how can I retrieve the sm_user value from siteminder header  into a textbox.

Hi,

first, sorry if this kind of problem ever asked and solved somewhere else, I couldn't found it.

I try to add role when registering a user.

But when I'm trying to add the user to the roles I always get an error message saying that the rolename is empty.

Here is my code, mostly taken from default register.aspx.

<asp:CreateUserWizard ID="RegisterUser" runat="server" EnableViewState="false"
        OnCreatedUser="RegisterUser_CreatedUser" DisplayCancelButton="True"
        LoginCreatedUser="False"><LayoutTemplate><asp:PlaceHolder ID="wizardStepPlaceholder" runat="server"></asp:PlaceHolder><asp:PlaceHolder ID="navigationPlaceholder" runat="server"></asp:PlaceHolder></LayoutTemplate><WizardSteps><asp:CreateUserWizardStep ID="RegisterUserWizardStep" runat="server"><ContentTemplate>
                      .....<p><asp:Label ID="UserRoleLabel" runat="server" AssociatedControlID="UserRole">Role:</asp:Label><asp:DropDownList ID="UserRole" runat="server" Width="320px"></asp:DropDownList><asp:RequiredFieldValidator ID="RoleRequired" runat="server" ControlToValidate="UserRole"
                                        CssClass="failureNotification" ErrorMessage="Role is required" ToolTip="Set the role to the user"
                                        ValidationGroup="RegisterUserValidationGrou">*</asp:RequiredFieldValidator></p>
                      .....</ContentTemplate><CustomNavigationTemplate></CustomNavigationTemplate></asp:CreateUserWizardStep></WizardSteps></asp:CreateUserWizard>

The code createduser event

        protected void RegisterUser_CreatedUser(object sender, EventArgs e)
        {
            string cUserName     = ((TextBox)RegisterUser.CreateUserStep.ContentTemplateContainer.FindControl("UserName")).Text;
            string cRole = ((DropDownList)RegisterUser.CreateUserStep.ContentTemplateContainer.FindControl("UserRole")).SelectedValue;

            Roles.AddUserToRole(cUserName, cRole);
        }

The problem is cRole is always empty, even I'm sure that the role in dropdown list has value.

Thanks in advance for the help.

I dragged a CreateUserWizard control to my webpage, and I would like to customize certain aspects.

1. The header text should not be the same font and size as all the other text.

2. Error messages should be colored red

3. The custom user question textbox field should be wide enough to type in a long question and see it

4. The FINISH button should take the user to different places, depending on a session variable.

But I find that all the style attributes are "read-only", and none of the above seem to be settable, unless I convert everything to templates and put in my controls.  Is that true?

Thanks.

I have a website (IIS6) that provides a download link to download files that are located on another server. Both machines are in the same domain. I've successfully done this before by creating a domain IUSR_Machine that impersonates the webservers ISUR_Machine account and gave appropiate permissions to the folder on the other server however there are several other accounts that need permission too and I don't remember which ones. If I give Everyone read permissions I can access these files without any issue. I just don't want to give everyone read persmissions.  Any idea as to which other accounts need permissions on that shared folder?

TIA

Hello:

In my site map I have assigned two roles:  Project Manager and Administrator.  In one of the child node the role is assigned only to Administrator.  Member of ProjectManager group are still getting access to the Administrator assigned menu item and the itemd are visible to them.  This is a code just for a menu called Project Management.  I also limited access in config fiele.

<?xml version="1.0" encoding="utf-8" ?> <siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" > <siteMapNode url="" title=""  description="" roles="*" >

<siteMapNode url="" title="Project Management"  description="" roles="ProjectManager,  Administrator" >

<siteMapNode url="~/ProjectManager/frmProjectInformationRevised.aspx"  
 title="Project Information Form"    description="Project Information Form"   
 roles="ProjectManager, Administrator"/>

<siteMapNode url="~/ProjectManagerAdmin/frmPDGWeeklyAdmin.aspx"   
  title="PDG Weekly Change Status - Project Administrator"    description="PDG Weekly Change Status - Project Administrator"    roles="Administrator"/>

Any thoughs would be appreciated.

How do you configure the new Microsoft.AspNet.Identity.EntityFramework system to work with a database first entityframework model?

I can see the codefirst example code supplied here https://github.com/rustd/AspnetIdentitySample  but after tweaking the web.config etc i cannot find a way of getting the new identity store system to work with an existing database pulled into an entityframework model?

