I would like to know how I can verify a user's credential against an existing asp.net membership database. The short story is that we want provide single sign on access.
So what I've done is to connect directly to the membership database and tried to run a sql query against the aspnet_Membership table:
[Code]....
The problem is the password value, does anyone know how the password it is hashed?
I am building a web application that is limited to one database, thus I cannot use the handy ASP.NET config tool. I am attempting to use SqlClient to authenticate users from a user table I added to my database. Here is the code I have thus far:
[Code]....
[Code]....
I simply want to know how to manually check if the value a user has provided for the answer to their security question matches their current answer on record. I want to use the build in support of the membership and membershipuser objects.
I see that via the passwordrecovery control that the actual answer can be returned. However I am currently not using this control and it would take a good bit to integrate it as it does not meet our user's requirements.
In a worst case scenario, getting the actual answer (like the passwordrecovery control does) and manually checking it in our application would be acceptable.
A best case scenario is some sort of API where I can pass in the user name and the answer to their security question that was provided and simply get an indication of whether answer was correct or not.
I have a requirement to develop an application in Excel VBA to talk to an MSSQL database.The client wants a login facility for a number of named users - I am going to setup these users in the aspnet tables in my database (aspnet_users, aspnet_membership etc).There is no facility in VBA to do automatic verification of a users credentials like there is in ASP.Net so I have developed a simple login form for the user to enter their username and password and send these to a stored procedure in the database. I am looking for a stored procedure that implements the ASP.Net hashing routine to convert the user supplied password into the same format as the database stored password so I can compare and return a true or false.
View 1 Repliessing a SqlMembershipProviderI like to manualy register new users and to save mutch more data from them in a separate table.since these tables are liked with the UserID generated by the SQL MembershipProvider I want to login the new user after he is added to the membership system.
[Code]....
when your using ASP.NET Wizards to create a login, it uses a set of auto generated tables using the aspnet_regsql.exe tool...When you create a user using the wizard it generates a very long userID
"a40cf936-1596-4560-a26c-450792e2c8c0" I want to add users using another program that connects to this database... but how does visual studio auto-generate this ID. I want to auto-generate it as well
i have following issue: I am creating a new user register form manually without CreateUserWizard control, and all works perfectly unitil I intentionaly (for test purposes) enter existing username (for example BLABLABLA) into username.textbox. After that i get my error message as expected that says "username BLABLABLA allready exist", now when I tray (as a future user who could be in the same situation) to correct the username and enter another one (for example TRATRATRA), it still gives me this error "username BLABLABLA allready exist!" This is the second day that I'm traying to solve this!
Here is a part of my code:
[Code]....
I looked at this site: [URL]
But does not check for all the cards, in addition, my credit card and write the force that does not exist.
How do you use to verify credit cards, which is the best?
I posted this previously but it ended up in Languages/C# rather than here. I'm not sure if I chose the wrong forum or the admin moved it. I wanted it in here so I'm re-posting it:
I have an APK file (android application archive, same as JAR file format) that I need to determine whether or not is signed, and if so, extract the certificate info.
The JDK provides a command line tool to do this:
jarsigner -verbose -certs -verify file.apk
I'm trying to determine if there's a way using the Security classes to accomplish the same thing in C# code.
I have implemented Forms authentication in an ASP.NET MVC 2 website
By using <%: Page.User.Identity.Name %> on the Site.Master page I can display the userid of the logged in user.
I would like to use this value and display other information about the user that is stored in a User table in a MsSQL database, like:
<%: GetFirstname(Page.User.Identity.Name) %>
How to verify users login credentials using users login credentials of user's gmail account (like in stackoverflow on clicking gmail it takes to gmail login page and gmail verifies the user)
View 1 RepliesOur application lets the administrator create new users. Since the administrator is logged in, I have set Logincreateduser = false so that the administrator is not logged out even after creating the new user.
The problem is :I need the userid of the newly created user to store additional details of the user in another database table. I see that i can get the username using Createuserwizard1.username; but how do I get the userID?
For our website, we have decided we would like to maintain our user passwords as encrypted binary data in our database. We are using ASP.NET 3.5 to host our site and SQL Server Express 2008 for the database, both running on the same server. When a user logs in and submits a username and password, there will need to be some sort of encryption or decryption in order to verify the credentials. To me, it would appear that there are 3 ways to do this:
1)[C# Encyrption] On User creation, perform encryption in the Web App and submit the encrypted password to the database. To verify credentials at Login, perform the same encryption on the submitted password and ensure that it matches the value stored in the database.
