I am using if (HttpContext.Current.User.Identity.IsAuthenticated){ //do sth. } in my web service to do credential. Is that good enough? or is there some best practices that I can follow?
View 2 RepliesI am building a simple intranet site and want to get the employees user name, but when i use Request.LogonUserIdentity.Name , i keep getting the servers credentials and not the users. what am i doing wrong and is there a better way to do this.
View 1 RepliesWebApp1: on IIS and configured with Windows authentication. Get User account from AD.
WebAPP2: a java web app on another windows box in same domain with authentication from AD
On web app1, I have a http handler like
public class MyHandler : IHttpHandler
{
public void ProcessRequest(HttpContext context)
{
string url = "http://WebApp2/Test";
HttpWebRequest myReq = (HttpWebRequest)WebRequest.Create(url);
CredentialCache myCache = new CredentialCache();
NetworkCredential netCredential = new NetworkCredential("myname", "mypassword", "");
myCache.Add(new Uri(url), "Basic", netCredential);
//...
myReq.Credentials = myCache;
//....
}
}
in above way, I can set authentication in code and pass it WebApp2.
But I don't want to put name and password in code. User info already available on WebApp1: in context.User I can find out the user info who already logined into WebApp1, so I want to pass this credential to WebApp2. I have tried to do following:
myReq.Credentials = CredentialCache.DefaultCredentials;
but I am failed becuast there is no data in CredentialCache.DefaultCredentials.
How to create/define new roles ASP.NET MCV model?. I am using a sql server database and vb.net. I want to store the roles in database.There is already a table named asp_roles but not sure how to define a new role ans assign is to a user.
View 2 RepliesI've been using the CreateUserWizard to create my users as well as to assign them roles/permissions. My problem is that, once created, I have no idea how to edit or delete their details without using the Asp.net Website Administration Tool. Where can I get some extensive but easy to understand literature on the subject?
View 4 RepliesMy web application is on a Webserver that is in a DMZ .
the web application must save on the server in LAN some files, but the webserver cannot access the file server because has no right to access. i wouldn't create an account for the web server, but i would that any time the application has to upload a file onto the file server make a connection that encapsulate credentials, then the upload starts ,finally the connection closes.
Is possible with some Objects to do this type of work?
I have a multi level application that I am developing and need to block multiple rows from being joined. I know how to hide one role but I cannot figure out how to hide multiple.
Here is my current code
[Code]....
At one point this was working, but somewhere something happened. What I am trying to do is simply download a page from our local site. I keep getting the 401 unauthorized.
I have tried NetworkCredential("user", "password", "domain")
and
CredentialCache cc = new CredentialCache();
cc.Add(new Uri("http://site/"), "Windows", new System.Net.NetworkCredential("user", "password", "domain"));
but that didnt work . We are using Windows authentication with no anonymous access.
Here is what was once working:
WebClient wc = new WebClient();
string FileName = Server.MapPath(\App_Data\rpt.htm);
wc.Credentials = CredentialCache.DefaultCredentials;
wc.DownloadFile("http://site/Report.aspx?OrderNum=7534&Type=inv&BE=1", FileName);
Newb question: what is the standard practice for assigning roles to newly signed-on members. Is it usually manual or is there a way of automatically assigning roles. Being completely new to this, I am confronted by the issue of my site having three different roles that new members could fall into, but am unsure about how to assign each a role. I can't imagine having to go through the process manually if I have thousands of members.
View 6 RepliesI have 2 website A and B.
B site with windows authentication
I want to open B site as new window from A site, so its ask for windows credential. I have credential in A site. I am opening B site using Javascript.window.open.
how i can set credential for B site from A site.
[ASP.NET 3.5, FormsAuthentication, SQL Server]
In the Roles table there is Role, and RoleType.
I have 3different roles, 2 of which have sub-roles.
Example
Role----------------------Type
Adminstrator
Subscriber---Basic
Subscriber---Business
I need to implement Code Access Security, and URL based security using the roles & types...
For instance, the (Subscriber/Basic) would need to view a different set of pages, and have different access to things then a (Subscriber/Business).
I think I can handle the Code Access security with a custom attribute, but I am unsure to how enforce a User be apart of 2 roles in the URL Authorization.
I am currently using the web.config to deny/allow access to the directories/pages.
e.g.
