Security :: Set Up Some Roles In Configuration Nothing Added To Web.config?
Feb 17, 2010
I quickly setup Roles to get my site up, but now I am going back and tightening them up. I have a custom SQL Server database Provider to hold users.I want 3 Roles, Admins, Progress and then a standard User.I have all the files only Admins to use are in a folder SecureAdminI have all the files only Progress to use are in a folder SecureProgress And all the files that everybody has access to are in the Secure Folder.As soon as I added the Custom XML Site provider, my Tree View disppeared. I would assume it's because my roles are not configured correct. I can use the ASP.NET configuration tool to see my roles and users, but any combination I try in there doesn't seemto do anything. I see most examples have some code like below.
[code]...
But even when I set up some roles in the ASP.Net configuration, I never see anything like that added to my web.config? Is this because it is stored in the database? If not, what what I add to my web.config to make this work?
View 7 Replies
Similar Messages:
Oct 21, 2010
When I drag/drop a Chart or ReportViewer control onto my page the web.config updates with said assemblies however my website fails to load. Removing the controls and assembly tags successfully starts the website however I cannot seem to understand why the website has issues when the Chart, for instance, is loaded.
The site is live within an intranet space which was originally created in .asp however the .aspx pages I create do work with other controls such as gridviews etc.It seems altering the web.config causes issues but I just want to know how I can get the chart etc controls working?
View 1 Replies
Mar 5, 2011
instead hard coding configuration of users and roles of windows authentication in web.config, is there any best way to manage them with out hard code?
View 1 Replies
Jan 10, 2011
I have three roles:
AdminEditorGeneral
How can i give acces so to:
1- All users in roles Admin and Editor
2- Specific users from role General
i tried this but with no luck:
[Code]....
View 2 Replies
Jun 3, 2010
I am not able to allow/deny users based on roles in the web.config (using <location path>). The following does not work even if the user is in the 'Admin' role:[Code]....
I am able successfully execute IsUserInRole() and GetRolesForUser() in the codebehind and get expected results. The same applies to the web.sitemap, adding roles in there do not seem to apply to the user even if he is a member of the role.
Here is my web.config (trimmed some sections out so it's not too long):[Code]....
And web.sitemap:
[Code]....
View 8 Replies
Jan 6, 2011
I am working on an Ecommerce website. I have created a database using Server Explorer named 'MyTestStore' and created Tables and Stored procedures inside it.
Than I used the program called aspnet_regsql.exe (which is in:
C:windowsMicrosoft.NETFrameworkv2.0.50727) to create the membership and roles tables. And this tool created all the membership tables in the MyTestStore database. All is fine till this point.
Enabling Roles:
Now I need to enable roles, insert admin and users into this membership tables in my database. so I opened up ASP.Net Configuration Tool but when I enable and create roles it automatically creates a database called ASPNETDB under App_Data folder whereas, I want to have the roles enabled in the database MyTestStore. But it keeps creating the database ASPNETDB. How do Imap the ASP.Net configuration Tool to create and add users into my database called MyTestStore instead of that default ASPNETDB.
View 6 Replies
Sep 29, 2010
I am "DomainMyDomainUserName" If I do this:
[Code]....
I can access the website I've created on my local machine in debug mode; and with my domain account as a local administrator, if I do this:
[Code]....
I can still access the website; and with my domain account in a Domain Group named "DomainDomainLocalSecurityGroup", if I do this:
[Code]....
I can still access the website; HOWEVER, if I create a Local Group on my machine named "LocalMachineGroup" and I add "DomainMyDomainUserName" to this group and I do this:
[Code]....
I get an Access Denied error trying to access the website. What I want to do is, have a group on my local machine (for testing), on a test web server, and on a production web server named "MyWebsiteUserAccess" with the same Domain Group (filled with Domain Users allowed access to the site) in all of these local groups; so that when I test the web application on my local machine, on my test web server and on my production web server, I don't have to change the Web.config file to have it work on each AND if the Domain Group name ever has to change, it won't affect access to the website.
What am I overlooking or is this even possible to do this way? I understand that there is a way to do Role Management through ASP.NET but I don't understand that well enough yet to implement that (and will probably go that route once I've done the research on how to best implement it for purpose of access control of this intranet site).
View 2 Replies
May 19, 2010
As mentioned in subject line I'm not able to configure role based website in IIS7. Please find details below.
Environment Details:-
.Net Framework: 3.5
Server: Windows 2008
Webserver: IIS7
Database: SQL Server 2008
Authentication Type: Form Based
Roles/Membership Provider: User defnied.
