Disable Security For Action In ASP?
Sep 6, 2010
My requirement is that only the login page and the Register page should be accessible from anonymous users. I have created a new ASP.NET MVC project using the default template in VS2008. After that I have enabled security adding this section to the web config:
<authorization>
<deny users="?" />
</authorization>
Now the Register Action is not accessible anymore because of the security enabled. How I can do to disable security only for that Action?
View 2 Replies
Similar Messages:
Oct 6, 2010
I have a requirement to disable back and forward action in IE for my web app.
View 2 Replies
Sep 13, 2010
I have a login page and a default page to be redirected to after login. when I clicked on thew logout button in the default page it correctly redirects to login page. But when I click the back button in the IE I can again see the protected default page( in mozilla everythng is OK, no problem but in IE this problem occurs).
Have I done something wrong. My code r below:
login page===========
protected void Login1_LoggedIn(object sender, EventArgs e)
{
if (Roles.IsUserInRole(Login1.UserName, "Members")) {
Response.Redirect("users/Member/default.aspx");
//Server.Transfer("users/Member/default.aspx",true);
}
}
===========
default page has a LoginStatus button( logout action: RedirectToLoginPage)
View 5 Replies
Jun 1, 2010
I need to make an action and verificetion before the LastActivityDate is changing.
What is the event that is fired before this value is changes?
View 10 Replies
Jun 26, 2010
i am working in asp.net and csharp, we have 10 user, but certain user only need to put dataentry. how to enable and disable based on the user to access certain form ,like add, modify view options.
View 1 Replies
Sep 30, 2010
How To Disable Video Downloading
View 1 Replies
Jul 24, 2010
how to disable sitemap link for a perticular user?
i have 2 columns one is UserStatus which is A/P(Approve / Pending)
2nd is POC =Y/N..
i want to check userstatus =A and POC = Y
and the link name (eg..abcd). at runtime only those users use this link whose status is'A' and POC is' Y'..(enabled
link to ths users)I want to disable this link to other users..
View 4 Replies
Feb 12, 2010
I want to force users to provide a username, but not a password. I want to use many features of the membership class, but in an environment where passwords are not required.I could set up a "UserName" textbox, and give all my users the same, hard-coded password, but I was hoping to find a more simple solution.[I know, this should NOT have been posted in a forum entitled "Security". "Insecurity" or "Vulnerability" would be more fitting, but...]
View 1 Replies
Dec 14, 2010
in my website Registation form is there when user register his details. when user first login in the website goes to
create client information page other pages are not accessible the first login user when his submit the client information
details he is intersted then admin gave permission he accessing other windows how to do that one give example
View 3 Replies
Aug 18, 2010
I set up my web site to use SSL encrption and I set the settings in IIS to ignore client certificate. But when i access the web site from a client browser, it still shows "403" error.
View 1 Replies
Nov 29, 2010
I'm implement Comet in Asp.net MVC, I used timer to keep Async request in server, Async request will complete when timer elapsed 1 minute and response to client (to avoid 404 error) and then reconnect to Async Controller. I also wanna execute some Synchronous action during Async request was holding, but the problem is: When an Async action was executed and hold by using timer, the Sync Action wasn't called until Async action (comet long-live request) completed. I did test with firefox 3.6 many times, but the result is the same, so strange, Do you know why ? I have a sub some questions : To implement comet, using timer (response after some minutes elapsed) or thread (response after several time sleeping thread) to hold async request, which is better?
View 1 Replies
Mar 23, 2011
I am desiging a master and details page from a search page..user can search for something and I need to display the result in jqgrid if the result has more than 1 row or record.. if the result is just one record then i have to directly send then to details page by skiping grid page... I do have an action method for results page and one more action method for Jqgrid data..i am trying to check the row count for the database result and trying to redirect to details action results..but its not working at all..and showing an empty jqgrid..
[Code]....
View 9 Replies
Apr 29, 2010
Lets say I have a simple controller for ASP.NET MVC I want to test. I want to test that a controller action (Foo, in this case) simply returns a link to another action (Bar, in this case).How would you test TestController.Foo? (either the first or second link)
My implementation has the same link twice. One passes the url throw ViewData[]. This seems more testable to me, as I can check the ViewData collection returned from Foo(). Even this way though, I don't know how to validate the url itself without making dependencies on routing.The controller:
public class TestController : Controller
{
public ActionResult Foo()[code].....
View 1 Replies
Apr 22, 2010
it's possible to protect aspx page from modification in a production environment?
