Security :: Trying To Hide The Admin Files From Normal Users?
Nov 30, 2010
I am trying to hide the admin files from normal users, however I get the following error:
Error 11 Unrecognized configuration section siteMap.C:projectsFamilyPhotoAlbum_VS_2010web.config 137
Below is the web.config:
<?xml version="1.0"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
WindowsMicrosoft.NetFrameworkv2.xConfig
[Code]....
View 4 Replies
Similar Messages:
Aug 26, 2010
Allow Admin Users to Access Basic Users Accounts?
View 4 Replies
Mar 22, 2011
Working on my first asp.net webpage. i have followed video tutorials and implemented asp.net membership for login/security.Using Visual Studio 2010 i can open the Asp.net configuration page for management locally.But then if I want my site admin to manage users/security online, how is this done? Like manage through a web browser. I guess this asp.net configuration GUI is not available on the internet?
View 4 Replies
Jan 3, 2011
I have several features in admin panel. like userslist,change password for the user,delete user... Still now only one admin user can handle all this.
Now I want to give some features to some users.. ie certain users can view the list ,certain user can edit items in the list etc...
View 3 Replies
Feb 11, 2010
Following one of the other tutorials I have figured out how to manage users [URL] but it does not mention how to delete them from the GridView. I have attached my Page's code plus my VB script. I have added a delete link into the GridView for preparation but all I would like is the VB script so that when the user clicks delete it deletes the user from the GridView and Databse. I hope I have made every really simple, anyway here it is:
ManageUsers.aspx
[Code]....
View 2 Replies
Nov 9, 2010
Can anyone point me to a sample admin page for managing users and roles (forms authentication). Something like the security section of the WSAT, but for a finished site.
View 3 Replies
Jun 24, 2010
I am using URL routing in asp.net application (not MVC) . I have Admin folder in my aaplication which has admin related aspx pages with seperate web.config. I have seperate login form for admin users which is placed in admin folder itself. My issue is whenever I hit [URL] (which I want to go to login form for admin)- it tries to authenticate and goes to login url mentioned in web.config of root folder.
Note: Admin folder has anonymous access in root config file. Also I have set default document in config of Admin folder. I have added following line in global.asax so that routing doesnt work for files in admin folder;
routes.Add(new
Route("admin/{*resource}",
new
StopRoutingHandler()));
I am really confused what is the issue? What I am missing?
View 6 Replies
Feb 21, 2011
i want to crease an admin panel. but i do not use asp.net default membership system.
i know actions enable access can be determine by [Authorize] attribute. but my admin has 10-20 controller and about 100 action.
i do not want to signature all of actions by [Authorize] attribute.
all controller must be required login if user did not login.
View 3 Replies
Jan 4, 2010
I am trying to create a diary site which will allow users to enter rich texts (text, picture and video links...) and the outcome for each page will be an html file being saved under each users profile folder.If I create html files for every user entry, then these pages can be accessible if the path and file name is known for them... I am trying to have some secured html pages so that only the owner of those pages can have access to them after logging in.
View 7 Replies
Apr 7, 2010
I have directories in my website which require authentication.
But when i type the url with the directory name it lets me see the files but doesnt allow access as users need to login.
How can i stop users viewing files if they manually type directory name in?
View 5 Replies
Dec 8, 2010
In my web site which is basically a monitor application I have to keep a configuration file which contains some web servers name, names of web sites hosted on each web server, url and port numbers etc.
Can anyone please explain me what are the benefits of treating this configuration file as custom configuration file of my web application and reading it using "ConfigurationSection" or "IConfigurationSectionHandler" rather than treating it as a normal xml file and reading it using 'XMLDocument' or 'XMLTextReader' or 'XLINQ' etc? This will save me from creating an entry in in the web.config file as well this custom configuration file.
View 2 Replies
Apr 4, 2011
I am creating an application like youtube to store videos and I need some advice.Should I use SQL Server FileStream to store the video files or should I store them somewhere on the hard disk and record the path as a varchar(MAX) inside SQL Server?Which is recommended and why?Do you recommend something else apart from both these?
View 3 Replies
Mar 10, 2010
I'm using the profile to store a users shopping cart which works fine. I now need a way for the site admins to create a cart, add items and checkout for a particular user.
I'm trying to access the users cart with this: Profile.GetProfile(lblUserName.Text).SCart
I first check to see if the user has a cart and create one if he does not and then add the item to the cart. I'm using the code below but get this error when attempting to add the item:
Object reference not set to an instance of an object.
Here is my code:
[code]....