2)[SQL Encryption] On User creation, submit the plain-text password to the database and have it perform one of the SQL encryption variants during INSERT. To verify credentials at Login, have the database perform decryption on the password during the SELECT statement, and compare the plain-text submitted password to the one in the database.
3)[Mix] On User creation, submit the plain-text password to the database, and have it perform one of the SQL encryption variants during INSERT. To verify credentials at Login, perform the same encryption algorithm used by SQL on the submitted password ( is this possible? ), and ensure that it matches the value stored in the database.
Does anybody have an opinion as to which of these options is best? Number 1) is the most familiar to me, and would be the easiest to use with LINQ to SQL ( which is our current data model ), so I am leaning towards that. But if there are better options I would love to know about them.
My requirements is when one other website call my service (httphandler) and in response i will provide one parameter which is
value of form authentication cookie
now that website call my website with that cookie value as query string , how to check from that cookie value that particular use is authenticated or not ?
How to add data from database in drop down list manually?
I have added it as:
In the database table name tbldate there is field day and I have to add all these dates manually as:
dropdownlist1 is id for drop downlist and dr is object of data reader which get the value after select command from the above said table.
dropdownlist1.datasource=dr["day"].tostring();
dropdownlist1.databind();
But it shows only value 17 in dropdownlist why?
Can anybody tell me how can I increase the size of the database in oracle manually.
View 2 RepliesAs been requested, I wrote some code which basically change the document's date (the document of umbraco blog).
I have changed every place I can find the date, and makes all the date displays fine, and I have adjusted the path to make it correct.
Now, the url indicated in the umbraco.library.NiceUrl(id) is not working, but previous url is still working.... Just wondering is there any file which 'temporarily' or 'permanently' store the friendly url mapping? if so, how can i modify that?!
Btw, where is the umbraco cache file stored?
btw, umbraco version 4.0.3, restart the website still not working, change the document title will result in old url's title changed, but new url is still not working...
I am using the create user wizard to create users that are then placed in the ASPNETDB database. Is there a way to delete users in the same fashion? I am using Visual Studio 2008 VB.NET.
View 1 RepliesI am dtrugling with the log in of .net. I have studied a wrox asp.net 2 book and it says add
<authentication mode="Forms">
<forms name="Wrox" loginUrl="Login.aspx" path ="/" />
</authentication>
<authorization>
<deny users ="*" />
</authorization>
to the web.config file. This automaticaly sends me to Login.aspx. The problem I have is I have added this line to the code behind in Login.aspx
protected void submit1_Click(object sender, EventArgs e)
{
FormsAuthentication.RedirectFromLoginPage(User.Text, false);
}
NOW this does not check the password but it should in THEARY send me to the page I was going to. It dosnt it stays on the login page.
i have using aspnet DataBase, and i know that i can Check if the User is OnLine or not By Using
Membership.GetUser.isOnLine; this is when invoke method in asp.net Page , But i want to Know if there is another way to Check If the User OnLine or Notfrom aspnet dataBase
Is it possible to bypass the NT challenge login, and just have a standard webform login, then authenticating programtically as that user and passing those credentials manually to my connection string so that the database sees me as that user?
View 1 RepliesWe are buling a hosted ecommerce shopping cart solution and I would like to use asp.net's built-in membership provider. We dont really want to have a seperate database for each domain, we want to share the same database across mupltiple domains for different customers. Each domain is a seperate store.
My problem is that since it's a shared hosted solution people coming from different domains might use the same user name and it would show as if already existed. Is there an addional field I can use to store the domain name so basicly would be unique by username and domain name. We don't want to share information between stores.
I have a problem with SqlMembershipProvider. I have already created database aspnetdb. I need to add new user to database however one error occured. This is my web.config file:
[Code]....
and this is my application code:
[Code]....
the error occured in this statement:
[Code]....
Membership.DeleteUser not removing user from database
//Roles.RemoveUserFromRole("markwheeler1963@hotmail.com", "customer");
I want to create the roles,membership and user data on ISeries AS 400 rather then the one used in APP_Data.
View 4 Replies