Give Access Only To Admin?
Mar 11, 2011i have created 5 pages which are back-end and should be accessible only to sitre admin that is me. how do i do it?
View 3 Repliesi have created 5 pages which are back-end and should be accessible only to sitre admin that is me. how do i do it?
View 3 Repliesi wanted to give an email option to the admin of a website where he can enter multiple email id's and a costamized text etc , and the sending message must be stored with the details of the timings and date and to whom in send.
View 4 RepliesI have a product´s page that when the user click on a "BUY" button , it sends an email to me with the produtct´s details and a link to the supplier´s detail. The problem is that, the page is on the "ADMIN" page, and when i click on the link, it shows and IIS 7 error.
View 4 RepliesWe have created an ASP.NET ( 3.5) application is configured to use FORM authentication and thus it has such a following items in Web.Config :
<location path="~/Admin/Default.aspx">
<system.web>
<authorization>
<allow roles="Manager,Member" />
<deny users="*" />
</authorization>
</system.web>
</location>
<location path="~/Admin/MyAccount.aspx">
<system.web>
<authorization>
the application runs OK on local web server box. Our ASP.net application is able to access Admin folder in local IIS application folder and its subdirectory. However, once uploaded to remote web host , user can login but when user wants to use any pages in ~/Admin subfolder, we get an exception that essentially states that access to the sub-directory is denied.
I am trying to deny access to my 'Admin' folder via web.config. I looked at another answer to a similar question and they recommend using the <location> folder, however when I insert "Admin/" into the path I get the following error:
[Code]....
IBecuase if they the UrlReferrer is my applicatin then i want them to allow access to a file.Otherwise not.I know the urlReferrer is null if you go directly to the link, but thats not possible.In my test solution it works great, but if i put it online i got null values, sometimes he gives a value but mosly its null...
View 5 Replieshow to give read only access to the xml file in c#?
View 1 RepliesI have an ASP.NET application that accesses private key in a certificate in the certificates store. On Windows Server 2003 I was able to use winhttpcertcfg.exe to give private key access to the NETWORK SERVICE account. How do I give permissions to access a Private Key in a certificate in the certificate store (Local ComputerPersonal) on a Windows Server 2008 R2 in an IIS 7.5 website? I've tried giving Full Trust access to "Everyone", "IIS AppPoolDefaultAppPool", "IIS_IUSRS", and everyother security account I could find using the Certificates MMC (Server 2008 R2). However the below code demonstrates that the code does not have access to the Private Key of a certificate that was imported with the private key. The code instead throws and error everytime the private key property is accessed.
Default.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>
<%@ Import Namespace="System.Security.Cryptography.X509Certificates" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "[URL]/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="[URL]/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Repeater ID="repeater1" runat="server">.............
In my application i have 4 screens such as page1.aspx, page2.aspx, page3.aspx, Page4.aspx. I have created user Settings Web Form where the admin Creates username and password for users with access only for particular pages. I have used check boxes to select their accessibility while creating user setting.
View 1 RepliesI have a simple online store where there are products that can be put into a cart and purchased. There is a admin page that can be logged into so that new products can be added or existing products can be removed or edited. To get to the admin area I need to put a /admin/index after the main page loads up. If I want to give my friends (from any location) the ability to add new products should I create a link to the admin area on the main page (like at the bottom) of the main page or should I just tell them to type in /admin/index after they go to the webpage?
View 3 Repliesok i have my GUI installed on the server which has users as administrator as the role of an administrators and user1 which has the role of the guest...I have one project and there are different pages for administrators and guests... when the login screen comes up and the administrator logs in he should be redirected to the admin.aspx page and for user1 he should be redirected to the guest.aspx page.
Now the scenario is i have 10 users in a company and one administrator. This GUI is on the network server and these 10 users are able to access it as guests.
How do the guest user logs in and can access the SQl database in the read only mode but when the administrator user logs in he can access the database in the read and write mode.?? I dont know how to do this really... any suggestions
(by IIS server or webconfig or some setting in SQL server)
and the previous question is what to use (forms or windows authentication) where can i get information on how to set up this kind of authentication???? Is there the need to use impersonation also??
In my web application i have 8 screens such as page1.aspx, page2.aspx, page3.aspx........Page8.aspx. I have created user Settings Web Form where the admin Creates username and password for users with access only for particular pages. I have used check boxes to select their accessibility while creating user setting. How can i limit the access of the users only to certain tabs.(All these pages are in the tabs).
View 5 RepliesI'm totally stuck. I've tried many ways. I have a webapplication deployed on Win2003 with IIS 6.0. The website needs to access:
D:data on another PC.
