anybody knows of blocking certain users (by IP) from accessing your website (website on asp.net mvc).
EDIT: I know that web-servers can do this as well, but I need this at the application level
How can I have my website block access to IE6? Redirecting it to a custom error page.
View 3 RepliesI'm quite newbie and i need to give access to the website at a very low cost, but just few people, how did you guys manage it, to hide the connection link to the public. I mean is there a better way or not to manage this. I don't know if I'm clear. What would be the cheapest way to manage this user account?
View 4 Repliesi have users who can logon to my site. I don't use the asp.net provider (i have my own user storage) but do use forms authentication. No i want to block users from log on twice to my app. Now what is the simplest thing to accomplish this? I thought about an extra field in the database in the user record but is there something simpler? is there a sort of 'session' for the entire application where i can remember who is logged on (and which is not flushed at a random time)? maybe in the cache (but the cache is sometimes flushed) i've seen an example where a file with the username was written to disk (and removed when logged out)
EDIT:
Good question was: what do you mean with logon twice. I mean when a user logs on on another computer or when another person logs on with the same credentials
I have an asp.net web app that uses forms-based authentication, a SqlMembershipProvider (using an encrypted password format), and a SqlRoleProvider. I need to know if it's possible to administer the users (create new users, assign them to roles, etc.) from a windows application - the powers that be don't want any administrative functionality in the web app itself.
Here is the membership provider definition from web.config:
[code]....
So, obviously, I have a Sql Server database that contains the users and roles for the web app. I'd like to create a separate windows app that references the web app assembly, and use the configured MembershipProvider, RoleProvider, and machineKey to create users, assign users to roles, etc. If that's not possible, I can duplicate the configuration settings from web.config within the windows app. But I don't know how to do this either.
Allow Admin Users to Access Basic Users Accounts?
View 4 RepliesI am making a website in asp.net c# code behind. My client told me that he want to remove the user who break the website law and then that particular user can create another account in our site with different emailid and password.
View 7 RepliesI strucked with one problem in C#.net coding part, my problem is "how to block the videos in website on IE browser" through the C# coding. actually i am developed one toolbar for IE browser so in that toolbar i added one button for block the videos,so when i click in that toolbar button that time in IE browser website videos are blocking
View 6 Repliesis there any java script that i can put it on my master page and block specific I.P address ? And navigate the user visiting from that blocked I.P address to a different page ?
View 8 RepliesI know a user can use the following code to access the content of web.config
string connectionString = ConfigurationManager.ConnectionStrings["MyConnect"].ConnectionString;
If I set EnvironmentPermission, can I block user to access the content of web.config?
I'm using the System.Web.Routing.UrlRoutingModule.
With that I'm writing:
routes.Add(new Route(@"cart/add", new RouteHandler("~/Order/CartAdd.ashx")));
routes.Add(new Route(@"cart/delete", new RouteHandler("~/Order/CartDelete.ashx")));
And I also have one route called:
routes.Add(new Route(@"{*url}", new RouteHandler("~/Error/PageNotFound.ashx")));
But if I go directy to /Order/CartAdd.ashx I never enter the routing. It goes directly to that handler. And if I go to /Order/ I get a 403.14 error.
How do I instead catch those urls with the routing?
I am making use of 3-Tier architecture while making my project. And in Data Access Layer I am making use of application block, but application gets a connection string from web.config; but ClassLibrary of Data Access Layer doesn't contain web config file. How can I access connection string from Data Access layer?
View 5 RepliesI have a problem in my asp application. In my application I have an own authentication mechanism so in the web.config file I have <authentication mode="None"/>
Inside the application users can upload files to the folder I've created (App_Files). I would like to give access to the folder only once they are logged in (Session["Login"] is no null).
I dont want not logged in users to be able to access the files over a url address in the browser (like http://<server>/App_Files/Filename.pdf)
In ASP.net MVC 2, I can use routes.RouteExistingFiles = true; to send all requests through the routing system, even if they exist on the file system.
Usually, this ends up hitting the "{controller}/{action}/{id}" route and throws an exception as the controller cannot be found.
I do not want to use that route though (I have only a few URLs and they are specifically mapped), yet I would still like to prevent access to the file system.
Basically I want to Whitelist pages using IgnoreRoute. Is there a built-in way to do this?
My current approach is to still have a route "{*anything}" and generate a 404 when this is hit, but I'm just wondering if something is built-in already?
