Security :: Standalone Stored Procedure To Verify Credentials In Aspnet Database?

Apr 12, 2010

I have a requirement to develop an application in Excel VBA to talk to an MSSQL database.The client wants a login facility for a number of named users - I am going to setup these users in the aspnet tables in my database (aspnet_users, aspnet_membership etc).There is no facility in VBA to do automatic verification of a users credentials like there is in ASP.Net so I have developed a simple login form for the user to enter their username and password and send these to a stored procedure in the database. I am looking for a stored procedure that implements the ASP.Net hashing routine to convert the user supplied password into the same format as the database stored password so I can compare and return a true or false.

View 1 Replies


Similar Messages:

Security :: How To Use SqlClient To Verify User Credentials

Dec 3, 2010

I am building a web application that is limited to one database, thus I cannot use the handy ASP.NET config tool. I am attempting to use SqlClient to authenticate users from a user table I added to my database. Here is the code I have thus far:

[Code]....

[Code]....

View 5 Replies

DataSource Controls :: Verify My Stored Procedure

Mar 18, 2010

I just want to make sure I used SCOPE_IDENTITY() correctly to get the newly made TestimonialID

[Code]....


Is this the proper way to use it?

View 4 Replies

Security :: Encrypted Password - Sort Of Encryption Or Decryption In Order To Verify The Credentials

Jun 16, 2010

For our website, we have decided we would like to maintain our user passwords as encrypted binary data in our database. We are using ASP.NET 3.5 to host our site and SQL Server Express 2008 for the database, both running on the same server. When a user logs in and submits a username and password, there will need to be some sort of encryption or decryption in order to verify the credentials. To me, it would appear that there are 3 ways to do this:

1)[C# Encyrption] On User creation, perform encryption in the Web App and submit the encrypted password to the database. To verify credentials at Login, perform the same encryption on the submitted password and ensure that it matches the value stored in the database.

2)[SQL Encryption] On User creation, submit the plain-text password to the database and have it perform one of the SQL encryption variants during INSERT. To verify credentials at Login, have the database perform decryption on the password during the SELECT statement, and compare the plain-text submitted password to the one in the database.

3)[Mix] On User creation, submit the plain-text password to the database, and have it perform one of the SQL encryption variants during INSERT. To verify credentials at Login, perform the same encryption algorithm used by SQL on the submitted password ( is this possible? ), and ensure that it matches the value stored in the database.

Does anybody have an opinion as to which of these options is best? Number 1) is the most familiar to me, and would be the easiest to use with LINQ to SQL ( which is our current data model ), so I am leaning towards that. But if there are better options I would love to know about them.

View 3 Replies

Verify User Login Credentials Using Gmail (or Other Email Service Provider)

Jun 9, 2010

How to verify users login credentials using users login credentials of user's gmail account (like in stackoverflow on clicking gmail it takes to gmail login page and gmail verifies the user)

View 1 Replies

Security - How To Manually Verify User Against The Memberhip Database

May 18, 2010

I would like to know how I can verify a user's credential against an existing asp.net membership database. The short story is that we want provide single sign on access.

So what I've done is to connect directly to the membership database and tried to run a sql query against the aspnet_Membership table:

[Code]....

The problem is the password value, does anyone know how the password it is hashed?

View 3 Replies

DataSource Controls :: How To Convert The Oracle Stored Procedure To Sqlserver 2005 Stored Procedure

Apr 2, 2010

This is surareddy. i nead some small clarification in the "Stored Procedure"

how to convert the oracle Stored Procedure to sqlserver2005/2008 Stored Procedure.

right now i am enhancing the project that project already developed the oracle Stored Procedure. now our company is using sqlserver 2005/2008.

how to convert the Oracle Stored Procedure to sqlserver 2005 Stored Procedure

View 4 Replies

DataSource Controls :: Do Not Use Or Call Any Stored Procedure But It Says "Could Not Find Stored Procedure 'xxxxx'?

Dec 9, 2010

Initially, I have tried to use stored procedure. But I changed my mind and preferred to call sql query in codebase with command text. However, it stills tries to find initially-called stored procedure (which is neither called or exists).I think that it is related caching. But I tried it with different browsers it did not work.What might be the reason?

View 4 Replies

Security :: LDAP Throws Invalid Credentials With Valid Credentials Supplied?

Feb 1, 2011

I'm working on an ASP.NET project for the first time in about three years; in the meantime I've been working with Python/Django, PHP and Obj-C. Anyways, picked it right back up... except something that is totally killing me right now, and I have a feeling it must be staring me in the face:

I'm trying to bind to an LDAP server, for the purpose of authenticating users. The way it works here is, you bind on your own credentials, use that to find the Distinguished Name of the user you're authenticating, then you bind again on their DN and their password. If the bind is successful, the password was correct and the user can be authenticated.

Here's the problem - the first bind (on the fixed credentials, the ones with the ability to search for users and their subtrees) works fine. The search works fine. The second bind fails, no matter what, with the LDAP error INVALID_CREDENTIALS. This happens even when completely valid credentials are supplied.

Here's the code, with the usernames and passwords redacted, of course...

[Code]....

