I have an application that is using ActiveDirectoryMembershipProvider to grant access to users. The application is hosted on a non-domain machine, with a firewall between the application server and the domain controller. We've opened the LDAP port to the DC on the inside network - yet no matter what we try, we end up with an error that...
I have an un-ideal application and without going into the ins and outs this is what is needed. A 3rd party app needs to make a request to a page which will return data. Because I have Forms Authentication enabled this request always ends up being sent to the login page. I have therefore set it so that all users can see this page even th...
I have a web application which has Forms Authentication however one of the pages has to be accessed via a 3rd party application. This 3rd party app sends its request with querystring parameters and data is returned. This page has been setup so Forms Authentication does not apply to it. I do not want this data available if someone find...
Is it possible to: Disallow anonymous access in IIS AND Have... <authenticate mode="Forms"/> ...in the Web config? We need both access to the ASP.Net Membership provider and access to the Windows username in the LOGON_USER server variable. What we've found is that disallowing anonymous access in IIS will only populate LOGON_USER ...
Hi! I'm creating a custom role provider and I set a Authorize attribute specifying a role in my controller and it's working just fine, like this: [Authorize(Roles="SuperAdmin")] public class SuperAdminController : Controller ... But when an user doens't have access to this controller, he's redirected to login page. How can I redirect...
Hello, I want to creating my own paging control and I would like to use it to list users in a grid. Somehow I need to get only the top 10 for example users for the first page and then 10-20 users and so on. I can't find any built in methods in the membership namespace. Finduserbyname is useful if I want to find all the users whose use...
I have a Gridview that shows a list of Contacts via a sqlDataSource. Included is an Item Template for Deleting a record - a LinkButton - with OnClientClick set to use some JavaScript: "return confirm('Are you sure you want to delete this user?');" This give the user a little pop up with a Yes or Cancel option. When the user is del...
How do you add a profile entry (consisting of a guid, two strings, and an integer) to an existing user in the default SQL profile and membership providers? I can do this either via a sql query or C# code. I need to add a bunch of these profiles to already existing users. ...
I have created a user using the built-in CreateUserWizard - control. I can now log-in using the built-in Login - control. But where is the data stored in the database? I am using SQL Server 2005 Express and I have also sql server 2000 running on my PC. ...
I'm working on a website in ASP.NET/C# and I'd like to make it possible to manage Users and Roles from the admin section in the website. Are there any reusable, probably open-source, web application that I can include in the website to do this? I know that the membership API exists and can do this but I'm looking for more than an API, s...
Does anyone know of any good XmlMembershipProvider and XmlRoleProvider classes that are able to be used for commercial purposes, royalty free? I know that BlogEngine.NET uses an XmlMembershipProvider and XmlRoleProvider, but it's covered under the Microsoft Recipricol License which states that you have to provide your users/customers th...
I'm creating a user approval interface leveraging the .Net Membership class. I have a page that does a Membership.GetAllUsers(), and I spit the results to a datagrid. I filter them by MembershipUser.IsApproved. My Issue is due to slowness I'm hitting while I GetAllUsers(). Since I don't need to pull down all of the users, but rather...
i have asp.net mvc application i have created a custom membership provider he is bound in web.config like this: <membership defaultProvider="MyMembershipProvider"> <providers> <clear/> <add name="MyMembershipProvider" type="MyProject.Infrastructure.Security.MyMembershipProvider" /> </providers> </membersh...
Hi all, I've been working with the .net login for a long time now, but my latest project calls for some not so great coding. I have one database which contains the tables etc for .net membership. There are 4 roles: Admin BasicAdmin PowerAdmin Member Now the top 3 are able to log into the Admin system, but I want to deny login for t...
I am trying to use custom ASP.NET MembershipProvider and RoleProvider to handle security for my service. The service is self-hosted in a console app, not in IIS. I use webHttpBinding with Basic Authentication. I configured serviceCredentials and serviceAuthorization to use providers. Providers really get initialized. But WCF seems to ig...
I'm using SqlMembership Provider and the Profile provider in my web application. And I wonder when will I start running to any problems with those providers. Does any one used those providers on large websites? Thanks. ...
I have an ASP.NET 3.5 Web Site using the standard SQL Membership Provider. The application has to pass the IBM Rational AppScan before we can push to production. I am getting the error: Severity: High Test Type: Application Vulnerable URL: http://mytestserver/myapp/login.aspx Remediation Tasks: Do not accept externally created session ...
Should I access the asp.net membership class from the controller and pass the results to the service layer, or access it directly from the service layer? I'm torn because on one hand this seems like business logic that should be handled in the service layer, but I don't want to tie the service layer to the web namespace as this might be...
I recently took over a project and they have a SQL job setup to run every three hours which rebuilds the indexes found within the ASP.NET Membership database tables. This seems pretty high, to rebuild indexes 8 times a day. I get about 2000 new users every day, and a total of about 2 million registered users. What would you recommend ...