Search Results

Search found 1026 results on 42 pages for 'membership'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 14/42 | < Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >

  • asp:Login control, remember me is not remembering me

    - by Gogster
    Hi all, I have an ASP.NET login control on a page, with the "Remember Me" checkbox displayed. I have checked in trace and the authentication cookie is being created, I have sliding expiration set and a timeout of 60000, yet when I return to the website the login is not being remembered. Any ideas where else I can check? Thanks, Darryl

    Read the article

  • Non RBAC User Roles and Permissions System: checking the user's City

    - by micha12
    We are currently designing a User Roles and Permissions System in our web application (ASP.NET), and it seems that we have several cases that do no fit within the classical Role-Based Access Control (RBAC). I will post several questions, each devoted to a particular case, this being the first post. We have the following case: not to allow a user view a certain page if the user lives in a particular city. This is a simple case that is coded in the following way: if (User.City == “Moscow”) // Allow the user to view the page. else // Do not allow the user to view this page. Though this case is very simple and straightforward, it has nothing to do with the RBAC. On StackOverflow, someone called this an Attribute-based Access Control. Under the classical RBAC, it seems that this case should be designed like this: introduce a permission “City where the person lives”, this permission will have a property City. Then create a role, add a permission of type “City = Moscow” to it and the assign the role to the user. Looks extremely cumbersome. The question is whether it is acceptable to introduce such non-RBAC approaches to our permissions system – does that break the design or not? This might seem a primitive question, but we found that most applications use pure RBAC, and we started to think that we might be doing something wrong. Thank you.

    Read the article

  • Non RBAC User Roles and Permissions System: a role with properties

    - by micha12
    We are currently designing a User Roles and Permissions System in our web application (ASP.NET), and it seems that we have several cases that do no fit within the classical Role-Based Access Control (RBAC). I will post several questions, each devoted to a particular case. This is my second question (the first question is here: http://stackoverflow.com/questions/2839797/non-rbac-user-roles-and-permissions-system-checking-the-users-city). We have the following case: we need to implement a Manager role in our web application. However, a Manager can belong to one or several companies (within a big group of companies for which we are creating this web app). Say, there can be “Manager of companies A and B”, “Manager of company C”, etc. Depending on the companies that the Manager belongs, he has access to certain operations: for example, he can communicate with clients only of those companies that he belongs to. That is, “Manager of companies A and B” can only have contacts with clients of companies A and B, and not with those of company C. He can also view clients’ details pages of companies A and B and not of C, etc. It seems that this case falls within the RBAC. However, this is not really the case. We will need to create a ManagerRole class that will have a Companies property – that is, this will not be just a role as a collection of permissions (like in the classical RBAC), but a role with properties! This was just one example of a role having properties. There will be others: for example, an Administrator role that will also belong to a number of companies and will also have other custom properties. This means that we will a hierarchy or roles classes: class Role – base class class ManagerRole : Role List Companies class AdministratorRole : Role List Companies Other properties We investigated pure RBAC and its implementation in several systems, and found no systems featuring a hierarchy or roles, each having custom properties. In RBAC, roles are just collections of permissions. We could model our cases using permission with properties, like ManagerPermission, AdministratorPermission, but this has a lot of drawbacks, the main being that we will not be able to assign a role like “Manager of Companies A and B” to a user directly, but will have to create a role containing a ManagerPermission for companies A and B… Moreover, a "Manager" seems to be rather a "role" (position in the company) rather than a "permission" from the linguistic point of view. Would be grateful for any ideas on this subject, as well as any experience in this field! Thank you.

    Read the article

  • How do I change the logged in user to another?

    - by TruMan1
    I would like to change the logged in user to another user temporarily to do some process. For example, say I am logged in as "Joe". In my method, I want to make the logged in user from "Joe" to "SuperUser", do some process, then change the logged in user back to "Joe". Can someone help with this?

    Read the article

  • deny custom role

    - by kusanagi
    how can i deny access to call method. something like this [HandleError] [Authorize(Roles = "role1, role2")] public class AdminController : Controller { [Deny(Roles = "role2")] public ActionResult ResultPage(string message) { ViewData["message"] = message; return View(); } }

    Read the article

  • Custom MembershipProvider attempts to pass empty creds after IIS restart

    - by Joseph DeCarlo
    I have a C# custom ASP.Net MembershipProvider. When the user attempts to navigate to another part of the site after IIS is restarted, it doesn't navigate to the login page to collect credentials, but instead attempts to authenticate with empty credentials. Can anyone tell me what I have to do to identify that the new authentication needs to take place and that new creds need to be gathered? I have a complementary custom IHttpModule implementation that allows me to intercept events like BeginRequest and AuthenticateRequest, if that helps.

