Show Authorization Error Message In MVC 2 Application?
Jul 10, 2010
I'm using the Authorize attribute to filter controller actions based on user roles, but if an unauthorized action is attempted, the user is redirected back to the login page. As I user I would find this confusing and irritating. How can I instead show an error message informing the user they need certain roles, and remain on the view where they attempted an action?
i am using create user wizard and capturing other information within content template when a new userregisters. Some of the textboxes are binded to required field validators.there is a validation control on the page and ShowMessage box is True.If they dont complete some of the text boxes then the message box pops Up with the error message.It does not however include information errors like "User already exists" or Email address already existsfrom the create user wizard membership UserName and Password Textboxesis it possilbe to hook all of these up so I get one message box with all errors including membership ones?
I want to display error messages on submit button.
My view is for example i got 5 error messages when i clicked submit button. First it shows 1st message and goes to that particular error.after rectifying the 1st error it goes to 2nd error message like that...
i am experiencing thi error when i click on the application in the remote machine.
Server Error in '/please-god' Application.
Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.EnvironmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Source Error:
Line 7: Dim oBF As New BinaryFormatter() Line 8: Dim oFS As FileStream Line 9: Dim strPath As String = Path.GetTempPath & "schedule.Bin" Line 10: Line 11: Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
Partial Class appointmentscheduler Inherits System.Web.UI.Page Dim arrCalendar(12, 31) As String Dim oBF As New BinaryFormatter() Dim oFS As FileStream Dim strPath As String = Path.GetTempPath & "schedule.Bin" Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load If (Cache("arrCalendar") Is Nothing) Then If (File.Exists(strPath)) Then oFS = New FileStream(strPath, FileMode.Open) arrCalendar = DirectCast(oBF.Deserialize(oFS), Array) oFS.Close() Cache("arrCalendar") = arrCalendar End If Else arrCalendar = Cache("arrCalendar") End If End Sub Protected Sub btnSave_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnSave.Click arrCalendar(Me.myCalendar.SelectedDate.Month, Me.myCalendar.SelectedDate.Day) = Me.myNotes.Text oFS = New FileStream(strPath, FileMode.Create) oBF.Serialize(oFS, arrCalendar) oFS.Close() Cache("arrCalendar") = arrCalendar End Sub Protected Sub btnDelete_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnDelete.Click arrCalendar(Me.myCalendar.SelectedDate.Month, Me.myCalendar.SelectedDate.Day) = "" oFS = New FileStream(strPath, FileMode.Create) oBF.Serialize(oFS, arrCalendar) oFS.Close() Cache("arrCalendar") = arrCalendar Me.myNotes.Text = "" End Sub Protected Sub myCalendar_DayRender(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.DayRenderEventArgs) Handles myCalendar.DayRender If arrCalendar(e.Day.Date.Month, e.Day.Date.Day) <> "" Then e.Cell.BackColor = Drawing.Color.Red End If End Sub Protected Sub myCalendar_SelectionChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles myCalendar.SelectionChanged Me.myNotes.Text = "" If arrCalendar(Me.myCalendar.SelectedDate.Month, Me.myCalendar.SelectedDate.Day) <> "" Then Me.myNotes.Text = arrCalendar(Me.myCalendar.SelectedDate.Month, Me.myCalendar.SelectedDate.Day) End If End Sub End Class
What do i have to do to eliminate this error message?
I have 5 fields on my web form out of which 2 are hidden. i have to validate all of them so i have associated required field validator with all of them. it works fine it does not shows me the error message for the controls that are hidden at that point of time.now i added a custom validation control and when this validation fails all the error messages are shown... can some body please tell me what am i doing wrong and what is the best approach that can be followed in this case.
I have a textbox, with a RequiredFieldValidator and a ValidatorCalloutExtender. The calloutExtender comes up when there is no text in the textbox, but it does not display the error message from the RequiredFieldValidator. I tested this code in a test app, and it worked. It may have something to do with the content containers? These controls are inside of a web user control, which are inside a Telerik RadDock. The parent page also uses a MasterPage. Here is my code from the usercontrol which contains the validator:
I placed 2 requiredfieldvalidators in my page (well, actually, more like a dozen of them, but only these 2 behave this way) and can not seem to figure out why the error message will not be displayed. The validation function works (the processing code is not run and focus is returned to the first field that fails validation) but no error message.
Why am I getting an exception error when trying to show all users in active directory. What does this mean?
An unhandled exception of type 'System.Runtime.InteropServices.COMException' occurred in System.DirectoryServices.dll
Additional information: The server is not operational.
Code: 'Show all users in the domain Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click Dim domain As DirectoryEntry = New DirectoryEntry("LDAP://domain.com/CN=Users,DC=Domain,DC=com") For Each child As DirectoryEntry In domain.Children ListView2.Items.Add(child.Name) 'populate results to a ListView Next End Sub
Now, I login to my web application, but with a user that does NOT have roleA. When I visit SomePage.aspx I get redirected to Login.aspx, the url specified in loginUrl of the forms element. So, my question is shouldn't I be able be specify an authorization denied message or url? If the user is authenticated, but not authorized why would I want to redirect to the login page. It's confusing as hell to the user.
