C# - How To Allow Only A Group Of IPs Access The Site From Code Behind
Jan 11, 2011
I have this website where I want just only the computers in our office have access to it. How can I write code to do this? I've been looking all over the web but I couldn't find anything like this. Sorry I couldn't write any code about this before posting this question.I will be using this part of code in the header.aspx file.
Requirement(1): When any person is on the network, they can access this site EXCEPT one AD Group (Example: AD_Sales group).
Requirement(2): Also like for example if a person that has the access passes a url (Ex: http://mysite/Home/Index/Product/Letter) to a sales group person, he still should NOT access and need to display a custom message saying "You are not authorised to view this page".
If the scenario is like to issue the access to one AD Group and deny access for all others, it is fairly is. It can done from IIS. I am Wondering how to do this.
I'm using a linq group by query (with two grouping parameters) and would like to use the resulting data in a nested repeater.
var dateGroups = from row in data.AsEnumerable() group row by new { StartDate = row["StartDate"], EndDate = row["EndDate"] }; "data" is a DataTable from an SqlDataAdapter-filled DataSet. "dateGroups" is used in the parent repeater, and I can access the group keys using Eval("key.StartDate") and Eval("key.EndDate").
Since dateGroups actually contains all the data rows grouped neatly by Start/End date, I'd like to access those rows to display the data in a child repeater. To what would I set the child repeater's DataSource? I have tried every expression in markup I could think of; I think the problem is that I'm trying to access an anonymous member (and I don't know how.) In case it doesn't turn out to be obvious, what would be the expression to access the elements in each iteration of the child repeater? Is there an expression that would let me set the DataSource in the markup, or will it have to be in the codebehind on some event in the parent repeater?
I have written my ASP.NET web site code in Visual Studio 2008. When I'm uploading it to the remote server I'm getting an error message about a problem in the web configuration file:
Section or group name 'system.web.extensions' is already defined.Updates to this may occur at the configuration level where it is defined.What is the reason for this error?
I'm pretty sure the answer to this question is no, but I just wanted to get some feedback before I go down another path.
Here is my scenario. I have two websites. Website 1 is an internal website that cannot be accessed outside of our domain. Website 2 is an external website that can be accessed outside of the domain, but has access to webservices inside of the domain.
My question is, is there any possible way to display the internal page through the external page without making the internal page external.
I'm currently learning entity framework (from the Julia Lerman book "Programming Entity Framework") and got really confused at the grouping part.
var contacts = from c in context.Contacts group c by c.Title into myGroup select myGroup;
This is supposed to return a Grouping<K,T> type, but the book didn't give an example on how exactly do I access this "contacts" query and I can't figure it out. When I did foreach(var contact in contacts), my "contact' variable has no knowledge of any of the properties of the Contact type (contact.FirstName etc).
how can i do this thing, because i am designing a web page regarding this thing, i have a n option that send group mail, so that i have to get the users into a group by users selection, and send a single mail to all of them
I have a summary page that has an Add New Record button, andEdit Record butto and a Delete Record button.Every user has ReadOnly access.However, only users with administrators Access Level can add, edit, delete, view.Users with Staffers Access Level can only Add records but cannot delete or edit.So, basically, 2 access Levels, Administrators, Staffers.Administrators can view, add, delete, update records.The rest, Staffers, can only view and Add records.I am struggling to figure this out.I have done this a ton of times using Classic ASP, something like:
If AccessLevel <> "Administrator" Then Response.Redirect"login.asp" 'so if user has admin password, s/he ccan log in with that. End if
[code]...
4 different groups will be using the system, each will be redirected to their own summary page based on their groupNumber.All I just want now is to ensure that a user from a particular group is redirected to his/her summary page, then that user is checked again against AccessLevel (view, edit, delete, update).
I have individual controls with different groups in two separate divs in an aspx page. I am passing a querystring value to this page and on page load depending on the querystring value want to show the divs n change the validation group.
Stack-Overflow :3 I've got a kind of hard-case question.
