Security :: Trying To Store Users Full Name And Other Data?
Jan 13, 2010
this is the ecenario, we're developing a web application in vb.net using vwd 05, and everthing has been great so far, we've recevied a lot ideas from the guys on this great forum. now we're facing a problem relating with usernames and userids.Our web application has 5 different roles, and theres a funtionality needed on a dropdownlist related to the user roles.
we're trying to store users full name and other data, i've seen the tutorials about storing addtional information and everthing is very clear there, the problem now is this code we have already to fill a dropdownlist.
Dim techUsers As String() = Roles.GetUsersInRole("tech")
For Each usr As String In techUsers
DropDownList1.Items.Add(usr)
Next
So basically were looking at storing the user id of the user just created with the create new user wizard to our table where full name is gonna be stored.
table is like this:
userid
full name
and other data required here. etc
so basically, we're filling the dropdownlist with the usernames of the users in the tech rol with the coded i posted above, but we need to instead of showing the username(which is our case is just number) ,show the full name of that users belonging to the tech role, obviouly its just a query, but how to get the full names of users beloning to a specified role? thats the main question and problem we have right now.
I have been diligently learning all about the asp.net membership framework and have a test site running it all. However, during my testing, it became apparent that deleting users would be useful. I can delete users from the "aspnet_users" & "aspnet_Membership" tables simply by right-clicking on the table in server explorer, selecting "show table data", highlight the rows and press delete!!
However, this is a pain and I would much rather do this properly from code behind.
I have found out that the membership schema supplies a large number of "stored procedures" including "Delete_Users" however, when I execute this one manually, I have no idea what the last two parameters are (number of tables and something else from memory - the first two "application name" and "username" are easy to copy in to the dialog.
show me a sample set of VB code that I can use behind a "Delete User" button on my webform including how I supply the parameters. I have set up a drop down list box from teh "aspnet_users" table which displays the "UserName" and has as the SelectedValue "UserId".
I am writing a simple plugin for IE. I need to store a password and username setting for the user who uses the plugin. I know that I can store the username/password in the registry, I can manually encrypt it using the encription classes with .NET, or I can store it in a config file and encrypt the config file. I was wondering if there is a specific pattern/mechanism that I should use to store password and username.
Quick question: is it possible to retrive a users certificate store i.e. list all of the client's Personal Certificates?
Just to be clear, I am talking about the certificates installed on the clients machine, not the servers. I have managed to list the server's certificates, but so far have been unsuccesful with the above.
I want to use Full SQL Server 2005 as a data store for my role provider. I installed the aspnetdb using the wizard. in my application I added the following connection string
if (Roles.RoleExists("RoleName")) Roles.CreateRole("RoleName");
but when I check my aspnetdb from the SQL management studio I found that the table aspnet_Roles has no records and that the roles where not inserted. so is there anything wrong with these steps or something missing ?
We have implemented the ASP membership and roles..and we would like to display the users currently logged in and also display the number of users online so we can display that on the page. The list of users woudl only be available to our admins. BUt the number of users will show for everyone.
I just realized after i created a test account i was not in any roles. Is there a way to automically add new users into the role Users? Have i missed this some where?
I am approaching this assuming the client is using Active Directory and we are not using the SqlMembershipProvider. Assume I have two tables, one is "DEVICE" which stores individual devices. I then want to create a table "DEVICE_ASSIGNMENT" - this table stores a reference to "DEVICE" and I want to also store a reference to a user that resides in the active directory. The issue here is, what is the best piece of information to link back to AD? The domainlogin can always change. SID values can be recycled. Email addresses can change as well. There just seems to be no decent piece of information to
I get the following message while trying to access the Security tab in ASP.NET Web Site Administration:A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)I have configured my own data store following this guide. Which essentially tells you to run aspnet_regsql.exe to set up a data store in order to keep authentication data for a SharePoint site (which is what I want to do).This is what I've written in the web.config at the end of the tag <system.web> for the Visual Studio 2008 project initiated to deal with the Web Site Administration:
I have some webforms and the main page grabs the users email address when they login and a UserID. It's not uncommon for the user to keep the web page open all day. Is it good practice to store the email address and ID as a session variable and up the timeout to say 10 hours? Or is there a better way? My concern is A) Session variables timing out before the user login timesout B) Doing this incorrectly.
i'm developing a "small" warehouse-management WebApplication for few users(5-10 parralel) but with a complex authorization system(checking if pages,menus,TabPanels, UserControls and even single controls are visible or enabled) and permanent and frequent access. Because i've only limited experiences with the ASP.Net MembershipProvider, i'm unsure what's the best approach for following goal:
I want to hold all users, roles and frequently used masterdata in the Cache(in a Dataset). Hence every readonly access should be faster and causes less traffic than always using the database. On updates,deletes and inserts i would update the cached dataset and also the database.Can i use or extend the SqlMembershipProvider to achieve this goal and if possible how?Should i use the stored-procedures from asp.net or simply use the standard CreateUser, GetUser, DeleteUser-functionality? Does this approach makes sense at all?
We have a few scenarios which mean users can see other users data if they're on the same machine.
Scenario 1
Login User A Browse to forms with perosnal data Logout User A Login User B Either hit back button until you reach User A's personal data or.. Use browser history to jump directly to user A's personal data.
Scenario 2
Login User A Browse to forms with personal data Close browser New Browser, Use history to go directly to User A's data.
The 2nd one was caused by the browser displaying the page from its cache, so for that one, I added the following to the web.config..
[Code]....
[Code]....
which seems to do the trick, but I need to know how to fix the first part and whether the web.config changes are all that's needed to clear any cache.
i working on event managment registration and i need to make a roll for visitors and roll for exhibitors isitor most enter data to visitor profile with data likefirst name,last name , DOB, Mobile Number, tel , fax and exhibitor most enter data to exhibitors profile data with different data .it's easy to make it for visitor or exhibitors with one profile how to make it with different data profiles what the logic to make that
i used security in login page which restricts all users who have not logged in to all pages. I need to restrict specific users to specific pages. I'm not using AspSqlService provider. So i cannot create roles and restrict automatically. And the pictures i use in login page are not visible @ runtime.
Working on my first asp.net webpage. i have followed video tutorials and implemented asp.net membership for login/security.Using Visual Studio 2010 i can open the Asp.net configuration page for management locally.But then if I want my site admin to manage users/security online, how is this done? Like manage through a web browser. I guess this asp.net configuration GUI is not available on the internet?
