I am using Principal class to get the user information
HttpContext.Current.User.Identity.Name thro this i am getting doamin name and NT ID
So how can i extract User name and email from NT ID
We have a web site that implements a custom SiteMapProvider using a User Control added in the master page. I need to be able to limit the sitemap nodes added depending on the logged in user, that is, certain users should not see certain sitemap nodes. Currently, the login processing code determines if users are in the certain category or role and then sets a value in session state, for example, Session["UserInRoleXXX"] = "Yes"; I tried changing the code in the user control to check the session state, but I got the following error: NullReferenceException ... Object reference not set to an instance of an object." Can session state be accessed in a user control?
View 6 RepliesMy prior asp.net apps used windows authentication on an intranet. Now I'm developing an app for the internet and am stumbling over how to properly manage user sessions and state.
I first developed my web site functionality; created the SQL DB and got all of the pages to properly handle the data. Then, I installed the SQL Membership database and was able to get the CreateUser, Login, Logout pages to work. On the Verify process for the Userid, I added a step that will take the membership UserId value and create a Company record in my tables and link my CompanyId key with the UserId.
At Login time, I create a CompanyId session variable; each page uses it to retrieve records for the user. When Session Timeout occurs and the user click a link to another page, the app redirects properly to a Login page. However, if the time expires and then the user interacts on that same page, 'Object not set to an instance of the object' - the CompanyId session variable has expired.
What is the proper way to handle this? I'd like the page to automatically redirect to a TimedOut page (this would happen automatically without the user doing anything).
I considered writing a Function where I pass the Session variable I want and the Function sees if it exists; if it doesn't it would do a Response.Redirect to the TimedOut page...I can't get the Redirect to work in a Class Function ('reference to a non-shared member...').
I assumed that I should set CompanyId as a Session Variable so each page knows the user to get data for. Another approach is to use the membership User and if it is still valid, do a DB lookup to get the CompanyId. I did not choose this because I felt that it would increase DB traffic and web traffic.
Here are several relevant settings from my web.config:
<sessionState cookieless="UseDeviceProfile" />
<authentication mode="Forms">
<forms loginUrl="~/UserTasks/Login.aspx" />
It feels like there should be a straightforward answer to this but I am missing it.
I have one web application. In that, I have two pages. One is view/edit page and another one is login page. The view/edit page contains one edit button and one login button.
First I execute view/edit page, at that time I dont want to show edit button. When user clicks login button, the page will be redirected to login page, where the user has to enter username and password. If user enters both correct, again the page will be redirected back to view/edit page. This time, the edit button has to be shown to make some modifications, since the user is authenticated.
I tried this thing by using session with cookieless. It works perfectly but some times it shows web page not available. I made session timeout 120 minutes and cookieless is true. In URL session ID also available.
So, whats the alternate way to maintain user log state or whats wrong in web.config file.
I am a little bit new at handling multiple sessions congruently.
Basically i have created a chat application. In which i have a moderator page.
Now the moderator has the privilege to block particular users from the chat. Every user including the moderator has a session variable defined as Session["UserID"].
e.g for the username "moderator" the Session["UserID"]=moderator.
Now as i am logged in as the moderator how do i delete the session of a particular user whom i want to block the chat from commencing.
I have a very basic application with user authentication. I also have a grid in my masterpage that shows all the users logged on. However, after a user logs out, it still shows them to be logged on in the users grid for the duration of the session, which is 20 mins. How do I get the grid to exclude users who've logged out? Here's the code behind for the grid:
[Code]....
I am looking for an elegant (i guess as elegant as it can be) solution to caching a users profile on login (whether it is session, cache, cookie, etc) and keeping it in sync when a users profile is changed. How do you guys handle this? Just simply call a Flush() method in your Save() method that invalidates the cache?
View 1 RepliesHow can I redirect the user to the first page when they've been idle for more than 20 minutes or so?Here's my session timeout time in my web config file:
[Code]....
I am using ASP.NET 2.0 and Sql server 2005 for my web application.
I have a Login.aspx page where i validate Login using Stored procedure Something like that
protected void btnLogin_Click(object sender, ImageClickEventArgs e)
{
VerifyLogin(txtUsername.Text,txtPassword.Text);
while (rd.Read())
{
[Code]....
