Security :: Detecting Users Don't Log Out Correctly
Sep 4, 2010
I have a web site which uses forms authentication and we have a log out page which will sign out the user and set that they are signed out in the database. This needs to be done as they use concurrent licences. The problem is that users are closing down the browers without logging out, meaning that the database shows them as logged in. I would use javascript onbeforeunload/unload functions to call a webservice, but this is unreliable to actually know if they have closed down the browser. or just hit refresh. An idea i had was to have a web service fired every 20 mins to detect if a user has loaded any pages within 20 mins, if they have not then to set them as logged out.
View 2 Replies
Similar Messages:
Aug 26, 2010
Allow Admin Users to Access Basic Users Accounts?
View 4 Replies
Dec 6, 2010
[Code]....
after successful creation of 3 users on my web site now cannot create users
View 9 Replies
Oct 12, 2010
We have implemented the ASP membership and roles..and we would like to display the users currently logged in and also display the number of users online so we can display that on the page. The list of users woudl only be available to our admins. BUt the number of users will show for everyone.
View 9 Replies
Aug 4, 2010
I just realized after i created a test account i was not in any roles. Is there a way to automically add new users into the role Users? Have i missed this some where?
View 8 Replies
Feb 11, 2011
It seems to work just fine but it resets the users password, emails it to them and then the user can not log in with the new password.
View 1 Replies
Oct 26, 2010
I have the following site structure:
- Site
- Administration
- Resources
- Home.aspx
Basically no unauthorized users should be able to use the system, so they get properly redirected to Home.aspx which has the login controls.
The Administration folder contains a page that should be only accessible to authorized users, but also only to users that belong to specific roles. So I have a web.config inside the Administration folder as this:
[Code]....
At first sight I'd say that this configuration would check that only SystemAdministrators and AccountManagers can access the SecuredPage.aspx. But it doesn't. If I log into the system as a regular user (not part of the roles) and then go to http://mysite/Administration/SecuredPage.aspx, it allows me in, instead of showing a "your not authorized" message.
I've also tried with location=Administration so to secure the entire folder, but same results.
View 1 Replies
Jan 2, 2010
There seems to be something wrong with the create user wizard?I am using hashed password storage. When I change it to clear storage I see the user's password is being stored as something completly different than what they typed in.Example: changeme1 now equates to something like: 4W*KQQ4%=SIf I use 4W*KQQ4%=S as the password to login with it works but changeme1 does not.When I use the reset password wizard it updates the password just fine and it works when I login next.Any clues what could be causing this?
View 1 Replies
Jun 23, 2010
i used security in login page which restricts all users who have not logged in to all pages. I need to restrict specific users to specific pages. I'm not using AspSqlService provider. So i cannot create roles and restrict automatically. And the pictures i use in login page are not visible @ runtime.
View 1 Replies
Mar 22, 2011
Working on my first asp.net webpage. i have followed video tutorials and implemented asp.net membership for login/security.Using Visual Studio 2010 i can open the Asp.net configuration page for management locally.But then if I want my site admin to manage users/security online, how is this done? Like manage through a web browser. I guess this asp.net configuration GUI is not available on the internet?
View 4 Replies
Feb 9, 2011
We have asp.net configuration tool to manage user's permission and role for our offline website,
it is working very fine.
Now, I have uploaded my website and aspnetdb.mdf
now i want to manage users and it security and roles online.
How can i have asp.net Configuration tool
View 2 Replies
Jan 12, 2010
I have a web page where I am denying anonymous users from accessing. In the web site I have a folder called FileManager. In the web app the usres have the ability to uploaded files and when they do a folder gets created under the filmanger and the files are saved. I have created a web.config in this folder that denies anonymous users. The problem is if the user knows the directory structure they can type in the url of the site add /FilManager/x/x/NameOfFile, where x are the sub directories. If the file is an image it shows the image in ie, if it is a .xls or .doc or what ever they get the prompt to either download or save the file. What am I doing wrong. Will the web.config file not stop an anonymous user from access files? I put a webpage in the folder and it is blocked and the user gets sent to the login screen, but files seem to be unsecured.
How do I block anonymous users from being able to access the files in this folder?
View 4 Replies
May 5, 2010
i have a gridview that displays a number of columns, there is some rows that are to be confidential for some users "secret" records, i.e some users will see some of the rows as access denied in the cells and they won't be able to click the row to take them to detail page. other users will be able to see these rows data in the cells and able to click on the row header to take them to detail page.
how to display data/links in grid view cells selectibaly without changing the data in database?
