I need to pass specific user credentials to a .svc so it can be used to open a server. The code in my .svc is as follows
[OperationBehavior(Impersonation = ImpersonationOption.Required)]
public string OpenServer()
{
RFCOMAPILib.FaxServer objFaxServer;
NameValueCollection appSettings = ConfigurationManager.AppSettings;
sFAXServerName = appSettings["FAXServer"];
objFaxServer.OpenServer();
}
i'm wondering is there a way that i can add my configuration User to a specific role ?
so i have this in my web.config file
<forms loginUrl="/Account/Login.aspx">
I want to open a native SharePoint 2010 page from my application (for example the Edit Properties page of a document) without the need to enter username/password, but instead to authenticate silently (prior or during the page request). is that possible?In other words, i have a windows forms application, i enter a sharepoint document path and i click on a button, this will open up a windows form with a browser control that will navigate to the native "editform.aspx" sharepoint 2010 page for this document.
View 2 RepliesI have an ASP.net 2.0 application on an IIS6 server with a second server running SQL.
The problem I have is that I can't use Integrated Windows Authentication to authenticate against the SQL server, instead the IIS passes its machine name (DOMAINMachineName$) to the SQL server. Of course I can add the necessary permissions to the machine name account on SQL, but I want to use the local user credentials in Integrated Windows Authentication to authenticate against SQL.
I have tried to find some reading/articles online but apart from a basic understanding I can't find the details I need to implement into my application. All I have found is that IIS doesn't pass the credentials onto a remote machine when using Integrated Windows Authentication, and Kerberos should be used instead. I have no experience of Kerberos or how to use it in ASP.net so I am hoping it can be done using Integrated Windows Authentication or be pointed to some good easy to understand articles on using/implementing Kerberos.
We have an ASP.NET / Silveright web application. The silverlight client displays user specific data in a graphical form - it requests the data from the server: Problem: Getting this data is expensive, due to the underlying database queries that the server has to perform - so the client has to wait... Optimisation Idea: We run the database queries at regular intervals on the server, writing the results to a 'userdata' table in a database 'close' to where the ASP.NET server runs. The process of running the queries and writing the data to the tables is performed by a 'data collection' service, which is separated from the ASP.NET server.
When the client requests data the server retrieves it from a 'userdata' table. This should be nice and quick - we probably have the 'userdata' tables on the same machine as the ASP.NET server. We also have the added benefit that the client sees data even if the underlying database is offline. Of course the data is not live - but all data is potentially old as soon as it reaches the client. So now my Problem: The 'data collection' service needs the user credentials in order to perform these database queries (because each user gets different results for the same query).
How can I store user credentials in a database, in an acceptable 'secure' way? Such that the 'data collection' can impersonate a user to perform the database queries. Our initial scenario is based upon using windows integrated login to the database.
Platform: ASP.NET 4.0, VS 2010My scenario is thishave the credentials of an external websiteI do a couple of GET/POST to scrape some data off of it
Depending on something that I find, I want to give my user a hyperlink that, when clicked, takes him 3 levels deep into the target website beyond the login pageOf course, I could just provide a URL to the top level on the target site, and he would click through to get there. But is there a way, via ASP.NET, that I can programmatically login and then open the page on a separate window/tab?
I have code examples from some of my previous work that help me to post form values to a web page (login credentials) and retrieve the text from that page. Now I want to pass in form values (login credentials again) but actually open that web page in a browser given those credentials.How do I do that? I'm not doing anything nefarious. In our CRM app (home-grown as it is), I want to create a link button that opens our web site's protected products page given the user's credentials (based on the user's login credentials). Normally, I'd copy the user's credentials in our login page which then takes me to the products page.
View 1 RepliesI am trying to figure out how to associate a specific user to a specific data on the site, like social networking site.
View 3 RepliesI'm trying to access an SQL Server Express database out of an ASP.NET HTTP request handler. The handler is run under ASPNET account and uses "integrated security" in the SQL connection string and so I get an error message saying that login for ASPNET account failed and so I can't access the database. This seems to be a very common problem and most answers say "grant access to you database to user ASPNET".
I only have Visual Studio 2008 and I can't find how to change access permisssions for a database. Specifically I use Tools->Server Explorer and I can see all the tables in the database but can't find how to change access permissions. How do I change access permissions to my database using tools shipped within Visual Studio 2008?
What's the best method to allow a user to search in a specific field for a record(s) containing the keywords they enter into a textbox? I am considering using the streamreader to obatin the values from textbox into an array, so I can build dynamic query using the stringbuilder. Is there a cleaner or more efficient method to approach this common search functionality?
View 1 RepliesI'm working on an ASP.NET project for the first time in about three years; in the meantime I've been working with Python/Django, PHP and Obj-C. Anyways, picked it right back up... except something that is totally killing me right now, and I have a feeling it must be staring me in the face:
I'm trying to bind to an LDAP server, for the purpose of authenticating users. The way it works here is, you bind on your own credentials, use that to find the Distinguished Name of the user you're authenticating, then you bind again on their DN and their password. If the bind is successful, the password was correct and the user can be authenticated.
Here's the problem - the first bind (on the fixed credentials, the ones with the ability to search for users and their subtrees) works fine. The search works fine. The second bind fails, no matter what, with the LDAP error INVALID_CREDENTIALS. This happens even when completely valid credentials are supplied.
