I have a page which can only be seen by the members...no guest can Access tht page ...m using asp.net wid c# can i get an basic idea how do i redirect tht person to login page if they r not logged...and wid a condition tht if they r loggin already thn no need to show the loggin page they can directly access to the private page
View 2 RepliesI try to create a webbased application with vb 2010 and asp.net 4.
I have a main loginpage, from there users are redirected based on their roles, I have 2 subdirectories and a admin page. User are being redirect so that is not the problem, but when for example, I am on subdirectory 2 and type in the addressbar the mainpage of subdirectory 1, I am redirected to the loginpage and still being loggedin (I see the login page but also my username in the upper right corner). What suppose to happen, is when a user types an unauthorised url, they should get a 403 access denied page (because it should not be possible to go directly to an other sub folder) and return to their previous page.
In every subdirectory folder I have a web.config with authorization on allow and deny access.
how to create a login page and authenticate it by using sql..?
View 4 RepliesI wonder how they build visit conters that can be used on more tha one page?
View 1 RepliesI have an asp.net web site with 10-25k visitors a day (peaks of over 60k before holidays). Pages/visit is also high, since it's a content site. I have a few specific pages which generate about 60% of the traffic. These pages are a bit complex and are DB heavy (sql server 2008 r2 backend). I was wondering if it's worth "caching" a static version of these pages (I hear this is possible) and only re-render them when something changes (about once in 48hs). Does this sound like a good idea? Where would be the best place to implement this? (asp.net, iis, db) Update: Looks like a good option for me is outputcache with SqlDependency. I see a reference to some kind of SQL server notification for invalidating the cache, but I only see talk of SQL server 2005. Has this option been deprecated by Microsoft? Any new way to handle this?
View 2 RepliesI have a problem i want to check when prospect visit the website and see what page they link at in c#.
View 3 RepliesCurrently, I'm just using clientside Javascript (location.href), but I am wondering if there is a way in Asp.Net to figure out the URL the user originally entered (assume I did not change it myself via 301), or at least to track it in a simple and reliable manner. As I am using my own implementation of URL rewriting via the global.asax (e.g. Context.RewritePath), this is not an easy task, particularly since I don't want to touch it too much.
Example
Global.asax:
public override void Init()
{
base.Init();
this.BeginRequest += new EventHandler(Global_BeginRequest);
}
void Global_BeginRequest(object sender, EventArgs e)
{
if (VARIOUSCONDITIONS) Context.RewritePath("SOMEURL");
}
SomePage.aspx.cs
protected void Page_Init(object sender, EventArgs e)
{
//Request.RawUrl is equal to "SOMEURL", as
//are other properties that store the URL.
}
I am having a issue with my form authenticating the form. I checks to see if there is a password but does not authenticate. Here is my code.
[Code]....
I'm trying to create web securityOn the web authenticate any user that is in the database.But there is a directory called "Administration".I just want to give access path "Administration" to Triqui
<authentication mode="Forms">
<forms loginUrl="Default.aspx">
<credentials passwordFormat="SHA1">
[code]...
I´m building a home page where logged in users shall buy products. To be able to get to the buy page the user already has to be logged in. But when he shall execute the buy he has to reenter his password again to check the user a second time. How do I check if his entered password matches his user password? I´m using the ASP Membership library and I have passwordFormat="Hashed".
View 3 RepliesI have the IIS webserver on Domain A. I have many users on Domain B, C, D, E.
I've set the NTFS security permission for each user and his/her domain to the webserver's security ntfs permission folder. But it is still not authenticating. So what do I need to do to enable this feature? I am using windows 2003 webserver.
I am trying to modify my current page to have a login. My Current page has the user select a store via a drop down List. This DDL will need to be used as the user name. I would liketo add a Password textbox and the end of the page that the user would just type in there password and hit submit to submit the form is correct or pop-up that passowrd is incorrect and re-enter. I would like to use a Database on my SQL Server to autenticate the passwortd with the store. Does anyone have any sample code that will accomplish this.
View 3 RepliesI am trying to implement a small site which requires users to login using Forms based authentication. I have followed the tutorials found on various sites on the net and in particular the one at [URL]
This enabled me to get a sample environment in place but it seems as though I am having a problem authenticating a user for which I know the username and password are correct.
I have a ASP.Net 3.5 site with my login.aspx form in a folder named login, my default.aspx in the root of the site and my protected content in a folder called main.
I am authenticating against a SQL Server Express database, so I have ran the aspnet_regsql.exe command to populate my database.
