I am using forms authentication with
<authorization>
<deny users="?" />
</authorization>
However, I want to allow all calls made for specific extension say *.abc.
I tried:
<location path=".abc">
<system.web>
<authorization> [code]....
but wildcards are not allowed.How can I allow *.abc calls to work for all users?Is there any web.config element I can use OR anything I can do in AuthenticateRequest httpmodule?
I want to remove any mapped routes for files with a certain file extension.
RouteTable.Routes.Ignore("{root}.hello");
Works for any file that has the extension .hello in the root directory, however as soon as i go into any subfolders the 'ignore' rule isn't applied.
Ive tried lots of different combination's, but can't seem to get one that doesn't throw a compiler exception, or not work?
I want to use the login component with forms authentication, but i don't want to use the whole package. I have a database with users in it, and i create the users manually, through another section of my site. I will authenticate them using my own functions, in the Authenticate event.
But, specifying the forms authentication in web.config, i seem to recall having seen somewhere, that i could add pages that were protected, while the rest of the site wasn't.
How do i do this? Currently, i have only 1 page that i want to protect.
I am using ASP.Net Forms Authentication. My Web.config looks like this.
[code]....
So currently every aspx page requires authentication.
I want to allow access to even unauthenticated users to a specific page named special.aspx. How can I do this?
I have the following implementation and I'm sure there is an easy way to do what I want to do but I can't figure it out.
1. I use forms based authentication to authenticate to my site
2. I use active directory to authenticate the users
3. I use the Allow Users="xxx" tag to authorize the users limited to the list that can access my site. (e.g.. even though Mary is an AD user she can't access my site unless I put her credentials in the allow users tag in the web.config file)
All is working well but I want to move the users access list (e.g.. <allow users="john" />" from the web.config to a database table so that I can create a user maintenance page for my admins to add and delete user access. For the life of me I can't figure out how to do this and I can't seem to find an article on it either.
[code]....
I have an ASP.Net app, that runs using windows authentication. The connection to the SQL Server is usually done by creating a sql server account and using that in the connection string.
However, in this specific very restrictive hosting environment, we have been asked to use a specific WINDOWS/active directory account to connect to the SQL Server.
note it is not the windows credentials of the user of the website, we need to connect to the SQL server with - it is one specific windows/AD account.
How do I configure that in my connection-string?
I have an "Admin" folder in my application that will include pages that I would not like to have anonymous access to. When a user attempts to load a page that resides in this folder, I would like to redirect them to a login page. Here is what I have in my config so far.
[Code]....
[Code]....
Following is my directory structure of my web application which is also configured in IIS as virtual directory
Web Site Root
|MasterPage (file)
|Web Config (file)
|Public Contents (directory)
|ShowNewWallpapers.aspx
|Admin (directory)
| Login.aspx
|WebSiteStat.aspx
|WebConfig file (need form security here)
How is configure my both web configs to solve my issue. currently i am getting following error
It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.
my root web config has default settings and my Admin directory has following settings
<system.web>
I have an application that has a user Login Control (provided by ASP). I am just now working with the integration of a dataBase created in MS visual studio 2010, to a developed website created in MS visual web developer 2010. My main goal is to create an authentication ticket that enables a user to be able to see a dataBase information only after that user has been successfully authenticated.
Up to now I'm able to see the dataBase when i run the website even if I'm not log-in, how i can create a home page that tells the user to log-in and once that user has successfully log-in it redirects the user to another page where the user can see the database and how I can add information to that dataBase only to specific members
I have function named (display)
I need to call this function (display) avery two second
Just going to start making a web application and was wondering which was better, or at least what are the main differences between them (as it probably matters what I am using them for)?
View 3 RepliesI am trying to figure out how to associate a specific user to a specific data on the site, like social networking site.
View 3 RepliesThis is my Controller Action which takes a Page entity from database and shows it in the Show.aspx view using the "Site.Master" master page:
[Code]....
This is the "Show" view rendering "Page.Title" in the "MainContent" content placeholder:
[Code]....
And this is the "Site.Master"
[Code]....
Using this approach i can show "Page.Title" in Show.aspx using any master page that has a "MainContent" placeholder, but my real goal is if i can when i choose the MasterPage for that particular Page to also see a list of available ContentPlaceHolders and when i choose one to then render "Page.Title" in that particular ContentPlaceHolder.
My application for "Members subscriptions registration" working online and different users using it.
