Security :: Track IP Adress Of User?
Apr 6, 2010
Actually i need to track IP Adress for secuity and Requirment of my project. So anybody can tell how i can get IP Adress of user?
I am developing a module on that user can just register only one time for one Specific IP Address. User cant register 2nd time from Same IP Adress.
So for that i need to Trace IP Adress of Register user.
View 5 Replies
Similar Messages:
May 7, 2015
I did a winforms applicaion using C#. I has 'n' number of forms.I like to track application usage time from user login to application exit.
View 1 Replies
Aug 8, 2010
How can I find the current url (in adress bar)?
View 1 Replies
Jan 15, 2011
using vs2008, asp.net, c# .net3.5 In this control;s ActiveTabChanged event, the ActiveTabIndex property stays 0 no matter which of the 3 tabs I select. Why is that? I want to keep track of which tab the user has selected and store this in the seesion variable so when refresh or bookmark by the user is would done properly. I was advised to possibly do this by saving the ActTab instead of the ActiveTabIndex. The problem then is how do I set the ActiveTab of the Tabcontainer, I mean how do I cast the Seesion variable so I can assign it like tabScien.ActiveTab = (castType)(Session["SavedActiveTab"]);
View 4 Replies
Sep 17, 2010
I would like to develop a web application in which I can track the details(IP address...etc) of my website visitors....using vb
to implement the above web application
View 1 Replies
Sep 23, 2010
I've got a dynamic page where I'd like to track the time the user spends on it.
View 5 Replies
Jan 21, 2011
I'm making a small portal in ASP.net (with C#.net4) where users can login and add, edit their personal information (PI). But I don't get how to load information (stored in a SQL server DB) in the page when a specific user is logged in.
For example: If Sam is logged in, he can view his PI. When Vicky is logged in, she can view her PI.
View 4 Replies
Dec 28, 2010
The Register action gets called in the Account controller, showing the RegisterViewModel in the Register.aspx view. The form in Register.aspx is submitted/posted with answers to all of the form questions, except for the security question answers. If the user is created successfully, then I'd like to go to the GoToSecurityQuestions view using the code - return RedirectToAction("GoToSecurityQuestions", "Account"); I need to be able to keep track of the user name or ID of the newly created user so that I can persist the security questions to the database records related to the user. What's the best way to keep track of the user info between the [HttpPost] Register( ) and the [HttpGet] GoToSecurityQuestions( ) ?
[HttpGet]
public ViewResult Register()
{ return View(new RegisterViewModel()); }
[Code]....
[Code]....
[Code]....
[Code]....
View 2 Replies
Mar 25, 2011
My intention is to give the user a flexible user control on a master page that does the following:
When navigating, a child page will pass the URL (with querystring) and PageTitle to the user control. The user control will take those two parameters and insert them as a "breadcrumb" object at first index of a List<breadcrumb> collection
This part works fine through the use of a Repeater with a LinkButton contained in an ItemTemplate. The user sees each of the pages he has been visiting in descending order, the provided benefit is a quick way to re-open records they have recently modified or created.
The part I'm having trouble handling is what happens when the user clicks the LinkButton, which is that the child page adds a new reference to the URL at the beginning of the List<> collection and I cannot seem to control the behavior of removing the LinkButton before it gets re-created. What I've tried doing is:
List<>.RemoveAt(RepeaterCommandEventArgs.Item.ItemIndex);
Repeater1.Controls.Clear();
Repeater1.DataSource = List<>;
Repeater1.DataBind();
While that should work, my CreateBreadCrumb(string url, string title) function gets called by the child page before the UserControl detects the Repeater1_ItemCommand event, so in effect it appears that the wrong ItemIndex is being used for removal.
View 1 Replies
Jun 26, 2010
i am working in asp.net and csharp, we have 10 user, but certain user only need to put dataentry. how to enable and disable based on the user to access certain form ,like add, modify view options.
View 1 Replies
Jan 27, 2010
I'm experiencing a to me mysterious error when sending e-mails through a SMTP-server from an ASP.NET web application. I get the famous error "unable to relay for xxx@yyy.zzz". What's mysterious to me is that when I cut and paste the exact same code that sends the e-mail into an usual .NET Windows Forms application, send the e-mail with this application, it all works just fine. This made me think that perhaps the problem is that the ASP.NET application runs as NETWORK SERVICE while the Windows Forms application runs on a domain user account, but it turns out that I have another ASP.NET application sending e-mail through the same SMTP-server running under NETWORK SERVER at the same IIS, and this application does not experience this problem.