    Read the article

  • ClientRoleProvider and role caching...

    - by Kieron
    Hi, Is it possible to disable to the role caching when using the ClientRoleProvider? The application in question is a console application... I've tried setting 'cacheRolesInCookie' to false (I know it's a console app, but I was running low on ideas!) - but it had no affect.

    Read the article

  • UrlHelper and ViewContext inside an Authorization Attribute

    - by DM
    I have a scenario that I haven't been able to solve: I'm toying around with creating my own custom authorization attribute for mvc. The main bit of functionality I would like to add is to have the ability to change where the user gets redirected if they are not in a certain role. I don't mind that the system sends them back to the login page if they're not authenticated, but I would like to choose where to send them if they are authenticated but not allowed to access that action method. Here's is what I would like to do: public class CustomAuthorizeAttribute : AuthorizeAttribute { public string Action; public string Controller; protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext) { // if User is authenticated but not in the correct role string url = Url.Action(this.Action, this.Controller); httpContext.Response.Redirect(url); } } And as an added bonus I would like to have access to ViewContext and TempData before I do the redirect. Any thoughts on how I could get instantiate a UrlHelper and ViewContext in the attribute?

    Read the article

  • using eval in server side code on asp.net page

    - by Sumit Sharma
    <asp:Repeater ID="rptrParent" runat="server"> <ItemTemplate> <li> <a href="<% =ResolveUrl("~/cPanel/UserView.aspx?User=")%><%# Eval("StudentUserName") %>"> <span> <% ProfileCommon pc = new ProfileCommon(); pc.GetProfile(Eval("StudentUserName").ToString()); Response.Write(pc.FirstName + "" + pc.LastName); %> <%# Eval("StudentUserName") %> </span> </a> </li> </ItemTemplate> The following error Databinding methods such as Eval(), XPath(), and Bind() can only be used in the context of a databound control. is coming in this part <% ProfileCommon pc = new ProfileCommon(); pc.GetProfile(Eval("StudentUserName").ToString()); Response.Write(pc.FirstName + "" + pc.LastName); %>

    Read the article

  • Enable cross app redirects

    - by Gogster
    Hi all, We have load balancing set up on out two web server, however, a few users are being asked to login when they are being re-directed to a particular server to upload a document (we are trying to keep all uploaded documents on one server only), here is the code from web.config: <authentication mode="Forms"> <forms name="EAAAuthCookie" loginUrl="/login" defaultUrl="/members/home" protection="All" path="/" timeout="60000" slidingExpiration="true" enableCrossAppRedirects="true" /> </authentication> <machineKey decryption="AES" validation="SHA1" decryptionKey="7B4EC5B0C83631DF25D5B179EDDBF91B1C175B81C6F52102267D3D097FBF272A" validationKey="7D1F50788629CC342EE4985D85DE3D14F10654695912C0FFD439F54BED64F76A57A2D5E8180BC6FF052E0385C30558F5527D6C197C577A7F32DD8FF1CAC9F794" /> Here is the transfer code to the upload form: $('#addReport').click(function() { if ($.cookie('TransferURL') != '') { $("#iframeUploadReport").attr('src', $.cookie('TransferURL')); }; $('#overlay').fadeIn('slow'); }); <script type="text/C#" runat="server"> void Page_Load() { string cookieName = FormsAuthentication.FormsCookieName; string userName = Request.Cookies["HiddenUsername"].ToString(); string cookieValue = FormsAuthentication.GetAuthCookie(userName, false).Value; Response.Cookies["TransferURL"].Value = "http://eaa.cms.necinteractive.net/members/media-upload" + String.Format("?{0}={1}", cookieName, cookieValue); } </script> <iframe id="iframeUploadReport" src="http://eaa.cms.necinteractive.net/members/media-upload" width="500px" height="336px" frameborder="0" scrolling="no"></iframe> Can you see any obvious step we are missing? Thanks

    Read the article

  • aspnet_reqsql not working at all

    - by user252160
    I would like to create the ASP.NET User database template on a database of my own, because I'd like to fully untegrate the user system with the rest of my DB. As I've read, i needed to use the aspnet_regsql tool. I put all the options (because my database is running on SQLEXPRESS and is in an mdf file in my project's folder). the program starts and seemingly runs without any errors, however, when I open the database after that, not tables or stored procedures have been added. One more thing: I did one more test. I intentionally gave the -d option a wrong mdf file address, and surprisingly, the program "finished" correctly, yet no file was crated or modified whatsoever.