I have a web page where I am denying anonymous users from accessing. In the web site I have a folder called FileManager. In the web app the usres have the ability to uploaded files and when they do a folder gets created under the filmanger and the files are saved. I have created a web.config in this folder that denies anonymous users. The problem is if the user knows the directory structure they can type in the url of the site add /FilManager/x/x/NameOfFile, where x are the sub directories. If the file is an image it shows the image in ie, if it is a .xls or .doc or what ever they get the prompt to either download or save the file. What am I doing wrong. Will the web.config file not stop an anonymous user from access files? I put a webpage in the folder and it is blocked and the user gets sent to the login screen, but files seem to be unsecured.
How do I block anonymous users from being able to access the files in this folder?
I am using IIS7's URLRewrite feature to hide the .aspx extension in my ASP.NET WebForms application's URLs.
I'm using the following configuration:
[code]....
I can now browse to:
[URL]
and this is rewritten to:
[URL]
This preserves the "pretty" url in the browser address bar. I have also updated all my links on the site to use the extensionless URLs.
The problem is that the underlying .aspx pages can still be accessed directly and I'd like to prevent this.
If a user browses to [URL] I'd like it to either redirect/rewrite to [URL], or at the very least just return a "Page not found".
Update:
I managed to get this working by redirecting all .aspx pages to the home directory. This isn't ideal as I'd prefer to send them to the non-.aspx version, but it will do for now.
<rule name="Block .aspx" stopProcessing="true">
<match url=".aspx" />
<action type="Redirect" url="/" />
</rule>`
How do I rewrite and redirect URLs that directly address .aspx pages to my friendly URL format?
my page is very simple, one gridviews and one ObjectDataSource.here's my code :
<%@ Page Title="" Language="C#" MasterPageFile="~/site.Master" AutoEventWireup="true"
CodeBehind="default.aspx.cs" Inherits="cHospital._default" %>
[code]...
I also posted my question on another web site, one suggestion I got is move my codes to codebehind
(http://entlib.codeplex.com/Thread/View.aspx?ThreadId=245208)
But this is ObjectDataSources, my understanding is everything have to stay in Class file.
Im using enterprise Manager data access code block and have a table in sql server 2005 with a column type of 'bigint'
when querying against this table and adding in a parameter, there isnt a long datatype available, so is Int32 an equivalent ?
[Code].....
I have menu item on my master page that has block around the text when the page is first run. I wrote in the css on the link and visited property to change the color to match the image color that it is on. When a menu item is clicked the color changes to the right color. How do I get it to the right color on when the page first opens or is there a way to get rid of the block or make it transperant?
View 1 RepliesI have 2 separate code-block asp.Net expressions in an aspx markup, with an html content between (span element in the example below). In the first code-block, there is "i" as an increment variable for the for loop.Then the code-block is cut with an html content.And another code-block expression is opened but as I see I can reach the "i" variable which was declared in the previous code-block.
So, how asp.net handles -compiles- the pieces of code-block experrions declared in the mark up? Does it check the semi-colons and generates some anonymous methods which will end up with many calls to Response.Write in the last place?
<p>
<%for (int i = 0; i < 30; i++)
{
[code]....
I want to have a PHP login form on my website. When the user enters a username and password and clicks submit, they should be directed to a remote website logged in (therefore skipping the login form on the remote site).
As mentioned in the title, the remote site is built using ASP.NET.
I've tried to search for a solution this but really not finding.
I got a requirement from client that he wants to know distinct users information from sites and it sub sites those have access to site. There are separate groups for each subsite (contribute, approval and full access). From these all groups find distinct user information.
How can we do that using Object model?
When I run my website through debug mode in visual studio everything looks great and all the images on the page show up fine. But once I deploy my website to an IIS7 web server (doubt that other versions would make any difference, but you never know) then users can't see the images on the site until they log in.The website is an asp.net MVC site and I'm new to MVC, though I do have lots of experience with asp.net forms. It seems that only authenticated users are allowed to access the images folder, and there is an authorization section in my web.config saying that only admins can access the site, so how do I make it so that all users, authenticated or otherwise can view the images?
View 3 RepliesIm not sure what it is called, but I need help with this. I need some tips on how to get started on an ASP.net site that will have different users. When each user logs in, they will be able to enter their own personal information such as address, hours worked, their own timesheet etc. I want to have it so each user will be able to only see their own data, not any other data entered by other users. I hope I am describing it ok. Please let me know what this process is called, or any good ways to get started on this.
View 3 RepliesI need to add the ability to register users in my web site. I'm sure that 1000's of programmers already did this, so why should I build from scratch? Does someone knows where can I find a module like this as well as other modules?
View 2 Replies
