Web Forms :: Webform Authentication And Access?
Oct 27, 2010
I'm not getting much help from the security group so I'm goign to post it here.Basically, I like to use Integrated Windows authentication so that I can authenticate all users who are at my company to access my web application in the browser. Each user resides on different domains and some are on the same.
So in order to authenticate them, the first thing I would do is to add them to my web root's security tab? I assume this is the virtual directory folder of which the web application (default.aspx, etc.) runs on the Windows 2003 web server? So I give each user a read security permission to access the folder? (which would mean that they can then access the web application?)
Is my understanding of this correct? Therefore, If i don't add users to the security tab of the virtual folder, then other users will be rejected by the browser?
Next, assuming I want them to log on as a Network Service user, and not impersonate any other user or impersonate as themselves such as LABob (domainuser) and instead just be NT AuthorityNetwork Service, I would set impersonation to false and I would also set anonymous access in IIS to false.I want to set up the fastest/easiest way to add users/remove users to access my application and be able to authenticate whether or not they can get on. Is this the right way to do it?
View 1 Replies
Similar Messages:
Nov 30, 2010
I have user's who are losing their data because they sit on a page too long, then are asked to log back in. I want to do the following:
1) Instead of redirecting them to a login page, I want to cancel the current request and give the user a popup dialog box to login with.
2) When the login is successful, I want the user to be sent back to their form, with all data intact. (Even better if the request could go through without sending them back to that form, but this is optional).
How can I intercept these authentication requests, and present the user with a popup login?
I am using ASP.net forms authentication.
View 2 Replies
Sep 24, 2010
Currently, I have many controls and objects such as Chart1 of mschart as part of the public partial class _Default : System.Web.UI.Page.
At the bottom, I've created a second class that is not part of the _Default webform class. How can I access the webform controls from this second class?
For example, I want to do
Chart1.Series["Series1"].Points.AddXY((pointIndex + 1) * 40, datapoints[pointIndex]);
I want to pass pointIndex integer and the datapoints array.
I know that Chart1 was created protected global access modifier in the designer.cs but when I changed it to public, it still had a problem.
View 7 Replies
Jul 14, 2010
This could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.
View 3 Replies
Apr 4, 2010
i am designing a webform like registration form containing photo uploading.
my registration page is completed but photo upload is not wiorking.
and when a user completes
his registration including photo upload, and login next time it should be redirect to that page containg his information (all the registration page information with photo)
View 5 Replies
Dec 11, 2010
I have seen an existing post which explains how you can restrict access to an ASPX page using:
[Code]....
This works as in it keeps those who are not a member of Administrators AD Group from being able to view the webform but for some reason when I implement the above it locks even the Administrator user out which is not what I wanted at all.My web.config is as:
[Code]....
As you can see I have tried to restict it also through the web.config file but neither approach has worked.
View 3 Replies
Sep 24, 2010
I was wondering if you should write code so that external classes and functions of that external class can access the webform controls in the main class???
Or should you only use the external class to process some data, return that data back to the main class (that instantiated that external class object) and then have an internal function in the main class to deliver the data to the control? (back to the screen)
View 2 Replies
Dec 5, 2010
When I try to connect to access database from app_data folder of the webform I am getting "Invalid UDL file" .
View 1 Replies
Jul 18, 2010
I have created an application with multiple webforms what is the best way to restrict access to particular pages based on what group logged on user is in?
View 6 Replies
Mar 3, 2010
I'm new here and i'm new to ASPX. I read some articles, i have search the web for my problem, but i can't find my answer
View 10 Replies
Dec 11, 2010
How can I access a webform control from a Web User Control?
I have a web form with some textboxes and dropdownlists. I created a Web User Control with other controls (other textboxes) inside it. Now I need to call from the web control source code the values that the controls in my web page have. How do I do it?
View 10 Replies
Oct 14, 2010
I am required to control access to a specific file on our server. I suggested, for the time being (rather than affording time for other routes until we can), that we simply use the web.config to lock this file down to everyone by means of a location/system.web/authorization setting.
This soon failed to protect the resource and I quickly became aware why (I think). It is a public site and is not using Forms authentication (currently just defaulting to Windows).
So, for clarity, here are the relevant parts the config file...
<?xml version="1.0"?>
<configuration>
<system.web>
<authentication mode="Windows"/>
</system.web>
<location path="thefile.extension">
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</location>
</configuration>
Can I secure this resource without turning on Forms authentication? Or can I turn authentication on but never actually require authentication to occur, by allowing all resources but the ones explicitly stated, or by explicitly stating all allowed and denied resources?
View 1 Replies
Jun 25, 2010
I have used the Forms Authentication for logging in and in that i have created the Forms Authentication Ticket and in that ticket i have passing the data with comma seperated values.how can i get the data which is in the ticket to access in the Authenticated user pages
View 1 Replies
Jan 2, 2011
I'm just reading about implementing my own HTTP handler for ASP.NET 4.0 and IIS7. This looks really cool. I want special processing for ZIP files and it seems like an HTTP handler is the perfect solution.However, what's giving me trouble is that the handler must be in a separate assembly. So how can I access the rest of my application from this assembly?Specifically, I'd like to determine if the user is authenticated and redirect them to the login page if they are not. But User.Identity.IsAuthenticated, etc. will not be available from my handler.(Yes, I know there are ways to approach this without an HTTP handler but they don't seem appropriate for my specific needs.)
