Security :: Deny Same Login From Multiple Computers?
Jan 20, 2011
i am using form authentication in my web application.
by default, form authentication allow 2 different users to log in from 2 different computer using same username and password. due to which i am facing some problem.
when user 1 clicks on menu i am maintaining the name of selected menu in a session. but if another user clicks on different menu then the session variable is set to the menu selected by user 2. due to which the 1st user is facing some problem as the value in session got changed.
How can i overcome this problem? is there any way, where once the user has logged in, no one can log in with same username and password from another computer?
View 5 Replies
Similar Messages:
Mar 2, 2011
i have a web application which can be accessed via intenet the application is running on iis and configured using a router..i m looking for a good solution where i can give access to only authorized computers rest of the computers cannot access the applcation for eg:- if i have a users in office1 in sales dept. and he access the application from his office, so i want to deny the same user or any other user, that he cannot access the same application from home or antwhere else.
View 8 Replies
Nov 12, 2010
I have a web portal designed in ASP.NET in which we ask customers to enter the data. On the click of submit button all i have done is, just read the data and called a stored procedure which inserts that into a table. There seems to be a problem in SQL Server 2005 while inserting the data from multiple computers at the same time. We have tested in our lab with three computers, result is that we get the data inserted successfully in only one machine and on the other two machines we get error on page. I have used transactions in the stored procedure and also tried setting the isolation levels to READ_UNCOMMITTED, SERIALIZABLE and SNAPSHOT. Nothing seems to work properly.
View 4 Replies
Feb 5, 2011
I would like to know what is the difference between the Allow and Deny ?
View 1 Replies
Jan 27, 2010
how to prevent multiple login using vb.net? I'm using visual studio.net 2008
View 6 Replies
Jun 25, 2010
I have an asp login control that uses the standard aspnet database structure.I am using my own user identification system to identify a user based on login values that are not in the aspnet database and setting the user's aspnet database login to a universal login user and password.this works fine and I am able to test this by having one machine log in as "User 1" and another login as "User 2" but I am wondering if there is a limit to the number of user's that can be assigned to one username and password in the aspnet database for website access?Will the system reach the max number of user's in the aspnet database?
View 2 Replies
May 20, 2010
how I can prevent someone from viewing directory list (files) from url?
For example: [URL]... I don't want anyone to see directory list of files under the folder directory by just entering above. I have several project folders for my web app and in each folder, I have a web.config file <authorization><deny users="?" /></authorization> as well as <location> tags. They are working fine from preventing unauthorize access to the .aspx pages and redirecting to login page. But still want to prevent viewing the directory folder.
View 1 Replies
Sep 29, 2010
i have a website having a couple of pages,i'd like to allow all users to be able to browse some pages and deny them some web pages.I know it's something to do with creating an authorization tag and adding some allow or deny user,but i have no idea how to implement it.
View 4 Replies
May 27, 2010
i have 2 pages like login.aspx,default.aspx.in login.aspx page iam using the login contr ol.for this i created the users in the configuration manager.when enterting into default using these login id,password it's working fine.when iam copying the default page url from IE broswer and pasting in the another broswer it's entering into default.aspx page only not into login.aspx page(iam using the form authentication for this).
View 1 Replies
Dec 28, 2010
I have certain pages in my application that are designed to be accessed only by redirect from other pages, and not directly(i.e they must get a query string from other page, otherwise there is an exception).
So I want to prevent users from accessing them by typing the URL, but I want them to be available by redirect.
View 1 Replies
Apr 21, 2010
I have a folder called <mysite>/Pages. This folder is PUBLICIn this folder I have a aspx page called : MySecure.aspx I have on the default.aspx page a hyperlink to the "~/Pages/MySecure.aspx page".I want to limit access to the MySecure page to only those in a Admin role (so no members no guests or www users can see it. I dont want to move MySecure.aspx into a secure folder.This is what I did in the wedconfig
<location path="Pages/MySecure.aspx">
<system.web>
<authorization>
[code]...
View 5 Replies
Mar 10, 2011
I have read the many posts of people trying to use two different login pages: one for users and one for admins. My question is very different. I have a Site.master page with a LoginView and LoginControl. I then have three root level pages Default.aspx, About.aspx, and Contact.aspx that derive from the Site.master. All three pages are set in the web.config to be allowed to all users. I then have a MemberPage in a Member folder which is only accessible to authenticated users. What I want to have happen is to be able to login from either the Default, About, or Contact pages and then be directed to the MemberPage.
View 2 Replies
Jul 21, 2010
I have users that belong to more than one role and I have a login view for those roles but I only see the first role's content.
