web configs to solve my issue. currently i am getting following error
It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.
my root web config has default settings and my Admin directory has following settings
<system.web>
View 2 Replies
Aug 18, 2010
I've made a for a web app to use sql server session state, in the event viewer I get a re-occuring informatation message:
Event code: 4005
Event message: Forms authentication failed for the request. Reason: The ticket supplied has expired.
Event time: 17/08/2010 10:37:01
Event time (UTC): 17/08/2010 09:37:01
Event ID: 623a3b87c23541b9b8b49d9a9a167bde
Event sequence: 7699
Event occurrence: 124
Event detail code: 50202
Process information:
Process ID: 10188
Process name: w3wp.exe
Account name: NT AUTHORITYNETWORK SERVICE
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITYNETWORK SERVICE
It dosnt seem to be causing any problems, just filling the event viewer...
View 3 Replies
Jul 27, 2010
I have created a login form through VS 2008 using C#. There are 5 different aspx pages in my application.
1)Default.aspx: It contains only a hyperlink to direct the user to login.aspx page.
2)Login.aspx: This page has texbox for Username and Password, sign in button, textbox for displaying error and hyperlink (Create an Account) if the user does not created an account yet.
Here is Login.aspx code:
[Code]....
Now, I want to do following with my application.
If the user already has an account, he can put his username and password and click on the sign in button. If the username is existed in databse, application should compare the user input with database and if both are matched then the application should redirect the user to "welcome.aspx". If username does not exist it should show that Username does not exist.
View 9 Replies
Jan 1, 2010
while creating users/groups using web site administration tool, is there a way to configure it to store to a specific database rather than store to a Microsoft SQL 2005 Server Express Edition by default in the App_Data folder?
View 2 Replies
Aug 18, 2010
I m trying to use the profile system to get information of the authenticated user form the data base, just like the session system : the user is authenticated then I set same variable with information of this user coming from data base !I am familiar with PHP so i m trying to do it like that !Also, i woul like to join my own data base and the asp.net membership database !
View 1 Replies
Mar 28, 2011
when using Forms Authentication to validate against a SQL database, all the Forms Authentication samples utilizes the connection string from the web.config file. Is there a way of specifying the connection string for Forms Authentication to use, programatically at runtime?
Without going into great details, my web app will be utilizing different databases depending upon other factors. So, sometimes, the app will be utilizing Database1, and other times, Database2. Both databases will have the same Forms Authentication tables, just different values.I'm hoping there is a simple way of just specifying the database connection string to utilize, without having to go so far as to start implementing my own custom providers. Yet, I haven't come across any documentation that talks about how to do that (yet).
View 8 Replies
Aug 14, 2010
I wish to create a Single Login Page for the Various Applicatioins i am creating and So i wish to authenticate the Database connection in these other Web Forms (Landing Page) from the url.
http://localhost/Landing.aspx?<Username><Password>
How do i create this feature?? and then extract the username and password on the other web forms??
View 4 Replies
Dec 21, 2010
I am developing a web application which requires user to login. There will be N number of users using website concurrently. We have a MySQL database which will store user information like Name, User ID, Password etc. I am not able to understand on how to check username and password once they enter data using Login form which will be present in DB.
View 4 Replies
Aug 28, 2010
I am using Forms Based Authentication. I have extended the Forms Authentication Tables creating a custom table called Profile_Contact that holds the user's GUID, username, email address, and other information. I have another table called Profile_Account which holds company account information such as Company Name, address info, phone numbers etc. This table has a Key Field called IDProfileAccount. I include the IDProfileAccount field in the ProfileContact user table so I can associate the user with a specific Company. For the login page, I am using a basic login page created with using the Visual Studio login controls. When the user logs in, they are sent to the appropriate page as identified by the role the user has been given. This all works great.
Now I need to extend the login page so that when the user logs in not only is the user's name and GUID placed in session, I would also like to have the IDProfileAccount record placed in session as well so that I can filter the records the user sees as only those records of the Company the user is associated with. I know how to add static variable to a session and how to retrieve them to filter data, what I need to know is how to retrieve the data from the SQL table on login and sending it to the session. I would think it would be something along these lines:
[Code]....