I explain: We are developping a web application that is installed in our customers environments so once it's installed we don't manage it.
This application manages critical and encrypted data that the IT (of our customer) should not have access to, for instance their customer's password. So I would like to know if it's possible to prevent any modification of the aspx page to insert script to retrieve session data or catch keyboard entries once the web application is installed.
View 4 Replies
Feb 7, 2011
build a shopping site. i have in my menu a link to upload products.i need to disable this link,for thos are not login to the tite. that members only can use this link.the visitors will see or not see the link its dosnt metter to me. but wont be able to click him?
View 10 Replies
Feb 3, 2011
I need to enable/disable roles using membership. How is it done.
View 3 Replies
Aug 25, 2010
I've somehow managed to successfully get Membership working on a test site I'm playing with (learning!). I've reached a point where I can redirect users to another page if they do not have the required level of membership - using the allow feature in a web.config within a folder.What I would like to do now is create a main menu of links (a back office menu visible after the use has logged in), and disable a link if they do not have access to view that page. Is this complex? I'd be grateful for any sample code to get me started.
View 5 Replies
Sep 17, 2010
i want to know how can i restrict any user to access any webpage after logging out
View 4 Replies
Jun 12, 2010
My httppost action doesnt seem to have received my model. The code is below;
[Code]....
i put a breakpoint on the line; return RedirectToAction("Error", "Dashboard"); and i found that appQualif carried no values whatsoever from the form i submitted..
View 5 Replies
Aug 18, 2010
how to avoid viewing the last page visited by the user after logging out.
View 2 Replies
May 4, 2010
I am using forms authentication to protect a website and would like to set it so when someone uses the registration form that the account created is disabled and an email is sent to me notifying me of the new signup. Then I can go and enable the account.
I am very new to this but have gotten the basic registration form and login form working with my SQL 2008 Server but this is a bit above me and I have looked through the MSDN info on the CreateUserWizard and don't see options for this.
View 2 Replies
Feb 4, 2011
I have a menu with 3 Items; Home, Begineers and Experts. Menu is implemented in a masterpage and I build 3 more separate webpages which inherit the master.Userneeds to login and I store the User category in a Session["Category"].Can I disable the menu item "Expert" depending on the Session["Category"]? ( that is need to disable the menu when category is not equal to Expert)
View 2 Replies
Apr 7, 2010
I'm using 2 masterpages in my project.One master page is for login page and another one for the HomePage where user will go thro the options to reach other pages from home page..The thing is,i have "Logout" button in my home page.When i click on the logout button,the page will be redirected to "LoginPage.aspx". After redirecting to login page,when i click on browser back button,the previous page is displaying but it should not display to user since i'm doing sensitive transactions in all pages...
or is there any way to do with authentication and roles?
View 5 Replies
Jul 28, 2010
I'm completely stuck with this version 1.0.0.0 product.
I'm running in a domain environment but for the specific application i'm using I want to disable security to reduce the workload on the servers when accessing the cache.
I've got a bunch of web servers with an existing application using SQL sessions state, and the idea was to roll out AppFabric and use the session state provider and a fast solution to speed things up. Currently have a single separate server running appFabric Host.
All Servers are on the same domain.
I've got AppFabric Running using this mode on the host
Set-CacheClusterSecurity -ProtectionLevel EncryptAndSign -SecurityMode Transport
Local App Pool on the web servers is using NETWORK SERVICE account, and i've grantedthe machine accounts permissions and it all works fine.
But then on the server i set this
Set-CacheClusterSecurity -ProtectionLevel None -SecurityMode None
(Stopping and Starting the cluster).
Then after that I get this error.
ErrorCode:SubStatus:There is a temporary failure. Please retry later. (One or more specified Cache servers are unavailable, which could be caused by busy network or servers. Ensure that security permission has been granted for this client account on the cluster and that the AppFabric Caching Service is allowed through the firewall on all cache hosts. Retry later.)
My assumption is that the client (session state provider), is set by default to use security and need to be set not too, but can't find any doco on how to change this, or i could be barking up the wrong tree.
View 1 Replies
Mar 31, 2010
I have a web page which is using PasswordRecovery control.
But I have a scenario in which I have to disable Viewstate for the whole application.
Now after disabling viewstate when I visit the webpage I have noticed that PasswordRecovery controls is not working (Every times when I submit the default button to go to step 2, the postback occur but not moving to step 2).
View 2 Replies