i have some website with users that registered trought membership. I want to build another site (diffrent url, diffrent issue) but i want my user to use the same details (username, password, email etc) they are using the first site. is it possible to use the same aspnet_ tables in diffrent website?
View 3 RepliesI am looking to use an open source CMS/blog site like WordPress or Drupal. I need it to work with the ASP.NET Membership I already have running my current website and community site.
I am assuming I need to muck with (hand write) some cookies to pass back and forth. So how would/have you done it? I am looking for creative ideas on how to make this happen smoothly and securely.
I have two websites that run on two different servers and they both both have their own asp membership databases. One is http:// and one is https://. Is it possible to create a way that a user can access both websites while only entering username and password once? Or if the user logs onto the https site can I then redirect to the http site and auto authenticate?
View 3 Repliesi m not able to open certain sites from internet explorer 7.it is showing all sites as restricted .
View 12 RepliesI have created two iis web sites (site1,site2) both have the following configuration
[Code]....
from site1 i do
[Code]....
and in site2 if i checked if the user is authenticated ,i get a true, and i see "user1" as the current user.i know that what i have done above use a cookie,and as i know cookie are visible in the same domain (site) or sub domain,how form authentication make the cookie visible for both sites , this scenario must work for a site with two virtual directory inside it(sub site or application), but what is happening here any explanation.
I have two different web sites in Intranet zone. They are placed in one domain (like http://site1 and http://site2.site1). They use Windows Authentication for common domain (like mycorpUser1, mycorpUser2, mycorpUser3).First web site(http://site1) have iframe element with hyperlink to second web site(http://site2.site1). When user loads first web site he needs write login and password twice. How to make that http://site1 and http://site2.site1 ask authentication only once?
View 2 Replies I am trying to set up impersonation for a vrtual directory in one of my sites. If I set the impersonation to
<identity impersonate="true" userName="Domainuser" password="password"/>
it works perfectly.However, if I set the impersonation to
<identity impersonate="true"/>
and then go into the Properties of the Virtual Directory and set the Network Directory to Connect As my domain user it does not work.
Shouldn't the impersonation look at this user account? Or is it looking at my Anonymous Access account?
Also, do I need Windows authentication enabled for this to work?
I have a login form and users have to enter their username and password for entering the sites ..
Also now its possible for users to enter the sites without login .. they can select the options in the menu and access them ... But i want to restrict the users ..only allow them to access the menu componets after login ... If they tries to access the contents a text have to display ask them to login
how can i do that... i am using vb.net as my language in the page
I created a resiter.aspx page and active.aspx page. a user that register recieve authenticetion email and only after verifying the using a link verification (redirevt to active.aspx page) only then the user authenticated.
This pages are tested and working!
How can I use this page for several solutions? of course I can copy/past this pages. but then I will have to maintain the same code twice....I am looking for the best way to achieve
I am interested in developing Web Parts that can be used in our ASP.NET sites
and our SharePoint sites. An example Web Part I have in mind is a Post Code (Zip Code) look up.- Visual Studio 2010 Premium- SharePoint Designer 2007- Windows 2003 Server (therefore WSS 3.0)- No SharePoint Server
I'm still new to windows authentication. Basically, we have a page on http://externalsite.com that needs to be accessed only by an authenticated user originating from http://internalsite. The user on internalsite is already authenticated using windows authentication.I'm confused here. How can I validate the user and obtain their role so that i can not only validate that they are authentic, but to authorize them to use this page on externalsite.com?
View 2 RepliesI'm working on a website where it should be possible for registered users to upload word documents. The administration of users is done through Membership and Profiles. When the documents have been uploaded, the following needs to be achieved:Non-registered users should not be allowed to download documents I should be able to control which users that has access to which documents I should be able to register which user downloads which documents I should be able to track how many times a document has been downloaded
Can this be achieved be using Membership and Profiles?
I'm trying to use the Membership.CreateUser method without passing a security question and answer. I set them to string.empty, but no go. I have my provider set to not require a question in my web.config. What am I doing wrong?
[Code]....
This is my first membership provider; I converted the sample provider [URL] to SQL. I created a vb class provider and put it into the App_Code folder. After it was created I tried to modify my webconfig but the error pops up. I don't know what else to try, I don't know if I have missed something
webconfig:
[code]....
