C# - Setting Up An Access Controlled Intranet Site?
Jan 26, 2010
An abstract high level idea of where to begin as I am totally clueless at this point.
Background:
I am setting up an intranet site (ASP .NET) where users from our local user group (who are also added in our user table) will have access to web applications they are given access to. Right now I am developing from my PC and using SQL Server 2005 Express as the database, but the final site will be hosted on an application server with IIS 6.0 and the database on an instance of SQL Server 2005. I am a .NET newbie and it's a daunting task, but the experience is worth a million dollars.
Details:
We are using Windows Athentication for our intranet site. Therefore I am not using ASP .NET's membership data sources. Rather all the user information will be stored in two tables tblEmployee (all employees in my company) and tblUser (all users of the intranet site).
tblEmployee has fields - EmployeeID, FirstName, LastName, CostCentre, Role, ManagerName, UserID
tblUser has fields - EmoployeeID, UserID, ApplicationID, AccessLevel, AddedBy, DateAdded
(I have set up these tables and I can change them any time).
What I need to accomplish - When an user goes to the intranet site, I can get his/her domain username. I need to check if this user exists in tblUser (domain username is same as UserID in tblUser). If user exists, we display all the applications he/she has access to, else display a "no access" page.
Specific questions:
What are some of the things I need to "learn"? (as I said before, I am a .NET newbie, but a fast learner too) I need to use URLAuthorizationModule for validating a page request. How do I hide the username from the URL? I was thinking along the lines of using a session ID... but then how do I know who the user is? I am sure these is a way to encrypt the UserID, just can't find it.
View 1 Replies
Similar Messages:
Jul 12, 2011
I have a simple intranet site. It has a role based authorization in the web.config file.
Any user's in a specific role called as "Apr-Sales-Writers" will be authorized to use those pages. If not, they will not be authorized. So far so good. Works fine. But we added additional functionality where a new active directory group (means new role) has to be added and user's belonging to this new AD group should be given access to only specific .aspx pages on the intranet site. I am using a web.sitemap and it looks like this.
If the user's belong to say AD group "Apr-Sales-Writers", they should access only default.aspx and salesData.aspx pages. User's belonging to new AD group (which I did not include in the web.config file below), should have access to other .aspx pages.
[CODE]<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
<siteMapNode url="default.aspx" title="Home" description="Home">
<siteMapNode title="sales Data" description="sales Data">
<siteMapNode url="salesData.aspx" title="sales Data" description="sales Data" />
[Code] ....
View 7 Replies
Jul 14, 2011
I started working on an ASP.NET web app for my companies local intranet. While coding it, I emailed our IT team, to get an intranet domain/server setup.
So, they emailed me back with the server credentials+the domain. But, I'm not really sure what to do from here.
How I need to setup the server and ASP.NET settings to get everything working?
View 7 Replies
Sep 16, 2010
I have built my intranet using MS Visual Web Developer Express 2008. There are several secured areas and my manager asked me to find out if tracking the traffic is possible. Things that I would need to track include:
Which unique user ID's logged in and when? How many times did the same user login? Last login What info was accessed? What page(s) had the most hits? Would I need a database for tracking purposes? Would this info be available with a "dashboard" interface?
View 6 Replies
Feb 23, 2011
I've an ASP.NET application hosted inside a local area network. The application host machine has access to the internet while the local area network clients do not.
There is one requirement where I've to show a web page with rich content (images) in an IFrame from internet (public network) address.
However since internet access is not available on the client, this somehow has to be done from server and then needs to be served to client.
How can this be done?
View 1 Replies
Jul 26, 2010
i m trying to set up an Intranet site with Windows Authentication. I have configured the web.config as shown below.
<authentication mode="Windows">
<roleManager enabled="true" />
I wanted to do authorization by roles so
<authorization>
<deny users ="?"/>
<allow roles="D820MySite_Developers, D820MySite_Admins"/>
</authorization>
I'm in the D820MySite_Developers group. When I attempt to login, it wants my password. I thought that with Windows Authentication it should not prompt for the password. If is use <allow user="*"/> it does not.
1. Is this the correct behavior?
2. My aspnetdb does not appear in the App_Data folder. Should it and is this causing the problem. If it should be there, how do I get it there?