View 3 Replies
Nov 10, 2010
I created a database for user authentication. After I pass loging parameters to the stored procedure in the database and they return a user ID for that user I use the following line for authentication:
[Code]....
User gets authenticated but the problem is that ASP.NET does not recognise the user as authenticated until the page is refreshed.
View 5 Replies
Mar 19, 2010
I have admin and member role, now i wan to do like, in the admin page, i wan to display all members only in a gridview Im using the default provider and database How should i do that?
View 5 Replies
Jun 17, 2010
I am trying to set up my intranet site so the user logs in with his windows domain account and that account is passed to the sql database to access the database. I have been able to succesfully set up the windows authentication to my website, but when I try to use
<identity impersonate="true"/>
in my webconfig I get a 500 errror on my site when trying to open any page. My server is 2008 R2
View 11 Replies
May 21, 2010
How to implement Forms Authentication using Cookies against database?
View 3 Replies
Aug 5, 2010
What is the best way to set up a members only section where users can edit their personal information, save profile images, view friends, view images, etc...? Would it be best to create a site map for just the members only section? when changing pages within the members only section is the userid passed in a querystring or something separate?
View 4 Replies
Nov 10, 2010
I have searched for an answer to my problem and could not find an answer anywhere.
I am rebuilding a website (converting it to use masterpages, usercontrols, asp.net memberships, etc using asp.net 4.0 C#) that has two different types of users. The problem is, the two different users have different roles ie. customers and employeers. Depending
on the role the user is assigned to they will have different things that should be stored in their profile.
For instance a customer would have all the basic elements of a profile, name, address, phone, etc. But it would also have some extra stuff like, a little bit about themselves, their resume, where they went to school, etc. On the other hand an employer would
have the basic elements but it would include details such as the position, a description of the position, contact for that position, etc.
Is there any way to have multiple profiles and still use the asp.net sql membership and profile provider?
View 1 Replies
May 19, 2010
Members cannot login when I move a site from development to production. I can see them in a page I made that reads the sql table.I checked the machine config file and the application name is "/" in both development and production. When I open the db in management studio I can only see new ones created during production. What gives, and how can I delete these 'ghost' users and re-create them in production so they can log on?
View 2 Replies
Dec 15, 2010
I have to invoke SSIS packages from web service in the most secure way. I think that windows authentication will be secure but i am not sure. I do not have much knowledge about how to achieve this and the information on the internet is very distributed.
View 1 Replies
Apr 6, 2010
We use Sharepoint to control our websites. We build the sites, then load them into the sharepoint server. My question is if I use windows authentication, how can I get my role security in my web config file to coencide with the asp.net controls that use the Forms authentication. Is there a differenence? Our security uses a session variable for security but there is no where to set up their permissions except in active directory. I hope this makes sense because I would like to implement the LoginView with Role groups but how can I give them the role="administrator"? Do I have to go into active directory and give them these permissions(would take awhile due to the size of the company)? Or do I have to set up priveladges in the web.config file for each user(difficult I think)?
View 5 Replies
Aug 18, 2010
I'm writing a simple Intranet application using windows authentication. I want to restrict access to Safe/UCantSeeMe.aspx. I am aware of the AuthorizeAttribute, but this only works on methods. I also found a good post on doing this with the MVC pattern, but I'm not using MVC. This can be done with roles in forms based security. I read on MSDN that using windows based security means roles are based on groups, but it doesn't go into any detail. how can I restrict access to Safe/UCantSeeMe.aspx?
View 1 Replies
Mar 17, 2011
We are using membership provider for LDAP authentication. It is working as it should.
But what all configuration settings I have to do so that
all the future requests to this application run under the security context of the Logged in user account not through the some default user set in IIS.
We need to have this working because all the permissions on the database are based on the logged in user.
We are using form authentication for LDAP authentication. And having impersonation = true in web.config.
View 1 Replies