Security :: Multiple Roles For Multiple Page Access?
Jan 20, 2011
I'm planning to make a page that has about 10 different pages for varying use, for example, stats, data entry, reports, logistics, audit, sales, promo, etc etc. I'm anticipating there will be many combinations as to what pages a user may have access to, for each page, a user ought to be authorized to either enter new data, edit data, print and/or just view.
My questions are :
1. can membership & roles be used, once user is logged in, to display links to all the areas of the web app he is allowed access to?
[code]....
2. besides having access to a particular page, a user should, as mentioned before, be authorized to either enter new, edit, print and/or just view data.
3. Is there a preferred/better method to handle this besides using membership & roles?
View 3 Replies
Similar Messages:
Feb 26, 2010
I have a web.config file with <authorization> section. I'm using window authentication.
The problem is that I would like to allow access to the web site to those users who are in multiple roles.
For example:
<authorization>
<allow roles = "Role1 AND Role2"/>
<deny users="*"/>
</authorization>
(Meaning I would like to allow access only to those user who are both in Role1 AND Role2.)
Is this possible to achive this?
If not, what would be the alternatives?
Note: Currently I'm doing the roles assignment in the Global.asax file in the OnAuthenticateRequest event (i'm reading the groups that the current user belong to in the Active Directory).
View 4 Replies
Mar 26, 2010
I have developed an asp.net website. I Have Used Asp.Net membership provider.My Question is , I Have Three Roles , For Eg: Basic, Intermediate, Admin ...Now , i need to apply two roles for single page say basic and admin .... How can i do this ... Plz help me .... Thanx in advance ......
if (Roles.IsUserInRole("Admin") == false)
Server.Transfer("AccessDenied.aspx");
View 6 Replies
Mar 7, 2011
I have a multi level application that I am developing and need to block multiple rows from being joined. I know how to hide one role but I cannot figure out how to hide multiple.
Here is my current code
[Code]....
View 2 Replies
Mar 5, 2010
This is my senario. I want user to login and if "LoggedIn" User has more than one role then it displays the list of radio buttons. After selection of the role user gets further privilages according to the role that he has selected.
I've a problem setting up the role. And user can change his role when ever he wants.
For Example "john" is the user having two roles "Account Manager" and "Project Manager".
View 3 Replies
Jan 10, 2011
I am using ASP.NET Membership with the default provider. I have a project where there are 3 different applications(seperated by the applicationName). Now I need every user to be able to log in to all the applications, but have a seperate role in each.Is this possible(I dont want to duplicate user details or logins for the same person)?
View 4 Replies
Jul 21, 2010
I have users that belong to more than one role and I have a login view for those roles but I only see the first role's content.
How should I be going about getting to see all content for the roles that user is in? My user logs in and is a member of MACED and ADMIN but only sees the links for MACED
[Code]....
View 3 Replies
Feb 17, 2010
I wanted to maintain the great features of ASP security control but i couldn't find a way to fit my purposes. I wanted to add in multiple user in one shot instead of one by one, So far using CreateUserWizard control only allow admin to add user once at a time. Is there a way to add in multiple user with a uploaded name list ?
View 3 Replies
Nov 11, 2010
Will someone point me to a tutorial on how to hide and denied access to certain pages based on what roles the user is in?
View 8 Replies
Apr 24, 2010
[ASP.NET 3.5, FormsAuthentication, SQL Server]
In the Roles table there is Role, and RoleType.
I have 3different roles, 2 of which have sub-roles.
Example
Role----------------------Type
Adminstrator
Subscriber---Basic
Subscriber---Business
I need to implement Code Access Security, and URL based security using the roles & types...
For instance, the (Subscriber/Basic) would need to view a different set of pages, and have different access to things then a (Subscriber/Business).
I think I can handle the Code Access security with a custom attribute, but I am unsure to how enforce a User be apart of 2 roles in the URL Authorization.
I am currently using the web.config to deny/allow access to the directories/pages.
e.g.
/Areas/Admin/web.config
[Code]....
Is it possible to force the user to be apart of 2 roles with this technique?
View 1 Replies
Oct 21, 2015
I have used multiple grid view on same page with multiple selectedindexchanged event but selected indexchanged event call only for first gridview.
View 1 Replies
May 2, 2010
I have an update panel in a user control and I am adding multiple instances of it for example 5.
When that update panel refreshes the page load occurs 5 times.
