I have done forms authentication a couples of times before but this time I cant get my head around something.Somehow altough the user authenticated,the destination page does not get this.The destination page is called Approval.aspx and is located in the /Admin directory which is secured by having its own web config with those settings:
[Code]....
If I remove the <deny users="?" />,then everything works fine but obviously everyone has access to that page.I only want that the user of role Admin can access it. I have implemented the standard VS 2010 login controland the user gets to the destination page with a response redirect:
[Code]....
Why does the destination page not realize that the user is authenticated and does not treat the useras a user in role "Admin"?
[Code]....
While debugging the login page I can see that the user has the right role "Admin".
I have a basic intranet website for my company but there is one page that cannot allow anonymous as I need to grab the user's login. I created the site and everything works perfectly on my development machine. once moved to the production server it no longer works.
Here is the problem: I can get the login prompt when going to the secure page, but when trying to login I get a "401.1 - Unauthorized", even when trying to login as a server administrator. Here is the authentication portion in my web.config:
[Code]....
I have done this before and always gotten it to work. I hope I am just missing something very simple...
I'm testing this on my local dev environment using Cassini and on a test web server running IIS 6. Both systems/sites work the same way and allow anyone access to any page. Both systems/sites also return correct data when programmatically checking Roles.GetRolesForUser and User.IsInRole.
We use Sharepoint to control our websites. We build the sites, then load them into the sharepoint server. My question is if I use windows authentication, how can I get my role security in my web config file to coencide with the asp.net controls that use the Forms authentication. Is there a differenence? Our security uses a session variable for security but there is no where to set up their permissions except in active directory. I hope this makes sense because I would like to implement the LoginView with Role groups but how can I give them the role="administrator"? Do I have to go into active directory and give them these permissions(would take awhile due to the size of the company)? Or do I have to set up priveladges in the web.config file for each user(difficult I think)?
I have a login control that is working beautifully on my localhost, but not working on the server. It validates my username & password - and gives me an error if I enter an invalid username/password. However, if I enter the correct username/password, the page refreshes, but does not redirect me to the "ReturnUrl" that I see in the URL. I've seen posts on this, but nothing that I tried worked. I've tried setting the 'MembershipProvider'attribute of the login control. I don't want to set the DestinationUrl...I want it to take what is in the ReturnUrl in the querystring. I don't think it's a web.config issue cuz it works on localhost??
We have an application that is making use of the location tag in the web.config file at the machine level - meaning like :WindowsMicrosoft.NETFrameworkv2.0...CONFIGweb.config, the one that applies to the whole server - this application has lots of virtual directories under it and for each one there is a <location path="IIS Web App NameCustomerA">...This seems to work ok for that app. But then we have a second app on the same server, and I'd like to add location tags to that app's web.config file - meaning the local web.config file in the app's directory - and have each one of them specify a location tag in a similar way
it is show the page: http://localhost:3821/Errore.aspx?aspxerrorpath=/pagine/Ricerca.aspx
BUT on Errore.aspx Page_load() or OnError() are not called, and the page showed is just the standar one, (runtime error) that suggest to change to off the mode in customErrors.
This is on my pc, so there is not IIS... ...and I don't use authentication (not yet)
UPDATE:
The error occur in Global.aspx, in Application_Start() . When the error occur, redirecting to an .aspx page will cause an error because the app is not up. The solution is to redirec to an html page.
The event is simply not firing, what am I missing?
Code for the button: <input type="button" class="button hide" id="savetext" style="float:right;" value="Hello" runat="server" OnServerClick="savetext_Click"/>
And the code that is generated (i.e. when opened in a browser and the source is viewed) is this: <input onclick="__doPostBack('ctl00$Main$savetext','')" name="ctl00$Main$savetext" type="button" id="savetext" style="float:right;" class="button hide" value="Save to text" />
I've got <pages clientIDMode="Static" /> in web.config but the name and generated onclick event are prefixed despite that. Server side code: Protected Sub savetext_Click(ByVal sender As Object, ByVal e As System.EventArgs) End Sub
To be clear, my goal is to register a click on a button server-side, not just client-side.
I have created a website using visual studio 2010 on .net3.5 framework. When I run the site on my local system it works fine but on the external hosting server I am getting a 500 internal server error. Upon speaking to the hosting service provider, they advised me to delete the web.config file, having followed their instructions, the website works fine without the web.config file. But now I have added AJAX controls on one of the pages and am not able to run this page on the hosting server. Do I have to configure my web.config file in order to get this working. Could someone please help me with this.
