Security :: Delete User By Id Instead By Username
Apr 6, 2010In my Aspnet_Users table I have 2 user with same UserName. Membership.DeleteUser method only can delete user by username. How can I delete user by userid?
View 3 RepliesIn my Aspnet_Users table I have 2 user with same UserName. Membership.DeleteUser method only can delete user by username. How can I delete user by userid?
View 3 RepliesIm using forms authentication and im trying to get the current username. I tried using Environment.UserName but I am getting "ASPNET". But if i change my application to windows authentication im getting the true username that is currently logged on. How can I get the true username that is currently logged on in the domain using the forms authentication.
View 3 RepliesI want to capture when a user logs in and his username. I am using a login control inside a anonymous temp[late of a login view control. on the logedin event of the login I have this code:
Dim log As Login = CType(sender, Login)
If Not log.UserName = "bcweed@live.ca" Then
Dim mil As MailUtility = New MailUtility
mil.ClientLogin(log.UserName)
End If
but log.username is always empty and so is the page.user.identity.name and the page.user.identity.isauthenticated always returns false this even thouhgt this is the LogedIn event of the login and also I "just loged in" I really did.. is there a way to capture this is the global.asax?
How do I retrieve the UserName for a logged in user? Membership.GetUser().UserName doesn't work for me - Object reference not set to an instance of an object.I need it to get the associated UserID which my own db tables use as primary keyFurthermore, as I am a rookie is the best approach to achieve this through LoggedIn as below?
[Code]...
I'm trying to allow logged user who are in department XYZ to perform some task for my third party App. I have two SQL tables named Users & UserList. The third party app (GoldMine) graps the USERNAME from the Users table and store it as UserID which I then referecnce SessionID. The UserList table has two columns (GM_UserName & Department) which I'm interested in. When a user login into the 3rd party app (GoldMine), i then compare the USERNAME (from Users table) to GM_UserName (from UserList table) and see whether GM_UserName is in = 'Dept XYZ'. Take a look at the SQL query below.
sqlDept = "SELECT USERNAME FROM Users LEFT JOIN UserList ON UserList.GM_UserName=Users.UserName WHERE UserList.Department ='Dept XYZ'"
I'm able to do this.
If Session("Userid") = "TestUser1" Or Session("UserID") = "TestUser2" Then Do this Else Do that End If
BUT unable to do this...
If user's Department = 'Department XYZ' Then
Do This
Else
Do that
End IF
I'm using Membership but allow to change UserName of specified user. I had user named Customer bound to role Customer, and then his username was changed to 123. Then i try to do something to get Roles of this user and get an error or empty result.
View 2 RepliesI have a directory structure root->admin-> admin operations admin page inherited from a ase page with principla security.demand role = "Admins" i am usinf forms authantication mode. i have also put a web.config file in admin folder, restricting other users. it is working normaly with siteroot/admin. I want to setup a mechanism to admin like siteroot/username/admin I can redirect to page admin but it gives security error, it should redirect to login page instead of if user did not sign in.
View 5 RepliesI have only username. and want to check and grab the password from the database. It is BEFORE LOGGING IN. so I don't think the build-in asp.net functions could be used, right?
View 5 RepliesI'm using forms authentication in my application but i want to get the active directory domain anme and user name of the logon user. is that possible. The IIS Directory security settings are Anonymous Access allowed and Integrated windows authentication ticked. I tried the following but to no avail
Request.LogonUserIdentity.Name (this is returning the machine name and user name used for anonymous access)
System.Security.Principal.WindowsIdentity.GetCurrent().Name -> returning NT AUTHORITYNETWORK SERVICE
i have probleM to check the login ,but i found one solution in this site.. AVOID MULTIPLE USER LOGIN, ...IS THER ANY OTHER METHOD TO SOLVE THIS PROBLEM.....
View 1 RepliesI am using the sqlmembership provider with the login control from the toolbox. I want to capture the validated username after the user is authenticated. I need the username so that when the user adds or modifies a record i can have an audit trail. where is the best place to capture the validated user right after authentication? Ideally, i would like to capture it on the login form but how?
View 3 RepliesMy application is windows authenticated. The application pulls JUST the userName from the current windows account. Then I provide site access to this user depending on his account privileges. If his userName belongs to the admins list he is directed to admin screens. If his username belongs to users list he is directed to users screens. I handle this security in C# and some SQL tables(No membership provider and no Active directory security in the app).
I need to be able to prevent multiple concurrent logins for the same userName.
I have set up security on my ASP.NET site and currently have 1 user (soon to be more!). I would like to send the logged-on user's username to a variable, to input this value to a custom-designed stored procedure on my SQL database (for recording search statistics).Does anyone know how I can harness the current logged-on users username? I am using VB. Will the following achieve the result?session(username)If so, how do I implement this? I tried using "Current_User" in the SQL stored procedure, but obviously this did not record the ASP.NET user. Also, if the current user has not logged onto the site, I would like the "username" value to be "annonymous".