Tim

I have a sepecial controller that should be seen by only some set of adminstrators. I dont want that controller to be access by just any ip. it should be acessed by a private dedicated ip.

Hi,

After timeout, it seems that SimpleMembership looses track of the connection string. I spins into an error, citing problems on network connection, and saying that it was unable to create database. The only connection string I have in the application, is to a database on Azure. Actually, it puzzles me as to why it doesn't lead to a redirect to the login instead. I have tried for hours to debug this, but I cannot find the right place to step in, so I don't know where exactly this happens. 

It's and MVC 4 web application.

Any ideas?

Thanks,

Anders

Hi,

I have a website that uses Forms Authentication to secure the ~/Members/ folder. Nobody should be able to access this folder unless they log in.

This works fine on my development system, but after uploading it to a test server and setting up the website on IIS, the Forms Authentication fails. The login is successful, but asp.net redirects me back to the login screen with the ReturnUrl value in the address bar. Login attempts that follow also fail in the same way.

My setup's a little more complex than I'm used to for forum posts, but I'll try to sum up.

Login.aspx.cs

protected void Page_Load(object sender, EventArgs e)
{
	// handle log out
	if (!String.IsNullOrEmpty(Request.Params["action"]) && Request.Params["action"] == "logout")
	{
		Session.Clear();
		FormsAuthentication.SignOut();
		FormsAuthentication.RedirectToLoginPage();
	}
}

protected void btnLogin_Click(object sender, EventArgs e)
{
	Page.Validate("Login");

	if (!Page.IsValid)
	{
		return;
	}

	processLogin();
}

private void processLogin()
{
	try
	{
                // LoginContext is a class wrote to handle login
                // procedures and the creation of session variables
		LoginContext log = new LoginContext();
		log.SetUser(txtEmail.Text, txtPassword.Text);

		if (log.DoLogin())
		{
			if (chkCookie.Checked)
			{
				HttpCookie cookie = createPersistantCookie(txtEmail.Text, 7);
				Response.Cookies.Clear();
				Response.Cookies.Add(cookie);
			}

			FormsAuthentication.SetAuthCookie(txtEmail.Text, true);
			FormsAuthentication.RedirectFromLoginPage(txtEmail.Text, true);
			Response.Redirect("~/Members/Default.aspx");
		}
	}
	catch (Exception ex)
	{
		lblerr.Text = ex.ToString();
	}
}

private HttpCookie createPersistantCookie(string Username, int PersistDays = 0)
{
	HttpCookie cookie = new HttpCookie("stman");
	if (PersistDays != 0)
	{
		cookie.Expires = DateTime.Now.AddDays(PersistDays);
	}

	cookie["user"] = Username;

	return cookie;
}

The user supplies an email address and password to log in with. That information is then sent via the LoginContext class to the database. If the database returns a row (the credentials are used in a SELECT command), then the login is successful and the user should be authenticated.

Members/Members.master.cs

protected void OnPreInit(EventArgs e)
{
	base.Init += new EventHandler(Page_Init);
}

protected void Page_Init(object sender, EventArgs e)
{
	if (HttpContext.Current.User.Identity.IsAuthenticated)
	{
		// the user is still authenticated, but the session expired
		// process the login again with the authenticated user data
		// to re-create the session variables
		if (Session["userid"] == null)
		{
			LoginContext log = new LoginContext();
			log.DoLogin(HttpContext.Current.User.Identity.Name);
		}
	}
	else
	{
		FormsAuthentication.SignOut();
		Response.Redirect("~/Login.aspx");
	}
}

protected void Page_Load(object sender, EventArgs e)
{
	if (!IsPostBack)
	{
		// handles some presentation updates specific to the logged in user
	}
}

The Page_Init() method here monitors the user state. If the session has expired, but the user is still authenticated, it should create a new session for the user. If the authentication cookie has expired, the user needs to log in again.

web.config

<configuration><system.web><compilation debug="true" targetFramework="4.5" /><httpRuntime targetFramework="4.5" /><authentication mode="Forms"><forms name="STMan" loginUrl="~/Login.aspx" path="/Members"
      slidingExpiration="true" timeout="30"></forms></authentication><authorization><allow users="?"/></authorization></system.web><location path="Members"><system.web><authorization><deny users="?"/><allow users="*"/></authorization></system.web></location></configuration>

I wrote this XML for the web.config file in a test site to see whether or not I understood the concept correctly. This test site works perfectly from the code above, but the site that I'm working on now, doesn't.