I'd like to get the message number and severity level information from SQL Server upon execution of an erroneous query.
For example, when a user attempts to delete a row being referenced by another record, and the cascade relationship is "no action", I'd like the application to be able to check for error message 547 ("The DELETE statement conflicted with the REFERENCE constraint...") and return a user friendly and localized message to the user.When running such a query directly on SQL Server, the following message is printed:
Msg 547, Level 16, State 0, Line 1 <Error message...>
In an Asp.Net app is this information available in an event handler parameter or elsewhere? Also, I don't suppose anyone knows where I can find a definitive reference of SQL Server message numbers?
I created a web application using visual studio 2010 / MVC2 / MSSQL 2008 and it runs fine in my laptop. However when I run the application in the hosting provider it shows the error message below:
Compiler Error Message: CS0308
The hosting provider is [URL] and the link to my web application is [URL] I would like to know how to solve this issue? If anyone know PLEASE let me know how to troubleshoot / fix this issue. Also in case the problem is on the hosting provider, let me know if you know of a free or very affordable hosting provider with support for MVC 2 and MSSQL 2008.
here when users enter new mobile number it should insert data into database and show 'You have been registered' and if they enter Mobile number that was in table it shouldn't insert data into database and show=='You can just register 1 Time'
problem is when I enter new mobile number it inserted data into database but it showed this message'You can just register 1 Time' but here it should show 'You have been registered' I mean in both condition it show this message 'You can just register 1 Time'
it never show this message='You have been registered'
I am building an intranet website. And I am still unsure of how to implement the security of the website. I am using ASP.NET MVC 3.
Anyone in the company can access the website. It is a recognition system where you can nominate an employee for an award. Currently I am not using any type of authentication. I have a roles table that contains roles and an association table that specifies which user contain what roles, these roles are mainly administrator-type roles. If a user does belong in these roles then he/she can still access various parts of the website.
Would I need to use the built-in membership for this? Or would I need to create a custom membership for this? We don't use a login page. If the user does not have roles to access a view then he/she is redirected to another page.
We use IIS to do our authentication. Is this the same as Windows authentication? I have the roles table used for authorisation.
we have created web application project and on local computer everyting works fine. after doing deployment on our production server we get a error below
Specified cast is not valid.
Description: An unhandled exception occurred during the execution of the current web request. review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.InvalidCastException: Specified cast is not valid.
I have forgotte password page in my application,page have one textbox to insert email address,when user click on submit button if inserted email address (i.e. abc@gmail.com) does not exits in DB it will give custome error message like "Email ID not available".after that suppose user will enter inproper email address (aaa#gmail.com) than client side validation for regular expression will file "Email id not valid",at same both message be on screen,now i want only one message at a time.so please can you help me for same
I am using ASP.NET MVC 3 and am trying to do something that should be really straight forward...
My application uses Forms authentication and that is working perfectly for controllers/actions. For example if I decorate either a controller or an action with the attribute below only members of the administrators group can view them:
[Authorize(Roles="Administrators")]
However I have a folder under the default Scripts folder called Admin. I only want members of the Administrators group to be able to access scripts within this directory so I created a new web.config in the directory with the following inside:
[code]....
However no matter whether a user is a member of the Administrators group or not they receive a 302 Found message and are then redirected to the login page.
If I change the web.config to allow user="*" then it works. It also works if I add an allow users="Username" for a specific user I am testing with.
I recently reinstalled Windows (on an SSD!) and I'm in the process of setting up IIS and all my web projects. One of my MVC project keeps asking for authentication on everything, including on resources like .css files and images. I'm using the default MVC template login with a custom provider that I'm using for dev purposes. I've tried rolling back my web.config to before I moved the project file and re-set IIS, but that didn't make much of a difference -- aside from changing authentication mode from Windows to Forms. Can you see anything wrong with my config?
I don't have any <authorization> element or anything else related to login, since I'm doing everything via MVC. Update: Tried <authorization><allow users="*"/></authorization>, still not working.
By default in login template, in case user key in the wrong user name or password, the literal message will show the default error message, "Your login attempt unsuccessful..."What i trying to do is, I have a function in my system to disapprove a member, after the member is disapproved, he/she will not allow to login anymore. When the user trying to login, the default literal msg will show out. Is there any way i can do it more specifically like if the user enter the wrong password only, the literal msg show: "Wrong password entered" insteaed of the default msg?
Same goes to the change password control, for any error msg it just show the long msg but does not tell user whats wrong with the entered valueim trying to do something like if the user enter the wrong password, the literal msg show the one i wan to show.