In my ASP.NET application I need to allow only one session for a user ? When a user does login more than once, I want to get to user's previous session and abandon it. I'm keeping track of all user sessions by means of session id. But Session.Abandon is available only for the current session associated with a request and not previous sessions. I have the session id of the user's previous session but how can I end it ?
View 3 RepliesOk so I am working on a control that when the user comes from a specific website then it will be a certain action. What would be the easiest way to do this?
View 3 RepliesI am trying to create a system in which there will be a single user accessing his acount from two endpoints simultanously.
I think this is possible.
1) How to restrict the user to have only one session at a time?
2) How to change it to have limited number of sessions per user at a time?
In this code Page.User.Identity.Name is null
[Code]....
I thought the Name always was set when user was Authenticated?
If this is not the case, how should I do instead?
We have take over a classic asp site. Everything works fine, but we are making improvements to some reports and adding new reports, so we are doing this in .NET, with that said, after reviewing the secuirty code, there are 2 sessions that are set and used thru-out the site as part of some of the individual page queries.
I know that the sessions are being populated, because the reports that use those values return records.. now with a new report we are working on, i need to pass those values into my query. But when i try using the session names the page is coming up saying the following:Object reference not set to an instance of an object.
Is there anyway to add something to my page code to see what sessions are actually being created and their values.. maybe im using the wrong variable names.. but the security code is pretty straight forward.. at login, if successful, 2 values are returned and stored in 2 sessions.. i need to use those with my new page.. so trying to figure out why the existing pages work fine with that and my new page does not..
Basically, i'd like to write to the screen the session variables that are being created on the login page.
I have a aspx page and there is a web user control that must load dynamically with the data related to the aspx page....
ok so I want to use a querystring and pass it to the web user control.....how do I do this?
then also how do I pass a querystring from a web user control back to a aspx page?
This is a question I always had...and therefore never actually started to use the web user control
i use from a session for holding user's authority in web application.
how to i set Session.Timeout that never expire or can i use other way to holding user authority
in web application.
i need access to this authority in all page of web application
I want to terminate an application stat or set value to null where user is leaving the page...
does anyone know how can I do that?
How to get that how many pages accesses by a user in a website.
Actually, rather then putting code in each page I want some generalized method/technique that if user Logged to a website and during his Login period what was his activity and which page(s) he accesed.
Note:
1. My website pages are under MasterPage.
2. MasterPage has a MasterMenu.
3. For singlePage activity I used Page.GetType.Name
Actually I am working on project in asp.cs in which I want the user to give a exam only once a day. So, how I stop him from again giving that exam.
View 6 RepliesI have created a user control with a property named CurrentPage. When a link button is clicked it runs PostbackToPage() and passes a command argument in which then sets the CurrentPage property with this new value. On the page which uses the user control I am trying to display the updated CurrentPage property after a postback. When I click the link button to cause the postback the CurrentPage is the default value. However when I click it again it works as expected. So it seems to only work after 2 postbacks. How can I get this to work after the first postback?
User control code behind:
[Code]....
User control design:
[Code]....
Page which uses user control:
[Code]....
I want to show all the activities of the logged in user in a gridview. I am using VS 2010.
View 3 RepliesI am working a survey project. There are about 30 questions. I created two pages to sore these questions.
View 2 RepliesI am wondering if it is possible to clear a session variable if the user navigates away from my site.
My example is I have a session storing the logged in user. This is checked for user access to each page.
If the user goes to another site (e.g. google) I want them to relog into the site.
This is to prevent others getting access to a users account if they use the same pc minutes.
I do have a logout that performs this and I know that it is impossible to make users use it! :)
1) I found that my viewstate was not being persisted across postbacks for web user controls. I ensured that the Enable Viewstate property was set to true (of the page)
2) The Viewstate isnt being persisted on the 1st postback.
3) However, it is being persisted from the 2nd postback onwards.
I stepped through the code to ensure that the Viewstate had the 2 keys that I was adding on page load. However, on the 1st postback, the viewstate is empty. Everything is ok from the 2nd postback onwards.
[Code]....
I need to send a cookie to the my web site's visitors and receive them back for information. For example when machine1 visits my site if not set I set a cookie with "user1", for machine2 I set "user2" etc.
Actually I need to retrieve the cookie back from my log file, so I thought if I do this it will be saved to my log file.