Problem:-
After setuped my website in iis7 while trying to Login in web page even I entered correct password it says Incorrect password in Login control.After long googling I suspecty that we need to add "Provider to trusted provider" to Authorized provider. I have gone http://www.iis.net/ConfigReference/system.webServer/management/trustedProviders/add but didn't works for me.
Can you anyone please help me in this.
View 8 Replies
Aug 9, 2010
I developed a site for a client a couple of years ago. It uses the the standard ASP.NET Membership, authentication, etc. I just added the profile section with (2) fields: CustID AgntID. Now whenever I load the page with any Profile code in it I receive this error: Violation of UNIQUE KEY constraint 'IX_aspnet_Users'. Cannot insert duplicate key in object 'dbo.aspnet_Users'. The INSERT statement conflicted with the FOREIGN KEY constraint "FK__aspnet_Pr__UserI__3CA9F2BB". The conflict occurred in database "broo001", table "dbo.aspnet_Users", column 'UserId'. The statement has been terminated. The statement has been terminated. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Violation of UNIQUE KEY constraint 'IX_aspnet_Users'. Cannot insert duplicate key in object 'dbo.aspnet_Users'. The INSERT statement conflicted with the FOREIGN KEY constraint "FK__aspnet_Pr__UserI__3CA9F2BB". The conflict occurred in database "broo001", table "dbo.aspnet_Users", column 'UserId'. The statement has been terminated. The statement has been terminated. Source Error:
[Code]....
Stack Trace:
[Code]....
Here is the code from my web.config:
[Code]....
Here is some of my page code:
[Code]....
View 3 Replies
Mar 7, 2011
I have a multi level application that I am developing and need to block multiple rows from being joined. I know how to hide one role but I cannot figure out how to hide multiple.
Here is my current code
[Code]....
View 2 Replies
Jul 20, 2010
I'm trying to programmatically encrypt the connectingstrings section of my web.config, using the below code, which I have gotten from here.
[URL]
The problem is that nothing happens when I click encrypt.
This is my code.
[Code]....
[Code]....
And this is the web.config
[Code]....
Has I understand is the section should be encrypted, but it never happens.
View 4 Replies
May 17, 2010
Newb question: what is the standard practice for assigning roles to newly signed-on members. Is it usually manual or is there a way of automatically assigning roles. Being completely new to this, I am confronted by the issue of my site having three different roles that new members could fall into, but am unsure about how to assign each a role. I can't imagine having to go through the process manually if I have thousands of members.
View 6 Replies
Nov 30, 2010
I want to be able to specify which roles having access to certain controllers in web.config and use it something like this:
[Code]....
..but the compiler says "Error 1 An attribute argument must be a constant expression, typeof expression or array creation expression of an attribute parameter type...". How to accomplish this behavior?
View 3 Replies
Nov 25, 2010
I can't seem to find this answer anywhere on google or stackoverflow, even though I'd thought it would've been an easy thing to do.
I want to understand how the system.web authorization tag on the web.config works, and what exactly each attribute and property does.
For instance, what does
<system.web>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
Specifically what I want to do is to disallow access to most of the site for unauthenticated users, allow access to some of the site for authenticated users who belong to a certain role, and allow full access to users from a second role.
View 2 Replies
Apr 29, 2010
Is it possible to specify that multiple roles are required inside the authorization element of the web.config file? I currently have this block in one web.config of my site for a specific directory:
<authorization>
<allow roles="Global, Region" />
<deny users="*" />
</authorization>
I've just identified a special case where a person with two lower-level permissions than Global and Region should also have access to this directory. Roughly, I want something like this:
<authorization>
<allow roles="GlobalManager, RegionManager, SiteManager && FooSite" />
<deny users="*" />
</authorization>
I realize I probably should have a new role for this scenario, but I'd like to avoid that.
View 1 Replies
Feb 21, 2010
When executing this line:
Dim roleRedirectSection As LoginRedirectByRoleSection = DirectCast(ConfigurationManager.GetSection("loginRedirectByRole"), LoginRedirectByRoleSection)
...I get the following error:
Message: "An error occurred creating the configuration section handler for loginRedirectByRole: Could not load type 'sitename.LoginRedirectByRoleSection'. (W:Webs2010DEVsitenameASP 4.0web.config line 10)"
<configuration>
<configSections>
<section name="loginRedirectByRole" type="journeyeast.LoginRedirectByRoleSection" allowLocation="true" allowDefinition="Everywhere" />
</configSections>
<loginRedirectByRole>
<roleRedirects>
<add role="Administrator" url="~/Account/Admin/Default.aspx" />
<add role="Employee" url="~/Account/Emp/Default.aspx" />
<add role="Teacher" url="~/Account/Teacher/Default.aspx" />
<add role="Student" url="~/Account/Student/Default.aspx" />
<add role="School" url="~/Account/School/Default.aspx" />
</roleRedirects>
View 1 Replies
Feb 23, 2011
I changed my application to use "InProc" sessionState instead of "Off" because I need to preserve user selected language from page to page doing localization.n web.sitemap I have this line:
<siteMapNode url="Admin.aspx" title="Administrator" description="Site administration" roles="Administrator" />
which before I changed sessionState to "InProc" worked as supposed to: menu item "Administrator" appeared as a menu choice only when user had logged in with admin rights. Now this menu choice is present for every user.
