Web Forms :: How To Give Permissions To Users And Administrator
May 28, 2013
How to give the Permissions to the users & Administrator in the asp.net...For example : I just want to give the permissions to the users that screens only appear for User remaining will be hide in the menu. What are the proper steps for the permissions in asp.net ....
I've been reading about asp web administration tool. I read about creating roles and stuff and forcing a controller to use authentication in order to be viewed. My question is, say create on the administration tool a user called Peter and I assign him the Administrator role. Then I want to create another role called LimitedAdministrator. But I want Peter to create new users on his View (I'm using MVC). Can anyone point me in the direction of how to do this.
I want peter to see on his page, like "Create user" and this user will be created as a LimitedAdministrator.
In my asp.net application, users are created by the administrators & those users need to log-in into the system using their own email/password or openid. So what is the best option to implement in this scenario?
I mean, as users can't register them self,do administrator required to associate each openid with the users & what kind of table structure do I need?
And do I also need the log-in interface like that of [URL] showing multiple types of authentication(default & openid from various providers)?
On the local development machine a number of users are administrators (using the asp.net administer website tool accessible via the login controls on the page).
When the site is copied to the production server, these users can still log in, but they are not administrators anymore.
I can use the same way as on the local machine to rectify this. And this works when the site is run of the development tool (visual web developer express 2010, i.e. local host).
However, the functionality (admin users can access certain websites (via if(User.IsInRole("Administrator") == true) is not working when the same code is run in the production environment real production server, not localhost). Somehow asp.net is not recognizing that users have been set to that role.
I've got an ASP.NET website, and its connecting to a database I've created on SQL Server 2k8 and I'm using windows integrated security on my connection string between asp.net and SQL Server. What account should I give permissions to my database inside SQL Server? Should I give NT AUTHORITYNETWORK SERVICE permission to my database? Right now, I right clicked the network service account, and went to properties, and then I checked my database under "users mapped to this login:" and then in the "database role membership for" diaglogue I then selected public and db_owner. Is that right?
I have a report that has authentication set to domain users and users can view the report. However a few of the users are getting permission errors when they try and export the report to excel. They are able to view the report, but cannot extract into excel? Has anyone ran into this before?They are getting this error:HTTP 401 ( You are not authorized to view this page).
In my application i have 4 screens such as page1.aspx, page2.aspx, page3.aspx, Page4.aspx. I have created user Settings Web Form where the admin Creates username and password for users with access only for particular pages. I have used check boxes to select their accessibility while creating user setting.
In my web application i have 8 screens such as page1.aspx, page2.aspx, page3.aspx........Page8.aspx. I have created user Settings Web Form where the admin Creates username and password for users with access only for particular pages. I have used check boxes to select their accessibility while creating user setting. How can i limit the access of the users only to certain tabs.(All these pages are in the tabs).
I'm quite newbie and i need to give access to the website at a very low cost, but just few people, how did you guys manage it, to hide the connection link to the public. I mean is there a better way or not to manage this. I don't know if I'm clear. What would be the cheapest way to manage this user account?
I have an application that I am writing in ASP.NET MVC 2 following the Nerd Dinner tutorial. I am very much a beginner and was looking for examples/tutorials I could follow that would enable me to learn how to code the following scenario:A user has the option to select an option from a dropdown.If the option is not there then they can enter a new option and add it to the database and list in the dropdown.
I would like this to be done without the user leaving the page and what they have entered so far.I am using a simple Entity Framework 4.0 model which I have built a repository on top of so I have methods I can call to save the filled in user information.If the entry already exists in the database then I would like to offer the user the chance to either select that entry or to continue adding the entry they request because it can be a list of names and of course you can have more than one person with the same name.
I have create a masterpage and add content page include user (firsname,lastname,password,new password,confirm new password adn etc..)detail update field. i try to give a client side validation all the function work,but in confirm password its not hide wen give a correct password.. anybody give correct solution..code are below..
o not know in which forum to post my query. If a user tries to contact through a Contact us form then how the administrator will come to know about it ? I mean what are the ways to inform the administrator that a user has contacted him ?
