I am using custom user membership in asp.NET so user is an object that contains members. One of the user's members is "IsCompanyAdmin".I have a few aspx pages for company administrators only.Is there any way to prevent those pages from non-administrator users using the web.config?
View 2 RepliesI have 2 master pages Default.aspx is from Site.Master and some more pages that are from Admin.Master, I have used the code that to prevent the user from going back to previous pages after logout.
Here is my code
function preventBack()
{
window.history.forward();
}
setTimeout("preventBack()", 0);
window.onunload = function () { null };
The problem I am facing Admin.
Master page i.e I have Home.aspx, AboutUs.aspx,Admin.aspx,AddItem.aspx I was unable to navigate between those pages also. how to solve this. I have tried other methods also, but still facing same problem.
I am developing an ASP.NET website. There are some pages on my sit that I want him to see only if he is a registered user. If not, he should be redirected to the appropriate page. Should I be checking this on the Page_load event that the user is logged in or not?If the user types the name of the URL, this would still work, right?
View 2 RepliesI have two member roles at my project:
1.) Administrator
2.) Member
From the toolbox in Visual Studio 2008, I have dragged and dropped the create user wizard into the stage. I aim that a guest can register itself and automatically join the "member" role. Not the role "administrator". How can I do that?
How can I "clear" the vendor defined <controls> in my child app's web.config?
Parent Web Config.
[code]....
I have it working for the <tagMapping> section, but <controls> does not support <clear/>.
When I publish my Asp.Net MVC website to the production server (via VS2008), the web.config & castle.xml files are overwritten. The content of these files is obviously different between my local dev environment and the production server.How do I prevent these files from being published?
View 2 RepliesPossible Duplicate:
How to prevent an ASP.NET application restarting when the web.config is modified?
i have the code to get the members of a local group example administrators
private void GetUserGrps()
{
using (DirectoryEntry groupEntry = new DirectoryEntry("WinNT://./Administrators,group"))
{
foreach (object member in (IEnumerable)groupEntry.Invoke("Members"))
{
using (DirectoryEntry memberEntry = new DirectoryEntry(member))
{
new GUIUtility().LogMessageToFile(memberEntry.Path);
}
}
}
Is there a way to get the groups a local user belongs to using directory services?
without using activedirectory or domain in it because i want for the local machine only and not for a domain.
I have following model class:
public class WebModel
{
public List<ArticleModel> Articles { get; set; }
}
public class ArticleModel
{
public int ID { get; set; }
public double ValueParam { get; set; }
}
Then I have the controller with the two actions:
[Authorize]
public ActionResult Index()
{
WebModel model = new WebModel();
ModelConverter.ConvertToModel(model, controller);
return View(model);
}
[Authorize]
[HttpPost]
[ValidateInput(false)]
public ActionResult Index(WebModel model, string saveButton)
{
ModelValidation.ValidateWebModel(model, ModelState);
if (ModelState.IsValid)
{
return RedirectToAction("Create", "Article");
}
ModelConverter.ConvertToModel(model, controller);
return View(model);
}
And this is my view:
<%@ Page Title="" Language="C#" MasterPageFile="~/Views/Shared/Site.Master" Inherits="System.Web.Mvc.ViewPage<Web.Models.WebModel>" %>
<asp:Content ID="Content1" ContentPlaceHolderID="MainContent" runat="server">
<%var controller = Session["controller"] as Web.Code.SessionController; %>
<%Html.BeginForm(); %>
<div>
<table width="100%">
<%foreach (var article in Model.Articles)
{%>
<tr style="text-align: right">
<td>
<%:Html.DropDownListFor(m=>m.Articles.FirstOrDefault(f=>f.ID == article.ID).ID, new SelectList(controller.CurrentProdukt.Articles.AsEnumerable(), "ID", "Name", article.ID)) %>
</td>
<td>
<%:Html.TextBoxFor(m => m.Articles.FirstOrDefault(f => f.ID == article.ID).ValueParam)%>
</td>
</tr>
<%} %>
</table>
</div>
<table style="width: 100%">
<tr>
<td>
<input type="submit" name="saveButton" value="Save" />
</td>
</tr>
</table>
<%Html.EndForm(); %>
</asp:Content>
If I press the submit button, I get to the second action method in the controller (the one with the HttpPost attribute). In this action, the object model itself is not null, but the "Articles" list inside is null.
Whenever there is a configuration error inside the web.config, the server sends a yellow screen of death to the browser with a few lines around it. My problem is I am using impersonation and I don't want the users to see the impersonating username/password. So how can I prevent the server from showing the web.config code??