    Read the article

  • Implementing a Suspension or Penalty System for Users in ASP.NET MVC

    - by Maxim Z.
    I'm writing a site in ASP.NET MVC that will have user accounts. As the site will be oriented towards discussion, I think I need a system for admins to be able to moderate users, just like we have here, on Stack Overflow. I'd like to be able to put a user into a "suspension", so that they are able to log in to the site (at which point they are greeted with a message, such as, "Your account has been suspended until [DATE]"), but are unable to do the functions that users they would normally be able to do. What's the best way of implementing this? I was thinking of creating a "Suspended" role, but the thing is, I have a few different roles for normal users themselves, with different privileges. Have you ever designed a feature like this before? How should I do it? Thanks in advance.

    Read the article

  • IsAuthenticated is false! weird behaviour + review question

    - by Naor
    This is the login function (after I validate user name and password, I load user data into "user" variable and call Login function: public static void Login(IUser user) { HttpResponse Response = HttpContext.Current.Response; HttpRequest Request = HttpContext.Current.Request; FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, user.UserId.ToString(), DateTime.Now, DateTime.Now.AddHours(12), false, UserResolver.Serialize(user)); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket)); cookie.Path = FormsAuthentication.FormsCookiePath; Response.Cookies.Add(cookie); string redirectUrl = user.HomePage; Response.Redirect(redirectUrl, true); } UserResolver is the following class: public class UserResolver { public static IUser Current { get { IUser user = null; if (HttpContext.Current.User.Identity.IsAuthenticated) { FormsIdentity id = (FormsIdentity)HttpContext.Current.User.Identity; FormsAuthenticationTicket ticket = id.Ticket; user = Desrialize(ticket.UserData); } return user; } } public static string Serialize(IUser user) { StringBuilder data = new StringBuilder(); StringWriter w = new StringWriter(data); string type = user.GetType().ToString(); //w.Write(type.Length); w.WriteLine(user.GetType().ToString()); StringBuilder userData = new StringBuilder(); XmlSerializer serializer = new XmlSerializer(user.GetType()); serializer.Serialize(new StringWriter(userData), user); w.Write(userData.ToString()); w.Close(); return data.ToString(); } public static IUser Desrialize(string data) { StringReader r = new StringReader(data); string typeStr = r.ReadLine(); Type type=Type.GetType(typeStr); string userData = r.ReadToEnd(); XmlSerializer serializer = new XmlSerializer(type); return (IUser)serializer.Deserialize(new StringReader(userData)); } } And the global.asax implements the following: void Application_PostAuthenticateRequest(Object sender, EventArgs e) { IPrincipal p = HttpContext.Current.User; if (p.Identity.IsAuthenticated) { IUser user = UserResolver.Current; Role[] roles = user.GetUserRoles(); HttpContext.Current.User = Thread.CurrentPrincipal = new GenericPrincipal(p.Identity, Role.ToString(roles)); } } First question: Am I do it right? Second question - weird thing! The user variable I pass to Login has 4 members: UserName, Password, Name, Id. When UserResolver.Current executed, I got the user instance. I descided to change the user structure - I add an array of Warehouse object. Since that time, when UserResolver.Current executed (after Login), HttpContext.Current.User.Identity.IsAuthenticated was false and I couldn't get the user data. When I removed the Warehouse[] from user structure, it starts to be ok again and HttpContext.Current.User.Identity.IsAuthenticated become true after I Login. What is the reason to this weird behaviour?

    Read the article

  • An unhandled exception of type 'System.StackOverflowException' occurred in mscorlib.dll

    - by Sahar
    Hello everybody i wrote a code in asp.net that read data from files and draw a graph. It worked but after awhile when i run the program, this exception arise "An unhandled exception of type 'System.StackOverflowException' occurred in mscorlib.dll" in this statement in the code: if (File.Exists(fName)) <----(here is the exception) { stream = File.Open(fName, FileMode.Open); g_day = Deserialize(stream); stream.Close(); int cn = 0; if (g_day.Values.Count != 0) cn = g_day.Values[g_day.Values.Count - 1].Value; Label1.Text = cn.ToString(); } can u help me

    Read the article

  • ASP.NET user database without web.config connection strings

    - by vikp
    Hi, I'm wondering whether it's possible to use built in ASP.NET application services (aspnet_user, aspnet_role etc table) without specifying a connection string in a web.config. At the moment I store connection strings externally, but I keep finding hard-coded connection strings all over the web.config xml, various providers etc. It's driving me crazy. Thank you

    Read the article

  • Can User have more than one roles in asp.net

    - by madness800
    I'm developing a web application I want to use the role authentication to control different parts of the website accessibility. But my problem is say I implemented a upload and download functionality on one of the page and I want to have the ability to control a user whether they can either upload or download; or both. So, I'm not exactly sure if the role base authentication can support a user with more than one role to work the way I want it.