How should I be going about getting to see all content for the roles that user is in? My user logs in and is a member of MACED and ADMIN but only sees the links for MACED
[Code]....
View 3 Replies
Feb 7, 2011
i have probleM to check the login ,but i found one solution in this site.. AVOID MULTIPLE USER LOGIN, ...IS THER ANY OTHER METHOD TO SOLVE THIS PROBLEM.....
View 1 Replies
Jun 22, 2010
Can anyone explain how to make unique login in asp.net
<b>Problem:</b> If user is logged at a client machine and tries to login from other client machine at the same time, then he should be prompted that "You are already logged in, Do you want to continue?" on continue user should be logged out from other machine and logged in to current machine.
View 3 Replies
May 12, 2010
I am working on asp.net , I want to restrict a user to login in his acount from multiple locations or machines.
If one user is already login , I want to restrict it and display message that you are already login somewhere.
View 3 Replies
Oct 16, 2010
I have some pages that need user to sign in. If not, I need to redirect user to signin page. I know this can be done by using some code like"<system.web><authorization><deny users="?"/></authorization></system.web>" in web.config.
But can I just write some code to do the same function?
like in page load method, I can check whether user is sign in, if user is not signed in yet, how can I redirect user to the login page by using code? and how can I stop sending the content of the page to user?
View 3 Replies
Dec 8, 2010
I have an internal corporate ASP.NET MVC website.
Requirement(1): When any person is on the network, they can access this site EXCEPT one AD Group (Example: AD_Sales group).
Requirement(2): Also like for example if a person that has the access passes a url (Ex: http://mysite/Home/Index/Product/Letter) to a sales group person, he still should NOT access and need to display a custom message saying "You are not authorised to view this page".
If the scenario is like to issue the access to one AD Group and deny access for all others, it is fairly is. It can done from IIS. I am Wondering how to do this.
View 2 Replies
Oct 16, 2010
I want to deny users who have not logged in with a message" you have to login to access this page".C
View 3 Replies
May 29, 2010
I have created a web application which has two section user and admin. Admin files are within
~/admin folder and user files are in ~/User folder. Admin and user has two different login page within respective directory.
Now I want two apply form authentication for admin and user section. Is it possible to apply form authentication for two different section in a web application?
View 4 Replies
Nov 19, 2010
I have a folder called /Error in the root directory for an ASP.Net site. The site is completely public, so there is no authentication of users. Inside the Error folder, I have a file called errorlog.aspx, where I log unhandled exceptions. I don't want the public to be able to view this file. I created a web.config file inside the Error folder.
[Code]....
However, I'm still able to view errorlog.aspx by typing the URL into the browser. What am I missing?
View 3 Replies
Jan 29, 2010
I have a web app, which contains a folder Uploads, to which users (authenticated) upload their files (for some reason it has to be a folder in the root of the web app).I want to deny access to this folder and files to all non-authenticated users.
In my web.config I have:
[Code]....
and everything seems to work in development, but on a staging server it redirects non-authenticated users to login page ONLY from aspx pages, but not when entering the url to the file in Uploads folder.
View 5 Replies
Sep 1, 2010
I have two roles "Admin" and "Basic". I also have a listview on the web page.
My goal is that to make "Admin" role has the highest privilege to deal with records such as "insert", "update" and "delete".
For the role "Basic", it only can update the records.
View 3 Replies
Sep 8, 2010
What do you think about an ability of having multiple logins and login types to be attached to the same user? Let me explain this by showing how database schema can be re-factored to support this model:
Remove [Password], [PasswordSalt] columns from [Users] database tableAdd [Logins] table with one-to-many relationship between [Users] and [Logins] tables.This will allow one user to have multiple credentials attached to his or her account of different types such as Username&Password, Windows Live ID, Open ID from different providers
You will be able to restrict allowed login types and OpenID providers in web.config
So.. do you think it is a good idea to add support of this model into ASP.NET 4.5/5.0 membership service?
http://aspnet.codeplex.com/workitem/7149
View 1 Replies
Mar 29, 2011
My web application need to list the network share information. The return code is '5' after I call NetShareEnum[Netapi32.dll] in windows integrated authentication.
I found that currently I am using Kerberos protocol to authenticate the access users and the token is grenerated with [TokenImpersonationLevel.Impersonation].
Who know how to resolve this problem? Is there any way to get a token with [TokenImpersonationLevel.Delegation] in Kerberos? BTW, I am sure about that the access user has the Access privilege to list the network share in target server.
View 1 Replies
