What is the best approach to allowing users to create accounts and allow them to login later?am thinking of passing all the user information into an attached SQL database, so that when users login l can lod their profilee and allow them to add data on their profile
View 1 RepliesI am trying to do something similar to www.mytripjournal.com where they allow the users to create their own wesite within the top level website. So the URL would look something like www.somesite.com/username/. Can someone tell me the best technique to emulatesomething like this? Are there any .NET solutions readily available. I am trying to think this through before I begin coding but to be honest I am at a loss.
View 2 RepliesAllow Admin Users to Access Basic Users Accounts?
View 4 RepliesI am trying to send mail to remind the users that have not activated their accounts. But I keep getting the error:
Transaction failed. The server response was: The message was rejected because it contains prohibited virus or spam content
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Net.Mail.SmtpException: Transaction failed. The server response was: The message was rejected because it contains prohibited virus or spam content
My code is below:
Code:
"Hey, " + sUsername + "
" +
"This is a friendly reminder that you have not verified your E-mail address.
" +
"If you are still interested "+
"in joining our site, please click on the link below to " +
"confirm your E-mail address.
" +
"http://" + Request.Url.Host + "/verifyemail.aspx?id=" + sUserID + "
" +
"P.S: If you have already verified your E-mail address, please disregard this reminder.";
I want to include the login page in one of the web page .The login user accounts should be used from gmail or yahoo ID's .
View 7 RepliesWe are developing matrimonial website using ASP.net 2.0 with C#. we need to provide my site users login using facebook/google accounts. how can i do this.
View 1 RepliesI have a web.config file with <authorization> section. I'm using window authentication.
The problem is that I would like to allow access to the web site to those users who are in multiple roles.
For example:
<authorization>
<allow roles = "Role1 AND Role2"/>
<deny users="*"/>
</authorization>
(Meaning I would like to allow access only to those user who are both in Role1 AND Role2.)
Is this possible to achive this?
If not, what would be the alternatives?
Note: Currently I'm doing the roles assignment in the Global.asax file in the OnAuthenticateRequest event (i'm reading the groups that the current user belong to in the Active Directory).
Using formview or details view, I want to allow users to both input data into columns (I know how to do that) and add additional columns to the existing table if necessary.
View 3 RepliesI am using the SQLMembershipProvider for authenicating users for my web site. I would like to change the default message that is displayed when a user signs in but who's account is disabled. By default, it shows:
Your account has not yet been approved. You cannot login until an administrator has approved your account.
Is there a property for the Login control that allows me to change this message programmatically.
I am using Helm server for my web hosting, in my control pannel when i tried to create an email account named hr@mywebsit.com it shows error
The POP3 Account 'hr@mywebsite.com' is invalid. specify a valid POP3 account name.
but when I trid hr1@mywebsite.com i can create, so how can i create email accounts with two letters
I have a third party company that we need to allow they users to pass into our website without loging in. TO keep it easy I was thinking of having them post to a custom login page on my site.
So their code would be something like this:
[Code]....
My landing/login page would do soemthign liek this.
[Code]....
My question is whether there are any security issues when using this kind of method? I am not sure yet what their site is written in. I figured that they could figure out how to do the post as long as I have the landing page for them and there is no security issues.
I have a site almost finished that uses ASP.Net membership, forms authentication and roles. There are one or two requirements remaining and I'm not even sure how to properly approach one of them.
The site I've created is going to provide service ONLY through SSL, if that matters. Yes, I'll redirect a request that lands on port 80 but the intent is to encrypt everything.
Is there a "best practice" for creating a session with my site, from another site? In other words the company is building a marketing page that has spaces for a login and password. I can find lots of posts about passing a username and password to another
site to start a session, but very few if any about receiving the username and password.
If anyone can point me to an article or posting with a code sample where the login control of a forms-authenticated site is used as the target of a form hosted as part of a different web page/application on a different host, it'd be awesome.
To be clear, the scenario is essentially "brochureware website on a 3rd-party host" providing the visitor the ability to log in to a secure site on a more "internal" server.
I have an ASP.net application hosted on Win2003 server. When I set the Authenticated Access to just Integrated Windows Authentication, IE7 & IE8 started failing in loging into the site with an error 401.1 ("You are not authorized to view this page"). But Firefox has no issues in loging into the site. why IE is failing to login with Integrated Windows Authentication where FireFox works perfectly?
View 1 RepliesI'm building an ASP.NET application, which will create Windows accounts and groups on the server, and set file/folder permissions for those accounts.
How do I accomplish that?
I've considered shelling out to CACLS.exe, but I got a feeling that's going to get me into other problems eventually. Are there any other options in the .NET framework?
I am using ASP.NET 3.5 and SQL SERVER 2008. And I have a very simple code within my ASP.NET page :
Quote:
[code]....
