Roles: - administators
If it administator shows menu "Admin".
If I want to display the menu: "Create new employee ', have to create Roles: new_employee?
If so, how to choose a user and store specify their rights in c#?
I've got a site that users can use to check in and out documents. To check out a document, the user slects a file from a list, and clicks 'check out' . The document is taken from a 3rd party source control tool and placed in a dedicated directory on the server. Then, the file needs to be copied from this directory to a client directory the user has specified.
Copying to the Server is no problem.
I'm trying to use the WebClient objects DownloadFile method to write to the clients directory, but I keep getting "Access to the path '<path>' is denied.". I've set the UseDefaultCredentials flag to true, but no joy.
I'm obviously missing something, but I'm not sure what.
iam using masterpage and sitemap in my project, what i want to is that if user login is did, based on the user previlage in need to show the sitemap menu page if user i have the previlage to see the page then i should enable that page otherwise i need disable that page
View 1 Repliesi have created loing form and create user form. then how to apply login rights..? i have 2 types of user. admin and normal user admin can move and use all pages while normal user can acces limited pages.
View 4 RepliesQuestion is:
LDAP authentication required Internal users automatically authenticated, external users requires login
Where do I store complex access control rights?
In the AD/LDAP or in the Application itself (asp.membership db).
Looking to build this in asp.net mvc 2 and using membership features, so best practice here i guess is that we roll our own custom provider to acomplish this...
Our application lets the administrator create new users. Since the administrator is logged in, I have set Logincreateduser = false so that the administrator is not logged out even after creating the new user.
The problem is :I need the userid of the newly created user to store additional details of the user in another database table. I see that i can get the username using Createuserwizard1.username; but how do I get the userID?
I have a custom membership user class and custom MembershipProvider working against database. Due to security reasons the user passwords are stored in the database as hashed values. So my procedure
public override bool ValidateUser(string username, string password) is
{
//select hashed password from db
return (EncodePassword(password) == dbpassword)
}
[code]....
if I have this code:
How can I run the cmd using and admin rights? Is it possible to run the command using an admin name and password?
[Code]....
I am new to ASP.NET security model, I need to perform a RIGHT-based security checking for every actions in my applications (e.g. CreateUser, UpdateUser, SearchUser....etc)
However, the built in ASP.NET security model only support ROLE-based security, and I would like to do something like that, but using RIGHTs.
Is there any idea, experience and post I can read and extends the ASP.NET Security Model to use RIGHT-based security to perform granular control.
e.g. How to I write my own HTTPModule, or make use of IPrincipal object.
If there any details steps/tutorial will be great, as I am very new to the ASP.NET.
We will put the active directory logon when the user access the website, the user needs to fill in his user name and password.
How do we store/get the details of the logon user once the user is logged in?
Using visual studio 2010.
Dragged and dropped a login control onto a blank content page. Set up my web.config (i'll include the code for that at the end). It seems to want to use a sql database to store the info. I just want to use the web.config since it's just a single user and a simple site. I thought I could just drag and drop the login control to a page and that would be the end of it (besides setting up the web.config).
Here's what i have in the config file
[Code]....
Ive been exploring the tabls in the membership database to see how they are structured. If i add a new user or update an existing one i see it in the user and membership tables. But i dont understand how to use or store roles. I use the ASP.NET CONFIGURATION toll in the WEBSITE menu to create roles and create access rules, but those roles dont show up in the Roles table in the db!
Yet the roles are stored cause they keep apearing in the ASP.NET CONFIGURATION. How weird is not that? Where is it stored and how can i access it? I need to programatically check if the user who is logged in is in a certain role.
I have spent hours on the forum trying to find this answer. I have a requirement on a project. There is an internal (intranet employees only) site which has much more control over the data etc. and i have an external site (to allow customers to enter usage data). I am using forms auth and hitting a common sql server 2008 db with the standard aspnet schema. I have an internal web server and an external web server both windows 2003. The problem that i am having is that if you are logged into the external site and then open a new ie window and enter into the internal site, even as a different user it logs you out of the external and vice versa. I don't have access to update the machine config.
I started out as a single app in the db but now have seperated into 2 apps and i am able to log in as an external admin and see only the external users and vice versa. Creating a seperate security only db for the external app is not an option because i have a I have the application name listed in the web.config for both internal and external which matches the app name in the aspnet_applications table.
external app
[Code]....
[Code]....
I've got an ASP 4.0 website running on IIS 7.0 . Part of the web site creates an Excel document using C#, due to company policy I'm stuck with Excel 2003. I've noticed that when I deploy the site and use the part that creates the Excel file, its running Excel application object with the login of the user accessing the site. This causes problems with access rights to the Server.
How do I set the server up to run the Excel application using a fixed account? I've got the Application pool running under one, and I thought that would solve the problem, but it doesn't seem to.