Database type is Mssql Server 2008 R2, Size is around 1 Gb
What happen exactly there is specific record delete from table "Members" in random times, For example I add 100 new subscriptions with around 800 records and make confirm and checking next day find it loss 3 records find it deleted.
I checked all the applications no any delete query, I removed all delete query from application to make sure no any delete also I save any delete query happen in system inside table for log.
'm using the AutoCompleteExtender from the AJAX control toolkit on my aspx page - I have it wired up to a WCF service that is returning a string array and everything works happily.
If I change my service definition to include a demand for the caller to be authenticated, like so:
<OperationContract(), PrincipalPermission(SecurityAction.Demand, Authenticated:=True)> _Public Function GetLookupValues(ByVal prefixText As String, ByVal count As Integer, ByVal contextKey As String) As String()
Then the autocomplete extender stops working, and I get an authentication error in the service. The service is set up to use ASPNetCompatibility mode, and I was hoping that the extender would pass the authentication credentials for my logged in user - does anyone know how to make this work?
What do I need to do in order to change an application from Forms Authentication to windows authentication?
View 2 RepliesI've looked at a few files this AM, all have .xap, and all are throwing errors as I try to debug each of these projects. Here is an excellent example:
http://www.codeproject.com/KB/silverlight/TallColumns.aspx
I'd like to learn how this project works, but each time I try to debug, it throws an error saying 'Error creating control xaml1, unknown server tag asp.SilverLight'. what does this mean? What do I need to do to make this work?
I'm using VWD 2008 Express.
I have developed the authenticated rss feed using the basic http authentication for my site.I also have the admin module for the site which uses the Asp.net Forms Authentication .Both are in the same project.When i turn on the forms authentication module to None in my web.config.My rss feed authentication works fine(the browser pop up the dialog box for the username and password) and upon entering the username and password the rss feed gets displayed.But with forms authentication turn on when i click the rss feed link i am getting redirected to the administrator login page.
If i set my authentication mode to none than the feed works like dream but the admin module do not work as it uses forms authentication.
How can i resolve the conflict for that one.I am using the asp.net mvc filter on my feed contoller to pop up the dialog box for the username and password.
[Code]....
I've been asked to convert an asp.net application from forms authentication with roles using the aspnetdb database to use windows authentication instead.
what is required to do this? can I still use the roles defined in the app and stored in aspnetdb?
I have an (ASP.NET 3.5) intranet application which has been designed to use forms authentication (along with the default aspnet membership system). I also store additional information about users in another table which shares its primary key with the aspnet_users table.
For users who are part of our domain I store their domain account name in the secondary users table, and I want to automatically log in users whose domain account name matches a name stored in the table.
I have read the guides which are available - they're all from two years ago or more and assume that you are able to activate Windows Authentication on a separate login page that allows you to extract the domain account name. From what I can tell, though, this is not possible in IIS7 (the overall authentication method is applied on all pages and cannot be selectively deactivated, and both authentication methods can't be applied on the same page).
Is there a way of getting IIS to pass through the windows domain account name of the requesting user? I don't need proper AD authentication, just the domain name.
We have a non-SSL ASP.NET web app that allows a user to login (ASP forms authentication, inproc).
Once authenticated, we redirect their browser to an external, SSL secured page on another web site / domain altogether that we do not control.
The client is redirected back to a pre-configured url on our original http web app when done.
However, the customer is then asked to "re-login" again on our side which is undesired...
It seems the forms authentication cookie is destroyed when transitioning between HTTP and HTTPS and back again.
How can I keep the forms authentication cookie alive so that the customer does not have to re-authenticate on the round trip?
I'm developing an internal booking sytem. Users log in to the sytem and can view existing bookings and search for bookings. They can also create new or edit existing bookings. When completing such actions I need a confirmation prior to completing the booking or updating the recorded. The confirmation is based on a reauthentication of the user.... in otherwords he needs to enter his passord again.
How can I achieve this? The system is internam and I'm using Forms Authentication. I an also using roles as som of the admin forms can only be viewed by administrators.
Can we hide then extension url like here.. [URL]
not New.aspx ,New.php orNew.htmlÂ
Is it possible ? If it is possible then what is the purpose of it ?
How to hide extension name in website . like default.aspx to default .
View 1 RepliesMake one of asp.net website.But i want to remove .aspx extension from url.
View 1 Replies