So I'll try clearly explain my idea with my poor english :/ need select to DataTable SOME values from ???_**GetDisplayData **procedure for each day of previos month (GROUP IT) where group rules for different columns is different
I need to select some values in stored procedure from other stored procedure like this :
SELECT X FROM Y_Procedure(@ProcedureParameters)Also I need to select from dynamic SQL Procedure like
Y_Procedure=@Y+'_Procedure' SELECT X FROM Y_Procedure(@ProcedureParameters)
Also I need to load it to DataTable :-/INSERT INTO @Report (CellHorizontal, CellVertical, CellValue) --to TABLE SELECT Date,X2,X3 FROM Y_GetDisplayData(@Param)
SET NOCOUNT OFF; SELECT * FROM @Report
GetDisplayData works as select with parameters and that doesn't returns SQL DataTable And there is no way to recode GetDisplayData's procedures, it's just constant procedures for me.Finally I need to Group nodes from this table
INSERT INTO @Report (CellHorizontal, CellVertical, CellValue) SELECT T1.Date, IF ((Select grouptype...)=1) T1.X2 + T2.X2 ELSE IF ((Select grouptype...)=2) AVG(T1.X2,T2.X2), IF ((Select grouptype...)=1) T1.X3 + T2.X3 ELSE IF ((Select grouptype...)=2) AVG(T1.X3,T2.X3), (SELECT T2.Date,X2,X3 FROM Y_GetDisplayData(@Param) T2 WHERE T2.Date>T1.Date AND T2.Date>=T1.Date) FROM Y_GetDisplayData(@Param) T1 GROUP BY EVERY DAY ???--and here is epic fail
I can make all stuff on asp server :And C# allows me to use something like SelectCommand = IzmProc + "_GetDisplayData"; And then I will work (select special data) with DataTables on ASP.NET Server but it's better to make all on SQL ... But looking like it's just unrealizable on SQL >_<
I gonna think about C# realization,but my code is very weird , got errors and doesn't works >_<
I have been asked to support a legacy app and I can't get access to the code behind files. I need to add a new feature that gets a list of items from the database on page_load, what way would adding an "in-page" page_load affect the compiled page_load?
i need to comunicate with a smartcard from an ASP.NET site. I've create a dll(using Winscard.dll and MCSCM.dll that is the SCM Micro Reader's dll) that work with the cardreader on windows but i'm not able to use it with ASP.NET. The project will run only on IE and i must avoid Javascript.
Currently in my application using LDAP to authenticate user to a specific domain & then i check if the user exist in my site database.
Now i need to also allow users who do not belong to this specific LDAP domain to access my site ..How can i make it possible withoput affecting the exisiting users?
An abstract high level idea of where to begin as I am totally clueless at this point.
Background:
I am setting up an intranet site (ASP .NET) where users from our local user group (who are also added in our user table) will have access to web applications they are given access to. Right now I am developing from my PC and using SQL Server 2005 Express as the database, but the final site will be hosted on an application server with IIS 6.0 and the database on an instance of SQL Server 2005. I am a .NET newbie and it's a daunting task, but the experience is worth a million dollars.
Details:
We are using Windows Athentication for our intranet site. Therefore I am not using ASP .NET's membership data sources. Rather all the user information will be stored in two tables tblEmployee (all employees in my company) and tblUser (all users of the intranet site).
(I have set up these tables and I can change them any time).
What I need to accomplish - When an user goes to the intranet site, I can get his/her domain username. I need to check if this user exists in tblUser (domain username is same as UserID in tblUser). If user exists, we display all the applications he/she has access to, else display a "no access" page.
Specific questions:
What are some of the things I need to "learn"? (as I said before, I am a .NET newbie, but a fast learner too) I need to use URLAuthorizationModule for validating a page request. How do I hide the username from the URL? I was thinking along the lines of using a session ID... but then how do I know who the user is? I am sure these is a way to encrypt the UserID, just can't find it.
I am trying to find a good pattern to use for user access validation.
Basically on a webforms application I had a framework which used user roles to define access, ie, users were assigned into roles, and "pages" were granted access to a page. I had a table in the database with all the pages listed in it. Pages could have child pages that got their access inherited from the parent.
When defining access, I assigned the roles access to the pages. Users in the role then had access to the pages. It is fairly simple to manage as well. The way I implemented this was on a base class that every page inherited. On pageload/init I would check the page url and validate access and act appropriately.
However I am now working on a MVC application and need to implement something similar, however I can't find a good way to make my previous solution work. Purely because I don't have static pages as url paths. Also I am not sure how best to approach this as I now have controllers rather then aspx pages.
I have looked at the MVCSitemapprovider, but that does not work off a database, it needs a sitemap file. I need control of changing user persmissions on the fly.
I have an ASP.net 2.0 website that sits on a Windows XP SP3 box on IIS 5.1. The website needs to go across a UNC path to another server to grab an image file. Both boxes are in the same workgroup but no domain is setup. I have created the same user on both boxes with the same password and the website is using anonymous access using that account. The account is an admin on both boxes(i know security risk but this is for testing). File.Exists() just keeps returning false but the file is there. I suspect it has something to do with the ASPNET account but i'm at a loss. I've tried aspnet impersonation using that account as well with no luck.
I am faced with a rather tricky issue. I am developing a web application that resides beneath a web site. The web application is actually meant for the employees of the company owning the web site. The employees can access the web app from the login facility on the site.
The situation demands that an employee must be able to login to the app only from the office machines and not from anywhere outside. I thought of a logic where in the IP address of the machine in which the employee sits will be stored against the employee profile and when he logs in, the authentication will check for user credentials as well as whether he is logging from the designated IP. If not he is not allowed access to the app even if the login credentials where correct.
I am not sure if this is a good way, because I feel tricky persons can give the same IP of the office machine in another machine, say at home and the logic is broken. Can somebody provide me a better way of solving the issue. I am using ASP.Net login control for user login.