I have a Login.aspx in my application.
After users logged in, if they press "back" in the browser, it goes to the Login.aspx page.
But I don't want to show users the Login.aspx page when they are logged in. how to restrict users to see the login.aspx page if they are logged in??
I am using sql role based membership provider and standard login control provided by Visual web developer 2008.
i used security in login page which restricts all users who have not logged in to all pages. I need to restrict specific users to specific pages. I'm not using AspSqlService provider. So i cannot create roles and restrict automatically. And the pictures i use in login page are not visible @ runtime.
View 1 RepliesIn the web.config file i have put some code in so that when users log in they will be re-directed to another part of the website which only registered users can access. for the admin part only the admin can log in and it takes him to the admin section and that works fine. it is only this that is causing me problems.
the code i inserted for which the user needs to be diverted to is:
<location path ="UserLoggedInFindUs.aspx">
<system.web>
<authorization>
<deny users ="?"/>
[Code]....
I have created a forgot password page with a PasswordRecovery control in it.
<asp:PasswordRecovery ID="PasswordRecovery1" runat="server"
BorderColor="#E6E2D8" BorderPadding="4" BorderStyle="Solid" BorderWidth="1px"
Font-Names="Verdana" Font-Size="0.8em" Height="210px"
onsendingmail="PasswordRecovery1_SendingMail" Width="491px">
I want to redirect the user back to the login.aspx page once the user clicks the Forgot Password button.
I know how to identify the current user during a specific browsing session and can thus control the data, etc, made visible to that individual user. I also know how to find out how many users logged in within the recent past, using:
Membership.GetNumberOfUsersOnline()
.... which I believe calculates the number of users who have logged in within the past 15 minutes. However, I would like to know if there is any way to identify all the users who are logged in at a point in time. Is this possible?
I am using ASP.Net Forms based security with the login control. On my site a user will make a number of selections that will be written to a database. Is their a unique user id that I can get from the AspNetSqlProvider that I can use to id users in my database? When a user logs back in after being away I want to be able to retireve the users information using this id.
View 7 RepliesI need something to secure my PDF files link ...
i have a page like http......../folder/userName.pdf
i need to to encrypt the file name ( i put it "login userName" ) ...
how do i let logged in users download their pdf files without knowing the URL above , for security reasons only ...
I used [URL] as a guide and have something configured to show me the users which are logged into the system. This uses the aspnet_Users.LastActivityDate column to see when someone last did something on the system. It also uses the userIsOnlineTimeWindow within the web.config to determine whether a user is online or not.
But because of this userIsOnlineTimeWindow limitation of .NET, even when someone logs out of the system or closes their browser window, the system still sees them as being online. Also, if they are on a page and don't do anything for 10 minutes, the system will show them offline until they refresh their page or go to another page. know of a better, more real-time way to tracking users which are logged in, logged out, etc?
I don't want to wait 10 minutes for the system to show that a user is offline and also if there's 10 minutes of inactivity, it shows them being offline.
I have a site where the admin can log in to make changes to his content, but while making changes (using a specific asp.net control) with no page loads or callbacks while editing, the user is sometimes being logged out.
I want to increase the time it takes for the system to wait before logging-out inactive users.
I'm using the standard membership provider.
How do I keep the pages from time out when users are logged in?
View 3 RepliesI have a web application with a login form. A user enters a user name and password. If they exist in the database the user is authenticated using these two lines:
[Code]....
The problem is that when a user logs in at first he is logged in as himself. When navigating on the web application for a while the user assumes the identity of another logged in user. This happens all the time. In my web.config the authentication mode looks like this:
[Code]....
The site does not use ASP.NET session variables. Instead each page initializes a Singleton class, which stores itself in a static class variable, always accessing the users data already read from the database. The Singleton implementation is:
[Code]....
Could the problem with assuming another logged in users "session" be related to static classes in my application or a Forms Authentication configuration or a configuration in IIS (e.g. is it possible for users to have their own process?).
I have designed a navigation structure that is customisable from within my application and linked to the users role.
So I can restrict what menu items a user gets based on their role.
I have managed to do this quite well using SQL Tables and an ASP.Net Menu.
I can get it to only show the menuitems that are marked active and I have created an Stored procedure to get the menu items for a particular role.