I have added the following authentication/authorization lines to my web.config
<authentication mode="Forms">
<forms loginUrl="~/login/Default.aspx"
protection="All"
timeout="30"
name="AppNameCookie"
path="/FormsAuth"
[code]...
I believe that my connection string and my database are ok because if i use the ASP.NET Configuration from within Visual Studio I can create and manage my users and I can also see them in the tables in the SQL Server. Also if I do enter any incorect credentials in my login page the page tells me that the password is incorrect.
I got a username and password field which made by myself and a User database which is all manually made
So now I wish to know how to authenticate user using the username and password data enter by the user and match with the database data to verify user is a member and login?
For what i know, the code should be something like this
SELECT UserName, Password FROM dbo.User WHERE UserName - @UserName
@UserName = ?
How do i assign the value from my username text field to @UserName?
How can I authorize and authenticate users by roles? I have roles table and user's table, role Id is the primary key in the roles table and foreign key in the user's table.
View 4 RepliesI need to send a X.509 client certificate to a web service in byte array (not attached to request). Besides the certificate, the caller will also send data and signed data. From the web service I can verify if the signature is ok but I don't know what is required to verify that the certificate is ok. I have the client certificate issuer CA trusted in Server (where the web service runs).
More specifically, how can I verify if a X.509 certificate itself is valid? I need to do it in web service not from IIS.
I have configured Forms Authentication in my web config file as below.
Following is my code
[Code]....
The issue is that FormsAuthentication.Authenticate never returns true. This is a very simple website with only two pages and no other code(The code too was copied from MSDN).
[Code]....
question about how to use MS Access as the aspnetdb.mdb during a login and authentication with the use of VS 2010 with framework 3.5. Reason: My current provider does not support MS SQL and only ms Access and MySQL as databases.I wanted to implement a login and authentication and based upon an artikel about ASP.net 2.0 i saw, that basically Access was the first choice in those days.Is it still possible to use Access? and how to implement this?Is this a matter of using connectionstrings inside web.config with Microsoft.ACE.OLEDB.12.0 ?Hope that i get an answer which i understand, since my knowledge about these things is not that big.
View 9 RepliesI face this problem when my client setting the LAN like this: the database server is in server A, the web application is in server B, and the windows login server control (is it what we call "windows domain"?) is in server C.
When I use windows authentication in the web application I built, it checked only the windows account in server B. How to authenticate with server C's windows account?
I Need to Authenticate a User by using FormsAuthentication.SetAuthCookie and Check User is Authenticated in Another page Load How to Do this anyone?
Login Page
if (txtuname.Text == "mike")
{
FormsAuthentication.SetAuthCookie("mike", true);
Response.Redirect(FormsAuthentication.DefaultUrl);
}
Welcome Page
PageLoad()
{
}
I am working on an app where users are only allowed access if they click through from certain URLs. I.e. I need to authenticate by using the referral url and I am using
Request.UrlReferrer to achieve this.
I am guessing that the Request.UrlReferrer can be tampered with by malicious users to gain access...
I have tbl_Roles table.
How do I authenticate my website with data at tbl_Roles table.
I am trying to build a security webservice that gets credentials from client application login Pages/forms and returns authorization and token(to manage session) information after authenticating using Membership provider. I am having a problem in Securing my webservice and using LDAP and Database together as an identity store distinguished based on a flag provided by clint applications.
View 4 RepliesI currently have a website up and running and working correctly with godaddy.com using the out-of-the box authentication with an aspnetdb sqlserver database. I have users on this site and am very hesitant to change anything with this database or the web.config file from the working site for fear of wrecking it
So, my challenge is that I need to authenticate a separate application using the same aspnetdb.mdf file without any crossover to my 1st application. I've noticed that the ApplicationName that is currently in my aspnetdb database for the working application is just "/". I know that I'll need to have 2 separate entries in the aspnet_Applications table to define these two applications and then somehow register those names within their respective web.config files - but wanted to have step by step instructions on how to this so as to not "break" the 1st working application that is already live.
Can anyone point me to a document on what changes I will need to make?
Also, with the default create user wizards I'm using, how will it know to create the new user information with the correct application ID so that the user information from one application is not visible to managers of the second application and vice/versa?
I have a web application that authenticates against AD. On the first login attemt it takes roughly 30 seconds to login. On subsequent requests the login occurs almost immediatly. I've searched all over google and this forums and noticed several people with the problem and everyone seems to have a different solution of which none work for me.
[code]...