How can I prevent it only for once?
View 3 Replies
Apr 29, 2010
Is it possible to specify that multiple roles are required inside the authorization element of the web.config file? I currently have this block in one web.config of my site for a specific directory:
<authorization>
<allow roles="Global, Region" />
<deny users="*" />
</authorization>
I've just identified a special case where a person with two lower-level permissions than Global and Region should also have access to this directory. Roughly, I want something like this:
<authorization>
<allow roles="GlobalManager, RegionManager, SiteManager && FooSite" />
<deny users="*" />
</authorization>
I realize I probably should have a new role for this scenario, but I'd like to avoid that.
View 1 Replies
Aug 4, 2010
I have an application that needs to render a page that will have multiple Radio Button Groups as well as multiple CheckBoxes. The desired layout is determined by a database table.
table structure:
PackageID uniqueidentifier
PackageName string
ItemName string
RadioGroupName string
ViewControlName string
This table defines a "Package". The "Package" can contain many different "Items" that require different controls used in the View. The "RadioGroupName" field is used to mark which RadioButtons should be grouped together. The "ViewControl" field marks which control should be used on the View to display the field. The query in my repository will return a result set such as
1 / "First Package" / "Item1" / "First Group" / "RadioButton"
2 / "First Package" / "Item2" / "First Group" / "RadioButton"
3 / "First Package" / "Item3" / "First Group" / "RadioButton"
4 / "First Package" / "Item4" / null / "CheckBox"
5 / "First Package" / "Item5" / null / "CheckBox"
6 / "First Package" / "Item6" / "Second Group" / "RadioButton"
7 / "First Package" / "Item7" / "Second Group" / "RadioButton"
8 / "First Package" / "Item8" / "Second Group" / "RadioButton"
Given this result set, I need to render the view as follows:
A RadioButton group with 3 options (Item1, Item2, Item3)
A CheckBox (Item4)
A CheckBox (Item5)
A RadioButton group with 3 options (Item6, Item7, Item8)
I have read that it is possible to use "if" conditions and looping structures inside the View. I have also read that this is a bad practice. Another issue I see is knowing which Item has been selected from each RadioButton group when I hit the Controller POST function. Previously I have built a page that has a single RadioButton group. My ViewModel was as follows:
[Code].........................
View 1 Replies
Mar 29, 2011
I currently have a project that I seem to have ran into an issue regarding Roles and thought I would get some opinions on how to best handle the problem. The system will require editable, flexible roles that control not only the access of specific areas, but also the use of system functions (Adding Users, Editing Users, Viewing Reports etc.)The system currently allows users to have multiple roles, each of those roles has explicitly defined areas of access/actions, for example:
Role A can access areas 1,2,3 and can Add Users.
Role B can access areas 1,5,7 and can Modify Users.
Role C can access areas 4,6 and only View Users.
so a User could be in Roles A and C, and thus access : 1,2,3,4 and 6, and could Add and View Users.My first solution was to create a dictionary that would store all of the possible areas of access/access options into a Dictionary like so:
Dictionary<string,bool>
then when it is instantiated it pulls all of the properties from the database and then iterates through the roles to determine if they are accessible.All of that currently works just fine - however the project is quite Javascript/jQuery intensive so many of these options are called by client-side functions. I am trying to avoid having to wrap all of these client side functions with:
<%if(AccessDictionary[key])
//Enable or Disable Action
<%}%>
I am wondering about the following things: After a user logs in, what is the best way to store this Dictionary? Statically? In the Session?What would be the best method of storage such that the Dictionary will be easily accessed in the View? (As I currently see no way around wrapping my client-side functions)!
View 1 Replies
May 10, 2010
I have created a Web Control in ASP for use in integrating with Telligent CommunityServer. The control is written in ASP with some 10 lines of C# backend for controlling visibility of the UI elements based on permissions, but I'd say 90% of the functionality is straight-up Javascript. The control works beautifully, until you drop two instances of the Control on the same page--since they reference the exact same Javascript functions, only one control works. How can I take this functionality that I have, this 1200 lines of Javascript, and make it so that each instance of the control can reference its each unique instance of Javascript?
View 2 Replies
Jan 10, 2011
I have three roles:
AdminEditorGeneral
How can i give acces so to:
1- All users in roles Admin and Editor
2- Specific users from role General
i tried this but with no luck:
[Code]....
