Unauthenticated Users Can't See Images In Website?
Nov 7, 2010
When I run my website through debug mode in visual studio everything looks great and all the images on the page show up fine. But once I deploy my website to an IIS7 web server (doubt that other versions would make any difference, but you never know) then users can't see the images on the site until they log in.The website is an asp.net MVC site and I'm new to MVC, though I do have lots of experience with asp.net forms. It seems that only authenticated users are allowed to access the images folder, and there is an authorization section in my web.config saying that only admins can access the site, so how do I make it so that all users, authenticated or otherwise can view the images?
View 3 Replies
Similar Messages:
Feb 23, 2011
I have an issue with loginUrl parameter on Forms authentication. Forms Authentication always redirect unauthenticated users to ~/Account/Login ignoring the url configured into Web.Config.
This happend if i add reference to WebMatrix.WebData,WebMatrix.Data into main web.config file (system.web/compilation/assemblies). N.B.: Moving this reference to child web.config file (the one contained into View folder) error doesn't occour anymore
View 2 Replies
Apr 9, 2010
I have a folder within my website called 'ProtectedPages' which contains pages which users can only see if they have logged in (MyAccount.aspx etc). If they bookmark that page and try to go to it without logging-in, they are immediately bounced to my login page.However, if I have text files, images etc. in there, then it seems users can get to these fine without the need to login - all they need is the URL. For example, I could send the URL http://mysite.com/ProtectedPages/MyAccount.aspx to a friend and he wouldn't be able to access it until he had logged in. However, I could send himttp://mysite.com/ProtectedPages/ATextDocument.txt and it would show it to him without any problems.How would I go about protecting ALL files within this folder? I have a web.config file within the ProtectedPages folder which just has this information in it (I don't want TrainingAdministrator's to have access to that folder at all)
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
[code]...
View 7 Replies
Jan 26, 2014
How can we prevent non ahuthenticated users from like and dislike multiple times?one way : save Ip address in a cookiebut theres's two problem1. I heard Ip address isn't unique and changes frequently2. cookie can be deleted by userI'd .
View 1 Replies
Feb 9, 2010
I have an asp.net web app that uses forms-based authentication, a SqlMembershipProvider (using an encrypted password format), and a SqlRoleProvider. I need to know if it's possible to administer the users (create new users, assign them to roles, etc.) from a windows application - the powers that be don't want any administrative functionality in the web app itself.
Here is the membership provider definition from web.config:
[code]....
So, obviously, I have a Sql Server database that contains the users and roles for the web app. I'd like to create a separate windows app that references the web app assembly, and use the configured MembershipProvider, RoleProvider, and machineKey to create users, assign users to roles, etc. If that's not possible, I can duplicate the configuration settings from web.config within the windows app. But I don't know how to do this either.
View 3 Replies
Dec 9, 2010
I am having issue with Https when i host my site on https i got warning "Contains unauthenitcated contents".
And site is not looks like that it has been host on https secure server. whole site look normal while on same domain few pages don't have such problem they working fine.
When i cheched it i found that the page where i have asp.net validation control causing problem once i remove it page start working fine.
View 5 Replies
Jan 21, 2010
I have this piece of code:
public class Authenticate : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
filterContext.HttpContext.Response.Redirect("/");
}
}
}
I was wondering if it is possible to make it redirect to the view for action="Login" controller="AdminLogin"? And how do I pass some message to the login view that tells "you need to login to access that" or similar?
View 1 Replies
Nov 9, 2010
I got a requirement from client that he wants to know distinct users information from sites and it sub sites those have access to site. There are separate groups for each subsite (contribute, approval and full access). From these all groups find distinct user information.
How can we do that using Object model?
View 1 Replies
Apr 20, 2010
anybody knows of blocking certain users (by IP) from accessing your website (website on asp.net mvc).
EDIT: I know that web-servers can do this as well, but I need this at the application level
View 3 Replies
Mar 31, 2011
Im not sure what it is called, but I need help with this. I need some tips on how to get started on an ASP.net site that will have different users. When each user logs in, they will be able to enter their own personal information such as address, hours worked, their own timesheet etc. I want to have it so each user will be able to only see their own data, not any other data entered by other users. I hope I am describing it ok. Please let me know what this process is called, or any good ways to get started on this.
View 3 Replies
Dec 26, 2010
I need to add the ability to register users in my web site. I'm sure that 1000's of programmers already did this, so why should I build from scratch? Does someone knows where can I find a module like this as well as other modules?