I've further tried to send e-mails through the SMTP-server manually by telnet the smtp-server on port 25 and running the SMTP-protocol manually, and it all works fine. The SMTP-server is not configured with any kind of authentication or SSL.
Another mysterious fact is that the ASP.NET application can send e-mails from an adress within the same domain to an e-mail adress within the same domain, but not to any adress outside of the domain. But the Windows Forms application, that uses the exact same code, can send e-mails from any adress to any adress both within AND outside of the domain.
So to summarize:
The ASP.NET application can send
e-mails from addresses within the
domain to adresses within the domain,
but not to addresses outside of the
domain.
A Windows Forms application running
the same code on the same computer
can send e-mails from ANY address to
ANY address.
Another ASP.NET application on the
same IIS running under the same
account (NETWORK SERVICE) can send
e-mails using the same SMTP-server
from ANY adress to ANY adress.
There is no authentication configured
on the SMTP-Server.
Both the ASP.NET application and the
Windows Forms application utilizes
the System.Net.Mail.SmtpClient class
to send a
System.Net.Mail.MailMessage.
The code that sends the e-mail massage is:
private void button1_Click(object sender, EventArgs e)
{
MailMessage mesasge = new MailMessage(txtFrom.Text, txtTo.Text, "Test mail", txtBody.Text);
SmtpClient client = new SmtpClient();
if (!(string.IsNullOrEmpty(txtUserName.Text))) //Is false since txtUserName.Text is empty
client.Credentials = new System.Net.NetworkCredential(txtUserName.Text, txtPassword.Text);
client.EnableSsl = false;
client.Host = txtServer.Text;
client.Port = 25;
try
{
client.Send(mesasge);
}
catch (Exception ex)
{
txtResponse.Text = ex.Message;
}
}
As far as I can understand, this should be a matter of configuration rather than coding issues.
View 2 Replies
Mar 17, 2011
We are using membership provider for LDAP authentication. It is working as it should.
But what all configuration settings I have to do so that
all the future requests to this application run under the security context of the Logged in user account not through the some default user set in IIS.
We need to have this working because all the permissions on the database are based on the logged in user.
We are using form authentication for LDAP authentication. And having impersonation = true in web.config.
View 1 Replies
Nov 19, 2010
I have identity impersonate = true in the Web.config file. I have integrated security = true in the DB connection string in the Web.config file.Before identity impersonate was true,users were able to access the DB through the web service account (seemingly).Now I get an error which says " Login failed for ... " because I am aware there is no specific account for that user in the permissions for that DB instance.I needed to set identity impersonate = true because the web service does not have access to the Active Directory,which I need to retrieve certain user information.
My question is,does identity impersonate = true override the integrated security and attempt to user the authenticated user's account to connect to the DB? Is there a simple way to prevent this in the Web.config itself?If not,would programatically impersonating the user within the Active Directory query functions and setting identity impersonate = false do the trick here?
View 2 Replies
Jul 22, 2010
I have created user web control library project and these controls i'm using in my web application. These User controls just works fine in my local machine but when i moved this project(including Library) to our Local server , it is throwing security exception
Error 1 Cannot register assembly "LocalServerLibraryDemoLibraryDemoLibraryinDebugLibrary.dll". Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. Library
Anybody knows why this error occuring...?
View 2 Replies
Jan 30, 2011
I simply want to know how to manually check if the value a user has provided for the answer to their security question matches their current answer on record. I want to use the build in support of the membership and membershipuser objects.
I see that via the passwordrecovery control that the actual answer can be returned. However I am currently not using this control and it would take a good bit to integrate it as it does not meet our user's requirements.
In a worst case scenario, getting the actual answer (like the passwordrecovery control does) and manually checking it in our application would be acceptable.
A best case scenario is some sort of API where I can pass in the user name and the answer to their security question that was provided and simply get an indication of whether answer was correct or not.
View 5 Replies
Feb 24, 2011
I'm trying to allow logged user who are in department XYZ to perform some task for my third party App. I have two SQL tables named Users & UserList. The third party app (GoldMine) graps the USERNAME from the Users table and store it as UserID which I then referecnce SessionID. The UserList table has two columns (GM_UserName & Department) which I'm interested in. When a user login into the 3rd party app (GoldMine), i then compare the USERNAME (from Users table) to GM_UserName (from UserList table) and see whether GM_UserName is in = 'Dept XYZ'. Take a look at the SQL query below.
sqlDept = "SELECT USERNAME FROM Users LEFT JOIN UserList ON UserList.GM_UserName=Users.UserName WHERE UserList.Department ='Dept XYZ'"
I'm able to do this.