    Read the article

  • aspnet_regsql not working at all

    - by user252160
    I would like to create the ASP.NET User database template on a database of my own, because I'd like to fully untegrate the user system with the rest of my DB. As I've read, i needed to use the aspnet_regsql tool. I put all the options (because my database is running on SQLEXPRESS and is in an mdf file in my project's folder). the program starts and seemingly runs without any errors, however, when I open the database after that, not tables or stored procedures have been added. One more thing: I did one more test. I intentionally gave the -d option a wrong mdf file address, and surprisingly, the program "finished" correctly, yet no file was crated or modified whatsoever.

    Read the article

  • How to store account-specific information in ASP.NET MVC 2

    - by PR_
    I have an ASP.NET MVC 2 web application. There are two tables like "FIRST_KIND_OF_USERS" and "SECOND_KIND_OF_USERS". Both are mapped to the default aspnet_users table via UserId column. Each of them has it's own integer primary key column like "FirstKindOfUsersId". When a user is trying to add some data to the database, for instance, "Create a new Task" I would like to add a new row in Tasks table with "FirstKindOfUsersId" value. Where should I store or get this value? At the moment I have these possible solutions: Get "FirstKindOfUsersId" value by User.Identity.Name each time; Use SESSION[] for storing these values (Where and when should I save these ones?) Use FormsAuthenticationTicket and create own custom IIdentity class. (http://stackoverflow.com/questions/1064271/asp-net-mvc-set-custom-iidentity-or-iprincipal) Which approach is better? And if I pick the 3rd one, how to save the necessary data property and at which stage?

    Read the article

  • What good software or scripts are available for managing users and subscriptions on our website?

    - by undefined
    hi all, Ok so it's not exactly a programing question but does anyone know or have experience with looking for a system for managing users on a website we are building? what is the shortlist of good feature rich secure solutions. we need Php and mysql integration and payment support for main credit cards. We will also want to be able to track users and generate reports about usage, subscription etc, create and send batch emails etc. It would also be great to have the ability to integrate customer support with this so we can view support tickets raised by users. cheers we are running PHP, mysql on an IIS server

    Read the article

  • How to change the layout of the CreateUserWizard control?

    - by Bazzz
    How to change just the layout (template) of the CreateUserWizard control programmatically? I would to define another layout (not using the horrid table) but continue to use all the event handling and the creation of the user of the CreateUserWizard control. Just for reference, the following code doesn't work, and produces an unexpected result not representing my Template at all. The "InstantiateIn" method of the ITemplate is not called. public partial class b : System.Web.UI.Page { protected void Page_Init(object sender, EventArgs e) { CreateUserWizard createUserWizard = new CreateUserWizard(); createUserWizard.CreateUserStep.ContentTemplate = new Template(); Panel1.Controls.Add(createUserWizard); } } public class Template : ITemplate { void ITemplate.InstantiateIn(Control container) { container.Controls.Add(new TextBox() { ID = "UserName" }); container.Controls.Add(new TextBox() { ID = "Password" }); container.Controls.Add(new TextBox() { ID = "ConfirmPassword" }); container.Controls.Add(new TextBox() { ID = "Email" }); container.Controls.Add(new PlaceHolder() { ID = "ErrorMessage" }); } } }

    Read the article

  • Access Rules created by WSAT are not enforced

    - by rsteckly
    Hi, I'm trying to implement roles in my site. There are several projects in the solution, one of which is a web application. In that web application, I'm trying to use WSAT to create three roles. There are many folders for the application. I've used WSAT to define role based access rules for each folder. However, when I debug and navigate to those pages, they do not redirect to a login and show me the protected page. There are web.config files in each folder. Why would the system not enforce these rules? My web.config file has: I've tested the connections in WSAT and they work. Any ideas?

    Read the article

  • ASP.NET MVC User authentication - why it should be so sophisticated?

    - by Serge
    Hello guys, I'm trying to use ASP.NET MVC to my new project and have been expected that the user authentication should be rather simple there. My goal is to have a separate user database table in my main database. I thought that the SqlTableProfileProvider should be the solution. So I added the corresponding table into my database and changed the web.config file. But it seems no matter what I change there, my web application still using the default authentication (via ASPNETDB.mdf file). What could be the problem? (my web.config file beginning is:)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >