Security :: Using Authentication For Certain Sections Of A Webpage?
Aug 6, 2010
I currently have a website which I want everyone to be able to view, authenticated or not. But if someone does sign in, I want different controls and different C# code to be run on the page.
At the moment I have not put any asp security in. I just have two text boxes that check against the database then keep the user logged in using a session variable. Each page then checks to see if the logged in session variable has a user in it and runs the code.
I'm assuming this is not the most secure way, is there a way to do this correctly?
View 2 Replies
Similar Messages:
Apr 28, 2010
I am new to this so forgive my lack of techical jargon/understanding.
We have and active directory setup in our dmz for 'external' user authentication to our web sites. This works fine...
We also have 'internal' users who have been authenticated to our 'internal' active directory. That works fine.
The problem is that we would like the internal users to be able to access the web sites on the web server in the dmz without getting prompted for authentication a second time...the user has already logged into the AD internally. Is there a way for this to happen? Currently they are being prompted for their credentials any time they go to login to a web site that is located in the dmz.
View 1 Replies
May 7, 2010
I have a web page that has lots of different parts to it (i.e many data grids). The page takes quite a while to load up because it is running all the stored procedures to populate each grid so the user is left waiting for the whole page to load.
I would like to improve this by loading the page a section at a time so that to the user is not left waiting for the whole page to load up before anythin can be viewed.
What is the best way to tackle this problem. Do i need to use threading or would i being going down the wrong path looking into that.
View 1 Replies
Mar 15, 2011
i have a web page and what i was wanting to do is divide it into lets say 4 quadrants, and in each quadrant i have a control ( a gridview whaich has data dound to it) .
when a user clicks on lets say one of the four the grid does a drill down and display the results in that particular quadrant only while the others are left untouchd .,
how can i go about doing this ?
View 3 Replies
Mar 9, 2010
Is there any tools available to encrypt and decrypt Asp.net Web configuration sections like connection string ,etc.?
Can i get any add-on for this?If i use Enterprise Library i can do so,but without that is there any simple utility available?
View 1 Replies
Jul 22, 2010
I would like to encrypt the connectionstrings section in my web.config file using the : ASPNET_REGIIS utility However I'm running Windows 7 pro, that is without any IIS.
Is it possible for me to do it.
The path (on my local pc) to the website containing the web.config file is like this:
C:UsersmyUserDocumentsVisual Studio 2010ProjectsmyWebsitemyWebsiteWeb.config
View 3 Replies
Jul 20, 2010
I'm trying to programmatically encrypt the connectingstrings section of my web.config, using the below code, which I have gotten from here.
[URL]
The problem is that nothing happens when I click encrypt.
This is my code.
[Code]....
[Code]....
And this is the web.config
[Code]....
Has I understand is the section should be encrypted, but it never happens.
View 4 Replies
Apr 21, 2010
How to provide authentication based on a Active directory security group for a ASP.net webpage. I am using c# laungauge and .Net framework2.
View 3 Replies
Aug 17, 2010
am trying to get URL of the page that referred the request to my page, i tried the "
[Code]....
[Code]....
[Code]....
[Code]....
View 5 Replies
Jul 14, 2010
This could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.
View 3 Replies
Jan 4, 2011
What's the difference between Basic Authentication and Integrated Windows Authentication in IIS?
View 3 Replies
Mar 10, 2010
I set authentication mode to Windows in the web.config and I enable Windows Authentication and disable the Anonymous Authentication in IIS 7 on win 7, but HttpContext.Current.User is always null.It works fine when I host the web app in IIS 6.0.
View 1 Replies
Sep 3, 2010
What do I need to do in order to change an application from Forms Authentication to windows authentication?
View 2 Replies
Aug 9, 2010
I have a web farm web project, and want to make sure windows authentication is working well without any problem in web farm, can any one give me some web sites or information about that?
View 1 Replies
Feb 8, 2010
Am going to develop authentication part in the web site. I want my authentication module should not be hacked by any one and also want in secure side.
View 1 Replies
Sep 2, 2010
I needed information regarding the capabilities & integration of AzMan tool with Asp.net.Currently, I got a Sharepoint 2007 website along with ASP.NET 2008 where I am using Form Based Authenication.Now, the requirement is any user within a domain registered in AD should be able to login in website through intranet.
Can I acheive this using AzMan, or I need to create two websites one with FBA for internet users and the other one for the intranet users with AD authenication. Also my intenet website is deployed and in use where usermapping and roles are already created, so using this tool what will be the impact on existing webiste.
