Security :: How To Restrict Users Who Are Entering The Sites Without Login
Aug 9, 2010
I have a login form and users have to enter their username and password for entering the sites ..
Also now its possible for users to enter the sites without login .. they can select the options in the menu and access them ... But i want to restrict the users ..only allow them to access the menu componets after login ... If they tries to access the contents a text have to display ask them to login
how can i do that... i am using vb.net as my language in the page
View 22 Replies
Similar Messages:
Jan 10, 2010
how to write/use/implement a script that will allow users to enter a web application by clicking a button rather than entering their ID/PW? Seems like a lot of terminology around, SSO, Blind logon, yet all seem to be doable with an ASP script -
Web App contains detailed security for users, not all users are on Win AD, so that is not an option., I'm told (?) Do I need to use a spreadsheet to validate users access to the application, ?
Script that would pass "cookie" info and allow users to enter app without ID/PW. We have a custom logon.asp page the is using forms.
View 1 Replies
Mar 7, 2010
I am developing a website that has 2 roles of users.i have made 2 folders for each type of user's web pages. how to imply security so that 1 type of user could not see other user web pages.is thier any other way or i will have to check form the databse for credidentials every time the page is visited?Also let me know why do people put web pages in folders?i am not using sql membership and not even .net classes for role management.
View 7 Replies
May 12, 2010
using Login control after entering userid and password if i press enter it is navigating to the defaulturl page mentioned in web.config.what shall i modify so tht if i press enter i should login
View 3 Replies
May 12, 2010
I have just started to use asp.net mvc.
I have read this article about using ntlm authentication
[Code]....
it provides access to specific domain users
[Code]....
I want to restrict access to all my domain users only lets say
[Authorize(Domain="redmond")]
or do I do it via web.config
View 2 Replies
Mar 26, 2011
I am using the membership provider and am reasonably comfortable that all of my web pages are safe.Some of the pages contain hyperlinks to documents (pdf, xls, etc.) stored in a folder under the root of the web site. I have disabled the ability of users to anonymously list folder contents, but I don't see a way to keep anonymous users from accessing the documents if they know the specific URL for that document. Example; if the document contains a spreadsheet of current sales, I don't want an ex-employee (who captured the URL while working here) to be able to bring up the current document.asswording the documents isn't a good choice because there are hundreds and we'd like to avoid changing them all every time someone leaves, or weekly, or whenever...Is there a way to restrict access to all contents of a web folder to people who have been authenticated?
View 4 Replies
Mar 3, 2011
We deployed our usercontrols (gridView, textboxes & button) on sharepoint 2010 site, & everything works fine.
Now testing team are able to alter the viewstate value of controls through Fiddler and changed it with some junk characters, now after submitting
the form to server, it throws Invalid JASON Primitive (server 500 error)
In web.config file, by default EnableViewStateMac is true.
Is it any way to restrict the users or any way to stop the postback if some one alters the viewstate.
View 1 Replies
Sep 16, 2010
Foe getting Logon computer username i m using digest authntication mode. But when i browse website it's asking for username and password. while already windows login with the same username.
I understood that in this auhtntication mode it's required. But r there any configuration with it i am not getting this Prompt ? Any group ploicy ??
For IE i have added website into trusted zone but still it's asking for username and password.
R there any other way i getting Computer logon name in asp.net application. There are But only work when i run from Editor from IIS it's not retuning value.
View 2 Replies
Jan 4, 2010
I am trying to create a diary site which will allow users to enter rich texts (text, picture and video links...) and the outcome for each page will be an html file being saved under each users profile folder.If I create html files for every user entry, then these pages can be accessible if the path and file name is known for them... I am trying to have some secured html pages so that only the owner of those pages can have access to them after logging in.
View 7 Replies
Mar 1, 2011
I wanted to know how to add the feature- that user should be redirected to an error page where the error will be display, upon entery wrong username/password when trying to login through an asp.net login control?
1. how to redirect the user to an error page upon entering wrong username/password (from a login control which is placed on master page)?
2. how to pass the error to the error page so it can be displayed there?
View 28 Replies
Jan 28, 2011
I need to add features in login page.
1) Only allow user in three times attemps
2) After three times failed to login, the user will be restricted for 30 minutes.
I knew how to code for 1) but I do not how to do 2).
