I want to know how can i redirect a user to a different page when he tries to access a page restricted to another role?
The scenario is as follows:
I have a folder "Gestao" that only allows users in role "Administrator"
[Code]....
If an anonymous user tries to access that folder he is redirected to the login page, but if a logged in user whose role is "friend" tries to access this folder he is also redirected to the login page. I want to redirect him to a page showing a message that he has no permission to access that page/area.
How can I do that? Should i have code on the Page_load event of the login page checking the user role and then redirect him to the correct page? Or is there some otherway to do this?
In my website i am creating a custom FormsAuthentication ticket during log in. This ticket stores the userid but i also need to specify the role of the logged in user. How do i do it?
I am using a XMLSitemap to show my menu. In my menu I have a node "Log in". But I only want to show this to the visitors who are not logged in. (Not to everyone like what the "*" does). Is there a rolename for those visitors or something like that?This is my XML SiteMap
returns the error: The parameter 'username' must not be empty.Parameter name: usernameI want to check if a user is logged. If not logged in redirect to loginerror.aspx.
I'm using the defualt membership provider, i created a table and used the gridview on the logged in user page to show his information such as address e-mail phone zip code etc,, how can i do this without writing a code?
I use the default membership provider, after the user is created he is directed to a specific page to put his information.
I have a specific page for the user after he LOGGED IN and i need his information to be show up on this page that he did put in during the step of creating new account and putting new information
1-How can i make the page after log in shows up the (specific user info only)?
2- I used this code to link the web form to the sql database:
In an asp.net webform app, I need to restrict the logged in user to show data only for their company. This is a primary key of my topmost table. How to I set that based off the user. I imagine I would have another table with some user ID mapped to company ID?
I would like users to upload a profile picture when they register, and to then show that picture in a picture box control when they are logged in based on that specific user.
I hv used datagridview control to show specific details about users health infomation. what i want to achieve is that when a user logs in he should be displayed only dat information which he had added in data grid view.... bt as in nw whenever i login i m able to display all the info. present in the db.... m using asp.net vb and sql server 2008.
I'm new with programming. I have a GridView that have the specific user data. When the user log in I retrieve the data for that specific user. All I need is; How do I make the gridview get the data of the logged user using a datatable that has a query. Just bind it with the datatable.This is some code that other programmer made, I continue his work.
I have a listbox (UsersListBox) which shows all the users and a gridview (gvRoles) which shows the users' roles when their username is selected in UserListBox. gvRoles is below. When I click the buttonfield in gvRoles, I'd like for my OnRowDatabound event to call up the gvRoles_RowDatabound method. I'm trying to get this method to remove the username selected in UserListBox from the role in the row clicked. How do I go about that using the roles and membership classes?
I deployed a website where a logged user or an anonymous user can select data and download a XML file. The website generate the XML file in the server and then deliver it.
It works fine in my development environment, but after deployment, the anonymous user can download the file, but the logged user receive this error:
System.UnauthorizedAccessException: Access to the path 'd:HostsLocalUserheringerwebsiteUpload20110107094051.xml' is denied.
It is weird that as anonymous i can do it.
The website server help states this:
"Grant write, modify, delete access rights on website's folder
Your website executes under unique user account that by default has full control over the website's folder. So your application can create, open, read, write and delete files and folders inside of your root folder.
There is no need and no way to change this permissions.
If, when running ASP.Net application, you still unable to create file or update it, you have to check your Web.Config file for "<Identity impersonate..." tag and remove it.
The only exception is when the application tries to modify a file or folder in "Application_Start" event of Global.asax file. This is by design that user authenticated only after the Application_Start even. Before the user is authenticated your website runs under an identity of Application Pool which is "Network services". That account doesn't have access to the folder of your website.
To make it work you eather have to move the code that tries to modify files or folders out of the "Application_Start" event of the Global.asax file or inside the event you'll need to impersonate your user by code."
But i am not using impersonate and the tag is not in my web.config.
I have the membership provider and the create user with tow steps, one of the steps contains a custom registration form, for each created user data will be in the database, and there is an account page shows the data that the new created user did insert during the registration process on the custom registration page,
the problem, when the user is created and logged into his account page, this account page shows only the information for the first created user, not the info on the logged in user , but the logged in user data still saved in database and not showing on his account page?
I have table called ROLE with fields (id,name,permission) example values (1001,madhu,hr)
I have another table called LOGIN with fields(id,DOB,password) example values(1001,24101989,madhukumar)
What i want is , if i login using the LOGIN table ,it check the id and permission in the ROLE table , if the permission is 'hr' it enable to access the menu , or if the permission is any other it just print the error message ("no permission")
Note: menu is placed in master page , but login is not in the master page ...
I'm trying to allow logged user who are in department XYZ to perform some task for my third party App. I have two SQL tables named Users & UserList. The third party app (GoldMine) graps the USERNAME from the Users table and store it as UserID which I then referecnce SessionID. The UserList table has two columns (GM_UserName & Department) which I'm interested in. When a user login into the 3rd party app (GoldMine), i then compare the USERNAME (from Users table) to GM_UserName (from UserList table) and see whether GM_UserName is in = 'Dept XYZ'. Take a look at the SQL query below.
sqlDept = "SELECT USERNAME FROM Users LEFT JOIN UserList ON UserList.GM_UserName=Users.UserName WHERE UserList.Department ='Dept XYZ'"
I'm able to do this.
If Session("Userid") = "TestUser1" Or Session("UserID") = "TestUser2" Then Do this Else Do that End If BUT unable to do this... If user's Department = 'Department XYZ' Then Do This Else Do that End IF
I want to display a menu (which will be strongly typed with it's own unique model) across all pages only if a user is logged in.What menu items are available depend on the user's role and also I'll need to hit the repository to get numbers like "x Messages", etc
Been scratching my head for a simple solution here. Don't want to create something that need changes all over the place.All my controllers derive from a BaseController, all my Models from BaseViewModel....probably where I'll be implementing functionality for this.
I have created a web services (WCF) and i have a webmethod that return a string that string is a HTTPCONTEXT.USER.IDENTITY.USER unfortunately it does not return any value.
I've made a membership by create user wizard. everything is good but after click on finish register button, when page redirect to index .aspx, this page thinks tht user logged in. whereas user didnt login just added to DB.here is the code:
I have LOGIN PANEL for student, and I want to disable it in different page. And only the admin can enable and disable it. I dont know the logic behind here.
I would like to change the logged in user to another user temporarily to do some process.
For example, say I am logged in as "Joe". In my method, I want to make the logged in user from "Joe" to "SuperUser", do some process, then change the logged in user back to "Joe".