View 4 Replies
Mar 4, 2010
I have an application that uses Forms Authentication and Role Management. I have a few users with more than one role associated to the user. Based on certain roles, the navigation menu displays certain menu options.
Right now, if the user has more than one role, the menu shows the items that are in both roles instead of the items that are in the particular role that the user is logged into or currently set to.
I'm creating an Authentication Ticket to log the user in and I'm passing the active user role as follows:
authenticationTicket = New FormsAuthenticationTicket(1, UserName, DateTime.Now, DateTime.Now.AddMinutes(20), False, UserRole)
Is there anyway to set the user to one particular role and have the application see the user in this single role instead of reading all the roles that the user is in?
View 1 Replies
Mar 16, 2010
I got this login system where I need to set a session for when a user log's on, eacth user have 2 id's, and I need to get one of them to get the right content from my DB... So how do I get my users id's from my session's?
View 4 Replies
Mar 7, 2010
I have been trying to change a users password, I have been using this code
[Code]....
I do not get an error during the try routine, but my problem comes that when the user goes it insert their new password (using login Control) it says that the password is wrong.. and they then can't login using either their new or old password.
All Password critria is met, web.config if set so passswordQuestion = false
View 7 Replies
Nov 16, 2010
is there a way i could find out how to get all the users in a group on my domain, i have a domain called "cot", within that domain we have multiple groups like "RO,Admin,PM,SPM and 2 or 3 more", i need to get all the users in a particular group, i am using vs2008 and coding on webforms with c#, i have tried various example i could find online but none have worked for me so far.
View 3 Replies
Feb 10, 2011
I know how to identify the current user during a specific browsing session and can thus control the data, etc, made visible to that individual user. I also know how to find out how many users logged in within the recent past, using:
Membership.GetNumberOfUsersOnline()
.... which I believe calculates the number of users who have logged in within the past 15 minutes. However, I would like to know if there is any way to identify all the users who are logged in at a point in time. Is this possible?
View 9 Replies
Mar 8, 2011
I am using ASP.Net Forms based security with the login control. On my site a user will make a number of selections that will be written to a database. Is their a unique user id that I can get from the AspNetSqlProvider that I can use to id users in my database? When a user logs back in after being away I want to be able to retireve the users information using this id.
View 7 Replies
Jan 10, 2010
how to write/use/implement a script that will allow users to enter a web application by clicking a button rather than entering their ID/PW? Seems like a lot of terminology around, SSO, Blind logon, yet all seem to be doable with an ASP script -
Web App contains detailed security for users, not all users are on Win AD, so that is not an option., I'm told (?) Do I need to use a spreadsheet to validate users access to the application, ?
Script that would pass "cookie" info and allow users to enter app without ID/PW. We have a custom logon.asp page the is using forms.
View 1 Replies
Jul 2, 2010
I'm workin with Visual studio 2010 and I'm trying to create an ASP.net Web Site, language used - C#
I have 2 different pages, for 2 different users with 2 different roles.Each page has a textbox.I have already created them.What I want to do, is to make a bind between this 2 textboxes, so that the second to get the first boxes' text.I managed to do it, but only if the textboxes are on the same page, very easy (Textbox2.Text=TextBox1.Text) . But how to do it for 2 different pages, for 2 different users with 2 different roles?
Another trouble would be....How can I connect the both users same time....after i start debugging the project, I do a sign in but when I sign in with the second user,the first is automaticly siggned out and the text it's lost.Then, how can they synchronize and the second user see what the first one wrote,using that 2 textboxes? Wich is the solution?
View 4 Replies
Feb 13, 2011
I am adding users to roles ,, but i think the users are not really connected to the role ??
One othe thing: does this code looks ok:
[code]....
View 3 Replies
Nov 4, 2010
am developing website in that website no.of users are there every user contain related data, the data should be in xml files ,how to provide authentication every user by using xml files .how to write xml file names in web.config in sql we can use connectionstring
,in xml how we can write them give examples.
View 4 Replies
Nov 30, 2010
I have a table in sql server 2005 called UsersInfo, which has Username, password ,country, and Role.
There are 3 users available in the table. I want to add these users which is in sql table into the sharepoint site.
How to add these users, who are available in sql table to sharepoint 2007 site?
View 6 Replies
Oct 19, 2010
I am useing asp.net membership to store my users and under each users profile there is a field for their supervisor. I would like to get a list of all the users with the supervisor "Jon Doe". Is there an easy way to do this or would I just have to loop through each user and see if there supervisor = "Jon Doe" then if it is store there username in a list?
View 1 Replies