View 1 Replies

SQL Server :: Have A Stored Procedure Execute Another Stored Procedure During Time Period?

Jan 28, 2011

I could probably figure this out if I tried to, but I have been working so long on code, I'm a little fried

I have a stored procedure, and I want to execute another stored procedure during a time period of lets say 1/1/2011 to 12/31/2011

How Would I accomplish this?

View 4 Replies

Security :: Use A Dataset Stored Procedure To Insert Data

May 29, 2010

I am trying to insert a UserID column into a database table during membership creation. I have my tables set up in a dataset with the stored procedure in there. Now I am trying to call that stored procedure in the newuserwizard code and I it is not recognizing the stored procedure. I know it is because my dataset is not referenced in the newuserwizard code. Here is the code I am using:

[Code]....

The name of the stored procedure is "InsertUserID". I think I need to create a function that references the ataset but I am not sure how to do this..

View 6 Replies

SQL Server :: Stored Procedure - Specify The Database As A Parameter?

Jan 26, 2011

I have an application with 40 or so separate databases that share a number of identical table schemas. Each is for a separate agency that performs functions identical (nearly) to the others. I have a number of reports that involve complex queries that each agency is required to produce. There is a "top-level" agency that would like to run the same reports but have the data consolidated for ALL agencies. I have tried having the query generated simply re-produced for each sub-agency by using a "UNION" ..

SELECT .... FROM [Agency].[dbo].[Table] ... UNION SELECT ... FROM [Next Agency].[dbo].[Table]....

This works for a few agencies selected/included but when they try to select all agencies or more than a few, it fails because the query is too large. I have tested a stored procedure:

CREATE PROC Test @DB AS
SELECT ... FROM [@DB].[dbo].[Table]...

Thinking I can build a smaller query by having up to 40 items of "EXEC Test (db) UNION EXEC Test (next db)" That also fails.... won't permit the database specifier as a parameter (plus, I don't know if I can do a UNION on the EXEC results).

View 9 Replies

ADO.NET :: CSV File Import Into Database Through Stored Procedure

Sep 1, 2010

I want to import file ( CSV ). how to write a stored procedure for this purpose or any other way to import a CSV file into my database.

View 1 Replies

C# - Database Insert And Delete With Stored Procedure?

Jan 26, 2011

In my .aspx page, i have two textbox and one add button and one delete button.

I want simply, when entering data textboxes and click add button, adding to database with stored procedure.

When entering data textboxes and click delete button, delete from database with stored procedure.

How can I do that?

Simply I need 4 code part, add_click(), delete_click(), sp_add, sp_delete

View 1 Replies

DataSource Controls :: Execute A Stored Procedure Within A Stored Procedure?

Jan 18, 2010

Does anybody if it is possible that a stored procedure returns rows which is the result of the execution of another sp? Something like..

[Code]....

View 11 Replies

DataSource Controls :: How To Call A Stored Procedure In Another Stored Procedure

May 13, 2010

i want to return output parameter from 1 storeprocedure. into another stored procedure.

View 7 Replies

Security :: Change User's Password Via Stored Procedure In ASPNETDB

Aug 18, 2010

Change user's password via stored procedure in ASPNETDB. Changed to another post [URL]

View 1 Replies

Could Not Find Stored Procedure Dbo.aspnet_CheckSchemaVersion Using Administration Tool / Security Tab

Nov 1, 2010

I kept getting this using ASP.NET Administration Tool/Security tab: There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store. Could not find stored procedure 'dbo.aspnet_CheckSchemaVersion'.

View 3 Replies

Security :: Could Not Find Stored Procedure Dbo.aspnet_CheckSchemaVersion When Try To Use CreateUserWizard Control

Oct 16, 2010

Iam using Visual Studio 2010 ultimate. Iam trying to use a CreateUserWizard control, but iam getting this error below,eachtime i click the click user. Kindly guide me where iam getting wrong.this has disturbed me for two dayz,figuring out where the problem is but i cannot see it. Kindly see Both my web.config file below and the type of error iam getting.

<?
xml
version="1.0"?>
<!--
For more information on how to configure your ASP.NET application [URL]
&nbsp;
-->
<
<
<
configuration>connectionStrings>add
name="WebDataBaseConnectionString"
connectionString="data
source=.SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|WebDataBase.mdf;User Instance=true"
</
providerName="System.Data.SqlClient"
/>connectionStrings>
<
<
system.web>compilation
debug="false"
targetFramework="4.0"
/>
<
<
</
authentication
mode="Forms">forms
loginUrl="~/Account/Login.aspx"
timeout="2880"
/>authentication>
<
<
<
<
membership
defaultProvider="WebDataBaseSqlMembershipProvider">providers>clear/>add
name="WebDataBaseSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="WebDataBaseConnectionString"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
</
</
applicationName="/"
/>providers>membership>
<
<
<
<
</
</
profile>providers>clear/>add
name="WebDataBaseSqlProfileProvider"
type="System.Web.Profile.SqlProfileProvider"
connectionStringName="WebDataBaseConnectionString"
applicationName="/"/>providers>profile>
<
<
<
<
<
</
</
roleManager
enabled="false">providers>clear/>add
name="WebDataBaseSqlRoleProvider"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="WebDataBaseConnectionString"
applicationName="/"
/>add
name="AspNetWindowsTokenRoleProvider"
type="System.Web.Security.WindowsTokenRoleProvider"
applicationName="/"
/>providers>roleManager>
</
system.web>
<
<
</
</
system.webServer>modules
runAllManagedModulesForAllRequests="true"/>system.webServer>configuration>

