i currently develop an asp.net mvc 2 web app using asp.net membership and role management for authenticating and authorizing my users. I get complaints though that when adding a role to some user, he is not able to see new role assigned functionality, unless he re-enters (logout and login again) the application.
View 2 RepliesI am using membership api in my project.I have customized all the controls.Now i want that user can login on only one machine from same username and password at the same time.If user is trying to login on any machine at that time if he is logged in from another machine.They should get message.They should not be able to log in using same username and password on same time on different machine.
View 2 RepliesI am currently working in an ASP.Net application where i need to implement ASP.Net Membership and Roles. I have used Login controls in my pages. Also I am using a menu in the master page, which is getting data bindings from database. For data bindings I am using XMLDatasource and a transform file (.xslt file). I need to bind the data to the Menu based on the user roles.
My issue is that the generated Menu is not behaving consistently. Sometimes it will show the correct menu for a particular role and some times it will show previously loaded data.Providing my code here:
masterpage.master.cs
private void LoadMenuItems() {
System.Security.Principal.IPrincipal User;
User = System.Web.HttpContext.Current.User;[code]....
In the site I am building we have standard users and superusers. A superuser can delete another user from the system and this should result in that user being logged out (if he/she is currently logged in). We use the Membership provider. Or actually the superuser doesnīt delete the other user completely but instead sets his/her as inActive by following code:
[code]...
But, that should not matter... What I want to know is how to make the affected user being logged out. I donīt need a popup or anything to be shown to the other user that he/she is just logged out, it is enough to check if that user is logged in when he/she tries to move to another page on my site.
if a user wants to clear their personal information from a page after clicking on a button that they be re-directed to the ASP Login page. This code needs to be developed using Java Script because I want the user to confirm with a confirmation box that they intended to clear their info. I have found resources on MS that pointed to referencing the "System Web Extension" within the Web Config file shown below, which enables Java Script to be able to reference the Authentication Service classes. I am also calling the function show_confirm in the button onclick event to process the message box response.
I also need to redirect a user back to the Login page within this same show_confirm() function without pointing directly to the URL, but instead to the folder where the page is locateded like in VB Server Redirect if possible.
The error message I receive when I run this code is: Microsoft JScript runtime error: 'sys' is undefined.
Shawn
[Code]....
[Code]....
I need to disallow the user from clicking the back button after they have login to the web site.
I have to stop them from going back after thay have logout from the web site.
I find out online that this can be done
but once the javascript function is turn off it does not work.
[Code]....
Is there any way to really stop go back function in the above situation? I wonder how the bank commercial web site handle this kind of situation?
In my web application when I start my webpage from Visual Studio the URL to my ligin page looks like this:
[Code]....
And when logging out, the following are executed:
[Code]....
Question: I need to have the return URL set to Default.aspx as it is when logging in the first time. Does anyone know how I can achieve that?
I have a "UserDetail" table in my "JobPost.mdf". When I click the "delete" linkbutton, it can delete the all User info from my "UserDetail" table, it also delete the corresponding "aspnet_Users" & "aspnet_Membership",but the "UserInRole" still contain that UserName. Even though I specified the Code:Membership.DeleteUser(UserName, true);
I thought true is for bool deleteallrelated data, but it doesn't really delete the userInRole. So next time the user registers with the same name, it automatically get the "admin" role right. This "deleteUser" page I keep it inside a protected "admin"folder. How to solve it? Why Membership.DeleteUser(UserName, true) doesn't delete UserInRole?
protected void GridView2_RowCommand(object sender, GridViewCommandEventArgs e)
{
if (e.CommandName == "Delete")
{
string UserName = e.CommandArgument.ToString();
Membership.DeleteUser(UserName, true);
JobPostDataContext db = new JobPostDataContext();
var query = from u in db.UserDetails
where u.UserName == UserName
select u;
foreach (var item in query)
{
db.UserDetails.DeleteOnSubmit(item);
}
db.SubmitChanges();
FormsAuthentication.SignOut();
}
}
My web.config inside the protected Admin folder:
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<system.web>
<authorization>
<allow roles="Administrators" />
<deny users="*" />
</authorization>
</system.web>
</configuration>
I am wondering how I can implement so that later login session logout former login session to avoid concurrent login. I know how to check whether the user is online (by Membership.IsOnline()) and logout the current user (by FormsAuthentication.SignOut()). But I don't know how to logout the previous login session.
View 2 RepliesI am trying to create a Forms Authenticated site and have already used the aspnet_regsql tool to create the necessary logic in my SQL Server DB to hold my data. Now, I am looking to create a custom Membership, User and Role provider for my DB model. I was looking at the following video: [URL]
Now, I get the concept on how to go about it but I notice that this guy uses custom DB Procedures as to the ones that are generated by the aspnet_regsql tool. Can anyone direct me on where I can find info on how to go about building the Membership, User and Role provider class using the DB structure that aspnet_regsql generates? So much junk on google that I am having a hard time finding good guidance.
I am creating a interface for User Role Management based on built in membership provider.I want to display all the roles as check boxes for a selected user. I am able to display all the roles in the database, but not able to load the specific user roles. For example, I am able to publish role 1 role 2 role3 role 4 as check boxes. But if the user is already flagged as role 1 and role 3, I am not able to show that data (role1 and 3 should be checked when form loads, but right now, they are not checked)...How do I get the roles as checked boxes display on a page.I am using a repeater control to display roles as check boxes on the page..