3. I was under the impression that by using Windows Authentication, I can prevent users from accessing pages by folder. Is this provided by IIS or is this provided by Windows (using Windows Explorer)?
View 3 Replies
Feb 24, 2011
We would like to use AD authentication with our Intranet site to control what pages different users can access. I'm very new to ASP.net and would be interested in links to a how to description. We are using Visual Studio 2008.
View 1 Replies
Mar 23, 2010
I'm trying to set up Windows authentication on an intranet site. I have this code in the web.config:
<system.web>
<authentication mode="Windows"/>
<authorization>
<allow users="domainuser, domainuser2" />
<deny users="*" />
</authorization>
</system.web>
I can log in with my own credentials, but I have virtually all the rights in AD. User2 can not log in. The website is set to use Windows authentication in IIS manager. And I've tried setting permissions in IIS manager and NTFS permissions for the folde
View 3 Replies
Oct 2, 2010
I am trying to build a web app for an intranet site that for security reasons needs to make the user type in their Windows or Active Directory username pwd manually. I have previously worked with Integrated Windows Auth but in this case, we do want them to use type in their AD credentials.
I have been trying to look up how to do this and frankly I am a bit lost. It should be a fairly straightforward task and am hoping you can point me in the right direction, with some tutorials or examples. We will be using SSL so, dont have to worry about passing pwd in cleartext over the wire.
My environment is visual studio 2008 in C#, .net 3.5 if that matters.
View 1 Replies
Nov 27, 2010
My company uses Google Apps for our e-mail/business app provider. Every employee has an account here.I'm looking into creating an asp.net web app that would allow users to sign-in (using their Google Apps account) and then accomplish certain things (first goal: keep a current record of the employee's skillset).Before I get started, I wanted to find out if an OpenID login system using Google Apps is any more difficult than doing it the standard way, or if I need to be aware of any pitfalls.
View 2 Replies
Apr 22, 2010
I'm quite newbie and i need to give access to the website at a very low cost, but just few people, how did you guys manage it, to hide the connection link to the public. I mean is there a better way or not to manage this. I don't know if I'm clear. What would be the cheapest way to manage this user account?
View 4 Replies
Nov 3, 2010
App works well on local intranet, but having problema on external access?
View 4 Replies
Jul 14, 2010
i was wondering if this was possible.. any tips or thoughts are welcome!!
i'm trying to put together a "message board" type of section on my intranet site.. right now theres an ajax timer that just ticks and checks for messages.. so basically its "real time" messaging.. however.. the tick events do pose some annoying problems with other portions of the site..
so i was curious.. is it possible to hit a button.. post the message.. and have that trigger IIS.. or something.. to tell all actively connected sessions.. to update.. this would eliminate the need for a timer.. or anything like that
View 9 Replies
Aug 6, 2010
I'm pretty sure the answer to this question is no, but I just wanted to get some feedback before I go down another path.
Here is my scenario. I have two websites. Website 1 is an internal website that cannot be accessed outside of our domain. Website 2 is an external website that can be accessed outside of the domain, but has access to webservices inside of the domain.
My question is, is there any possible way to display the internal page through the external page without making the internal page external.
View 1 Replies
Aug 2, 2010
steps for using IIS to host a website I created in visual studio? I have the files in a folder called HelpDesk under inetpub and have the path correctly specified in IIS, but IE is stating it cannot display this webpage.
View 2 Replies
Apr 20, 2010
VWD 2008 Express. IIS 6.0. Forms Authentication.My web site uses forms authentication (in case that makes a difference). Folks who are using the site indicate that it is timing out on them (logging them out) before they can finish some entries. How can I increase the timeout period? The following is my web.config file in my root directory:
[Code]....
Here is the web.config in the subdirectory to which all users are directed at login:
[Code]....
View 9 Replies
Feb 21, 2011
I've been asked to implement the French translation of an ASP.NET 3.5 website. Each translation is going into its own separate website Unfortunately the previous programmer did not implement localization, so each site will have its separate set of files - this is not negotiable.