This is the type of error iam getting below Server Error in '/AspDotNetWebsite' Application. Could not find stored procedure 'dbo.aspnet_CheckSchemaVersion'. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Data.SqlClient.SqlException: Could not find stored procedure 'dbo.aspnet_CheckSchemaVersion'. Source Error:

[Code]....

Stack Trace:

[Code]....

View 4 Replies

Insert Stored Procedure Doesn't Create Database Record

May 16, 2010

I have the following stored procedure:

ALTER PROCEDURE Pro_members_Insert
@id int outPut,
@LoginName nvarchar(50),
@Password nvarchar(15),
@FirstName nvarchar(100),
@LastName nvarchar(100),
@signupDate smalldatetime,
@Company nvarchar(100),
@Phone nvarchar(50),
@Email nvarchar(150),
@Address nvarchar(255),
@PostalCode nvarchar(10),
@State_Province nvarchar(100),
@City nvarchar(50),
@countryCode nvarchar(4),
@active bit,
@activationCode nvarchar(50)
AS
declare @usName as varchar(50)
set @usName=''
select @usName=isnull(LoginName,'') from members where LoginName=@LoginName
if @usName <> ''
begin
set @ID=-3
RAISERROR('User Already exist.', 16, 1)
return
end
set @usName=''
select @usName=isnull(email,'') from members where Email=@Email
if @usName <> ''
begin
set @ID=-4
RAISERROR('Email Already exist.', 16, 1)
return
end
declare @MemID as int
select @memID=isnull(max(ID),0)+1 from members
INSERT INTO members (................................

When I run this page, signup.aspx, provide required fields and click submit, the page simply reloads and the database table does not reflect the newly-inserted record. How do I catch the error messages that might be returned from the sproc? how to change signup.aspx so that the insert occurs.

View 3 Replies

Trying To Create Dataset (.xsd) And Link It With Stored Procedure In MySQL Database?

Jan 20, 2011

I am trying to create dataset (.xsd) and link it with stored procedure in MySQL database. the problem is when i connect it it's changing the schema name. like if I have this stored procedure name or table name or whatever :

News.tbNews the builder it self change it to :

def.News.tbNews. MySql version 5.5.8, MySqlConnector 6.3.4 I searched for a solution for this problem and one of the answers was to change the MySqlConnector from 6.3.4 to 6.3.6 !!! I download the new connector 6.3.6 but it's giving me Error while installing it.

View 1 Replies

DataSource Controls :: Enable To Create Stored Procedure In Database?

Jan 6, 2010

i am creating new database in my sql server 2000.But this database donot have any system storeprocedure. I am not able to create new store procedure in this database.

View 2 Replies

Web Forms :: Stored Procedure - Inserting And Retrieving Data From Database

Jul 4, 2012

I have used in line queries for inserting and retrieving data from database. How should i use stored proceduress

Insertion code

string strSQL1 = "select * from cust_details";
DataSet ds = new DataSet();
SqlConnection m_conn;
SqlDataAdapter m_dataAdapter;
m_conn = new SqlConnection(conn);

[Code] ....

Retrieval code

try {
SqlConnection conn3 = new SqlConnection(conn);
String q1;
//string ddl = DropDownList1.SelectedItem.ToString();
q1 = "select * from Product where ID ='" + DropDownList1.SelectedItem.ToString() + "'";
SqlCommand cmd = new SqlCommand(q1, conn3);

[Code] .....

View 1 Replies

SQL Server :: Write Code Of Stored Procedure / Create Stored Procedure And Write Select Statement In It

Nov 23, 2010

how can I create stored procedure and write my select statement in it, I know how to create dataset then put type stored procedure and assign it to the sp ... what I want is writing my sp... how can I make it ?

check the following code, this is what I want to write put I don't know where or how !

CREATE STORED PROCEDURE SP_CATEGORY

@CATEGORY VARCHAR(30)

AS

BEGIN

SELECT LATIN_NAME, ENGLISH_NAME, ARABIC_NAME, CATEGORY

FROM FLORA, CATEGORY_LIST

WHERE FLORA.CATEGORY=CATEGORY_LIST.CATEGORY_NAME AND CATEGORY_LIST.CATEGORY_NAME IN (SELECT * FROM SPLITLIST(@CATEGORY, ','))

END

where can I write this code ?!

View 5 Replies

Security :: Saving Stored Procedure Names And Connection Strings In Config Files

Aug 3, 2010

I have heard that saving connection strings and stored procedure names in web.config file of our application is not safe. It is a good practice to store the connection string in a config file rather than as a hard coded string in our code and if we need to change it,then it makes our job easier. how to protect our code in web.config?

View 4 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved