I set the impersonation to true in web config. First time accessing the page, it implements the impersonation to access Sql sERVer. However the second request and so on to page, it does not implement impersonation, rather it uses NT AUTHORITYIUSR user account.
I need to impersonate based on the user login all the time.. How can I achieve this?
I'm running IIS 6.0 on a Windows 2003 server and running an ASP.NET 4 application which connects to an SQL Server 2005 database on another server. I have my Default.aspx page set to Windows authentication with anonymous access disabled.
When I load up the page it asks for a username and password (as expected), I enter my credentials and it comes up with the following error:Login failed for user ''. The user is not associated with a trusted SQL Server connection.
If I add the following to my web.config file: <identity impersonate="true"/> then I get the following error:
Login failed for user 'NT AUTHORITYANONYMOUS LOGON'.
And if I add the <identity impersonate> tag set to true and with my username and password included it connects successfully.
I can't leave this in there as I want each user to connect as themselves, so why is the server not using the credentials that I enter when prompted to connect to the database ?
i am using asp.net membership. when users arrive at my sight they can enter user name and password.
I then want to redirect them to a page called "MyAccountPage.aspx" which is unique to them. could someone post the c sharp code that I can use to capture the Unique Id of the user is it best to then pass this as a parameter to a control on the aspx page that displays data for that user. am I correct in thinking that I need a UserId column in my data table as well.
I am developing a Login Screen and I want to Print the name of User at the page who have login last in all users (just like Hotmail).I dont know how to do it.
View 1 RepliesI've set up a system with forms based authentication and using the asp:Login control. When I put in an invalid password I get the approriate invalid password message. However when I put in a valid password, it does nothing...just returns to the login page again. I'm triple checked the login info. There is no error message, and the invalid attempts counter doesn't increment. When I put a break point in the Login_LoggedIn event of the Login form, it hits it, but User.Identity.IsAuthenticated is false. I'm not 100% sure it should be true at this point, as I'm pretty new to .NET but it seems kind of odd.
My user database is stored in a sqlserver 2005 db that already existed. I've added a new connection for it.In the authorization I have
<authorization>deny
users="?"/><authorization>
My Windows Server 2008 server hosts an ASP.net application that uses impersonation. The application works as long as the user being impersonated remains logged on to the server. However, when the user logs off, clients can no longer view the web pages. They get a cryptic error instead. How can I configure the server to work without the impersonated user remaining logged on?
View 5 RepliesI've written a small ASP.NET 3.5 application to allow users to update selected account attributes on their own. Everything works fine when I use Basic Authentication, but because the dialog that is presented is less than ideal, I'd like to use forms authentication to give the users more instruction on how to log in. My problem is that in order for the user to update their account information, I have to have the application impersonate them for the update actions. I've scoured the internet trying to find a solution to my issue, but nothing fits or works. I have tried setting the web.config:
[Code]....
I also tried using the LogonUser method to create a user token and backend the authentication that way, and it doesn't work either.
[Code]....
which i added one sitemap in whcih i added all the pages n i want to retrive that sitemap in masterpage based on login in whcih suppose admin hs login then display only admin pages with sitemap n if normal user hs login then it ll display only normal user pages with sitemap. here i didn't use login control but i create login page manually.
View 1 RepliesWe have created a windows application which is distributed amongst our clients. The application uses SQL Server 2008 as the back end and each client uses their own database on their own server. The databases are all exactly the same but each clients data is specific only to them.
We would like to offer our clients the ability to log-in to our website which would then login to their own database so that when they are out in the field they can perform similar tasks to what they can do with the windows app.Each of the clients databases has a user table containing their login details, permissions etc.
Our server is running on IIS and has SQL Server 2008 installed but it only contains our data and nothing of the clients.How should we go about this?
What I mean is do we need to make each client have an additional login to our main server which would then hold each clients individual connection strings etc which would then be used to connect to there specific database and then they would need to login again?? Seems like a nightmare for the user.
I am doing a simple secured site using the login control. I would like users to be redirected to their dashboard page once they log in, but after that if they choose to browse I do NOT want them redirected based on their login status. I am using the generic template provided in VWD with the basic login setup in the template including the tabbed ASP menu control - nothing fancy, nothing custom. This is intended to be something very simple and quick. Here is the code I am using for the page load...
[Code]....
So if I do this code WITHOUT the "IsPostBack", logged in users are always redirected to their dashboard and cannot see the hompage. However with that IsPostBack test, the redirect after initial login doesn't work.
I know this is extremely basic and simple, but I am restarting with this stuff after a year away, and I need a nudge.
I have a machine in MyDomain on which i have deployed the website and file server as virtual directory. For file server i have created an application pool with identity as UserName and Password. And file server directory setting as Integrated Windows Authentication instead of Anonymous Access. When i am accessing file server from outside the domain then it is asking for user name password. After providing the credentials it open the file. Now i am trying to access the file server from wbsite using the machine outside the domain.Before accessing i am impersonating the current user with user which is present in identity. But after redirecting to the file server url it is again asking the credntial. why it is asking the credential if i have already impersonated the user.
View 4 RepliesI wrote an asp.net application that I'm trying to run on a godaddy domain I bought. I need to read a file in a folder that I did not give read access to so that your average user cannot see in the informaion in that folder. I assumed that the asp.net program would have the same credentials as myself because server-side code. Turns out I am wrong. When I go to use the asp.net application it throws an access denied error saying that the ASP.NET user account has to be given permissions to access the folder.