Coding with ASP.NET 2.0 C# on a legacy application. The database is in MySQL I would like to know whether anything breaks if I delete the following lines from my code
I believe they all are not needed. Are they needed at all at present? What I would really like to know is whether anything breaks if I delete them. I would also like to know whether the snippet given below is relevant for ASP.NET 2.0
Now deploy to file system on local hardrive. Open resulting web.config and see <value> setting has extrac carriag return and bunch of tabs in front of it..
I created a http Module following this tutorial. The module just displays a simple "Hello from OnBeginRequest in custom module.".I've referenced it in web.config and then, to satisfy my scenario (at work we need to see a module in action for all websites on a server, with the minimal configuration) I installed the module in the GAC, then I edited the "global" web.config in order tomake the module work for all the my web applications
When running the ASP.NET Development Server, everything is working fine. However, when I deploy my asp.net application to the production server (IIS 7.0 integrated mode, fresh install), my location tags in my web.config file are being ignored.
Case in point: I'm using forms authentication, and when the user arrives at my login.aspx page, the external css & js files are not being loaded...even though I have specified that those files should be available to all users (auth'd or not). However, once the user is logged in, the files do in fact load.
For some reason the Custom Errors for 404 pages are not working on my production server, but they work fine on development. Instead of going to the custom 404.aspx page, it goes to the ugly IIS 404 page.
Here is my Custom Errors protion of my web.config:
[Code]....
I changed the defaultRedirect to also go to my 404.aspx page just to make sure I was catching everything, but still it does't work. I know I could change the IIS 404 error to also point to my 404.aspx page, but that will not work for me because I need to capture the "aspxerrorpath" in the querystring for .net 404 errors. The IIS method will not give me that.
I am just hoping it is a server configuration I missed somewhere, but everything on production looks the same as on development.
I am trying to make Login through webConfig but it is not working. When I click on Login with the user and pass it is not redirected to theAllowUsers page.
I'm having a hard time figuring out how to test email sending on my localhost machine that I'm using to develop the application on. Here is my function to send the email:
[Code]....
Here is the excerpt from my web.config file:
[Code]....
Here is the error I get when trying to test the code out:
An attempt was made to access a socket in a way forbidden by its access permissions 127.0.0.1:25
What could be causing this? Am I doing something wrong in my web.config file??? I know this isn't possible with Vista, but I'm running Windows 7 now.
[code]... causes the following error Cannot create an instance of UI.Common.Unity.RequestLifetimeManager`1[T] because Type.ContainsGenericParameters is true.How do you reference generic lifetime managers?
i am working on an application ,i have hosted on server. everything going fine . i have added a code to set session timeout in webconfig . but its expire default time .
I implemented the Location tag in the web.config file to authorize the anonymous users for Images folder. I deployed the code in IIS6.0 with Forms authentication mode enabled for the virtual directory. I disabled all other authentication modes. When I browse the login page, Images are not displaying. When I set Anonymous authentication in IIS6.0 for the Image folder, it works fine.
I made a custom server control library that all of our websites will be using. I have registered the dll in the global web.config of our production and development servers, and everything runs fine in the browser. The only problem I have is Visual Studio/Intellisense not recognizing my control. I get the error message "Unknown server tag...", which in turn throws other validation warnings. Does anyone know how to tell Visual Studio to include dll's registered in this location? Our sites are .net 4.0 and below is an excerpt from the web.config located in %SystemDrive%WindowsMicrosoft.NETFrameworkv4.0.30319Config on the servers.
Stuck trying to populate a dropdownlist with an ObjectDataSource using the wizard.
using the wizard i can successfully configure the datasource, then I can choose the datasource. The next step you should be able to select your display value and the selected value. However, these boxes are not populated within the wizard. I added a gridview to test the datasource and it displays fine.
Im uysing my custom login for user,and suppose im having a group of user who can login in.and rest of other should be deniedso how i can maintain that in web.config,
Within my site structure there is a folder called { Account } where I only want certain users to have access to. At University, my lecturer provided us with the following instructions:
Create new website and delete the default.aspx file in the Solution ExplorerRight click on the website path at the top of the Solution Explorer window and add a new folder. Name the folder Secure.To set up the security, select Website and then ASP.NET configuration.Select the Security link and in the Users column click "Select Authentication Type" and on the page that appears check the "From the Internet" option. Then click the "Done" button.Still in the security section select "Create Access Rules" and then click on the Secure folder and select "Anonymous Users" and "Deny". Then click OK. You can now close down this window.In the Solution Explorer click the "Refresh" button and you should see two web.config files appear.I am following his instructions to the letter, but I am not getting the {web.config } for my { Account } folder ! What am I doing wrong ?
PS. Is a users table in a database redundant in ASP.NET because there is already a user's table with roles built into ASP.NET ?
I need to set my logged in time in web.config but I do not know how? I get logged out after a while if I do no do anything in the website but I wanna be logged in for 120 minutes.