Is there a way to reset a user's password while logged in as an administrator? I just had to delete a user and re-create him in order to achieve the same affect of resetting his password, so I'm wondering if there is a better way to reset a password.
We have a website that calls a utility from the command line to create thumbnails places them in a directory and then the page will display the contents of this folder to the user.The utility seems to only work when we run the application pool under an administrative account, we have tried the network service, local system, and local service all to no avail.Just wondered if anyone had an opinion on how secure/unsecure it would be if we ran the website under the administrative machine account? Does this open up a massive secuurity hole etc is it that likely that we are comprimising the network.
I created a database with aspnet_regsql, the database was created in sql sever 2008 and not in data folder in my project (do I need to move it to the folder manually?). Next, in Web Site Administration Tool I went to provider section and clicked don Test button.
I got an error:
Could not establish a connection to the database. If you have not yet created the SQL Server database, exit the Web Site Administration tool, use the aspnet_regsql command-line utility to create and configure the database, and then return to this tool to set the provider.
Maybe I need to set something in a web.config, like membership settings or connection strings (or ASP.NET Website Administrator Tool should create those settings for me)?
Update: Maybe it happens because I am using SQL server 2008 full and not express?
Update 2:
After setting membership section and connection string to my aspnetdb database in Web Site Administration Tool I've opened security->Security Setup Wizard->Define Roles (stage 4) I got this error:
An error was encountered. Please return to the previous page and try again.
The following message may help in diagnosing the problem: Unable to connect to SQL Server database. at
System.Web.Administration.WebAdminPage.CallWebAdminHelperMethod(Boolean is Membership, String methodName, Object[] parameters, Type[] paramTypes) at ASP.security_wizard_wizardpermission_ascx.OnInit(EventArgs e) at System.Web.UI.Control.InitRecursive(Control namingContainer)
I have a custom ASP.NET application which is hosted in the SharePoint _layouts directory. The code uses the object model to do certain actions on a SharePoint list. I'm receiving the following error when trying to perform
[code]...
When I give my user account administrator rights on the server it works fine, so it's a permission problem, but can't figure out what it is?
I'm making my first professional website. I don't know what goes on when developing websites, so my question here could be incorrect. Anyway, I want a way to have an administrator login to my website and have the ability to modify, edit, delete, or add whatever he wants on the fly. How would I do that?! I really don't think that whenever the people I'm making the website for would need changes or adding new pages would call me to do that for them! So, I must provide them with their own means of administrating their own site after I'm done with it.
I have thought about using webparts but they're not thorough for everything in the site. Also, a side question, where should I put text content of the page in? Should I store it in a database, text file, or hard code it in the page?
I want to make a secure website using ASP.NET, but when I publish it, the domain administrator can see all the data stored in my database (SQL Server). I want to hide my data and code from the domain administrator too. Are there any procedures to do that? give me the address of a good domain I can use, which will give me all administrative power of my website (Domain owner also cannot access my databases and files.)
I need to stop users users using the browser back button and potentially submitting an old version of a form.
I'm storing a guid in a session variable and also writing the value to a hidden form field and then checking the session value against the hidden field value if a user does try to navigate back and submit an old form.
If the form is submitted and the user wants to complete a new copy of the form then a new guid is generated both to the session and to the hidden form field. Now, if the user decides to hit the back button a few times to get the old form and tries to submit it again, the page checks the current guid in session against the guid stored in the form field and it finds a mismatch and prevents the form being submitted.
This works as expected in Chrome and Firefox, but in IE6, when the user hits the back button to view the old form, the new guid value appears in the hidden field of the old form! This means the user can submit the old form again, which we definitely do not want.
we are a small team of student developers and we are making a website with a silverlight application hosted on the sample website of VS 2010(i mean the one you go New website new asp.net website).But we cant understand how the login works or how we can put roles like administrator and such.Also we are using master pages and pages and i would like to know how can we make container to not being visible to an unregistered user and how to be visible in registered or better to a spesific user.