After talking to two different tech support people at godaddy I've come to the realization that they are either dumb or lazy (or a combo of the two).I came across some code that you can put into the web.config file that would allow the asp.net application to impersonate a user, which would work great to use myself as the impersonated user. However it seems that godaddy cannot give me the name of the server that my domain is on (that's understandable) so I don't know what to put in the identity tag to get this to work.
Here is the code I found:
[Code]....
(of course I filled in the username and password with the correct info)
When I went to use it again it threw this error:
System.Web.HttpException: The current identity (PHX3username) does not have write access to 'C:WindowsMicrosoft.NETFrameworkv2.0.50727Temporary ASP.NET Files'.
i am working in asp.net and csharp, we have 10 user, but certain user only need to put dataentry. how to enable and disable based on the user to access certain form ,like add, modify view options.
View 1 RepliesI want to display a menu (which will be strongly typed with it's own unique model) across all pages only if a user is logged in.What menu items are available depend on the user's role and also I'll need to hit the repository to get numbers like "x Messages", etc
Been scratching my head for a simple solution here. Don't want to create something that need changes all over the place.All my controllers derive from a BaseController, all my Models from BaseViewModel....probably where I'll be implementing functionality for this.
I have table called ROLE with fields (id,name,permission) example values (1001,madhu,hr)
I have another table called LOGIN with fields(id,DOB,password) example values(1001,24101989,madhukumar)
What i want is , if i login using the LOGIN table ,it check the id and permission in the ROLE table , if the permission is 'hr' it enable to access the menu , or if the permission is any other it just print the error message ("no permission")
Note: menu is placed in master page , but login is not in the master page ...
i m currently creating an article module, and i want if user wana comment on to the any particular artical, than he should login any of his mail id like gmail, yahoo hotmail etc and than post his or her comment and after than comment should go into the DB.
View 3 RepliesI've created a page to add users, using the CreateUserWizard, I use the Login Control to login.
I have setup the config file to use my SQL server, not express
<remove name="LocalSqlServer"/>
<add name="LocalSqlServer" connectionString="Data Source=xxxx.xxxx.xxxx.xxxx;Initial Catalog=aspnetdb;Persist Security Info=True;User ID=xxxx;Password=xxxxxx" providerName="System.Data.SqlClient" />
I go to the create user page, add a user.
I can SEE the user on the database using Server Management Studio...
I go to signon and get "Your login attempt was not successful. Please try again."
I have not customized the login control in any way. (OR the createuserwizard)
HOW can I tell where the Login tool is going to get userid and password info?
How can I tell if it is not finding the user or the password does not match?
I need to send emails based on users input time and day (based on their time zone)? Kind of a reminder.
For Example: User input 2:00pm Eastern Time on my server I have different time zone, how to calculate the time and send the email at users time-zone. Its a web application. What is the best way to accomplish it using asp.net c#? If somebody already done it in the past I will be glad to take a look at source code.
I need to secure access to all pages in a .NET webapp - EXCEPT requests from:
local network (the network IIS is running on) IPs listed/netmasks listed in a database all other requesets should be redirected to a login form I was thinking in the direction of a HttpModule - but never wrote one.
I have built a login form that does not use the asp.net 'login' control.
in my code behind i have this:
[Code]....
but this does not seem to maintain my user loged in... as soon as the user navigates to the next page he is loged out again...
I have a login page for my users. And I want my admin login to have its own page. Right now I have to login as an admin in the same page as the users.
How can I have 2 login on my site? I get an error if I have authentication forms on both my web.configs.
I was wondering if anyone knows of a good login stored procedure that can be freely used and features login limits and so on (basically a good one) With my limited SP knowledge, I've tried to create one myself, I haven't completed it yet as I'm not sure on how to compare the last login attempt time against the current time (it's in the comments).
P.S. I had to write this in notepad.
[Code]....
Having trouble getting "remember me" to work! When I close my browser down, then it should remember me the next time!
This is my code in web.config :
<authentication mode="Forms">
<forms name="appName" path="/" loginUrl="Default.aspx" cookieless="UseCookies" timeout="600000" slidingExpiration="true" />
</authentication>
I'm trying to allow logged user who are in department XYZ to perform some task for my third party App. I have two SQL tables named Users & UserList. The third party app (GoldMine) graps the USERNAME from the Users table and store it as UserID which I then referecnce SessionID. The UserList table has two columns (GM_UserName & Department) which I'm interested in. When a user login into the 3rd party app (GoldMine), i then compare the USERNAME (from Users table) to GM_UserName (from UserList table) and see whether GM_UserName is in = 'Dept XYZ'. Take a look at the SQL query below.
sqlDept = "SELECT USERNAME FROM Users LEFT JOIN UserList ON UserList.GM_UserName=Users.UserName WHERE UserList.Department ='Dept XYZ'"
I'm able to do this.
If Session("Userid") = "TestUser1" Or Session("UserID") = "TestUser2" Then Do this Else Do that End If
BUT unable to do this...
If user's Department = 'Department XYZ' Then
Do This
Else
Do that
End IF
I have a drop down list bound to a column in a database. If a user logs into the website using the standard login controls, I want the drop down list to automatically select there name from the list. here is the code that doesn't work
[Code]....
The error orrcurs here:
[Code]....
Which intellisense says "Property Access must Assign to it's property or use it's values". Do I have the code all wrong? Also, as a side question, I don't understand why I have to use the TryCast find control option to find every control to use them. Even in the Page_Load if I type in DropDownList1 it says it's not declared.