I'd like to create a web service architecture that can be called by various platforms such as mobile devices, winforms applications, iphone, blackberry, you name it. So going with something like WCF and wsHttp binding probably kills this and I would need to downgrade to a basicHttp binding for compatibility. With that said, I need a sy...
I've created a WCF Service in an existing ASP.NET Website and implemented a custom UserNamePasswordValidator to check the client's credentials against our database. My problem occurs when I try to set the HTTPContext's User to a custom principle. It works all of the time, except the first call after recompiling the website. In that si...
Consider an IIS6 Application under a web site: Windows authentication is enabled. anonymous is off This is an ASP.NET MVC application with Areas. The root web.config has the authentication and authorization nodes as follows: <authentication mode="Windows"></authentication> <authorization> <allow users="domain\abc, domain\xyz, ...
I am developing an application which users authlogic for authentication. I would like some way of giving users roles so that I can authorize certain actions to certain roles. Is there an 'out of the box' gem or plugin that suits this or would I be better build it from scratch. What would you recommend? ...
I need to develop a Winforms application where users are given permissions to access menu-items in a menu-strip as assigned to them. I have anticipated the following technique: (1) Menu Strip is mapped into a corresponding treeView with checkBoxes, (2) A user is selected from the combo-box, (3) Some tree-view-node check-boxes are che...
Hello everyone, I am using VSTS 2008 + C# + .Net 3.5 + IIS 6.0 + Windows Server 2003 Enterprise x64 SP2 + ASP.Net. I am using anynomous authentication + Windows authentication mode in IIS web site, and I map the user identity to mycorp\george in anynomous account and also use mycorp/george to run IIS worker process. I have also added my...
I want to upload a file on my PHP server. I am currently able to upload it on server using the following code but I don't know how I can store it on the server. How can I store the file in a specific directory? I also want the users to be able to download the files but only once they log in not before that. For example i store the fil...
Hi, There are quite a few post/recommendations re Rails authorization plugins. What I'm asking here however is whether there is a popular/good Ruby on Rails Engine (or framework) that includes the user interface pages as well (and controllers/models etc). So something one could integrate in (Engine) or use as a starting point that inc...
I started a new solution with a website project and a logic project for all my class files. I copied the web.config file I use for all my other projects and just changed the database name in the connection string. When I run this project to be debugged, it won't let me access any files until I login. This includes javascript files, html...
Hi, I have a data driven asp.net mvc app. The Url of the pages is data driven too, so they cannot be hardcoded in web.config. We are ready to deploy the website and for initial few days we want the pages to be accessible only after logging in. Is it possible to add authorization to the site and then take it out by changing the web.conf...
I am using a custom authorization filter on my ASP.NET MVC controllers that redirects the user to a url other than the login screen if they fail authorisation on a particular action. This is ok for actions that return views, but many of my actions return other result types such as PartialResult or JsonResult. My current filter looks li...
I am trying to implement Authlogic. Registering is fine, it enters all the necessary details into my database.. .. but when I try to log in, it gives me the error: 1 error prohibited this user session from being saved There were problems with the following fields: Password is not valid My password is valid. I am not ...
Right now I have my application executing some things using AuthorizationExecuteWithPrivileges. The problem is that it needs to ask for the password for every operation. Is there any way I could have it authenticate as soon as the app starts so that it won't ask for authorization later, and then release the authorization object when its ...
I have been reading up on the .Net RIA Services that Microsoft is developing for use between Asp.Net and Silverlight applications, and it looks quite nice. I am curious about how it handles keeping track of authentication: How does the Silverlight client keep track of who is logged in, and when they have timed out? And it shouldn't ke...
Hi I come to the conclusion I need to ditch the ASP.NET Membership (for list of reasons). Now really the only thing I see that I need is creating a cookie(done by Form Authentication), custom methods for authentication (done) and finally validation based on if they are logged in or by role. I am stuck on the last one. I am trying to...
I want a before filter like "must_have_permission_to_write" that when called if user hasn't permission to write renders a message saying "you can't do that!" and return. Problem is I'm getting "can only render or redirect once per action" of course... how can I stop the execution in the before filter? thanks ...
I see the following in one of my database scripts: CREATE SCHEMA [ContosoSchema] AUTHORIZATION [ContosoDeveloper] GO My question: In SQL Server 2008, what does it mean to grant a user "AUTHORIZATION" over a schema? ...
Hello, I have a question about using paypal on a page where the user is logged into It is with php How can you have the user still authorised for that page if paypal is redirecting back to that page. I read something about giving the session_id to the custom variable with PDT What about, if you have multiple session variables. Can y...
In my ASP.NET MVC app, I have most controllers decorated with [Authorize(Roles="SomeGroup")] When a user is not authorized to access something, they are sent to "~/Login" which is the Login action on my Account controller. How can I determine that a user has reached the login page because of not being authorized so that I can show a...
Hi All I have the following Filter on my Controller: [Authorize(Roles="Admin")] public class AdminOnlyController : Controller { // stuff } I showed a couple of guys here at work what I'm doing, and a huge debate emerged with some of the guys claiming that Authorization should not be a responsibility of the Controller. This is th...