View 1 Replies
Mar 18, 2010
Is it possible to have multiple login pages for different folders within an asp.net application? Say I have this structure:
/admin
/customer
/login-admin.aspx
/login-customer.aspx
I have 2 different login forms. One for the admin people and one for the customers (the forms are different as the customers need to provide extra information on their login page).
In the authentication section of the webconfig file (which is at the root of the web app), I can only specify one Login page. So how can I make sure thaf if anyone tries to access a webpage in /admin they will be redirected to /login-admin.aspx and if they try to access a webpage in /customer they will be redirected to /login-customer.aspx ?
View 1 Replies
Nov 24, 2010
I am building a sort of administration control panel which is basically just giving the end user the ability to manage the database through my app rather than knowing Management Studio. Creating lists of users, creating events that the users can attend etc, nothing too complex. So I am basically building the whole thing using JQuery AJAX with ASP.Net to make the DB connection and what not. My Jquery code just calls a different static method in my pages code behind for each different task, passing JSON back and forth.
From what I've seen results-wise so far, my interfaces are much quicker (almost instant) and even tasks on the server take less time to return through JQuery. But if you looked at my javascript code, you can see the "Page.aspxMyMethod". That means that people can access my methods just by sending a request from anywhere? Will forms authentication prevent this because it goes through an aspx page or what?
View 2 Replies
Nov 24, 2010
I need to have a root web site using Windows Authentication and subweb under it as Forms Authentication. But when I access the subweb it still ask me for the Windows Authentication.
View 3 Replies
Aug 7, 2012
i have one web service how can i give access to that web service to many user(with secure method). Now i am checking url and only doing for one site. So what should i do.
View 1 Replies
Sep 2, 2010
I am using ASP.Net Forms Authentication. My Web.config looks like this.
[code]....
So currently every aspx page requires authentication.
I want to allow access to even unauthenticated users to a specific page named special.aspx. How can I do this?
View 2 Replies
Jan 29, 2010
I have a web app, which contains a folder Uploads, to which users (authenticated) upload their files (for some reason it has to be a folder in the root of the web app).I want to deny access to this folder and files to all non-authenticated users.
In my web.config I have:
[Code]....
and everything seems to work in development, but on a staging server it redirects non-authenticated users to login page ONLY from aspx pages, but not when entering the url to the file in Uploads folder.
View 5 Replies
Apr 9, 2010
Using VS 2010 RC, VB, and Forms authentication to allow access to the site, depending on the login rights of a user, I want to turn on and off access to certain pages. I can turn on and off buttons to access the pages, but a user can type the page into the url, and it will still go to them.
View 5 Replies
Feb 26, 2010
I am using a server control on a single web.forms page. I have to use this control on a web.forms page since its a server control, although this is actually a MVC project. So I created a web.forms folder and put my new page in it. I then copy the example code from the signature control. I get the following error:
The base class includes the field 'ctrlSign', but its type (WebSignatureCapture.SignatureControl) is not compatible with the type of control (ASP.signaturecapture_signaturecontrol_ctlsignature_ascx).
I know the code works because if I removed the ID attribute from the server control, it no longer gives me this error and my control renders. But I need the attribute for the ID so I can perform is post event
I am using this signature control. Here's the web.forms code...
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Index.aspx.cs" Inherits="KahunaCentralTIDRevamp.SignatureCapture.Index" %> [code]....
View 2 Replies
Feb 5, 2010
Using MS article http://msdn.microsoft.com/en-us/library/ms998317.aspx, I created a web site to develop a forms authentication solution for our web app. The server is Win 2003 w/IIS 6 and the app is VB.NET. The web.config was updated for forms authentication and settingsappear below:
<authentication mode="Forms">
<forms loginUrl="Login.aspx"
protection="All"
timeout="20"
name=".ASPXAUTH"
path="/"
requireSSL="false"
[code]...
View 3 Replies
Sep 15, 2010
I'm developing a MVC2 application and using Forms Authentication on it. The scripts, images and styles are all blocked to unlogged users and, consequently, the login page looks awful. It works well local, the problem is when I publish to the server. Does anyone has any idea WHY? The server IIS is version 7.5
<configuration>
<system.web>
<globalization culture="pt-BR" uiCulture="pt-BR" />
<httpRuntime requestValidationMode="2.0"/>
<customErrors mode="Off" />
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
<pages>
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
<add namespace="Admin.Models" />
</namespaces>
</pages>
<authentication mode="Forms">
<forms name="AGAuth" loginUrl="~/Home/Login" timeout="120" />
</authentication>
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<connectionStrings>
<add name="DBContainer" connectionString="metadata=res://*/Database.DB.csdl|res://*/Database.DB.ssdl|res://*/Database.DB.msl;provider=System.Data.SqlClient;provider connection string="Data Source=thewebserver.com,5158;Initial Catalog=thedatabase;Persist Security Info=True;User ID=theuser;Password=thepassword;MultipleActiveResultSets=True"" providerName="System.Data.EntityClient" />
</connectionStrings>
</configuration>
View 9 Replies
May 28, 2010
i have a problem with forms authentication. i have a website and want to restrict access to an especific folder. i want the access to this folder be made via the login form this is what i have in the web.config
<authentication mode="Forms">
<forms name="Compra" loginUrl="wfLogin.aspx" path="/" protection="All" timeout="30" />
</authentication>
<authorization>
<allow users="*"/>
</authorization>
Then this to restrict folder
<location path="Admin">
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</location>
the problem is that when the user login with valid information the website return to the login form.
View 7 Replies