View 1 RepliesI have a custom config file in my application say my.config. Suddenly I ecnountered with some error regarding one of the settings inside the config file and the strange thing happens- my content of the config file get's rendered in the browser in the form of error. This is a big security issue for me. My question is how to prevent the content of my config files from rendering in the browser. Note I have already this setting in my web config:
<customErrors mode="Off" defaultRedirect="errors/default.aspx"/>
I am wondering why did not it redirect to error page? we had the settings turned onstill it displayed the straight error.
I have the following IIS folder configuration:WebSiteX - a web site contains a ASP.NET application with a web.config file WebSiteXApp - a virtual directory (App) under WebSiteX, with a different ASP.NET application and a different web.config file.What can I do to prevent the web.config file from the WebSiteX to be inherited when accesing the ASP.NET application from WebSiteXApp, in other words, when I access the WebSiteX/App ASP.NET application I want only the web.config from that application to be considered.
View 3 RepliesIs there any way to prevent render pages in compatability mode.
View 1 RepliesI have a folder within my website called 'ProtectedPages' which contains pages which users can only see if they have logged in (MyAccount.aspx etc). If they bookmark that page and try to go to it without logging-in, they are immediately bounced to my login page.However, if I have text files, images etc. in there, then it seems users can get to these fine without the need to login - all they need is the URL. For example, I could send the URL http://mysite.com/ProtectedPages/MyAccount.aspx to a friend and he wouldn't be able to access it until he had logged in. However, I could send himttp://mysite.com/ProtectedPages/ATextDocument.txt and it would show it to him without any problems.How would I go about protecting ALL files within this folder? I have a web.config file within the ProtectedPages folder which just has this information in it (I don't want TrainingAdministrator's to have access to that folder at all)
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
[code]...
I am looking for a free membership control that sends email to a user, and user musr approve before become a member on site. Do you familiar with such?
View 2 RepliesI am using Active Directory to authenticate users for an intranet site. I would like to refine the users that are authenticated based on the group they are in in Active Directory. Can someone show me or point me to directions on how to find what groups a user is in in ASP.NET 4.0 (VB)?
View 2 Repliesi have two types of role, Member and Staff, i also include profile property for both role
My problem is, I'm now unable to assign Member to the newly registered user, I forgotten what i had modify but last time I can do that without any problem.
Im unable to assign member to registered user is because when i login using the registered account, the LoginTemplate switch to a normal LoggedInTemplate instead of Member logged in template that allow member to access to their own page
But on the other hand, i can register my staff, login and access staff page without any problem
This is my code to assign username to role
[Code]....
I am new to asp.net's membership controls. I am trying to figure out how to make a public profile page that will display information about a site member to other users. I thought I would be able to use the profile class and just pass in a parameter such as user name. But I tried:
Profile.GetProfile("username")
'Where username = name of profile I want to retrieve
Response.Write(Profile.Title)
Response.Write(Profile.Company)
However, if the user is logged in this codee just brings back their details, not those of the username requested. What am I doing wrong?
I am using URL Routing in my .Net Web Application. I would like to prevent users from being able to access the .aspx page.
Example:
Actual URL - [URL]
Routed URL - [URL]
I want users to be able to access the page only by going to /Testimonials, but I would like to setup /Testimonials.aspx to redirect to its route at /Testimonials.
Is there an easy way to do this for Routed Pages throughout the application?
I am a newbie and trying to develop a Yellow-Pages like portal using ASP.NET MVC. I am wondering there will be some bad visitors who excessively request the portal pages to slow down my portal and to block request from other legitimate visitors. My current idea is put a nugget (an embedded code block) in master page to check the interval between two consecutive request. If the interval is less than 5 seconds (for example), I will reject/terminate to render the request.
My question:
What is the best way to handle this issue? If my idea above is applicable to solve this issue, what function must I call to terminate the rendering process (before doing resource-intensive job)?
EDIT 1:
Can we set this on server (IIS settings) globally instead of per application basis?
i have create web application for school management system...bt when i run my webside...(my welcome page is defaul.aspx bt if i want to acces studentdetail.aspx then i only enter url and i get studentdetail.aspx)
View 1 RepliesI have an asp.net 4.0 site. I have CAS turned on for legacy support. But in CAS, is there a way to prevent a runtime loaded assembly from accessing the web.config file? I don't see a permission set that denies access to configuration information.
View 1 RepliesIf my application URL is this:
http://localhost:51422/MyApp/Pages/FormView.aspx
I want 2 things:
1- I don't want any people to delete "...../FormView.aspx" and go to this[URL] and browse the directory pages and folders names.
2- If anybody tired that, the application should redirect him to login page or home page.
I have a login page and a dashboard page. Now user first login and then redirect to dashboard page. User press browser Back navigate button and now it's again on login page.
View 1 RepliesI have a signup page and Main page in my web site. i want to prevent an user to type directly the Main page URL, user should have access after signup/login.
View 1 Replies