View 3 Replies
May 7, 2015
I am using this article [URL]...
And I want to add Role/s dynamically and also delete role/s in web config.
View 1 Replies
Apr 24, 2010
[ASP.NET 3.5, FormsAuthentication, SQL Server]
In the Roles table there is Role, and RoleType.
I have 3different roles, 2 of which have sub-roles.
Example
Role----------------------Type
Adminstrator
Subscriber---Basic
Subscriber---Business
I need to implement Code Access Security, and URL based security using the roles & types...
For instance, the (Subscriber/Basic) would need to view a different set of pages, and have different access to things then a (Subscriber/Business).
I think I can handle the Code Access security with a custom attribute, but I am unsure to how enforce a User be apart of 2 roles in the URL Authorization.
I am currently using the web.config to deny/allow access to the directories/pages.
e.g.
/Areas/Admin/web.config
[Code]....
Is it possible to force the user to be apart of 2 roles with this technique?
View 1 Replies
May 7, 2015
I want to add a new rule in my web.config file programmatically,
ex: I have a textbox to add location path I have a combobox (with items admin and user) to add roles. ex: user input location path = textbox roles = combobox (items admin and user) the save button, when click the save button the results go to the web config :
<location path="Report/ManageReport.aspx">
<system.web>
<authorization>
<allow roles="ADMIN" />
<deny users="*" />
</authorization>
</system.web>
</location>
So far my code as below: but I was confused to apply its
protected void AddRoleRule(string location, string selectedrole)
{
Configuration config = WebConfigurationManager.OpenWebConfiguration(Server.MapPath("~/Web.config"));
XmlDocument xDoc = new XmlDocument();
xDoc.Load(config.FilePath);
//if the rule exists update the rule
[Code] .....
View 1 Replies
May 3, 2010
I have deploy my web site, it contains a project!
in MyWeb there are all the aspx page and some entites datamodel, in MyApp there are the class with function like "getter data from DB" and there is a entity data model.
afeter the deploy, I have only the web.config and the connection string for the entity datamodel....itīs run ok, read/write the data on the DB.
The problem is with MyApp.....after the deploy it is a dll file and I donīt have the app.config and the entity inside it donīt run, not read/write nothing on the DB.
There arenīt error or messager but not read/write the data in the MyApp project.
all run on the iis 7
now...the question is:
I lose the connection string (in app.config) after the deploy?
Can I put a entity in the MyWeb and read it in another project (myApp)?
ps: for connect to DB I use not the c# code:
var db=from x in AccessDB.Example select x;
View 1 Replies
Jan 5, 2011
I am developing web applicaiton. I want to read web.config in App.config file. I have appSettings and connectionStrings in web.config. How to read that?
View 10 Replies
Jan 15, 2010
While using a third party dll I was getting the following exception - "exePath must be specified when not running inside a stand alone exe" with following trace
System.Configuration.ConfigurationManager.OpenExeConfigurationImpl(ConfigurationFileMap fileMap, Boolean isMachine, ConfigurationUserLevel userLevel, String exePath).
The reason I found was that it was looking for app.config and I had provided the details in web.config. My question is why does the system.configuration differentiate between web.config and app.config.
View 2 Replies
Aug 10, 2010
I upgrade my application from .NET 2.0 to .NET 4.0. Everything went smooth, with very few errors. Now the code is compiling fine, but run time environment is loading the configuration parameters from app.config instead of web.config;Here is my setup:Objects project: has app.configUI project: has web.config, When I run this site, it is fetching the configuration parameters from app.config. Any idea if I need to make any changes to read it from web.config instead of app.config? It used to work fine in my previous environment.
View 8 Replies
Jun 4, 2010
I built my ASP.NET website using vs2008 professional.
Now I have purchased vs2010 professional edition.
I do format my computer and then installed vs2010.
Now I want to deploy my website in vs2010, but it is giving configuration error in <add assemblies...
Configuration Error
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message: Could not load file or assembly 'System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'
View 2 Replies
