Security :: Users Can Only Access Their Folders?
Sep 26, 2010
I have a web app were every user has its own folder so that they can store documents. What i would like to do is protect a user's folder so that only the owner can access it.
Example:
Username: ricky
Folder: ~/Files/ricky/ --> Ricky can access his folder but can't access Diana's
Username: diana
Folder: ~/Files/diana/ --> Diana can access her folder but can't access Ricky's
I'm using membership provider for the user authentication.
View 9 Replies
Similar Messages:
Oct 26, 2010
I have a few computers (with Vista Business OS) connected in a private network. A C#.NET application running on one computer is currently able to access the network shared folders without problems. However, I am trying to get an ASP.NET application on that computer to access the same folders but I am getting "Access denied" errors. I added NETWORK SERVICE to all the shared folders' security (with full control) but it still gives the same errors.
View 4 Replies
Nov 16, 2010
I'm using user membership and roles. Below is my web.config for subfolder restriction.
[Code]....
The way I have above, no one can access this folder, mySub, except Administrators, Editors, and Members. However, here's what I want. I want to allow all and any user to the default.aspx page of this mySub folder and denied any other pages if they're not Administrators, Editors, and Members. One last thing, also denied access to addWord.aspx if they're not Administrators and Editors. I know I can list all the pages and give them various permission but I do not want to list all the pages. What's the best and easist way to accomplish this?
View 2 Replies
Aug 26, 2010
Allow Admin Users to Access Basic Users Accounts?
View 4 Replies
Nov 24, 2010
I have two diffrent webforms (ASP.NET 2.0) applications that both uses the built-in membership provider of asp.net. The two application uses the same database, but is diffrentiated by ApplicationName.
One application is sort of an admintool (AdminApp) of the other application (UserApp).
I am now looking for a way to login to the UserApp from the AdminApp and sort-of impersonate a given user.
I have built an interface to automatically login a user to the UserApp (URL with querystring), but I need to be able to access the username of the refered user in the AdminApp. I was hoping for something like this would work:
Membership.GetApplication("AdminApp").GetUser();
...but I am unable to find something that works.
Is there a solution for my problem? Should I use some other approach?
/D
PS. A fallback solution wouuld ofcourse be to send a username in the auto-login-url-querystring, but that doesn't really sound solid.
View 4 Replies
Jul 4, 2010
Not quite sure what you would call these but I am looking to create sub folders for my users eg
mysite.com/billyblue
What I have done up to this point is make a 404 page that handles unknown pages. It takes the part after the / and looks it up in the database. Then I redirect them to the relevant page.
I am having a few issues with this and to be honest am not to keen on handling it this way.
Does anyone have an alternative method for achieving this.
View 3 Replies
Oct 27, 2010
In my application i have 4 screens such as page1.aspx, page2.aspx, page3.aspx, Page4.aspx. I have created user Settings Web Form where the admin Creates username and password for users with access only for particular pages. I have used check boxes to select their accessibility while creating user setting.
View 1 Replies
Jun 29, 2010
Currently in my application using LDAP to authenticate user to a specific domain & then i check if the user exist in my site database.
Now i need to also allow users who do not belong to this specific LDAP domain to access my site ..How can i make it possible withoput affecting the exisiting users?
View 1 Replies
May 12, 2010
I have just started to use asp.net mvc.
I have read this article about using ntlm authentication
[Code]....
it provides access to specific domain users
[Code]....
I want to restrict access to all my domain users only lets say
[Authorize(Domain="redmond")]
or do I do it via web.config
View 2 Replies
Jun 25, 2010
.NET 4.0
I wonder if it's possible to use .NET to get access to users in Active Directory:
- Methods that returns a collection of users belonging to a specific AD group
- Get access to AD propterties beloning to the user account, want to check if the user account is disabled or not
View 1 Replies
Nov 25, 2010
I have created a new asp.net website ( 3 pages of c# ) I need now to apply security on those pages. each page has a couple of buttons to run specific process . How would I apply security in the following senarios
I have 3 people who have access to all three pages, however, each person has the right to click specific buttons on the pages. What is the best way to apply security.
This is what I thought and need someone to confirm it. I have created a table like this
id
controlName
RoleId
1
btnCreateCustomer
101
[Code]....
View 4 Replies
Mar 22, 2010
In my web application i have 8 screens such as page1.aspx, page2.aspx, page3.aspx........Page8.aspx. I have created user Settings Web Form where the admin Creates username and password for users with access only for particular pages. I have used check boxes to select their accessibility while creating user setting. How can i limit the access of the users only to certain tabs.(All these pages are in the tabs).
View 5 Replies
Feb 26, 2010
I have a web.config file with <authorization> section. I'm using window authentication.
The problem is that I would like to allow access to the web site to those users who are in multiple roles.
For example:
<authorization>
<allow roles = "Role1 AND Role2"/>
<deny users="*"/>
</authorization>
(Meaning I would like to allow access only to those user who are both in Role1 AND Role2.)
Is this possible to achive this?
If not, what would be the alternatives?
Note: Currently I'm doing the roles assignment in the Global.asax file in the OnAuthenticateRequest event (i'm reading the groups that the current user belong to in the Active Directory).
View 4 Replies
Mar 8, 2011
I've developed a web application and I've added some security features. Now i want to create a page for managing users and user access in my web application.Can anyone suggest some tutorial for managing users and access because i'm new to asp.net.
