Web Forms :: Add Or Delete User Roles From Web Config File Programmatically Using C#?
May 7, 2015I am using this article [URL]...
And I want to add Role/s dynamically and also delete role/s in web config.
I am using this article [URL]...
And I want to add Role/s dynamically and also delete role/s in web config.
I want to add a new rule in my web.config file programmatically,
ex: I have a textbox to add location path I have a combobox (with items admin and user) to add roles. ex: user input location path = textbox roles = combobox (items admin and user) the save button, when click the save button the results go to the web config :
<location path="Report/ManageReport.aspx">
<system.web>
<authorization>
<allow roles="ADMIN" />
<deny users="*" />
</authorization>
</system.web>
</location>
So far my code as below: but I was confused to apply its
protected void AddRoleRule(string location, string selectedrole)
{
Configuration config = WebConfigurationManager.OpenWebConfiguration(Server.MapPath("~/Web.config"));
XmlDocument xDoc = new XmlDocument();
xDoc.Load(config.FilePath);
//if the rule exists update the rule
[Code] .....
I want to delete location path using parameter textbox .. example : I enter name of location path in the texbox when i click button delete then location path in web config will be remove..
<location path="page1">
<system.web>
<authorization>
<allow users="ADMIN" />
<deny users="*" />
</authorization>
</system.web>
</location>
I want to delete location path using parameter textbox and allow user ..
example :
location path = textbox1
allow user = textbox2
explanation : i enter name of location path in the texbox1 and allow user in the texbox2, when i click button delete then location path based on parameter textbox1 and textbox2 in web config will be remove..
this below my web config
<location path="3pm.aspx">
<system.web>
<authorization>
<allow users="testing1,testing2,tunggal ,usertest" />
[Code] ...
So far this is my code for deleting location path using parameter name of path , yet to parameter allow user ..
protected void DeleteLocationPath(object sender, EventArgs e)
{
string path = Server.MapPath("~/Web.Config");
XmlDocument xDoc = new XmlDocument();
xDoc.Load(path);
[Code] .....
i want Programmatically add the WCF section <system.serviceModel> to web.config file using C# and .aspx control.
View 1 RepliesI have 1 web application, 2 databases (same design, with different data), and 2 web.config files (web1.config. web2.config) ;
What I do need is a way to change the web.config file name programaticcaly on code behind.
So, this way I can select on runtime accoerding to the current theme the web.config currently being used.
Ofcourse that if I could do inheritnce of the web.config files it would be te best approaach, but only one web.config file is allowed per directory.
deploy this configuration to achieve a multiple websites to one web project.
I have this portion of my web.config file;
[Code]....
I need to be able to retrieve the value of "from" in my application. How do I read this value into my code?
i have a xml configuration file like below format.
<setting>
<web>
<mailid>xxxx</mailid>
</web>
<network>
<logid>sd</logid>
</network>
</setting>
i would like to programmatically read entry from xml config file which is same as asp.net webconfig file reading.
I use the default ASP.NET Profile Provider which lets me define user properties in web.config.
I now no longer want to use one of these user properties. I want to delete all traces of it.
I can remove the property from the list of properties in web.config however, I suspect, the stored values for this property will still be held in the aspnet_Profile table for each user.
Is there an easy way to clean out all traces of the data for a property that's no longer used from the aspnet_Profile table?
I have a few app settings I want to update from within my web site and to do this I use this code:
[Code]....
This works fine in my development enviroment but when using IIS7 I get an exception while saving these settings:Access to the path 'C:InetpubwwwrootNSiteCOMweb.config' is denied.How can I configure IIS7 to allow my application to update web.config?
Let's say I have a rolegroup as follows:
<asp:LoginView ID="lvDoSomeStuff" runat="server">
<RoleGroups>
<asp:RoleGroup Roles="RoleOne,RoleTwo">
<ContentTemplate>
...
</ContentTemplate>
</asp:RoleGroup>
</RoleGroups>
</asp:LoginView>
Is there a way I can make it so that a user must meet RoleOne and RoleTwo to satisfy the RoleGroup? By default, if a user is in either of the two roles, they will be granted access. I know I can do this via the code-behind, but I'd prefer to be able to wrap some content template with this markup instead of having to wrap it in a panel and hide the panel programmatically.
I changed my application to use "InProc" sessionState instead of "Off" because I need to preserve user selected language from page to page doing localization.n web.sitemap I have this line:
<siteMapNode url="Admin.aspx" title="Administrator" description="Site administration" roles="Administrator" />
which before I changed sessionState to "InProc" worked as supposed to: menu item "Administrator" appeared as a menu choice only when user had logged in with admin rights. Now this menu choice is present for every user.
When the user chooses to remove a photo from his online posting, he checks a checkbox when in turn exutes the following:
File.Delete(Server.MapPath( "~/Images/"
) & zfilen)
Is this considered secure?
