Security :: Secure Admin Exception In Website
Jun 10, 2010
I have a secure admin section in my website, only logged in users can gain access to this section, its controlled from the web.config file like this
[Code]....
This has all works perfectly well until now. Ive created a page that has an accordian control on it from the ajax control toolkit, as soon as I place this control on a page and run the web page, I get this error
View 1 Replies
Similar Messages:
Mar 1, 2011
I am currently designing an ASP.Net web site where does not required any user login on the page. However, I do need to put an Admin page up along with this web page for my client use to manage the content on the page (e.g.: Change Pictures, Updating News). For security reason, I do not want to include a separate page sit reside in the site, so nobody can even try access to the page [URL]
View 6 Replies
Dec 3, 2010
I have a simple online store where there are products that can be put into a cart and purchased. There is a admin page that can be logged into so that new products can be added or existing products can be removed or edited. To get to the admin area I need to put a /admin/index after the main page loads up. If I want to give my friends (from any location) the ability to add new products should I create a link to the admin area on the main page (like at the bottom) of the main page or should I just tell them to type in /admin/index after they go to the webpage?
View 3 Replies
Jan 7, 2010
I am working on an application to read some data from a website that requires a login.
I am using the WebClient class to read the page.
For example if I have a page http://www.something.com it can read the page fine.
However If I have a page https://www.something.com/secure/ than it requires authentication.
I have the username/password required I just need to know how to pass it in using C# .net.
View 4 Replies
Oct 24, 2010
I have a custom mini login user control that I have embedded in the top of my website which shows on every page. These pages are non-secure HTTP://. I would like to avoid having to redirect the user to a HTTPS page to perform the login but I definitely don't want to send login credentials to the server in plain text.
I am trying find a method to send the user's login credentials encrypted via https from a non-secure (http) page.
I tried to set the postbackurl for the login button to itself but in https, but the user's input is not retained and the buttonLogin_click is not fired when I set the button postbackurl property. My ASP.net web application is VB.Net framework 4.0
I am assuming this can be done because I see lots of websites where login fields are on available on every page and they are running http and I can believe they are not encrypting the login credentials.
View 3 Replies
Oct 31, 2010
I am using files on web-site,written in C#, VS 2008, framework 3.5.I have the following exception :request for the permission of type system .security. permissions, fileiopermission, mscorlib, version = 2.0.0.0, Culture = neutral, PublicTokenKey=b77a5c561934e089' failed How can I overcome this exception (writing something in web.config,my code,assemblyInfo.cs)
View 9 Replies
Mar 29, 2010
I am using Membership.DeleteUser("username",true) method to delete the user from DataBase. This works fine in my local machine. When i publish the same code, i am not able to delete the user..... it throws an javascript error saying..... "Login failed for user NT AUTHORITY/NETWORK SERVICE"
View 5 Replies
Jan 7, 2011
I want to put my website project and admin website under same project as I want to use session and authentication of the main site. Also I want to show the admin, the page, where he has made changes. But the problem is whenever I will change anything in admin pages, I've to build the entire website. I don't want to do that. Can I build that separately?
I don't want to choose the option of building all pages separately as well.
Is there any alternatives of doing that. Separate projects for admin and website will come up with many other challenges. So I would like to avoid that.
View 2 Replies
Jan 22, 2011
I can't get past the "Test" link on the "Provider" tab in my Web Site Admin Tool (WSAT).
I'm running SQL Express (10.0.2531.0) and have created my "ASPNETDB" database using the version of aspnet_regsql that came with .Net 2.0. (When that work, I re-ran the version that came with 4.0.)
I have the following in my web.config:
[Code]....
And this:
[Code]....
When I go into the WSAT, to the Provider tab, I select "AspNetSqlProvider" and click test.
The error message I get is this:
Could not establish a connection to the database.
If you have not yet created the SQL Server database, exit the Web Site Administration tool, use the aspnet_regsql command-line utility to create and configure the database, and then return to this tool to set the provider.
View 2 Replies
Mar 22, 2011
Working on my first asp.net webpage. i have followed video tutorials and implemented asp.net membership for login/security.Using Visual Studio 2010 i can open the Asp.net configuration page for management locally.But then if I want my site admin to manage users/security online, how is this done? Like manage through a web browser. I guess this asp.net configuration GUI is not available on the internet?
View 4 Replies
Mar 11, 2011
I am creating an application hosted on GoDaddy.com. The base files are kept in a folder called /sky while the Admin files and User files are kept in /sky/Admin and /sky/User respectively. I'm having difficulty configuring the security so that when a user tries to access Admin or User files they should be redirected to the login.aspx file in the /sky folder. I keep getting an error that its trying to access sky/sky/login.aspx instead of just sky/login.aspx.
Here are the relevant sections of my web.config file.
<?xml version="1.0"?>
<configuration>
...
<location path="sky/admin">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="user">
<system.web>
<authorization>
<allow roles="Admin,User" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="login" loginUrl="login.aspx" />
</authentication>
...
</system.web>
...
</configuration>
Can someone point me to articles or provide assistance with the proper configuration?
View 3 Replies
Oct 11, 2010
How do you create your web site data admin for your customers. Do you do them programatically or do you use any specific tool?
