Security :: Accessing User Id Immediately After User Signed Up
Jan 8, 2011
On our website users can sign up. The sign up controls (converted to a template) has the usual text boxes and then the create user button. When pressing this button the account is created. After reloading the website, the user can see his credentials in his 'my account' tab. Question: How can we access the newly created user (especially his userid) right after the create user button was clicked? Right now this does not work, we can only start accessing this after the page has been reloaded. But surely the account is created the instant the button was pressed. I have tried this:
But it looks as if the user is not yet logged in at this stage. Can this somehow be forced so that we can access the newly created userid right after the user has clicked the create user button?
I there a way to get the user id that they signed on to the computer with from web site project, without changing IIS so they will have to login? This will be interanet and remote internate users.
Using the form view control, when I click on the edit button to modify a record. the form is in update mode. When I clcik the update button any modified data is posted, but, for some reason the name in one filed named, user_update_name, does not. The name in the field will not change unless the field was empty. For example, if test1 was the last user to modify the record and the user_update_name field was empty, the field was now say Test1. If Test2 modified the same record, Test1 name will still display in the field. The command that fires when the update button is clicked.
Imports System.Data Imports System.Data.Common Imports System.Configuration Imports System.Collections Imports System.Web Imports System.Web.Security Imports System.Web.UI Imports System.Web.UI.WebControls Imports System.Web.UI.WebControls.WebParts Imports System.Web.UI.HtmlControls Imports System.Data.SqlClient Imports Microsoft.VisualBasic Protected Sub FormView1_ItemUpdating(ByVal sender As System.Object, ByVal e As System.Web.UI.WebControls.FormViewUpdateEventArgs) Handles FormView1.ItemUpdating frmPartsDS.UpdateParameters("user_update_name").DefaultValue = User.Identity.Name End Sub
I have develop an ASP.NET website and I want store some uploaded files in a shared location in some different server. On that server one user has the access.
how it is possible to get the access of the shared location on the server with my Web site?
I am using my aspnet membership for storing user profile related information in the database and I am looking for a way to access that information out of database from a function like Member.GetProfile. I am just wondering of any of the membership classes give thet functionality that I can actually access the information out of Membership database.
Somebody suggested me follwowing thread:
[Code]....
I am "Profile" object is not recognized in my code I think they are trying to refer to some some instance of a class here by the word Profile but I am not sure what instance is that.
I have a machine in MyDomain on which i have deployed the website and file server as virtual directory. For file server i have created an application pool with identity as UserName and Password. And file server directory setting as Integrated Windows Authentication instead of Anonymous Access. When i am accessing file server from outside the domain then it is asking for user name password. After providing the credentials it open the file. Now i am trying to access the file server from wbsite using the machine outside the domain.Before accessing i am impersonating the current user with user which is present in identity. But after redirecting to the file server url it is again asking the credntial. why it is asking the credential if i have already impersonated the user.
In ASP.NET, Session_End will be fired when the Session is time out then I can guess the user has left or close the Browser window in this method. But there is some delay till time out, is there any better solution?
i am working in asp.net and csharp, we have 10 user, but certain user only need to put dataentry. how to enable and disable based on the user to access certain form ,like add, modify view options.
I've got a web site that has a master page and that master page (mpMaster that has a user control ucControl1) which has a sub user control (ucControl2), this user control has a property which accepts a value. Now, I have a page that uses the master page and on this page I have another user control (ucPageControl), I need to find a way of setting the value in ucControl2 from ucPageControl. Is this possible at all?
Let suppose, I am building an asp.net website which has login scenario in it. I want to provide a certain functionality to the website that if the user is already login on computer 1 and now try to login on computer 2, so he will be allowed to remain login on computer 2, while automatically logout him from computer 1. I also know that http is a stateless medium, so whenever user interact with computer 1 and try to interact with the page, it will get noticed at that time.
