Security :: Create / Manage Access Rules For Membership Roles Through Code?
Jan 19, 2010
I'm using vs 2005 and asp.net 2.0 to create my website. Recently, I thought about applying membership instead of my customized security system in order to achieve higher security level and performance. At first thing went well, since it was easy to create/manage users and Role names from behind code, but when I came upon the "Access Rules" I faced what you can call it an 'obstacle' at least from my opinion.
The thing is, I don't want to use Asp.net Web Site Administration Tool to create and manage my access rules which I'm going to assign to each of my dynamically created Roles. What I want to be able to do is make a page where the Admin can create/manage his desired Role(s) and also, create/manage the Access Rules, then add such Access Rules to the previously created Role(s).
Now, what I need to know first is... is it even possible to do such thing in the first place? Because the way i understand it is, since the access rules are stored in the web.config of each folder/directory that you apply them on then it shouldn't be allowed to modify it from the running/published website.
View 4 Replies
Similar Messages:
Jan 20, 2010
in my app i want to create two types of users. (1) 'staff' (2) 'admin'
i have a page called registration which basically creates a user. i used the asp.net configuration wizard to create roles and set access rights to certain pages and this works great.
however, if i was to deploy this app then users wouldnt have access to the asp.net wizard therefore not be able to create users with roles/access.
so how can i do this in code? can i create a drop down in the registration page with two values (staff and admin) which will represent roles and then another drop down with access rights? (allow/deny)
how can i now program these drop down and make it work like i would normally do using asp.net configuration wizard?
View 8 Replies
Sep 23, 2010
I am working on an application that resides on a development server on our internal network. The application was originally written to use Membership and Roles. We got busy almost a year ago before the app was finished, and now we are trying to get it ready to use internally.
The login page works just fine, but I have lost the ability to controls users and roles. I am running Visual Studio 2010 Professional now on a Windows 7 VM. I can open the application fine but there is no Web Administration Tool available for me to manage users or roles. If I go to Website -> in Visual Studio, there is no option for ASP.NET Configuration in the drop down menu. It simply isn't there.
How can I regain access to manage users and roles for this application? We are using Forms authentication and the database resides on a SQL Server 2005 instance on a separate box from the web server and my local VM.
View 1 Replies
Sep 21, 2010
i want to implement asp.net role provider to assign users over my LAN to roles and have my asp.net intranet app implement security based on roles.
i dont want to use VS to manage this with the built in tools but rather hand this off to users to manage themselves. i want an admin folder with a page(s) for admin roles to be able to create/edit roles and manage users in roles... this way an admin can add a domain user (MyDomainUsername) to a role such as ProojectManager or Tester or Developer... and users wont need to contact me for these tasks...
can anyone provide me a link (or some sample code) to some sample i can use to admin roles and users over a LAN in asp.net with c#?
View 1 Replies
Mar 16, 2010
I want to create the roles,membership and user data on ISeries AS 400 rather then the one used in APP_Data.
View 4 Replies
Sep 21, 2010
I am using asp.net membership for all the users and roles, right now i have a website on which i have created 2 roles "admin" and "member" in this website i create accounts, so all the accounts are separated/distinguished by account name now i was to add one more role "accountholders" and i want to add this role in such a way that an account holder will be able to see his / her account's stuff ...
i as admin will be creating username and password for accountholders and i will provide them their login credentials so that they can login and see what's in their account. My idea of creating account is that, the accounts that i have in my database will be the key, so when i will create username for particular account , in the create user wizard i should have a drop downmenu will all the accounts name. so the user that i am
creating will be linked on that account only ..
View 4 Replies
Apr 24, 2010
[ASP.NET 3.5, FormsAuthentication, SQL Server]
In the Roles table there is Role, and RoleType.
I have 3different roles, 2 of which have sub-roles.
Example
Role----------------------Type
Adminstrator
Subscriber---Basic
Subscriber---Business
I need to implement Code Access Security, and URL based security using the roles & types...
For instance, the (Subscriber/Basic) would need to view a different set of pages, and have different access to things then a (Subscriber/Business).
I think I can handle the Code Access security with a custom attribute, but I am unsure to how enforce a User be apart of 2 roles in the URL Authorization.
I am currently using the web.config to deny/allow access to the directories/pages.
e.g.
/Areas/Admin/web.config
[Code]....
Is it possible to force the user to be apart of 2 roles with this technique?
View 1 Replies
Jun 12, 2010
I am using loginview control to manage membership loggled in data and anonymous data. But since I have to copy entire data to login view template. I think it is not perfect solution in case i just have few differences in all type of templates. I tried to use loginview whenever I actually need it. But it supports just after form declaration.
Also what if I need to have multiple loginviews. Is there any way to do this manually. I just dont like to copy entire design for each template and just like to manage identical changes.
View 1 Replies
Mar 1, 2010
Pls explain the Membership Roles in MVC ASP.NET 3.5
View 1 Replies
May 7, 2015
Other than WSAT as I don't want to have to use the CMD bypass to access it using VS 2013, how can I administrate users/roles on my web forms web site and be able to administer them via the website from a different location.
View 1 Replies
Jul 29, 2010
Lets say that I have a database set up with a load of info in it and I decide I want to add the membership and roles functionality to my site but my hosting provider makes me pay for each database I use. I don't want to pay for another db, so how do I set it up so that instread of creating membership and roles tables in the the aspnetdb database, it creates them in my existing database?
View 5 Replies
Feb 3, 2011
I need to enable/disable roles using membership. How is it done.
View 3 Replies
Feb 9, 2010
I am trying to load all the roles into my dropdownlist but I keep getting an error saying IDatasource is not listed, I have the following code:
Roles.datasource = Roles.GetAllRoles()
Roles.databind()
What Else do I have to do?