View 2 Replies
Jun 25, 2010
VWD 2010 Express. Windows 2003 Server. I decided to move my web site from the Inetpub folder on my C: drive to an Inetpub folder on my D: drive to free up space on C:. I moved three web sites. Two of the sites worked fine after the move (I went into IIS 6.0 and changed the home directory of all the sites). One site, which requires authentication using the Windows Active Directory (AD), did not work properly. I could access the site and login with any administrator login. But all other users, although they enter the correct credential, continue to be reprompted for their username and password. The site uses "basic authetication" to check users credentials against the AD. Can anyone think of a reason I would have this peculiar behaviour just because I move a web site's files from C:inetpub to D:Inetpub?
View 6 Replies
Feb 21, 2011
I am currently working on a project in which I am assigned to provide e-mail features to the users of our site. unlimited users can create there mail accounts dynamically with our servername say if the website address is www.xyz.com then the users of this site can create their mail boxes like user@xyz.com. My clients want to provide e-mail service like yahoo, gmail, aol, hotmail, rediffmail, zapakmail, etc...
View 4 Replies
Jan 23, 2011
asp.net 3.5 IIS7 Hosted on Windows Server 2008 (virtual machine)
I have a website which have been running for about a year without any problems. Users have been able to login etc, but now I get reports about users not able to login while using Internet Explorer. Users using other internet browsers like FireFox, Chrome etc have no trouble logging in.
The website are using the standard Forms authentication.
Also lately another website has been setup in IIS7, but these sites are using application pool. I've stopped this webapplication in IIS, but that doesn't have any effect on my problem
I see that Windows Update have failed to install a lot of patches lately, not sure if that is related to this problem. But some of the windows patches are security patches.
View 5 Replies
Feb 20, 2010
I have a web application using Forms authentication provided by AD. I would like to know if it's possible to use EWS to send mail as the currently logged in user without having to supply credentials, or; would I be required to set up an account with impersonating access which will send mail on behalf of the currently logged in user?
View 1 Replies
Mar 1, 2011
I developed a website in asp.net,c# and SQL server2000. In each and every page I want to show the logged in users name with green color text.
I used Forms authentication.
View 4 Replies
Jan 29, 2010
I have a WCF service that runs in my web application that provides data to a Silverlight application and is defined as follows (with an appropriate .svc file)....
[ServiceContract(Namespace = "")]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
public class DispatchService [code]...
The idea is that the user logs into the website and is then authorised for all services. I do not want to have a login aspect to my Silverlight application to authenticate users.Therefore I dont want anyone to be able to call my service who is not authenticated.
Could I...Somehow determine this for each Operation Contract. I had a look inside the OperationContext object but couldnt find anthing that stood out as a way to determine who the user was.Somehow attribute the ServiceContract so that the method can only be used by authorised users?Put something in my web.config to stop unathorised users from being able to access the folder containing the services?
View 1 Replies
Apr 10, 2010
best way to let users upload pix to your website is to use the FileUpload control?
View 4 Replies
Sep 9, 2010
I am actually experiencing problems with some users on my website: www.newturf.com
Some say that they are not able to navigate because the site is too slow.
Moreover others say that they loose their session frequently while still surfing the site.
View 4 Replies
May 25, 2010
I want to create a system you may have seen on many forum sites where user can send private messages to other users
View 6 Replies
Feb 20, 2010
Is it possible to have an ASP.NET website which allows users to register and login, without using a MembershipProvider?
And instead just work directly towards custom database tables which stores user information?
View 3 Replies
Aug 5, 2010
I want to populate a dropdownlist of all registed users on the website (using ASP.NET's standard membership tool), and then change the assigned user in some table. However, I also want the currently assigned user for that table selected in the dropdownlist.
The code is as follows:
Controller
[Code]....
I thought if I put the DropDownList(name,selectlist(collection,fieldvalue,fieldname,>>SELECTEDVALUE<<), it would work, but it is not working.
View 5 Replies
Feb 1, 2011
i've tried searching the net for this but really can't find much at all. i have created a website in visual web 2005 with sql express 2005. i have uploaded the website and altered the connection string and can connect to the database on the server, but now users can't log in The login control tells me when I've entered the wrong details, so it's doing something right, but if I enter the right credentials it eventually just throws back an error (Server Error in '/' Application.). I'm guessing it's something to do with the membership section in the web.config but can't quite work out where. I've altered the connectionstringname to the one that points to the database on the server and the application name in the table on the db is "/" so now I'm at a loss.
View 14 Replies
Dec 14, 2010
I've created a website with users and passwords and such for authentication.When a user is created through the "administer website" function of asp.net 4.0 where are the passwords stored? Is there a way to manually change passwords in the database?
View 3 Replies
Jun 22, 2010
i have a search box, many text boxes which taken various inputs and save it to database using primitive methods such as "insert into....." executenonquerry etc.have read something that " a textbox by itself can prevernt attacks known as sql injections" is that true?if sohow to enable it?does it need extra coding?
View 1 Replies