View 1 Replies
Feb 8, 2010
how can i make admin panel and how i can i upload files (e.g doc, pdf) in gridview and after upload shows link... ?
View 11 Replies
Mar 17, 2011
I'm developing a CMS for my website.
I need track Users activities in my Cms Admin section (protected by password).
I would like to know:
If is possible add GA (Google Anlytic) code and use it even if the pages where the code is placed are covered by password.
If such use can create secrity vulnerability of any kind. (If is good or bad practice).
How to retrieve easily the statistics from pages in Admin section if the folder for admin is (example: ADMIN) in GA account. They come up like /admin/mypage.aspx??? Or how???
Generally, I would like your opinion about it and if you are using this approch it in your current web application.
View 2 Replies
Mar 11, 2011
I am creating an application hosted on GoDaddy.com. The base files are kept in a folder called /sky while the Admin files and User files are kept in /sky/Admin and /sky/User respectively. I'm having difficulty configuring the security so that when a user tries to access Admin or User files they should be redirected to the login.aspx file in the /sky folder. I keep getting an error that its trying to access sky/sky/login.aspx instead of just sky/login.aspx.
Here are the relevant sections of my web.config file.
<?xml version="1.0"?>
<configuration>
...
<location path="sky/admin">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="user">
<system.web>
<authorization>
<allow roles="Admin,User" />
<deny users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms name="login" loginUrl="login.aspx" />
</authentication>
...
</system.web>
...
</configuration>
Can someone point me to articles or provide assistance with the proper configuration?
View 3 Replies
Jul 28, 2014
I have a web app Which Uses Forms Authentication.
One thing that we want to be able to do on Support is login to a specific users account Via our admin account.
We are using the standard asp.net membership authentication.
The idea would be for the support technition to be able to login using credentials like admin(<Troubled User>) using the Admin Account password
We are using a a Standard ASP.Login Control
The real Issue is that the Me.Page.User.Identity.Name is set to the value on the CtlLogin.Username Property. I need it to be the the Support Login?
Login Control
Code:
<asp:Login ID="ctlLogin" runat="server" DisplayRememberMe="False" Font-Names="Arial Rounded MT Bold" Font-Size="12pt" ForeColor="Black"
MembershipProvider="MembershipProvider" Width="100%" TitleText="" UserNameLabelText="User" VisibleWhenLoggedIn="False" RememberMeSet="True"
PasswordLabelText="Password" EnableTheming="False" Height="35px" >
[Code] ....
Validate User Script
Code:
Dim objstrSupUser As String = ""
'Load the user from the membership provider
Dim strUserName As String = ctlLogin.UserName
If ctlLogin.UserName.IndexOf("(") > 0 Then
objstrSupUser = Regex.Match(strUserName, "(([^)]*))").Groups(1).Value
[Code] ....
View 5 Replies
Dec 6, 2010
[Code]....
after successful creation of 3 users on my web site now cannot create users
View 9 Replies
Jun 18, 2010
Our solutions requires validating users against a custom database. This also includes roles which dictates what he user can do in the system. What is the best way to implement implement security, is it to use Windows Identity Foundation or the default Membership Provider and Role Provider that comes with .net?
View 2 Replies
Dec 22, 2010
have table for users have a some attribute one of them admin attribute have a bit data type when the user is admin it is true and i have ligin page and control panal page i want throw login page check for the user to redirect him to control panal if the user is admin the control panal will be displayed with moreoptions any one how can i doing this with select statement
View 2 Replies
Dec 12, 2010
if I have this code:
How can I run the cmd using and admin rights? Is it possible to run the command using an admin name and password?
[Code]....
View 1 Replies
Jul 31, 2010
I have a small requirement i.e if any user forgot the passwordhe would like to reset the password by contacting an admin or mailing. Now if the admin logged in he will check for the user name if the user name matches i would like to send a mail to that user by resetting the password
View 2 Replies
Mar 17, 2010
i am currently checking to see if the logged in person is an admin, by putting a check in the page_load function. (same thing to see if the person is logged in at all)
is there a better way to do this? or should i just go ahead and put my check on every single page?
View 1 Replies
Jan 8, 2010
I'm looking for a tutorial or starter kit whereas I can build an admin page for my website that was built with VWD 08. I'm using the ASPNETdb for membership. My main focus is an admin page where I can reset passwords, email one or all users, search by username,etc. Does anyone know where to point me?
View 5 Replies
Oct 12, 2010
We have implemented the ASP membership and roles..and we would like to display the users currently logged in and also display the number of users online so we can display that on the page. The list of users woudl only be available to our admins. BUt the number of users will show for everyone.
View 9 Replies