View 3 Replies
Aug 26, 2010
I'm trying to build a portal kind of an application in asp.net, in which one of the functionality is letting people log in and upload their documents. The upload page is only accessible to registered users of the portal.
Problem:
I would like to track the user uploaded files according to their userIds.
Is it possible to use the FileUpload Control and C# to fetch the current user id, create a directory with the same name(as that of userID) in the file system and upload the files( multiple file upload, if necessary) into it?
Also another admin page would have to be able to see the list of files uploaded by the specific user and download it if necessary.
View 9 Replies
Mar 20, 2010
have a project where there are main 3 types of users i have to block them from accessing other pages but without using roles or membership is there any other way to do the same?
View 3 Replies
May 7, 2010
Its very easy to add users to roles by using the in built controls. but how can add users through customized login controls?. i have tried using
//MembershipUser m = Membership.CreateUser(name, pass, null);
View 3 Replies
Mar 26, 2010
I have developed an asp.net website. I Have Used Asp.Net membership provider.My Question is , I Have Three Roles , For Eg: Basic, Intermediate, Admin ...Now , i need to apply two roles for single page say basic and admin .... How can i do this ... Plz help me .... Thanx in advance ......
if (Roles.IsUserInRole("Admin") == false)
Server.Transfer("AccessDenied.aspx");
View 6 Replies
Jan 16, 2010
I have a client asp.net website that uses ASP.Net Membership, Roles and Profile providers and Login controls. I need to expand the application so was going to use WCF Workflows, the ASP.Net website will be hosted on a different server than the WCF Services so what I want to do is get the ASP.Net Website to auth via the WCF Service. So process will go:
ASP.Net Website ------------------> WCF Service ------------------> SQL Database (Membership, Roles, Profile, Workflow Persistence Data and Business Data)
I tried creating a custom Membership and Role providers but I have had problems managing the users (Membershipuser class) saying null when a vaild user has been return by the WCF Service as can access the properies but not the methods.
View 5 Replies
Jun 18, 2010
Is it possible to have the same DB and web.config for both local development machine and the final production server(with forms authentication)? I'm asking this because if I change anything in the ASP.NET Configuration screen(should I use this at all?) I loose the ability to login. Don't know what to put in the <Membership><applicationName>, should it be /myapp-editor or just /, it's different since it runs on two different domains/servers(final server doesn't have an application dir, just root). How can I make sure that the user created on one server will be usable on the other machine?
View 3 Replies
May 21, 2010
i have been creating a website on my computer which has VWD 2008 and SQL Server 2008, i have membership and role system set up, (using the aspnet_regsql) and that worked perfectly fine on my compuetr.
Now when i was ready to deploy it on my web server, i simply copied the whole database, and added it onto the SQL Server on my server, so it has exactly the same rows, tables, data, etc etc.
Now, when i run the website via the domain, users are able to login etc, and my authentication code that redirects users if they are not logged in also works, so im sure it cant be a problem with the membership provider, as it all seems to work.
But all the users that were already in the set roles, it still shows them in the role in aspnet_roles table, but its not working, the thing i have in the roles loginview does not display, and even after running the web administrator tool, it shows that the user is in that role, but does not work (even while viewing on the local machine)
So i added code in a page_load event that would auto add that user to the role
System.Web.Security.Roles.AddUserToRole(HttpContext.Current.User.Identity.Name, "TestRole");
and on entering the domain (on the local server) i got error:
The role '' was not found.
And on local host server
I get error:
The user 'TestUser' is already in role 'TestRole'.
But yet, even on the localhost i still cant see any indications that the user is in a role, as none of my rle login views are showing.
The role '' was not found.
View 5 Replies
Jun 14, 2010
I tried googling this and have had no luck. I would like to implement membership roles without any reference to email accounts or smtp. Does anyone have information on this topic?
View 4 Replies
Jan 15, 2010
I have incorporated the asp.net membership and roles feature in my web app on my local dev setup that uses SQL 2008 Developer edition, all works as it should.
My remote system uses SQL 2005 express and I went through the process of creating the ASPNET membership tables via the "aspnet_regsql" command to my remote target database. I then created a few users, adjusted my app connection strings accordingly and uploaded.
My login page uses the "login" server control and when I try and login using credentials from one of the previously created users I get a "Your login attempt was not successful. try again." error. I know the users are in the DB as I can see then via the SQL Management studio on the remote DB. I have triple checked the username/passwords and I am definately entering the correct info. The connection strings are correct as the initial page renders content from another table in the DB. I am getting no errors.
My best guess at the moment is that SQL Express handles Membership/Roles connections differently to the full versions of SQL?
View 6 Replies
Jun 16, 2010
providing template or sample code to manage users from Client side.
My Environment Details:-
Framework: 3.5
Code Behind: C#
Membership/Roles Provider: SQL Server
View 3 Replies
Aug 3, 2010
We have chosen the asp.net 3.5 on creating our thesis project, building a mall website. Our first step was very simple, we've worked on the layout of the website, building the interface of the home page. and we are about to create some on the back-end part, which is creating a user-level maintenance and store maintenance.
View 2 Replies
Mar 21, 2010
I've created a membership system based on asp.net 2. There are other tables that store user information, such as emails sent etc. I've created a users table based on the TableProfileProvider. My question is concerning deleting the member
Is it OK to delete the member from the aspnet_membership table and roles related tables using Membership.DeleteUser, though keep all the custom tables and the information including the information in the Users table created by the TableProfileProvider? or can you foresee problems?
View 1 Replies