<asp:Repeater ID="UsersRoleList" runat="server">
<ItemTemplate>
<asp:CheckBox runat="server" ID="RoleCheckBox" AutoPostBack="true" Text='<%# Container.DataItem %>'
[code]...
Need the code for the login /logout in my sample project and how to attin logout in the all pages. dont mistake me as i am learning (fresher) the asp.net 2005
View 2 RepliesI have written custom code for login and logout...When use clicks on logout button the current session is closed and user is redirected to a login.aspx page...The problem is that when a user click a back button on internet explorer it the previous page he was navigating is shown to him...(altough he cant perform any operation as session is null and their is condition in page load that if session is null user should be redirected to login page)May i have to clear cache of client ??
View 3 RepliesFollowed the code sample of Chapter 10 (Logging in) of the Book, Microsoft ASP.NET 2.0, I created an ASP.NET 3.5 website with Forms Authentication. The sample code used Website Administration Tool (WAT) to manage the users, roles, and authorization.When running in the ASP.NET Development server environment, I can first login, then click to open the links for each for the 3 roles.
However when running the sample code in the IIS server environment, I can login but can not open the links for the role subfolders.Clicking each link popped up an error message for opening a login.aspx from the specific subfolder. I don't have a Login.aspx file in each subfolder.The 3 role subfolders were configured as the virtual folders in the IIS Server. Why the sample code worked fine inASP.NET Development server environment, but got an error message from theIIS Server environment? Why an authenticated user can not open the subfolder homepage?
I want to execute some logic if the Logged in User can view a page "~/MyPage.aspx". IF the logged in user should be elligible to view the page is determined by the role based security I configured in the web.config file. There are many methods to find out if the user is in role XXX or not. But I did not find any method to find out if the user can view a page or not ahead of transferring the user to that page. Maybe I will hide a link to a specific page to the logged in user if the user is not elligible to view that page if I know the technique i am asking here to know.
View 1 RepliesI have two .NET applications X and Y
a. I want to have User A as a common user for both application X and Y.
b. User A can have different roles on X and Y. Eg. Read permission on Y and Write Permission on Y.
How do i configure ASP.NET membership to achieve about functionality.
I have a web aaplication which currently has a bunch of users and use Asp.net Membership to create and manage users.
I want to add OAuth functionality to my application and want to still using Asp.net Membership (login , etc ). ( and I also want my user login to application with any public social network ID , if that network use a OAuth membership.
How can I use Asp.net and OAuth (open ID) beside each other ?
I also want to add a new page for users to create a profile for themeselve.
I have created a role based menu for my asp.net 3.5(C#) by configuring Asp.Net Membership module for site. My role based menu is a nested HTML unordered list. And each list item has a list of links. And at the end a list item has SignOut link. I have created 5 role groups for my website and put this list(i.e. menu) inside the contentTemplate of each and every role group.
I have display the SignOut link by using LoginStatus but I dun want to put the Login Status in each and every Roles Group. Can anybody tell me how to create a generic view which will display the Signout link when any user is logged-in. But I dun want to show the SignIn link when the user is not logged-in.
I've set up a system with forms based authentication and using the asp:Login control. When I put in an invalid password I get the approriate invalid password message. However when I put in a valid password, it does nothing...just returns to the login page again. I'm triple checked the login info. There is no error message, and the invalid attempts counter doesn't increment. When I put a break point in the Login_LoggedIn event of the Login form, it hits it, but User.Identity.IsAuthenticated is false. I'm not 100% sure it should be true at this point, as I'm pretty new to .NET but it seems kind of odd.
My user database is stored in a sqlserver 2005 db that already existed. I've added a new connection for it.In the authorization I have
<authorization>deny
users="?"/><authorization>
Is it possible to perform user management (store user info, login , logout etc) without using session or cookie?
View 3 Repliesi am developing a website in vb.net ,as i am having 3 urser,customer,admin,and employee
i have taken the loginpage and in the codebehind i have permission access to the customer,admin and employee,with different user names and password now my problem is how to make the page to recover the password if the user forget the username or password
after user loggs out if he clicks the browsers back button then users had to be redirected to login page
doenst matter how many time the user clicks on back button take him to login page
how to achieve this let me know
I would like to collect all the emails from all users in a certain role. How would I do this ?
View 1 RepliesI am using the asp.net membership provider tables in sql server. I'm trying to figure out how to query a list of users that are NOT in any role.
View 4 RepliesI got a problem with my login and logout for my asp.net website, whenever i try to login or logout, it will load the page i direct it to first then i have to reload the page again for the login or logout to work. First my login i am using a login control to do it and also using this code to go to another page:
protected void Login1_LoggedIn(object sender, EventArgs e)
{
Server.Transfer("LogonPage.aspx");
}
Next is my logout i am just using a button for the logout along with this codes:
protected void btnLogout_Click(object sender, EventArgs e)
{
Response.Clear();
FormsAuthentication.SignOut();
Server.Transfer("Login.aspx");
}
i really want it to login and logout at my first click.