View 10 RepliesWe have an application using Windows authentication and have <Domain>olduser account.
We renamed the account in the active directory to <Domain>olduser2
Login to a pc as <Domain>olduser2 and try to access our application.
the problem is we can't login anymore.
when i debug the application, i can see that the HttpContext.User.Identity.Name is still <Domain>olduser.. and not olduser2
I'm trying to add two features to my website using the microsoft built-in login features. One feature I want to change is the validation of the username. By default, it allows pretty much any characters for the username. However, I want to make it so that only alphanumeric characters, and spaces. Also, I want to make it so that usernames MUST begin with a letter. I'm not entirely sure how to do this, In addition, I want to configure it so that once an account is created, a file /users/(their username)/(their username).aspx created once they are authenticated, with the master page set to userProfileMaster.master
View 5 RepliesI m facing major problems as i want to clear fields i.e username password firstname in create user wizard as i have tried follwing option but not working
1) username texbox empty
2) username viewstate false
3) createUser wizard viestep false as nothing is working
I have a "UserDetail" table in my "JobPost.mdf". When I click the "delete" linkbutton, it can delete the all User info from my "UserDetail" table, it also delete the corresponding "aspnet_Users" & "aspnet_Membership",but the "UserInRole" still contain that UserName. Even though I specified the Code:Membership.DeleteUser(UserName, true);
I thought true is for bool deleteallrelated data, but it doesn't really delete the userInRole. So next time the user registers with the same name, it automatically get the "admin" role right. This "deleteUser" page I keep it inside a protected "admin"folder. How to solve it? Why Membership.DeleteUser(UserName, true) doesn't delete UserInRole?
protected void GridView2_RowCommand(object sender, GridViewCommandEventArgs e)
{
if (e.CommandName == "Delete")
{
string UserName = e.CommandArgument.ToString();
Membership.DeleteUser(UserName, true);
JobPostDataContext db = new JobPostDataContext();
var query = from u in db.UserDetails
where u.UserName == UserName
select u;
foreach (var item in query)
{
db.UserDetails.DeleteOnSubmit(item);
}
db.SubmitChanges();
FormsAuthentication.SignOut();
}
}
My web.config inside the protected Admin folder:
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<system.web>
<authorization>
<allow roles="Administrators" />
<deny users="*" />
</authorization>
</system.web>
</configuration>
Ok, I almost hate to ask this because I'm sure it's been covered many times on this forum, but I'm starting to get too frustrated trying to get it to work, so I'm gonna ask anyway.I have setup forms authentication on my site and have it working without any issues. What I'm trying to do now is to add "Remember Me" functionality so that the users don't have to log in each time they access the site. I'm able to get the authentication part down, but the issue I'm having is that when the user logs in, I set certain attributes in Session variables for that user (name, site role, etc.). These values are obtained from a database after the user has been authenticated, based on the username. What I'm having problems with is getting at this username from the FormsAuthentication cookie.
After I authenticate the first time, I setup my cookie this way:
[Code]....
I have tried getting at the Username utilizing the User prinicipal, but it just returns blank.
I wanted to know how to add the feature- that user should be redirected to an error page where the error will be display, upon entery wrong username/password when trying to login through an asp.net login control?
1. how to redirect the user to an error page upon entering wrong username/password (from a login control which is placed on master page)?
2. how to pass the error to the error page so it can be displayed there?
If a user who is logged in wants to delete his own account, why does login status still show him loggedIn even when user has been actually deleted.What I want is when user deletes his account he should get logged out also at the same time ....How do i log him out ?
[Code]....
Line 25: Call deleteSelectedUser()Line 26: Line 27: If User.Identity.Name = LstBoxUserList.SelectedItem.Text ThenLine 28: FormsAuthentication.SignOut()Line 29: Call deleteSelectedUser()
I am using the create user wizard to create users that are then placed in the ASPNETDB database. Is there a way to delete users in the same fashion? I am using Visual Studio 2008 VB.NET.
View 1 Repliesa user loged in and he wants to delete his user. how do i make a delete query that refers to his userID how do i get the user id of the current logedin user?
View 4 RepliesWhen the user chooses to remove a photo from his online posting, he checks a checkbox when in turn exutes the following:
File.Delete(Server.MapPath( "~/Images/"
) & zfilen)
Is this considered secure?
How to update username of current logged username?
View 10 RepliesI need to delete the user email once user is loged in and clics Delete Email/ Address/ Tel. I store user information in profile.common
[Code]....
this gets me the current user, next i need to delete this users email/ phone.