I have started to implement asp membership. I go the administration page and click provider. I have a database on a server on the local network that i want to install my members tables in. When i run the
aspnet_regsq.exe it doesn't ask me what SQL database i want to use and seems to default to my local SQL Server 2005 installation. How I change this to use my SQL Express database on a local server?
I have to implement a small webshop. Basically it's just a website with a huge backend ERP System and with the possibility to sell one (yap, really only one!) product on the website. The only requirement is a MySQL Server. The backend is almost finished (about 95%) and is secured with the .net MemberShip Provider for MySQL (the one in MySql.Web from the MySql Connector .NET).
Now to my question: I can set up the membership system easily but I do not need such things like username or password-question but I would need a reference to an address table to store the users home address. So, it is possible to change or customize the membership system to for eg. a unique customer id instead of the username column and set this in codebehind when the user is creating a new account? And is it possible to insert new users/customers from codebehind in an easy way? (I mean without checking each foreign key and inserting the customer reference to the userinrole table and so on...)
I am building a site and I want to use the default membership controls provided with asp.net like Login View Control etc. I don't want to use the ASP.Net Membership DB as I want to use my own Security structure and I don't want to inherit the ASP.Net membership class either. In my case how can I use these controls to aid me like how will a login view control detect if someone is authenticated or not.
View 7 Repliesi want to learn ways of hacking for avoid them in aspow do hackers hacking web sites?and how do avoid them?
View 2 RepliesI've set up a system with forms based authentication and using the asp:Login control. When I put in an invalid password I get the approriate invalid password message. However when I put in a valid password, it does nothing...just returns to the login page again. I'm triple checked the login info. There is no error message, and the invalid attempts counter doesn't increment. When I put a break point in the Login_LoggedIn event of the Login form, it hits it, but User.Identity.IsAuthenticated is false. I'm not 100% sure it should be true at this point, as I'm pretty new to .NET but it seems kind of odd.
My user database is stored in a sqlserver 2005 db that already existed. I've added a new connection for it.In the authorization I have
<authorization>deny
users="?"/><authorization>
I created a soultion and used membership for login and I have the site working fine you can log in and out and I can see that my roles are working. I created a folder called Admin and I created a webpage in there that I can edit my data table that I wanted to be able to edit when I am logged in as a user with Admin role thats working... well it works...
anyone can get to this webpage and edit my data. I have it set in the membership using the role managment to deny users * and allow users with Admin role however I can open up a new browser with out login into my site and type in the web information and it pops right up says Welcome:Guest [LOGIN] theres my data and I can edit it see do whatever and this page shouldn't be able to be seen.
What did I do wrong?
example www.domainname.com/admin/editmydata.aspx
am working on an asp.net application with membership controls and the SQL Server database. I have this put together, however it appears that adjustments need to be made to enhance security. Many websites have membership features, so I was wondering if there are some blog posts that describe the steps that need to be made to enhance security.
View 3 Replieswhy cant i type the following code on the masterpage's vb code behind?I am abel to do it on a normal aspx's code behing, why not on the masterpage'si am trying to use the following code in the page_load event
[Code]....
i use membership provider in my website
i use membership methods like getUser() and so one
i need to add some other methods like getAllApprovedUsers()
where and how can i add this method to membership but i want to use standard membership methods
I am using SQL Membership Provider to create user accounts for my web site and for some reason, the CreateDate and LastLoginDate fields are NOT saving the current time of my machine when I add a new user to the website. It is showing the previous day's date and the time is displayed as PM when it's AM and vise-versa in the CreateDate and LastLoginDate fields in aspnet_Membership table. I am developing and running the website via localhost on my laptop using IIS 7 (Windows 7). Does this have anything to do with my laptop's clock settings or is there something I need to configure in the web.config file or in IIS.
View 4 RepliesI could really use some help here. I owuld like to implement a simple CAPTCHA mechanism with the membership system. Can someone please help me out. I have found MSCAPTCHA, but it doesn't seem to work in the .NET 3.5 world. I have been pulling my hair out for a couple of days now.
View 6 Replies