View 2 Replies
Nov 4, 2010
I'm trying to hit my intranet website and get it to run a simple sql query as the windows user I'm logged in as.
When I debug through Visual Studio, everything works great. When I hit the webserver though, I get an error from sqlconnection saying, "ERROR:Login failed for user 'YOUR_DOMAINYOUR_WEBSERVER_NAME'."
Request.ServerVariables[AUTH_USER]: YOUR_DOMAINUserBob
System.Security.Principal.WindowsIdentity.GetCurrent().Name: NT AUTHORITYNETWORK SERVICE
Page.User.Identity.Name: YOUR_DOMAINUserBob
System.Threading.Thread.CurrentPrincipal.Identity.Name: YOUR_DOMAINUserBob
[Code]....
View 2 Replies
Jun 3, 2010
I have developed the authenticated rss feed using the basic http authentication for my site.I also have the admin module for the site which uses the Asp.net Forms Authentication .Both are in the same project.When i turn on the forms authentication module to None in my web.config.My rss feed authentication works fine(the browser pop up the dialog box for the username and password) and upon entering the username and password the rss feed gets displayed.But with forms authentication turn on when i click the rss feed link i am getting redirected to the administrator login page.
If i set my authentication mode to none than the feed works like dream but the admin module do not work as it uses forms authentication.
How can i resolve the conflict for that one.I am using the asp.net mvc filter on my feed contoller to pop up the dialog box for the username and password.
[Code]....
View 1 Replies
Feb 16, 2011
I'm developing an internal booking sytem. Users log in to the sytem and can view existing bookings and search for bookings. They can also create new or edit existing bookings. When completing such actions I need a confirmation prior to completing the booking or updating the recorded. The confirmation is based on a reauthentication of the user.... in otherwords he needs to enter his passord again.
How can I achieve this? The system is internam and I'm using Forms Authentication. I an also using roles as som of the admin forms can only be viewed by administrators.
View 1 Replies
Dec 15, 2010
I have to invoke SSIS packages from web service in the most secure way. I think that windows authentication will be secure but i am not sure. I do not have much knowledge about how to achieve this and the information on the internet is very distributed.
View 1 Replies
Apr 6, 2010
We use Sharepoint to control our websites. We build the sites, then load them into the sharepoint server. My question is if I use windows authentication, how can I get my role security in my web config file to coencide with the asp.net controls that use the Forms authentication. Is there a differenence? Our security uses a session variable for security but there is no where to set up their permissions except in active directory. I hope this makes sense because I would like to implement the LoginView with Role groups but how can I give them the role="administrator"? Do I have to go into active directory and give them these permissions(would take awhile due to the size of the company)? Or do I have to set up priveladges in the web.config file for each user(difficult I think)?
View 5 Replies
Aug 18, 2010
I'm writing a simple Intranet application using windows authentication. I want to restrict access to Safe/UCantSeeMe.aspx. I am aware of the AuthorizeAttribute, but this only works on methods. I also found a good post on doing this with the MVC pattern, but I'm not using MVC. This can be done with roles in forms based security. I read on MSDN that using windows based security means roles are based on groups, but it doesn't go into any detail. how can I restrict access to Safe/UCantSeeMe.aspx?
View 1 Replies
Mar 17, 2011
We are using membership provider for LDAP authentication. It is working as it should.
But what all configuration settings I have to do so that
all the future requests to this application run under the security context of the Logged in user account not through the some default user set in IIS.
We need to have this working because all the permissions on the database are based on the logged in user.
We are using form authentication for LDAP authentication. And having impersonation = true in web.config.
View 1 Replies
Sep 21, 2010
I have an application that has a user Login Control (provided by ASP). I am just now working with the integration of a dataBase created in MS visual studio 2010, to a developed website created in MS visual web developer 2010. My main goal is to create an authentication ticket that enables a user to be able to see a dataBase information only after that user has been successfully authenticated.
Up to now I'm able to see the dataBase when i run the website even if I'm not log-in, how i can create a home page that tells the user to log-in and once that user has successfully log-in it redirects the user to another page where the user can see the database and how I can add information to that dataBase only to specific members
View 4 Replies
Apr 1, 2010
I am using asp.net mvc and jquery to make ajax requests and when the session times out after an ajax request the full sigin page gets loaded into my ajax div.
How can I display a modal popup instead of making a redirect when a session times out?
View 2 Replies