If Session("Userid") = "TestUser1" Or Session("UserID") = "TestUser2" Then Do this Else Do that End If
BUT unable to do this...
If user's Department = 'Department XYZ' Then
Do This
Else
Do that
End IF
View 2 Replies
Dec 23, 2010
I have implemented Forms authentication in an ASP.NET MVC 2 website
By using <%: Page.User.Identity.Name %> on the Site.Master page I can display the userid of the logged in user.
I would like to use this value and display other information about the user that is stored in a User table in a MsSQL database, like:
<%: GetFirstname(Page.User.Identity.Name) %>
View 2 Replies
Sep 7, 2010
I Have Question : Can I Edit Create User Wizard To Save Info To My Project Sql ? And Where Normal Create User Wizard Save Info Of Register?
View 5 Replies
Jan 7, 2011
I deployed a website where a logged user or an anonymous user can select data and download a XML file. The website generate the XML file in the server and then deliver it.
It works fine in my development environment, but after deployment, the anonymous user can download the file, but the logged user receive this error:
System.UnauthorizedAccessException: Access to the path 'd:HostsLocalUserheringerwebsiteUpload20110107094051.xml' is denied.
It is weird that as anonymous i can do it.
The website server help states this:
"Grant write, modify, delete access rights on website's folder
Your website executes under unique user account that by default has full control over the website's folder.
So your application can create, open, read, write and delete files and folders inside of your root folder.
There is no need and no way to change this permissions.
If, when running ASP.Net application, you still unable to create file or update it, you have to check your Web.Config file for "<Identity impersonate..." tag and remove it.
The only exception is when the application tries to modify a file or folder in "Application_Start" event of Global.asax file. This is by design that user authenticated only after the Application_Start even. Before the user is authenticated your website runs under an identity of Application Pool which is "Network services". That account doesn't have access to the folder of your website.
To make it work you eather have to move the code that tries to modify files or folders out of the "Application_Start" event of the Global.asax file or inside the event you'll need to impersonate your user by code."
But i am not using impersonate and the tag is not in my web.config.
View 2 Replies
Jul 25, 2010
I am createing user dynamially with the below code; string MyPassword = Membership.GeneratePassword(8,0).ToString(); Membership.CreateUser(TextBox7.Text, MyPassword, TextBox8.Text); but before I start creating, I would like to check if the user name is used before or not.
View 2 Replies
Mar 25, 2010
I facing a problem here. how can I make the create user wizard category all the new user become normal user role? I have created 2 role which is Manager and Normal User. Normal User can't view the Manager page. But after i create a new user account, i can view manager and normal user page. I want to make all the new member registration will be normal user role?
View 6 Replies
Mar 24, 2010
I have an extranet site (asp.net), we want that if an employee click on the link, it will automatically get them in. But if an external user does it, they will be redirected to a login page.
is it possible? how to know if a request come from internal user (employee) or external user (vendor).
View 2 Replies
Nov 10, 2010
Our application lets the administrator create new users. Since the administrator is logged in, I have set Logincreateduser = false so that the administrator is not logged out even after creating the new user.
The problem is :I need the userid of the newly created user to store additional details of the user in another database table. I see that i can get the username using Createuserwizard1.username; but how do I get the userID?
View 2 Replies
Aug 12, 2010
I have a custom membership user class and custom MembershipProvider working against database. Due to security reasons the user passwords are stored in the database as hashed values. So my procedure
public override bool ValidateUser(string username, string password) is
{
//select hashed password from db
return (EncodePassword(password) == dbpassword)
}
[code]....
View 4 Replies
Mar 11, 2011
I am creating an application hosted on GoDaddy.com. The base files are kept in a folder called /sky while the Admin files and User files are kept in /sky/Admin and /sky/User respectively. I'm having difficulty configuring the security so that when a user tries to access Admin or User files they should be redirected to the login.aspx file in the /sky folder. I keep getting an error that its trying to access sky/sky/login.aspx instead of just sky/login.aspx.
Here are the relevant sections of my web.config file.
<?xml version="1.0"?>
<configuration>
...
<location path="sky/admin">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="user">
<system.web>
<authorization>
<allow roles="Admin,User" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="login" loginUrl="login.aspx" />
</authentication>
...
</system.web>
...
</configuration>
Can someone point me to articles or provide assistance with the proper configuration?
View 3 Replies