This French version will also go into its own website (www.mysite.ca), but for the moment I have been asked to put it into a sub-directory of the current site, called /CA I do not want to start messing around with file paths (for navigation and images), because the plan is to move the files in this sub-directory into a separate location in a few weeks. So the only alternative seems to be to move a copy of the site into the sub-directory and set it up as a separate application.What is the best way to set this up? Since the files in both sites belong to the same namespace and have the same names, how to avoid naming conflicts?
View 2 Replies
Aug 17, 2010
I have developed my web site, now i need to set up a space on the server for it.
I have added an application pool in iis and created a site but im not sure how to link the 2 or what to do next.
View 4 Replies
Mar 3, 2010
i m searching a way to activate validation controlls on button click event. suppose i have 5 text boxes having required field validtions and expression validation. as i enter wrong text in text box it shows error message on the sopt and does not allow me to move further .i want it shoud allow me to fill other fields as well and show the error on button event when i submit it
View 4 Replies
Oct 25, 2010
I realize that this question can start a discussion but that's really not my intention. We've created a Flex Application to take tests from candidates. The advantage of the Flex Application is that all state can be stored in the application running in the browser of the client. Things like time limits, navigation, scoring, ... can all be handled within the application without us having to worry about a back button for instance. Even running the app offline with Adobe Air isn't that hard.My question now is if such an application could easily be made with HTML, Javascript, Ajax, ... ? The reason I'm asking is because an application in HTML would be much easier to distribute on Mobile devices for instance. Also, our domain model for instance is mostly implemented in AS3 (Flex) so using it along the server side means porting it to C#.NET. (with two codebases as a result).
View 1 Replies
Apr 28, 2010
I am trying to send an email using the gmail smtp server. I am trying to enter the SMTP settings into the Web Site Admin tool. I have set
Server Name: smtp.gmail.com
server port: 587
from: myemail@gmail.com
Sender's User Name: my real gmail username
Sender's Password: my real gmail password
I am getting the following error when I try to send an email as a result on using the CreateUserWizard after successfully creating a new user.
Code:
The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.0 Must issue a STARTTLS command first. i29sm30127820vcr.12
View 2 Replies
Nov 16, 2010
We have a lot of domains running on one IIS WebSite/AppPool.
Right now we are in the process of implementing SSO with Windows Identity Foundation.
in web.config the realm has to be set with
<wsFederation passiveRedirectEnabled="true" issuer="http://issuer.com" realm="http://realm.com" requireHttps="false" />
My problem is that the realm is dependent on which domain the user accessed the website on so what I did is that I set it in an global action filter like this
var module = context.HttpContext.ApplicationInstance.Modules["WSFederationAuthenticationModule"] as WSFederationAuthenticationModule;
module.Realm = "http://" + siteInfo.DomainName;
My question is. When I set the realm like this, is it set per user instance or application instance.
Scenario.
User A loads the page and the realm get set to domain.a.com.
User B is already logged in on domain.b.com and presses login.
Since user A loaded the page before User B pressed login, user A will hit the STS with the wrong realm set.
What will happen here?
If this is not the way to set the realm per user instance, is there another way to do it?
View 1 Replies
Jan 5, 2010
I've received a website that uses sql server on the live environment. In the code at many places sql is created, say: However, locally on my dev machine, I use sql server express edition. It looks like select * from mytable doesn't work there, but instead I should use: How can I get my local site to work? Is there a setting I can change or am I missing something else?
View 5 Replies
Dec 28, 2010
I have a menu made of an unordered list:
<ul id="navList">
<li id="homeTab">
<%: Html.ActionLink("Home", "Index", "Home")%>
</li> |
<li id="ourMissionTab">
[Code]....
I find the controller:
<% string controller = ViewContext.RouteData.Values["Controller"].ToString(); %>
then I would like to set the class for the li according to the controller value. How do I do that?
Something like: if controller == "home", then set the class for the li with the home id to active.
I just started learning MVC and am very new to the syntax. when you respond to this posting provide syntax, as I am coming from code behind background.
View 2 Replies
Apr 16, 2010
I am working on an ASP.NET web application, we are a small team (4 students) and we do not have access to a dedicated server to host the database instance. So for this web application we decided just to put the database file in the App_Data folder.
The problem is that our project is source controled on TFS, so every time you open the solution and try to launch the web application, we get an expcetion saying that database is read-only. That is logical because the databse file is not automatically checked-out.
View 2 Replies