I'm trying to allow logged user who are in department XYZ to perform some task for my third party App. I have two SQL tables named Users & UserList. The third party app (GoldMine) graps the USERNAME from the Users table and store it as UserID which I then referecnce SessionID. The UserList table has two columns (GM_UserName & Department) which I'm interested in. When a user login into the 3rd party app (GoldMine), i then compare the USERNAME (from Users table) to GM_UserName (from UserList table) and see whether GM_UserName is in = 'Dept XYZ'. Take a look at the SQL query below.
sqlDept = "SELECT USERNAME FROM Users LEFT JOIN UserList ON UserList.GM_UserName=Users.UserName WHERE UserList.Department ='Dept XYZ'"
I'm able to do this.
If Session("Userid") = "TestUser1" Or Session("UserID") = "TestUser2" Then Do this Else Do that End If BUT unable to do this... If user's Department = 'Department XYZ' Then Do This Else Do that End IF
I deployed a website where a logged user or an anonymous user can select data and download a XML file. The website generate the XML file in the server and then deliver it.
It works fine in my development environment, but after deployment, the anonymous user can download the file, but the logged user receive this error:
System.UnauthorizedAccessException: Access to the path 'd:HostsLocalUserheringerwebsiteUpload20110107094051.xml' is denied.
It is weird that as anonymous i can do it.
The website server help states this:
"Grant write, modify, delete access rights on website's folder
Your website executes under unique user account that by default has full control over the website's folder. So your application can create, open, read, write and delete files and folders inside of your root folder.
There is no need and no way to change this permissions.
If, when running ASP.Net application, you still unable to create file or update it, you have to check your Web.Config file for "<Identity impersonate..." tag and remove it.
The only exception is when the application tries to modify a file or folder in "Application_Start" event of Global.asax file. This is by design that user authenticated only after the Application_Start even. Before the user is authenticated your website runs under an identity of Application Pool which is "Network services". That account doesn't have access to the folder of your website.
To make it work you eather have to move the code that tries to modify files or folders out of the "Application_Start" event of the Global.asax file or inside the event you'll need to impersonate your user by code."
But i am not using impersonate and the tag is not in my web.config.
I am createing user dynamially with the below code; string MyPassword = Membership.GeneratePassword(8,0).ToString(); Membership.CreateUser(TextBox7.Text, MyPassword, TextBox8.Text); but before I start creating, I would like to check if the user name is used before or not.
I facing a problem here. how can I make the create user wizard category all the new user become normal user role? I have created 2 role which is Manager and Normal User. Normal User can't view the Manager page. But after i create a new user account, i can view manager and normal user page. I want to make all the new member registration will be normal user role?
I have an extranet site (asp.net), we want that if an employee click on the link, it will automatically get them in. But if an external user does it, they will be redirected to a login page.
is it possible? how to know if a request come from internal user (employee) or external user (vendor).
Our application lets the administrator create new users. Since the administrator is logged in, I have set Logincreateduser = false so that the administrator is not logged out even after creating the new user.
The problem is :I need the userid of the newly created user to store additional details of the user in another database table. I see that i can get the username using Createuserwizard1.username; but how do I get the userID?
I have a custom membership user class and custom MembershipProvider working against database. Due to security reasons the user passwords are stored in the database as hashed values. So my procedure
public override bool ValidateUser(string username, string password) is { //select hashed password from db return (EncodePassword(password) == dbpassword) } [code]....
have a web in which there are different areas i have a 1 admin which manage all things like news, Events, Notices, Logs, Forums, Publications etc.........i want assign user rights that select user view only Noticesselect user view only Logsselect user view only Newsetc....
I am using form authentication in my website. I have a scenario wherein the user is authenticated but the session has timed out. So, i would like to initialize some session variables in Session_Start of Global.asax (First i check if Request.IsAuthenticated=True). For that i required the name of the user who authenticated. On .aspx pages we can get it using Page.User.Identity.Name but how to get it in global.asax page.
