Security :: Access Files In Folder That Has Password And Username
Aug 11, 2010
I have a folder with username and password over it.I wanna make a page where i can access files under that folders in .net and be able to download them.How to code that in VB.net?
My restricted files are all stored in ~/Secured folder on the root. Authorized users have no trouble accessing aspx files in that folder. Recently I added a part of an application whose files I wanted to keep separate and created a ~/Secured/HR folder. I am getting a "resource not found" error trying to use any aspx file in HR folder even after user successfully logs in, as if the file does not exist at all. Here is my web.config security settings:
[Code]....
Do I need to configure security for that folder separately?
I have a web app, which contains a folder Uploads, to which users (authenticated) upload their files (for some reason it has to be a folder in the root of the web app).I want to deny access to this folder and files to all non-authenticated users.
In my web.config I have:
[Code]....
and everything seems to work in development, but on a staging server it redirects non-authenticated users to login page ONLY from aspx pages, but not when entering the url to the file in Uploads folder.
I was just trying to install Umraco CMS on my ASP.NET website. I am using the Web Platform installer from Ubraco http://umraco/downloadI pointed the CMS install to the local website folder where it was intended to be installed and specified to use an existing database for the same. It is asking for the some username and password for the Database access. Is there some default value of the these particulars for these because I never configured the username and password for my DB? (It is a MS SQL Database) Screenshot:[URL]
I have created a test user/password on my web site. The intent is to have prospective clients login and try out the tool. Instead of telling them the userid/password of the test user, I'd like to tweak the Login wizard.
In the Load event, I was able to specify login1.UserName = "test user"
But when I try to specify the password, I'm told it is a readonly field. How can I 'force' a specific password? Or, how can I call the login event directly and pass the needed values?
In C# I need to connect to a database. How do I find out the username and password to use for that database? I know that sometimes the "sa" username can be used. I don't know how to find the password though. I am working on a contract and no DBA, and the developer left for a different job.
I am kinda new to WCF and the setting up of service and have 2 questions. My first question I have a service that will be accessed via https on a web server. However locally on my local IIS7, it will be accessed via http as https is not available. How can I set up a service to be accessed by both?
My second question is regarding how I can set up a service that requires a username and password to be accessed. The service that I have in place I dont want methods within it to be accessed unless the calling application has the rights to do so?
Here is an example of the relevant area of my web.config file.
<system.serviceModel> <bindings> <webHttpBinding> <!-- standard AJAX binding that supports SSL --> <binding name="TransportSecurity"> <security mode="Transport" />
[Code].....
In this config, the service is set up for http only and not username/password applied to it.
For testing I used this:[URL]Encrypts only the password is not encrypted and username.Why not?For security reasons, I would like also to encrypts username.
I have an intranet run with IIS, with basic authentication config. See more in this screenshot:
[URL]
Of course, then, when user login, this screen will appear:
[URL]
After successfully login, is there any method to get UserName (very easy to get) and also Password (don't know yet) from asp.net coding (run at server)
I am trying to implement a small site which requires users to login using Forms based authentication. I have followed the tutorials found on various sites on the net and in particular the one at [URL] This enabled me to get a sample environment in place but it seems as though I am having a problem authenticating a user for which I know the username and password are correct.
I have a ASP.Net 3.5 site with my login.aspx form in a folder named login, my default.aspx in the root of the site and my protected content in a folder called main.
I am authenticating against a SQL Server Express database, so I have ran the aspnet_regsql.exe command to populate my database.
I have added the following authentication/authorization lines to my web.config
I believe that my connection string and my database are ok because if i use the ASP.NET Configuration from within Visual Studio I can create and manage my users and I can also see them in the tables in the SQL Server. Also if I do enter any incorect credentials in my login page the page tells me that the password is incorrect.
I got a username and password field which made by myself and a User database which is all manually made
So now I wish to know how to authenticate user using the username and password data enter by the user and match with the database data to verify user is a member and login?
For what i know, the code should be something like this
SELECT UserName, Password FROM dbo.User WHERE UserName - @UserName
@UserName = ?
How do i assign the value from my username text field to @UserName?
I am trying to login usng form authentication from my web.config but it does not work. In the web.config i have the following: (i am going to make the password secure but just need to work with the basics
so I will admit this is a pretty stupid question. To my defense, I have never done it before. So take pity. I followed Joe Stagner's video on using the built-in authentication. Now, I would like to query a database using VB.net codebehind to verify if the user exists. I am clueless. Yes, I have a connection string already.
I had created an application which authenticate the user from the Active Directory,I had published the code on the server but when the page executes it ask for the username/password.i don't want this to happen, how to suppress this username/password screen.
I am writing a simple plugin for IE. I need to store a password and username setting for the user who uses the plugin. I know that I can store the username/password in the registry, I can manually encrypt it using the encription classes with .NET, or I can store it in a config file and encrypt the config file. I was wondering if there is a specific pattern/mechanism that I should use to store password and username.
I have a website that uses master page. I want a pop up to display so that user has to enter valid user name/psw in order to see pages. There will be only one username/password so web.config will store that info.
how to display pop up and check username and password.
I have only username. and want to check and grab the password from the database. It is BEFORE LOGGING IN. so I don't think the build-in asp.net functions could be used, right?
Currently I am storing my username and password (passwordFormat="SHA1") credientails in my web.config. I would like to figure out how to access them in an xml file that I have stored in my App_Data directory rather than the web.config file because I do not want my application restarting everytime I manually add a user (small list of 5 authorized users for the CMS section).