/Areas/Admin/web.config
[Code]....
Is it possible to force the user to be apart of 2 roles with this technique?
I am runnign the SQL 2005 with Membership structure and two web-applications on the same server box. Each web application uses its own Application Name in aspnet_Applications table. There are two application names.
The users from web-app1 could not login to web-app2. Each web-apps uses different Application Pool. Each providers section of Membersip use correct applicationName from aspnet_Applications. The first application is working correct.
The problem is that sometimes the users could not login to web-application 2 during day. I get error Event code: 4006 Event message: Membership credential verification failed. The users start to login again after I Recycle - Stop - Start Application Pool of this web application.
I'm working on a website where it should be possible for registered users to upload word documents. The administration of users is done through Membership and Profiles. When the documents have been uploaded, the following needs to be achieved:Non-registered users should not be allowed to download documents I should be able to control which users that has access to which documents I should be able to register which user downloads which documents I should be able to track how many times a document has been downloaded
Can this be achieved be using Membership and Profiles?
I'm using a custom role provider (written by another developer) that uses our active directory username (obtained from HttpContext.Current.User.Identity.Name) along with a SQL table.
Anyways, when I update my SQL table to update my roles I need to close my web browser (Internet Explorer 7) in order for my new security to become effective.
I've tried using Session.Abandon() but that doesn't help.
How can I refresh my security?
Ideally I want something like: Roles.RefreshCurrent()
I am new to asp.net and developing an application where there will be some roles like (admin, entry user, maker, checker) one user can have all or can have partial roles based on the provided roles and the page should restrict functionality based on the user role.
What is the best way of implementing it without memberships in asp.net ..
I have used .net login control to authenticate user,i have three types of role ,role1,role2 and role3 and i have users and user have different roles.
now my requirement is like as per loggedin user i want to redirect user on particular page as per role.
for example if loggedin user role is role1 than he will redirect default1.aspx
for example if loggedin user role is role2 than he will redirect default2.aspx
for example if loggedin user role is role3 than he will redirect default3.aspx
and one question if same user may be have more than one role than what should happen???
I got a solution for same than if we are used "loggingin" event than it would be possible but i had placed login control in login view anonymous template because as per my requirement i want that after successfull login user can't see login control on page.thats why i didn't get the login control event on code.
In our system now, we have a class of user and beneath each class, there's a type of user.
Is there a way to setup and use the ASP.Net role provider with this kind of setup?
i am new to asp.net, i am creating a small website for my college, in that.
Only the admin's can create other users...
Now while using the nw registration wizard, i hav to mention the role also in that page.
can any one tell how to create the roles in asp.net? when ever Admin creates the roles, there it self he should assing the pages,which pages should be open when ever perticular person enters in to the site. When ever Admin wants to assing the Roles,all pages appear in grid view with check box,if he checks that pages,he able to access other wise he couldnot access that page.
View 1 Repliesi want to create a webservice that reading from the user identity interacts with a db, where there are app names and group that can use that app, and gives to the user a list of operation that he can use.
My question is, is there any table in apsnetdb that does this association or i should create a costum table.
Pls explain the Membership Roles in MVC ASP.NET 3.5
View 1 RepliesI know how use Roles in Controller:
[Code]....
In this situation, any one who is not "admin" can'nt vist the "About.cshtml". But what if I want anonymous can see part of the "About.cshtml"?
[Code]....
I know code above is wrong, But how can implement my goal in Views
I am looking for a way to distroy the ASP.net membership session for a specific user. The reason I am doing this is as an admin I want to delete a user. This works fine, but if the user already has an active session, he is still marked as "online" until this session dies (I verify each time by using Current.User.Identity.IsAuthenticated). How do I go about killing a session based on the user it's authorized as. This way when I do Memberships.DeleteUser(username) I can also do Sessions.KillByUser(username)[URL]
View 2 RepliesI have created 3 different folders (admin, user, viewer) in my site and each has a different template (masterPage). I created user and roles which are admins, users, and viewers. I assigned each role to a user in .Net administration Tool.
What I need to do is to allow each user to access his page only and deny access to others , except for the admin who can access all pages.
I'm trying to redirect users upon login based on their roles which were defined in the Administer website feature of asp.net.Heres what I'm trying protected void Login1_LoggedIn(object sender, EventArgs e)
View 2 Replies