I'm trying to find out how i store user names and passwords in the web.config file. I have tried looking for documentation on this but haven't found any so far.
I see in the class library it says that the Authenticate method of the FormsAuthentication class is for use in authenticating credentials against those stored in the config file, but i don't know how to store them there to begin with. I want to store two username:password pairs in the web.config file preferably encrypted.
one of these username:password pairs i want to be hard coded. The other i want to be able to be reset with a password reset form which I will code later. I guess there maybe a method for creating a sername:password entry in the web.config which could be used with my password reset form if such a method exists. But I need to know how to hand code the username:password entries into the web.config file to begin with and to beable to create the hard coded pair.
code I need to add to my web.config file i need to add and in what section?
also can you point me in the direction of a method used for creating username:password entries in web.config
I have created an asp.net site with anonymous access turned off. Its for an internal (intranet) system which uses User.Identity.Name.ToString() to get the users login windows ID and then displays some records from a datagrid depending on their login ID. Is this secure? Also i am struggling to workout how best to store the result of User.Identity.Name.ToString() as I am not keen on storing it in a hidden text field and would rather not call it all the time unless this is the best way?
View 3 RepliesI like to create a new user webform. I like to have multiple textbox fields for the new user to enter and would like to use the inbuilt ASP SQl express to administer. I read somewhere to use Membership.CreateUser API but not sure what that is?
Is it as simple as dropping textbox in a webform and in webconfig options place a line of code?
I need to programmatically create a database, some tables in it and then give db_datareader rights to a different user. The DB is mssql server 2005.
I got half way, I managed to create the database with "CREATE DATABASE Test", create some tables in it with CREATE TABLE. I'm doing this with a user that is in sysadmin role.
Now I'd need to do with code what manually (with Server Management Studio Express) I accomplish by: opening Security/Logins/[USERNAME] properties Map the user to the database (Test)Add check db_datareader
I m developing a Web Based Inventory System Using ASP.NET which have a menu containing 16 options overall. I have created a menu using <ul> <li> tags. When I open my project in browser, it shows all the 16 options even i logged in with Administrator or Purchaser or Seller or Accountant etc.
I have a form to assign the Form Access Rights to every user. For example Administrator can use all the options but Seller can use only 3 options (Sales / Sales Return / Today's Sale Report). Purchaser can use 3 options (Purchase / Purchase Returns / Today's Purchase Report) Accountant can use 2 options (Payment / Receipts) etc.How can i show the menus to the users according to the rights assigned.
I have implemented Membership and Role Provider in my web site. Membership and Role information is stored in database created from aspnet_regsql option.
I want to store the access rights given to the pages in ASP.NET Configuation option in Database inspite of web.config file and want to give page wise add, edit, view and delete rights that should also be stored in database.
Is there any inbuit class like Membership and Role to add page access rights?
I am evaluating ASP.NET Membership for an intranet Silverlight app. I want users to be automatically authenticated for my application with their windows logon. Thus I configured Windows Authentication. I would like to store user settings like email-address in using the SqlMembershipProvider and not AD. It seems that storing user settings using the SqlMembershipProvider is not supported with Windows Authentication. Is this really so (using .NET 4)?
If so: What is the rationale behind this? IMHO authentication, user settings and authorization are distinct aspects. User settings could easily be stored (identified by user name) using the SqlMembershipProvider with authentication and password management being supplied by Windows. What is the recommended solution for my scenario?
I have a design issue with a new project, the web application I'm developing is suppose to serve three different segments of business, each segment has a sligthly different requirement, but in all they share most of the same business needs, so I'm creating only one web application.
I've created three "Application" in the asp.net web administration tool.
I want to be able to create users related in each segment with their associated "Application" in membership store.
and when a users login(there is only one login pag) to the application to be redirected to his specified application.
The thing is the web.config configuration alows you to define one "Application" name, and hence the membership APIs pick up only that application.
I need to know how to change aspnetdb to store profile information unique to each user so that I can restrict records in an sql table to only show that user's records.
So if I make a "companyID" int, identity column where would I put it?
Also, when I write the where clause to companyID = profile (companyID) would that work?
I have read the post at http://forums.asp.net/t/1403132.aspx regarding login control. Is there a place to store the User logged-in ID (info) for later checking and use? I don't need to use the session object. I don't need the page to expire. I don't need the user to use a page saved in the favoites.
View 3 Repliesi am currently developing an asp.net mvc 2 web application and i would like to create new foldersprogrammatically with access rights, in order to enable loged on users upload their image files.My question has to do with how to assign write access using Directory.CreateDirectory function and assigning DirectorySecurity rules (meaning for which user should i enable user rights, etc...). Note that the hosting envirnoment uses IIS 7.
View 1 Replies