The connection string specifies a local Sql Server Express instance using a database location within the applications App_Data directory. The provider attempted to automatically create the application services database because the provider determined that the database does not exist. The following configuration requirements are necessary to successfully check for existence of the application services database and automatically create the application services database:
If the applications App_Data directory does not already exist, the web server account must have read and write access to the applications directory. This is necessary because the web server account will automatically create the App_Data directory if it does not already exist.
If the applications App_Data directory already exists, the web server account only requires read and write access to the applications App_Data directory. This is necessary because the web server account will attempt to verify that the Sql Server Express database already exists within the applications App_Data directory. Revoking read access on the App_Data directory from the web server account will prevent the provider from correctly determining if the Sql Server Express database already exists. This will cause an error when the provider attempts to create a duplicate of an already existing database. Write access is required because the web server accounts credentials are used when creating the new database. Sql Server Express must be installed on the machine.
The process identity for the web server account must have a local user profile. See the readme document for details on how to create a local user profile for both machine and domain accounts.
I'm currently facing a performance problem with creating POCO objects from my database. I'm using Entity Framework 4 as OR-Mapper. The whole application is a prototype for now. Let's assume I want to have some business objects like classes 'Printer' or 'Scanner'. Both classes inherit from a BaseClass called Product.
The business classes exist.
I try to use a more generic database approach. I don't want to create tables for "Printer" nor "Scanner". I want to have 3 tables: One called Product, and the other Property and PropertyValue (which stores all assigned values to a specific Product). In my business layer I do create a specific object like this:
public Printer GetPrinter(int IDProduct)
{
Printer item = new Printer();
// get the product object with EF
// get all PropertyValues
// (with Reflection) foreach property in item.GetType().GetProperties
// {
// property.SetValue("specific value")
// }
return item;
}
This is how the EF model looks like: Works fine so far. For now I'm doing performance tests for retrieving multiple sets. I've created a prototype and improved it several times to increase the performance. It is still far away from being usable. I takes 919ms to create 300 objects who only contain 3 properties. The reason for choosing such DB design is to have a generic database design. Adding new properties should only be done in the business model.
Am I just being too stupid to create a performant way of retrieving xx objects or is my approach totally wrong? As far as I understand OR-Mapper, they are basically doing the same?
how to make login control allow users to login by either username or email address
View 1 RepliesI have two application (one of this is mojo portal): [URL] for some users when they login into "app" then the login in "mojo" doesn't work and viceversa. I've set the machinekey into web.config file. When the users remove all cookies and session data the login works again. The two application are into a Web Farm. Should be ARR the problem?
View 2 RepliesI have an asp.net web app that uses forms-based authentication, a SqlMembershipProvider (using an encrypted password format), and a SqlRoleProvider. I need to know if it's possible to administer the users (create new users, assign them to roles, etc.) from a windows application - the powers that be don't want any administrative functionality in the web app itself.
Here is the membership provider definition from web.config:
[code]....
So, obviously, I have a Sql Server database that contains the users and roles for the web app. I'd like to create a separate windows app that references the web app assembly, and use the configured MembershipProvider, RoleProvider, and machineKey to create users, assign users to roles, etc. If that's not possible, I can duplicate the configuration settings from web.config within the windows app. But I don't know how to do this either.
[Code]....
after successful creation of 3 users on my web site now cannot create users
how to create a login form using the login controls present in the toolbox?
or should i o for creating the layout of the login myself and then code it accordingly?
i m currently creating an article module, and i want if user wana comment on to the any particular artical, than he should login any of his mail id like gmail, yahoo hotmail etc and than post his or her comment and after than comment should go into the DB.
View 3 RepliesI dont know where to start, but I have a simple issue that you may be able to resolve.
I have a SQL database that contains a table with user name / password / Account level in it.
What I am trying to do is to create a Login page that will use this database and table to authenticate the login.
I have spent some time looking about for an example, and the nearest that I have found is for an access Database, but I really need this to work with SQL.
I've created a page to add users, using the CreateUserWizard, I use the Login Control to login.
I have setup the config file to use my SQL server, not express
<remove name="LocalSqlServer"/>
<add name="LocalSqlServer" connectionString="Data Source=xxxx.xxxx.xxxx.xxxx;Initial Catalog=aspnetdb;Persist Security Info=True;User ID=xxxx;Password=xxxxxx" providerName="System.Data.SqlClient" />
I go to the create user page, add a user.
I can SEE the user on the database using Server Management Studio...
I go to signon and get "Your login attempt was not successful. Please try again."
I have not customized the login control in any way. (OR the createuserwizard)
HOW can I tell where the Login tool is going to get userid and password info?
How can I tell if it is not finding the user or the password does not match?
I have an application wich uses AD for authenticate users, the web.config goes like this:
[Code]....
It's works fine in development environment, the problem is when I've published this app into IIS, I can't get the users to login. I've configured the directory security to Anonimous Access since the user will enter the credentials using forms auth.