View 1 Replies
May 3, 2010
suppose we've created a web app for our customers.
how to prevent to access web page code (aspx code or behind code) for our customers ?
how to implement security and licensing information for web apps ?
View 6 Replies
Sep 23, 2010
I am working on an application that resides on a development server on our internal network. The application was originally written to use Membership and Roles. We got busy almost a year ago before the app was finished, and now we are trying to get it ready to use internally.
The login page works just fine, but I have lost the ability to controls users and roles. I am running Visual Studio 2010 Professional now on a Windows 7 VM. I can open the application fine but there is no Web Administration Tool available for me to manage users or roles. If I go to Website -> in Visual Studio, there is no option for ASP.NET Configuration in the drop down menu. It simply isn't there.
How can I regain access to manage users and roles for this application? We are using Forms authentication and the database resides on a SQL Server 2005 instance on a separate box from the web server and my local VM.
View 1 Replies
Oct 15, 2010
I have an intranet site that i set up to windows authentication. It works fine most of the time but some departments wont be able to access the site and will be asked to enter user name and password.I checked their Active Directory account and the only difference i could see was that the organizational unit parameter was different than the rest of the users.
View 5 Replies
Feb 11, 2010
I just created a component management system.. I would like to share files and folders among users from a database. Actually i couldn't do that.
View 1 Replies
Jun 21, 2010
Listing folders in folders then creating arrays in JS for each of the folders?
Directory Structure:
I have a directory structure as follows;
ad_folder
--folderA
--folderB
--folderC
--anotherFolder
--etcfolder
--afile.aspx
--anotherfile.gif
ad_code
--folderA
--folderB
--afile.aspx
--anotherfile.gif
ad_prep
--folderA
--etcfolder
--afile.aspx
--anotherfile.gif
ad_bin
--etcfolder
--afile.aspx
--anotherfile.gif
other Folder
files folder
assetsfolder
index.aspx
web.config
image.gif
Task at hand:
I want code in VB.NET to create javascript arrays of the folder contents that can then be used on the client end. I only need arrays for all folders contained in folders starting with ad_ and an array for all the base folders . like so:
var folders=["ad_folder","ad_code","ad_prep","ad_bin"];
var ad_folder=["folderA","folderB","folderC","anotherFolder","etcfolder"];
var ad_code=["folderA","folderB"];
var ad_prep=["folderA","etcfolder"];
var ad_bin=["etcfolder"];
note that I do not know the number of or the names of the folders, they can be different in different cases, I only have the root path.
[code]...
View 3 Replies
Jan 1, 2010
What setting must I change under IIS to allow access to the folders? I am looking for that settings for hours, nothing found.
It seems like it is giving a 403 error when I tried to access the folder.
View 2 Replies
Dec 20, 2010
i got a web app where some users can upload to a folder images or files like pdfs.
Those users are authenticated by forms.
Well, in public areas, everyone can see those images and files.
I use for showing an httphandler, changing name, etc...
Id like to know if its possible set security like this:
- Folder with uploads, only with read permission for everyone that is not authenticated
- Folder with uploads, with write permission for authenticated users
Goal is that none can upload files if they are not autenticated and make the upload through the web form created for that.
View 1 Replies
Apr 4, 2011
I am developing an asp.net web application. I have to access one of the image in images folder in root directory. I am using following code in my code behind file.
string imageDirectory = HttpContext.Current.Server.MapPath("~/images/");
string imageUrl = imageDirectory + "/img1.bmp";
This works fine in my local machine. My question is does this code work when I move my application to production ?
View 2 Replies
Aug 18, 2010
I've a default.aspx page in my application's root folder. I added a a page in the root of inetpub that redirects requests to the default page. The idea is that the user need only enter the server name to get to the default page. How can I set things up so that all users have access to the default.aspx and that they only have access to the other pages once they've been authenticated?
I am using Windows Integrated Security and the users are being challenged and authenticated properly. I want them to be able to access Default.aspx without any challenges.
(On a side note which may answer this question, when using WIS does the user *allows* have to be challenged? Isn't it possible to pass through their Windows User and ID without the prompt?)
c: inetpubwwwroot
edirect.aspx (set as default document in IIS and simple executes Response.redirect("sites/mercury/default.aspx")
c:documents and settingsall usersdocumentswebsitesmercurydefault.aspx (home page for the site & server)web.config includes
[Code]....
View 2 Replies
Apr 8, 2010
Often, out of sheer desperation I will end up enabling "Everyone" access on a folder that a web app is accessing (perhaps for file creation, reading, etc) because I can't figure which user account to enable access on.
Obviously, this is a very bad thing to do. Is there a way to determine what account IIS is using at that exact moment to access folders (and perhaps other resources like SQL Server, etc)?
Are there logs I can look at that will tell me? Or perhaps some other way? I usually use Windows Auth without impersonation. Not sure if that information is relevant.
View 4 Replies
Jul 17, 2010
I want to authorize the asp.net account to access some folders in my project.
However, I get this error::
System.UnauthorizedAccessException: Access to the path 'D:ProgramingPartFromYamnWebExerciseWebExerciseAccordionImgs' is denied.
I am using win 7 so what is the name of the asp.net account that I should use?
View 3 Replies