View 1 Replies
Jun 22, 2010
Can anyone explain how to make unique login in asp.net
<b>Problem:</b> If user is logged at a client machine and tries to login from other client machine at the same time, then he should be prompted that "You are already logged in, Do you want to continue?" on continue user should be logged out from other machine and logged in to current machine.
View 3 Replies
Nov 1, 2010
I need to restrict access to my website by physical PC. When a user signs up I want to be able to restrict access to one machine for that account so it cannot be shared round, if, for example, somebody else in the same office wanted to access the system on their PC they would need a seperate sign in.
I have done some investigation and I "think" the only way is installing an ActiveX component (which isn't an issue that is restricts to IE only) and then read the users MAC address. Am I trying to over complicate things or is that the only way? I realise that MACS can be spoofed but this is not much of an issue.
View 4 Replies
Aug 28, 2010
In my website, if one user registered from a computer, we have to allow that user to be able to access the site from that computer only. If he try to login from another system even in LAN, we have to deny the access.
View 5 Replies
Oct 12, 2010
how to make login control allow users to login by either username or email address
View 1 Replies
Sep 27, 2010
I have two application (one of this is mojo portal): [URL] for some users when they login into "app" then the login in "mojo" doesn't work and viceversa. I've set the machinekey into web.config file. When the users remove all cookies and session data the login works again. The two application are into a Web Farm. Should be ARR the problem?
View 2 Replies
Jun 23, 2010
i used security in login page which restricts all users who have not logged in to all pages. I need to restrict specific users to specific pages. I'm not using AspSqlService provider. So i cannot create roles and restrict automatically. And the pictures i use in login page are not visible @ runtime.
View 1 Replies
Jun 25, 2010
I have an asp login control that uses the standard aspnet database structure.I am using my own user identification system to identify a user based on login values that are not in the aspnet database and setting the user's aspnet database login to a universal login user and password.this works fine and I am able to test this by having one machine log in as "User 1" and another login as "User 2" but I am wondering if there is a limit to the number of user's that can be assigned to one username and password in the aspnet database for website access?Will the system reach the max number of user's in the aspnet database?
View 2 Replies
Jan 23, 2011
asp.net 3.5 IIS7 Hosted on Windows Server 2008 (virtual machine)
I have a website which have been running for about a year without any problems. Users have been able to login etc, but now I get reports about users not able to login while using Internet Explorer. Users using other internet browsers like FireFox, Chrome etc have no trouble logging in.
The website are using the standard Forms authentication.
Also lately another website has been setup in IIS7, but these sites are using application pool. I've stopped this webapplication in IIS, but that doesn't have any effect on my problem
I see that Windows Update have failed to install a lot of patches lately, not sure if that is related to this problem. But some of the windows patches are security patches.
View 5 Replies
Feb 25, 2010
I'm at the point where I want to allow users to register at my site and then allow users to login, so I am trying to get a feel for how everyone is handling this use case.
View 1 Replies
Aug 5, 2011
I've got a website project and I use my own login security and save the user and other info in session variables. Is there any way to know when they are online and offline by their user name I have in a session variable? Or do I need to use another method such as the asp.net user security?
I do know with the asp.net security I can check if a user is authenticated.
View 5 Replies
Jun 11, 2010
How the sites like stackoverrflow using the third parthy login id(gmail,blogspot), to login the site?How to do this in asp.net? Give me a idea to implement this in to my applicationi don'
View 3 Replies
Sep 9, 2010
I have a site witl forms authentication using te login control. I altered my sql server, I added a connectionstring and used the connectionstring in both, <rolemanager> and <Membership>. That part of the web.config is listed below.
The problem is that the login control goed to SQLserver to check the users and their passwords, but it goed to the SQLExpress database for the roles.....
[code]...
View 3 Replies
Apr 11, 2010
I have a Login.aspx in my application.
After users logged in, if they press "back" in the browser, it goes to the Login.aspx page.
But I don't want to show users the Login.aspx page when they are logged in. how to restrict users to see the login.aspx page if they are logged in??
I am using sql role based membership provider and standard login control provided by Visual web developer 2008.
View 7 Replies
Apr 25, 2010
I have a website that requires users to login, but I am having problems when authenticating a users.I create a user which works fine, I then test the login on the development machine and everything works fine the user is logged in.But if a try to login the user in via the live website (same database) I get errors stating that the login attempt has failed.I don't understand why it would work on the development machine but won't work with the live version of the website.
View 5 Replies