I have been using AspMaker and is not a bad option but I'm sure there are a few more options out there. I've seen that MS has a Web Data Administrator but for me it looks more than an sql server web admin tool rather than a frontend that has the business logic.
View 1 Replies
May 25, 2010
I have an asp.net website for a car dealership. I wanted to create an admin site where personel from the dealership can add and delete cars to the site. how do I get started? what shall I read up on? I've read some of the security knowledge to add login and user accounts and what not, but now I am after setting up the website to allow this. do I need a sub domain to allow this? is that the only way? the web hosting company I am using (discountasp.net) will make me pay more $5 a month to use sub domain
View 4 Replies
Jun 24, 2010
I am planning to develop around 4 product catalogue websites. The functionality of all the websites would be same. however the design, images and css would be different.
All the 4 websites will use the same admin panel, forums and database(MS Access) also.
How should I create such a system.
I dont understand what kind of folder structure should I create.
I would like to create following kind of folder structure.
(Root Folder)Admin Website ----> Website 1 (subfolder)
----> Website 2 (subfolder)
----> Website 3 (subfolder)
----> Website 4 (subfolder)
Root folder will have the database and all the common files.
Unfortunately, when I tried to create such structure, Dot Net Didnt allow me to create one website inside another
what kind of system should I use for maximum reusability.
I am a small time freelancer and cannot afford to build seperate websites for each of my client.
View 4 Replies
Sep 3, 2010
i wanted to give an email option to the admin of a website where he can enter multiple email id's and a costamized text etc , and the sending message must be stored with the details of the timings and date and to whom in send.
View 4 Replies
Sep 16, 2010
I am currently developing a website for a friend of mine who is a dj. I have a login page, which works fine however i want to inplement a menu that only users with the Administrator role can view. I have done alot of research and i have found ways to stop a user from visiting a page, when they click on it it takes the to the login page. But i want to completely hide the menu from Non Admins.
View 4 Replies
Feb 24, 2011
i want to put secure payment gateway for website.
View 3 Replies
Sep 18, 2013
i have designed a website in that i have image tool but the image must change dynamically the changes is made in admin page.. by which tool we cn obtain that......
View 1 Replies
Jun 7, 2010
I want to secure my certain web page of site, Displaying lock icon at status bar of browser. How do I achieve this in 2.0 using any default certificate?
View 6 Replies
Feb 1, 2011
I have a web service that is set as secure via the web config:
<authentication mode="Windows" />
<authorization>
<allow roles="METWeb-Admin"/>
<deny users="*"/>
<allow users="METJoeUser;METJoeSmith"/>
</authorization>
And also in IIS 7 (Windows Server 2008) it has the following set for Authentication:
Anonymous Authentication:Disabled
ASP.NET Impersonation: Disabled
Basic Authentication Disabled
Forms Authentication: Disabled
Windows Authentication: Enabled
The anonymous site I am calling it from in IIS7 is:
Anonymous Authentication:Enabled
ASP.NET Impersonation: Disabled
Basic Authentication Disabled
Forms Authentication: Enabled
Windows Authentication: Disabled
In the Anonymous web site, I call the secure web service via:
moms.momService myMom = new moms.momService();
NetworkCredential netCred = new NetworkCredential(@"username", "password");
strStatus = myMom.createBackupDirectoryAndPrivs(sData);
Everytime I run this, it returns as Unauthorized. I have made sure this user is in the Web-Admin AD Group. I also tried adding the user as an Allow User but still unauthorized. I am pretty sure the problem lies somewhere in IIS but not sure what else to check.
BTW: For what it's worth, if I run the Anonymous site via VS2010 development on my dev box, and call the secure site using above code, it works fine. This is why I am thinking IIS on the PROD server.
View 1 Replies
Dec 3, 2010
I've to download files from our 38 clients secure websites. They are our data resources. Currently data collection process is manual. Logon to the site, login with username and password, then download files, save to local folder, close window once download is completed. We are trying to automate download process. Plan is to handle login part with code and directly show list of filename to User with check box , so User can select files and click to save.
Rest all will be handled programtically. Once download is complete the status for that file will change to "Saved" or "Download Complete. I'm working on Window 7, VS2008(C# asp.net). Trying to make it work with WebClient class. It'll be great if you can post some source code or guide me to link or post for solution.
View 2 Replies
Dec 22, 2010
have table for users have a some attribute one of them admin attribute have a bit data type when the user is admin it is true and i have ligin page and control panal page i want throw login page check for the user to redirect him to control panal if the user is admin the control panal will be displayed with moreoptions any one how can i doing this with select statement
View 2 Replies
Dec 12, 2010
if I have this code:
How can I run the cmd using and admin rights? Is it possible to run the command using an admin name and password?
[Code]....
View 1 Replies
Jul 31, 2010
I have a small requirement i.e if any user forgot the passwordhe would like to reset the password by contacting an admin or mailing. Now if the admin logged in he will check for the user name if the user name matches i would like to send a mail to that user by resetting the password
View 2 Replies
Mar 17, 2010
i am currently checking to see if the logged in person is an admin, by putting a check in the page_load function. (same thing to see if the person is logged in at all)
is there a better way to do this? or should i just go ahead and put my check on every single page?
View 1 Replies