Where I am struggling is getting the Logged On Users Roleid to pass it to the Stored Procedure.
I can get it using a regular aspx page but my menu is on my masterpage and I do not want to have to code it in each and every page.
I even tried to do it with a user-control but same happens. It seems that the User class is just not available when in a masterpage.
how I can pass the roleid from a Class or something or from the page to the masterpage?
When user logout, we redirect him to the login page. I show a message "You have successfully logged out." on login page using query string. But when user refresh the login page the message still appears. How can I make sure during subsequent refresh, the login page should not show logout message. Here is the code:
login.aspx
[Code]....
logout link executes the following statement:
[Code]....
At work, I'm currently doing an ASP.NET project, where I have to connect an MS Access file to ASP.NET.
This has been done successfully. Next, I had to create a login page, this has been succeeded as well.
Now I have make sure everyone sees unique queries from the database. Example: There are 12 queries in the database; one person has to see another query than the other person can see. But there are some products, which everyone has to see as well.
How do I do that without creating server errours (I get them a lot with one little change).
For some reason my users are logged out of the system every 10-15 minutes or so...regardless of the configuration below....am I missing something?
[code]....
In the web.config file i have put some code in so that when users log in they will be re-directed to another part of the website which only registered users can access. for the admin part only the admin can log in and it takes him to the admin section and that works fine. it is only this that is causing me problems.
the code i inserted for which the user needs to be diverted to is:
<location path ="UserLoggedInFindUs.aspx">
<system.web>
<authorization>
<deny users ="?"/>
[Code]....
I installed my asp.net application on server (Windows Server 2003, Standard Edition, SP2)
I already set:
1. In ASP.NET Configuration Setting: I set Authentication to None.
2. Check Enable anonymmous access.
3. Uncheck Integrated Windows Authentication.
But the brower always show Authentication Required Dialog.
If I ignore this.
It show this error:
Access is denied.
Description:
An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.
Error message 401.2.: Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server. Contact the Web server's administrator for additional assistance.
how to make login control allow users to login by either username or email address
View 1 RepliesI have two application (one of this is mojo portal): [URL] for some users when they login into "app" then the login in "mojo" doesn't work and viceversa. I've set the machinekey into web.config file. When the users remove all cookies and session data the login works again. The two application are into a Web Farm. Should be ARR the problem?
View 2 RepliesWe are developing for a customer a series of .NET intranet applications currentlydeveloped in ASP. However we would like to avoid the users the annoyance of having of login twice when they pass from one .NET application to an ASP one, Is there any way to export the session data from one application to the other?
View 1 RepliesI have created a simple ASP.Net page to create self printable tickets so non-technical people can change the text and layout of a ticket. Obviously the user has to be logged in to be able to print their tickets.
When providing the URL for wkhtmltopdf to convert, the tickets are not created because wkhtmltopdf does not have a session to prove the user is logged in.
Is it possible to pass the session to wkhtmltopdf in the URL, or is their a better solution?
I Have an asp.net application in which i have used asp.net membership for authentication. Wat i need is , i need to check whether user is already logged inn. If user logged in , in a computer ... At the same time same user logged inn from another computer , then for the second time logged inn , a message should be displayed Already logged inn
View 1 RepliesCan anyone tell me how to detect when a users session has exipred in asp? I want to redirect users to a logged out page once the session has expired.
View 3 RepliesI have set up user accounts on my project. I don't want users to be able to go to their shopping cart (ViewCart.aspx) page unless they are logged in. How do I accomplish this?
View 1 RepliesMy login page has images and CSS applied to it. When I run my site locally (start without debugging), it brings up my login page, but none of my images are displaying and my css isn't linking. I'm referencing correctly, I promise. However, when I view this page in VS's Design view, it shows the images and CSS. Also, if I run it and log in, and click the back button, everything shows up (images/css)! But if I logout (which redirects me to the login page), my images/css isn't there! Its as if the page can't reference its own resources unless the user is logged in. WTH. I'm only having this problem on my local VS server; it seems to work fine when I put it on the live server (woot). Anyone know why this is happening?Here is a portion of my login page that is requesting the image/css:
<head runat="server">
<link rel="stylesheet" type="text/css" href="styles/BodyLayout.css" />
<title>Optoma USA - Login</title>
</head>
<body>
[Code]....