View 2 Replies
Nov 3, 2010
well i have a simple application using an authentication (user and password) before accessing and there are several roles bound to each user.
in my web.config i have configured the acces for each page according to each role, this is an example below:
[Code]....
and i have 2 users:
1: admin (default role: administrator)
2: guest (default role: role1)
my problem is as follows:
if i give acces to the user "guest" to open the "admin.aspx" page with changin him his role from "role1" to "administrator", this one do not function except if i recharge the web.config file to the server it's just after this manipulation that this user "guest" arrives to open the page "admin.aspx".
i don't know why this problem occurs, normally changing the user role will applies instantaneously.
View 6 Replies
Nov 16, 2010
I created a resiter.aspx page and active.aspx page. a user that register recieve authenticetion email and only after verifying the using a link verification (redirevt to active.aspx page) only then the user authenticated.
This pages are tested and working!
How can I use this page for several solutions? of course I can copy/past this pages. but then I will have to maintain the same code twice....I am looking for the best way to achieve
View 6 Replies
Mar 4, 2010
I need to design a system that will control access to certain information. The requirement from the user is to use access levels e.g.
Level 1 - Support
Level 2 - Manager
Level 3 - Senior Manager
Level 4 - Department Head
etc.
If a certain piece of information is marked as Level 1, then all roles should be able to view that piece of information. If it is marked as level 3, then only the Senior Manager and Department Head can view it, but the Manager and Support roles can't view it.
Questions
When I assign the access level to a piece of information, will I have to assign multiple roles to it in order for me to achieve this functionality? Is there a better way of doing this?
View 2 Replies
May 12, 2010
How can i ristrict access to controls depending on users roles, on a page.?
View 1 Replies
Jan 20, 2010
in my app i want to create two types of users. (1) 'staff' (2) 'admin'
i have a page called registration which basically creates a user. i used the asp.net configuration wizard to create roles and set access rights to certain pages and this works great.
however, if i was to deploy this app then users wouldnt have access to the asp.net wizard therefore not be able to create users with roles/access.
so how can i do this in code? can i create a drop down in the registration page with two values (staff and admin) which will represent roles and then another drop down with access rights? (allow/deny)
how can i now program these drop down and make it work like i would normally do using asp.net configuration wizard?
View 8 Replies
Feb 24, 2010
I've been developing a database system that stores test results from two different machines. (It's a foundry, each machine tests for the amounts of a collection of elements in a piece of metal. One machine does the tests on iron, the second on aluminium. Both produce the same list, but each machine will have much more of some elements than others.)
I used folder security to limit who has access to what folders, so there is a general page for anyone to view results from any machine in the root, one folder has a page to allow people in a particular group to edit/correct the iron results, and a second folder has a page to allow another group of people to edit/correct the aluminium results. Now, we've picked up a third machine which tests aluminium samples too, and it belongs to a third group of people. What is the best or recommended method to allow this third group to edit samples from the third machine only?
1) Should I have a third folder, and copy in the page from the other aluminium folder, and tweak it so it only shows and allows edits to results from this new machine? This seems like the quickest, easiest method, but a waste of effort as it's mostly duplication of existing work.
2) The other option I see is to keep one aluminium editing page, but to limit the results that are shown to the ones that the current user should be allowed to see. (One page which shows one group of people one half of the results, and shows a second group of people the other half of the results). Is there a way to achieve this that is almost as easy as using folder-based permissions?
3) Is there another way that I'm missing?
View 2 Replies
May 29, 2010
I have created a web application which has two section user and admin. Admin files are within
~/admin folder and user files are in ~/User folder. Admin and user has two different login page within respective directory.
Now I want two apply form authentication for admin and user section. Is it possible to apply form authentication for two different section in a web application?
View 4 Replies
Aug 8, 2010
I am working on an application that resides on a development server on our internal network. The application was originally written to use Membership and Roles. We got busy almost a year ago before the app was finished, and now we are trying to get it ready to use internally.
The login page works just fine, but I have lost the ability to controls users and roles. I am running Visual Studio 2010 Professional now on a Windows 7 VM. I can open the application fine but there is no Web Administration Tool available for me to manage users or roles. If I go to Website -> in Visual Studio, there is no option for ASP.NET Configuration in the drop down menu. It simply isn't there.
How can I regain access to manage users and roles for this application? We are using Forms authentication and the database resides on a SQL Server 2005 instance on a separate box from the web server and my local VM.
View 6 Replies