I want to be able to specify which roles having access to certain controllers in web.config and use it something like this:
[Code]....
..but the compiler says "Error 1 An attribute argument must be a constant expression, typeof expression or array creation expression of an attribute parameter type...". How to accomplish this behavior?
i am trying to delete app_offline.htm programmatically but the code doesnot even get called as the app_offline does not other pages load. how should i delete the file after the updations have been done in the website. i know that i can delete the file manually but i dont want to do that.
code:
if(File.Exists(filename))
{
File.Delete(filename);
}
I have three roles:
AdminEditorGeneral
How can i give acces so to:
1- All users in roles Admin and Editor
2- Specific users from role General
i tried this but with no luck:
[Code]....
I can't seem to find this answer anywhere on google or stackoverflow, even though I'd thought it would've been an easy thing to do.
I want to understand how the system.web authorization tag on the web.config works, and what exactly each attribute and property does.
For instance, what does
<system.web>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
Specifically what I want to do is to disallow access to most of the site for unauthenticated users, allow access to some of the site for authenticated users who belong to a certain role, and allow full access to users from a second role.
How programmatically create, update and delete site-map nodes?
I use ASP.NET (VB.NET), Visual Studio 2010.
I try create own simple CMS for little site.
I need in admin area create, delete and update site-map nodes (and aspx pages with static text)
I am using this article for hide and show the menu in specific user only. My question is on how can I Add, Delete and View the Roles in specific menu.
View 1 RepliesI know I can use [assembly: FileIOPermission(SecurityAction.RequestRefuse, Unrestricted = true)] to limit user to access disk files, now I hope to limit user to access database and web.config file, how can I do?
View 2 RepliesIs it possible to specify that multiple roles are required inside the authorization element of the web.config file? I currently have this block in one web.config of my site for a specific directory:
<authorization>
<allow roles="Global, Region" />
<deny users="*" />
</authorization>
I've just identified a special case where a person with two lower-level permissions than Global and Region should also have access to this directory. Roughly, I want something like this:
<authorization>
<allow roles="GlobalManager, RegionManager, SiteManager && FooSite" />
<deny users="*" />
</authorization>
I realize I probably should have a new role for this scenario, but I'd like to avoid that.
When executing this line:
Dim roleRedirectSection As LoginRedirectByRoleSection = DirectCast(ConfigurationManager.GetSection("loginRedirectByRole"), LoginRedirectByRoleSection)
...I get the following error:
Message: "An error occurred creating the configuration section handler for loginRedirectByRole: Could not load type 'sitename.LoginRedirectByRoleSection'. (W:Webs2010DEVsitenameASP 4.0web.config line 10)"
<configuration>
<configSections>
<section name="loginRedirectByRole" type="journeyeast.LoginRedirectByRoleSection" allowLocation="true" allowDefinition="Everywhere" />
</configSections>
<loginRedirectByRole>
<roleRedirects>
<add role="Administrator" url="~/Account/Admin/Default.aspx" />
<add role="Employee" url="~/Account/Emp/Default.aspx" />
<add role="Teacher" url="~/Account/Teacher/Default.aspx" />
<add role="Student" url="~/Account/Student/Default.aspx" />
<add role="School" url="~/Account/School/Default.aspx" />
</roleRedirects>
I quickly setup Roles to get my site up, but now I am going back and tightening them up. I have a custom SQL Server database Provider to hold users.I want 3 Roles, Admins, Progress and then a standard User.I have all the files only Admins to use are in a folder SecureAdminI have all the files only Progress to use are in a folder SecureProgress And all the files that everybody has access to are in the Secure Folder.As soon as I added the Custom XML Site provider, my Tree View disppeared. I would assume it's because my roles are not configured correct. I can use the ASP.NET configuration tool to see my roles and users, but any combination I try in there doesn't seemto do anything. I see most examples have some code like below.
[code]...
But even when I set up some roles in the ASP.Net configuration, I never see anything like that added to my web.config? Is this because it is stored in the database? If not, what what I add to my web.config to make this work?
I have two roles "Admin" and "Basic". I also have a listview on the web page.
My goal is that to make "Admin" role has the highest privilege to deal with records such as "insert", "update" and "delete".
For the role "Basic", it only can update the records.
im using visual studio 2008. in my project im using forms authentication,my project structure is as follows
root
|
login.aspx
home.aspx
web.config
admin (folder)
|
admin.aspx
web.config
root web.config is as follows
[Code]....
and inner web.config is
[Code]....
and my users are
Username Role
admin1 Admin
admin2 Admin
user1 User
user2 User
as you can see that in second web.config, i gave access to users with "Admin" role and "user1" user.
for giving access to "admin" folder, i wrote the following:
[Code]....
and saved the web.config as
[Code]....
this is working fine when i run it from visual studio development server, when i host it in IIS, im getting the following error
[Code]....
here the problem is, it is not able to save the web.config i got one solution, that is, i added
[Code]....