Here's the code, with the usernames and passwords redacted, of course...
[Code]....
If a user has signed into their computer and are connected to an intranet, is there a way to grab the users crendtials and authentication them in asp.net? What specific code would do this?
View 2 RepliesWhenever I have my database open in Visual Studio 2010 Express, I get this error:
Cannot open user default database. Login failed.
Login failed for user 'IIS APPPOOLDefaultAppPool'.
Cannot open user default database. Login failed.
Login failed for user 'IIS APPPOOLDefaultAppPool'.
I have developed a web service and installed in a server suucess fully, its working fine there.
I tried to work in another server, But I had some error there in the new server.
I trying to access a network folder, Its accessible for the user which I have mentioned in the web config, But I'm having error.
in the web config
<identity impersonate="true" userName="UserName" password="password"/>
In my environment, we use Active Directory as our password repository. I'm writing an app that uses the users windows session (windows auth) to authenticate the user. This is working well, but I need to provide a way for users to log in as a different user. I setup a web form to accept a username and password. My question is this, I need a secure way to validate the user's credentials against AD. I cant have the credentials passed as clear text. Ive come across the impersonate user functions, but i'm leary because you have to pass a clear text password into the password field. I know I could also use LDAP, but without a certificate, I know plain LDAP is relatively insecure. Can someone point me in the right direction of a more secure solution to query AD with the credentials?
View 3 RepliesI am building a web application that is limited to one database, thus I cannot use the handy ASP.NET config tool. I am attempting to use SqlClient to authenticate users from a user table I added to my database. Here is the code I have thus far:
[Code]....
[Code]....
In my application, I have users request accounts, and then an admin goes in to approve or reject the account. When the admin approves the account, the create user wizard is used. After the user is created, I set the new user's role, and update a few other items in my database for user tracking, and send out an email to notify the new user of their account status. Here's the kicker: Once this new user is created, the admin, is now logged in as the new user. How is this happening? And how do I stop it? Here is my CreatedUser code, scrubbed of non-pertinent code.
[Code]....
I'm looking for a way I can store username and password credentials in a web.config file & use these values to re-direct to another web service, once these are authenticated.
The process is as follows:
* User logs into our website with required credentials
* There is a link on our website which invokes a new webservice
* The webservice is a paid for subscribed service (which requires authentication)
* Usually, there is a web form for this type of web service but since we need to steam-line the process from initial application logon, the logon page is not required.
* So when the link on our website is clicked, the new webservice is invoked. Authentication should be done by using the credentials in the web.config file and user is redirected to webservice (avoiding logon page)
Could someone tell me using pseudocode or a small asp.net code example how we could achieve this process?
The key goal is to avoid user going into the Logon page and redirecting directly to the URL for usage of the webservice.
I am the web developer at a medical clinic. I have 2 scenarios going on:
First, I have a physicians only component of our employee portal to allow access to only physician shareholders or physician non-shareholders. My structure is built like:
Physicians Only
Administration
Affiliations
Calendars
Compensation
Minutes
The Affiliations folder is only going to be accessible by the physician shareholders. Therefore, I have security roles set for Physicians Only and Affiliations. When I test, the security is set correctly on the folders. However, when I try to login as different people, all with different roles, I have to login with user name and password, twice, before the system allows me in.
Secondly, I have secured areas within the employee portal also. However, when I navigate to them, the system doens't usually prompts me to login. If it does prompt me to login, it too, is on the second try. So how does it know who I am? And more importantly, how do I get the system to actually prompt the user to login with their credentials?
I have the following asynchronous controller actions which allows me to start a console application on a remote server. My issue is with regards to the permissions and authentication. I have tried the following, which in my understanding allows the app.Start(valuationDate) to run as the impersonated user. The reason for this is that the console application needs to access network resources and the user of this web app will have the required access rights. (As a side note, the console app runs as a scheduled task without error)
The issue I suspect is that the console app is still run under the IIS app pool identity which causes network resource "Access Denied" errors. The console application itself starts, but the restricted access of the IIS user account causes the failure.
I have tried changing the AppPool identity to run as an authorised user and the process executes correctly. I am hoping for a solution that does not require me to change the AppPool identity on the server.How can I do to start the console application using the authenticated users details?
Controller Actions:
[HttpPost]
public void RunAsync(DateTime valuationDate)
{
AsyncManager.OutstandingOperations.Increment();[code].....
I'm running an ASP page that is using a WCF client to get some data. How can I set/pass the Network Credentials (of the user that performed the request, not the .net pool thread) on the WCF client so the WCF service will be able to perform impersonation using these credentials ?
View 1 Repliesi am developing a login page.After matching there given and actual credentials i have to show there own private page.So which method should i use now.Which is better one ?Server.Transfer of Response.Redirect ?How can i access login page's data in the user's home page if i use Server.Transer method without using Session variable ?
View 2 Replies[Code]....
View 4 RepliesHow to verify users login credentials using users login credentials of user's gmail account (like in stackoverflow on clicking gmail it takes to gmail login page and gmail verifies the user)
View 1 RepliesWe are going to write an entire new application for a reservation system. In this system experts specify their free time in elaborated calendar and users seek them through searched and finally reserve the expert and his time.
We prefer to find an open source program like this and try to evolve it instead of creating it from scratch. In this manner our time is saved and that open source program will be completer too.