I'm following this walkthrough: http://msdn.microsoft.com/en-us/library/879kf95c(VS.80).aspx In a machine running vista ultimate, I have installed: IIS SQL Server Express 2005 Visual Studio 2005 I created a new website and I can access it ok via http://127.0.0.1 but I want to learn to create a login and have user memberships. W...
Hello, (?) wildcard represents unauthenticated users while (*) represents all users, authenticated and unauthenticated. My book shows the following example of URL authorization: <authorization> <deny users="?" /> <allow users="dan,matthew" /> <deny users="*" /> </authorization> But doesn’t the above code...
Hello, A) We can also control access to specific files using <location> tags. Why aren’t <location> elements contained inside <system.web> tag, but are instead nested directly inside <configuration> element? B) I realize <system.web> element is used for Asp.Net settings, but why does <location> also contain <system.web>? Is it so...
I am working with a site that needs to use two different asp.net profile providers. They are both added in the web.config and the properties of each of them are listed there as well. I run into a problem when I try to enable a property that has the same name in each provider. Comment one out, and the site will at least load. Leave both i...
My system uses a custom security and data model for users and roles. However I was wondering if I implemented this using the provider model whether I could hook this up to the asp.net website administration tool. I'm also sceptical as to whether, the asp.net website administration tool is of any real world use or if it's just a gimmock...
Hello, Q1 - I’m not sure I understand why we should prefer to use PrincipalPermission.Union() ( or PrincipalPermission.Intersect() ) instead of IsInRole()? If anything, calling IsInRole() several times requires less code than creating multiple PrincipalPermission objects and merging them into one via Union() ( or Intersect() )? Q2...
Hello, I assume MembershipUser object and object implementing IPrincipal interface are “connected” in a sense that when certain information in one of the objects changes, the other object is also changed appropriately? thanx for helping ...
Hello, URL authorization only applies to Asp.Net related file types?1 But why couldn’t it also be applied to non-Asp.Net file types? Thanx ...
I need help figuring out why my authentication ticket is expiring after about an hour on my hosted website. But if I run the site locally the authentication ticket stays alive for the correct amount of time. This is my localhost web.config: <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="20160" slidingExpir...
Hi, I'm wondering if it's possible for me to get the QuestionAnswer field from ASP.NET membership in the same way that you can get the UserName and PasswordQuestion. MembershipUser mu = Membership.GetUser(userId); string username = mu.UserName; string question = mu.PasswordQuestion; ...
I have a application in which i am using windows authentication inthe web.config and getting the user name by using (System.Security.Principal.WindowsIdentity.GetCurrent().Name;) whoever logged in to the system. My problem is when i deployed my application on my client machine were using iis 7.0 and created virtual ditectory then i am a...
I'm attempting to retrieve the user name and client machine name of the person logged on to a computer on our intranet in ASP.NET. This is just for logging purposes. I retrieve the user name "System.Security.Principal.WindowsIdentity.GetCurrent().Name", problem is whoever accessing this site showing the same username (that is server nam...
I have a login page that uses ASP.NET membership. Once I've validated the user I need to store some details about them in Session variables. The problem is that Membership.GetUser() == null and User.Identity.IsAuthenticated == false until I have navigated away from the page. I have tried using FormsAuthentication.Authenticate(t...
Hi, i'm a little confused while trying to find out how ActiveDirectory and ASP.NET Membership work... I've created a new MVC project and removed the AccountController / Views. I've changed the Web.Config so that it uses ActiveDirectory and automatically authenticates users based on their current Windows login: Web.Config <authenticati...
I'm comfortable with the ASP.NET security model whereby one can allow/deny access to users in the web.config based on what roles they are in e.g. <system.web> <authorization> <allow roles = "Admin" /> </authorization> </system.web> However what I want to do is give the admin user a set of permissions which can then be checked...
I hope this is not to paradoxal, but I don't know how this should be done... I have a VS2008 ASP.NET MVC Project with the following Web.Config entry: <authentication mode="Windows"> <forms name=".ADAuthCookie" timeout="10" /> </authentication> This makes the visitor logon automatically with their DOMAIN\username login which...
I'm currently using the SQL Membership provider for ASP.NET, which uses GUIDs for the User ID. My application has several custom tables that have foreign key relations back to the User table and I'm concerned about the disk space and performance implications of the standard provider's use of GUIDs for user ID. Has anyone run into space...
I have a webapp that uses Forms Authentication using ActiveDirectoryMembershipProvider. That works fine... users can do login successfully. Once the user do login, he can change the password. We use a ChangePassword control that retrieve the Membership information and uses the OLD and new password to change the user's password. THAT Do...
I'm trying to show a list of all users but am unsure how to go about this using the MVC model. I can obtain the list of all users via the Membership.GetAllUsers() method however if I try to pass this to the view from the ActionResult, I'm told that Model is not enumerable. Thanks for any advice on this one. ...
The ASP.Net MVC 1.0 (Final) project template has basic Membership built in, but I need to extend it in two ways: Email Confirmation to validate new accounts. Additional fields on the registration view, such as "Home Street Address" and "Department Number" I am planning to modify the template files such as Controllers/AccountControl...