Security :: User Details Access In Different Domain
Mar 9, 2010
Im working on an application that has a login section that accepts a username and password. On successful login a userid is returned and encrypted with TripleDesKey. The user details are then stored in a session object. We already have a class library that performs encryption and decryption using a key in the web.config file. I basically want to be able to access the user details of the currently logged in user in a page accessed from the main site that may be in a different domain, but is effectively part of the same site, so I wont have access to the session object from the main site. so basically a user logs in, I have the user details stored in a session object, I also have access to the encrypted userid also in a session object. If a user then clicks a link to another page that is in a different domain, how do I persist the userID?
I suppose I could I tag the encrypted userid to the querystring, but security could be an issue here (even though the id is encrypted, someone could still modify it)
View 2 Replies
Similar Messages:
Nov 10, 2010
Our application lets the administrator create new users. Since the administrator is logged in, I have set Logincreateduser = false so that the administrator is not logged out even after creating the new user.
The problem is :I need the userid of the newly created user to store additional details of the user in another database table. I see that i can get the username using Createuserwizard1.username; but how do I get the userID?
View 2 Replies
Jun 29, 2010
Currently in my application using LDAP to authenticate user to a specific domain & then i check if the user exist in my site database.
Now i need to also allow users who do not belong to this specific LDAP domain to access my site ..How can i make it possible withoput affecting the exisiting users?
View 1 Replies
May 12, 2010
I have just started to use asp.net mvc.
I have read this article about using ntlm authentication
[Code]....
it provides access to specific domain users
[Code]....
I want to restrict access to all my domain users only lets say
[Authorize(Domain="redmond")]
or do I do it via web.config
View 2 Replies
Nov 11, 2010
Server A exists on domain A and server B exists on domain B. From server A I need to output file names that exist on shared folder on server B. I tried the following with no success (Access denied error):
DirectoryInfo dir = new DirectoryInfo(@"\serversharedFolder");
After some Googling I found that I need to use personlization to impersonate an existing user on Server B that has access to that shared folder. I used a C# personlization class as explained on codeproject (http://www.codeproject.com/KB/cs/cpimpersonation1.aspx). I supply the domain, the user, and the password and hope to get access to the shared folder BUT the error I see now is"Login failure: unknown user or bad password".
I am 100% sure that the domain, user, and password I supplied are correct. When trying to access the share via windows explorer from server A I am prompted for a username and password. After entering domainusername and the password I have access to the folder. So I know that the credentials I supplied are correct.
Am I going about this the right way? I have full access to server A and B so maybe there is an easier way to accomplish my goal.
View 6 Replies
Sep 18, 2010
How can I access the cache of one web application/domain from another web application/domain?Here is my scenario. I need to verify/check the existence of a certain object in one web application/domain's cache from another web application/domain.
View 1 Replies
Apr 23, 2010
I've been researching and I've spent pratically all day on this. Here's my issue. The website uses forms authentication that we authenticate against active directory. I've been attempting to access files we have on a network share and push them down to the user (when they request them) in an http response. I keep getting "Access to the path <unc path> is denied".
Here's the code:
[Code]....
Things I've tried:1) When I add the "Computer" to the permissions of the folder it works and I dont even need to emulate a user (essentially just commenting out this code), but I'm not sure we want to explicitly give the computer access to some of our network shares 2) I've verified it's the correct username and password for the active directory account and that they have permissions on these network shares 3) I've fooled around with the WebProxy class with no luck (as I'm not entirely familiar with it) 4) I've tried impersonating the user by creating a windows token and passing the token as credentials (i've done this with similar websites) with no luck, plus this seemed a bit complicated for something I figured would be relatively easy.Its almost as if, the WebClient class isn't even using the credentials i've passed it.We've got it working now, but only by giving the "Computer" specific permissions on the network shares, which we'd like to avoid.
View 1 Replies
Apr 5, 2010
All I'm trying to do is pull the current user's login name from Active Directory. I've tried User.Identity.Name.ToString, which returned nothing at all. I tried Environment.UserName.ToString, Which returned "NETWORK SERVICE" which is not the firstname.lastname username that I was expecting.
View 3 Replies
Jul 28, 2010
when we accept user details in a login page and i want to use login details throughout the website.....can we do like this
session["uname"]=username;
string s=session["uname"].tostring(); this is in first page
string str=session["uname"].tostring(); this is my second web page
it is giving error
we can't access in other pages
View 5 Replies
Jun 26, 2010
i am working in asp.net and csharp, we have 10 user, but certain user only need to put dataentry. how to enable and disable based on the user to access certain form ,like add, modify view options.
View 1 Replies
Jul 16, 2010
We are using IIS6 and .Net Framework 2.0 for our intranet with Windows and Digest Authentication . We have 2 domains that have access to this intranet. I suddenly have the need to display slightly different content for users from Domain A. The changes are rather trivial (text on a label and and image in a header) but important to our stakeholders.
View 4 Replies
Jun 18, 2010
I want to make my domain administrators the administrators to my web application so that they are the only ones that can change content. All other users would simply be able to read the material. I am relatively new to web apps and I can not seem to find what I am looking for anywhere on the net.
View 2 Replies
Jan 27, 2011
Can I get who the remote user is on IIS Server that is not part of the domain without challenging/prompting the user? I am thinking not, but wanted to see if anyone had a different answer. I added the server to my intranet zone but that didn't cause IE to send any user information. Or maybe it did but since the IIS server is not part of that domain it can't do anything with the user information. I am looking at the ServerVariables in the Request object.
View 1 Replies
Jan 13, 2010
i have a login form where it validates 'username' and 'password' against a datbase table. After a user logs in, i would like to show their details such as image, name, etc in a detailsview.
View 16 Replies
Sep 5, 2010
We will put the active directory logon when the user access the website, the user needs to fill in his user name and password.
How do we store/get the details of the logon user once the user is logged in?
View 2 Replies
Mar 22, 2011
I new to ASP.net and have created the registration form and login using the wizzard. This data is now stored in the relevent tables provided by asp. I also have created an extra table with profile information like address, phone number etc and a USer ID field that links with the aspnet_users table.
I am trying to display the details of the user when they log in so for example...
User logs on, clicks profile page, profile information can be added and viewed.
Now the problem is I am using a Select statement to get the data but when I do a Where statement im not sure what to put to basically say where userid = current user id logged on.
View 5 Replies
Feb 20, 2011
I am trying to edit and update a selected users details, following the tutorial [URL]
I get the following errors in the Error List in VS 2010:
Error 6 'Comment' is not a member of 'System.Security.Principal.IPrincipal'. C:projectsFPOS_v2FamilyAdminedit_user.aspx.vb 21 9 C:projectsFPOS_v2
Error 5 'Email' is not a member of 'System.Security.Principal.IPrincipal'. C:projectsFPOS_v2FamilyAdminedit_user.aspx.vb 20 9 C:projectsFPOS_v2
Error 2 'FamilyAdmin_edit_user.Private Sub DeleteUser(sender As Object, e As System.EventArgs)' is not accessible in this context because it is 'Private'. C:projectsFPOS_v2FamilyAdminedit_user.aspx 140
Error 1 'FamilyAdmin_edit_user.Private Sub UnlockUser(sender As Object, e As System.EventArgs)' is not accessible in this context because it is 'Private'. C:projectsFPOS_v2FamilyAdminedit_user.aspx 138
Error 7 'IsApproved' is not a member of 'System.Security.Principal.IPrincipal'. C:projectsFPOS_v2FamilyAdminedit_user.aspx.vb 22 9 C:projectsFPOS_v2
Error 8 'UnlockUser' is not a member of 'System.Security.Principal.IPrincipal'. C:projectsFPOS_v2FamilyAdminedit_user.aspx.vb 88 9 C:projectsFPOS_v2
Error 4 Property 'User' is 'ReadOnly'. C:projectsFPOS_v2FamilyAdminedit_user.aspx.vb 11 9 C:projectsFPOS_v2
The code for the edit_user.aspx is:
[Code]....
The code for the edit_user.aspx.vb is which is where I am getting the error:
[Code]....
The problem is with the User. But I don't know how to sort this as im new to all this.
View 1 Replies
Jun 6, 2010
I wan to be able to allow a user to edit their profile in a details for or other controlLooking at the ASPNETDB tables is is not clear to me how to do this.
View 3 Replies
Sep 11, 2010
I have written an application that user the MemberShip provide.
i have a page that needs to retrieve user information, such last activity, isOnlineStatus, CreateDate etc.
when i use the following code the status of the user changes.
[Code]....
i can retrieve all the required information for the user whose GUID i provide in Line1, however irrespective of if the user is online or not the status changes to Online.
i need to get the user details without updating the userIsOnline and the lastActivity stamps.
View 8 Replies
Jul 12, 2010
Two users using the same machine, same browser.
User 1 logs in the domain.
User 1 changes some data without saving it.
User 2 logs in the domain in a separate tab.
User 1 switches back to his tab and saves the data.
User 1 actually saved the data into User 2!!
This is caused by the following mechanism:
Different tabs in the same browser seems to share the same session id. We are storing user auth in cookie and the cookie is shared between tabs (same domain)
Therefore, when User 1 request to save, it is recognized as User 2 since the cookie has been updated to User 2.
So I'm wondering if there's any other methods to prevent this from happening, other than:
1. Use cookieless session so the session is embedded in uri.
2. Always include a hidden field in page to indicate which user owns the page.
View 1 Replies
Dec 23, 2010
I have a machine in MyDomain on which i have deployed the website and file server as virtual directory. For file server i have created an application pool with identity as UserName and Password. And file server directory setting as Integrated Windows Authentication instead of Anonymous Access. When i am accessing file server from outside the domain then it is asking for user name password. After providing the credentials it open the file. Now i am trying to access the file server from wbsite using the machine outside the domain.Before accessing i am impersonating the current user with user which is present in identity. But after redirecting to the file server url it is again asking the credntial. why it is asking the credential if i have already impersonated the user.
View 4 Replies
Feb 17, 2011
I have also installed SSL on a subdomain. I have put payment page under this sub domain.
View 4 Replies
Mar 11, 2011
I have a gridview control with a details column. I want the user to click details and it give me a pop-up showing details of the particular row. Any idea on how to do this using JQuery?? Looking for an example with code..
View 1 Replies
Sep 28, 2010
My feeling says it's not posible but anyway I am curious if there is at least a workaround for accomplish this.Basically I am working at my client site and my machine is not connected to the domain.What I want to do is running a web application locally under a domain account, and using the webdev server.The webapp uses the default authentication, windows authentication that is.I tried using impersonation with domainuser & password but I got the following error Could not create Windows user token from the credentials specified in the config file. Error from the operating system 'Logon failure: unknown user name or bad password.I have to mention that the username and the password are correct.
View 2 Replies
Apr 14, 2014
I gone through your "Display details of ASP.Net DataList Item in jQuery Dialog Modal popup on button click" Example it is very nice but i want to Display image also With the information it can display i assign image src like
$("#imgpopup").html($("[id*=img]", $(this).closest("tr")).html());
imgpopp is the id belong from pop up. But Image canot be Display I tried it from te last Five Days. How to assign image source.
View 1 Replies