I've sucessfully created a virtual directory (using local credentials to the data PC) in IIS and I am fully able to browse and view all the files. So now the webserver is: WebserverData.
In my behind code, I call filestream f = (Server.MapPath("WebserverDatasomedata.txt")));
and it tells me access to that location: \webserverdatasomedata.txt is DENIED. BUT I am able to browse on the Win2k3 IIS server.
I've set impersonation to true and used local username and password of the data PC. I've configured IIS to use the same username password.
I am using the following in my webconfig, so that only admin an access the admin folder.
<location path="Admin" allowOverride="true">
<system.web>
<authorization>
<allow roles="Administrators" />
<deny users="*" />
</authorization>
</system.web>
Now when the guest user tries to access this he is redirected to the Login page. I want the user to either sho a popup that user cannot access it or just stay on the same page with some error message in a label on that page... Here is more code in webconfig
<authentication mode="Forms">
<forms loginUrl="Login.aspx" protection="All" name="Cookie" timeout="120" path="/" slidingExpiration="true"
defaultUrl="Default.aspx">
</forms>
I'm quite newbie and i need to give access to the website at a very low cost, but just few people, how did you guys manage it, to hide the connection link to the public. I mean is there a better way or not to manage this. I don't know if I'm clear. What would be the cheapest way to manage this user account?
View 4 RepliesI have a project that has 4 pages and from each page have several link buttons to go each of the other pages. I would like to declare these url in the web.config file and give them a name and access from vb.net code behind.
View 3 RepliesI have built an intranet site where the user is automatically logged in through Windows Authentication and I am now building an admin panel/section. I was wondering if there is a way using the Active Directory memberOf attribute that people who are members of the group 'Domain Administrators' could automatically gain access to this section without needing to log in, but people who are not part of this group get redirected.
View 1 RepliesI have an Admin folder which contains 4-5 aspx pages. I want to that only user with role="admin" can view those files. What settings i need in web.config?
View 1 RepliesAllow Admin Users to Access Basic Users Accounts?
View 4 RepliesI have create a masterpage and add content page include user (firsname,lastname,password,new password,confirm new password adn etc..)detail update field. i try to give a client side validation all the function work,but in confirm password its not hide wen give a correct password.. anybody give correct solution..code are below..
[Code]....
I have an ms access db file and now i want to use it in my app. i have given like
Provider=MSDASQL.1;Password=pwd123;Persist Security Info=True;User ID=swgp;Data Source=SWGP;Initial Catalog=C:swgp BJswgp
but it is giving error to me.If anybody know how to give this connection string for password enabled ms access database,
i want to crease an admin panel. but i do not use asp.net default membership system.
i know actions enable access can be determine by [Authorize] attribute. but my admin has 10-20 controller and about 100 action.
i do not want to signature all of actions by [Authorize] attribute.
all controller must be required login if user did not login.
I found a great answer on SO describing how to set up custom user roles, and I've done the same in my project. So in my Login service I have:
public ActionResult Login() {
// password authentication stuff omitted here
var roles = GetRoles(user.Type); // returns a string e.g. "admin,user"
var authTicket = new FormsAuthenticationTicket(
1,
userName,
DateTime.Now,
DateTime.Now.AddMinutes(20), // expiry
false,
roles,
"/");
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(authTicket));
Response.Cookies.Add(cookie);
return new XmlResult(xmlDoc); // don't worry so much about this - returns XML as ActionResult
}
And in Global.asax.cs, I have (copied verbatim from the other answer):
protected void Application_AuthenticateRequest(Object sender, EventArgs e) {
var authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null) {
var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
var roles = authTicket.UserData.Split(new Char[] { ',' });
var userPrincipal = new GenericPrincipal(new GenericIdentity(authTicket.Name), roles);
Context.User = userPrincipal;
}
}
Then, in my ServicesController class, I have:
[Authorize(Roles = "admin")]
//[Authorize]
public ActionResult DoAdminStuff() {
...
}
I login as a user with the "admin" role, and that works. Then I call /services/doadminstuff - and I get access denied, even though when I put a breakpoint in Global.asax.cs, I can see that my roles do include "admin". If I comment out the first Authorize attribute (with roles) and just use a plain vanilla Authorize, then I can access the service.
we want to create website based on asp.net and we want to update data in my site dialy. told me about admin module . is their any tutorials and screen shots for admin module
View 4 RepliesI have to develop a admin page in asp.net. For that I need a master page template which looks like admin panel, menu, CSS. I am seeking layout for admin panel I am not sure if this is the right place to ask this question. If it is not I request moderators to move this question to appropriate place.
View 2 Replies