To make things clearer (hopefully), here's a link to a zip file I made with the relevant files:
http://www.loganyoung.za.net/stman.zip 

Basically what I need to know is:

 - What would cause Forms Authentication to fail to authenticate (any and all possibilities)?
 - Is there anything I've done wrong in my code?
 - How could I do this better to achieve the results I'm looking for every time (as it seems I have a different problem with the same symptoms every time I do this)?

Thanks in advance for your help!

Hi Everyone,

I have a network printer in which applications on my Windows 2008 Server print to. I've found that my applications will stop being able to access the printer causing applications to hang or crash. To fix this problem I only need to go into the Default Application Pools settings and change the Identity from Network Service to another Identity and then back to Network Service to be able to print to the printer again. Does anyone know what might be causing the application pool to lose the right/privledges to print to a printer like that? 

Thanks

I am using siteminder and trying to retrieve the userid

protected void Page_Load(object sender, EventArgs e)
    {
        var headers = String.Empty;
        foreach (var key in Request.Headers.AllKeys)
            headers += key + "=" + Request.Headers[key] + Environment.NewLine;
        //TextBox1.Text = headers["USER_UID"];
        TextBox1.Text = headers;
        //TextBox2.Text = Request.Headers[KeyedByTypeCollection];

    }

Now in textbox1 I am getting all the header info generated. How can I retrieve just the username/id/email..Tried above. Any suggestions much helpful.

Thanks Much,

Hey guys, I'm pretty new to C# and ASP.NET, but I'm hoping to get some help on an issue with my fledgling web application that has me stumped so far. I've created a page purposed for user creation (create.aspx). The anonymous template has the user go through registration. Logged in template returns a basic message indicating that the user is already logged in, and would need to log out before registering again. The user creation aspect of it worked fine until I introduced the LoginView templates.

The error: "Compiler Error Message: CS1061: 'ASP.create_aspx' does not contain a definition for 'CreateUserWizard1_CreatedUser1' and no extension method 'CreateUserWizard1_CreatedUser1' accepting a first argument of type 'ASP.create_aspx' could be found (are you missing a using directive or an assembly reference?)"

The markup:

<asp:LoginView ID="LoginView1" runat="server"><AnonymousTemplate><asp:CreateUserWizard ID="CreateUserWizard1" runat="server" AutoGeneratePassword="False" ContinueDestinationPageUrl="~/Interface/Navigate.aspx" OnCreatedUser="CreateUserWizard1_CreatedUser1"><WizardSteps><asp:CreateUserWizardStep ID="CreateUserWizardStep1" runat="server"><ContentTemplate>
..........Some tables...........(redacted)</asp:CreateUserWizard></AnonymousTemplate><LoggedInTemplate><br />
                Log out before you try creating a new character!</LoggedInTemplate></asp:LoginView>

The codebehind:

{
    public partial class Create : System.Web.UI.Page
    {

        

        protected void CreateUserWizard1_CreatedUser1(object sender, EventArgs e)
        {

            // Set & Establish Connection String

            string constring = "Data Source=.\\SquareSQL;Initial Catalog=SquareV1;Integrated Security=True";
            SqlConnection connection = new SqlConnection(constring);

            // Pull TextBox Control

            CreateUserWizard cw = (CreateUserWizard)LoginView1.FindControl("CreateUserWizard1");
            CreateUserWizardStep cws = (CreateUserWizardStep)cw.FindControl("CreateUserWizardStep1");
            TextBox UserNameEntry = (TextBox)cws.ContentTemplateContainer.FindControl("UserName");


<<<Some Database Action, Irrelevant I think>>>

Any thoughts?

I am using t he login from the vs2012 web site starter code, so the code is supplied. I  However, when you debug it the returnUrl is null. Then whenyou get tothe line where it asks if returnUrl is null. it skips the if statement and you are stuck on the login page. The login view  recognizes that  you  are logged in. I thought that the returnUrl is automaticallly sent to the login page?

protected void Page_Load(object sender, EventArgs e)
    {
        RegisterHyperLink.NavigateUrl = "Register";
        OpenAuthLogin.ReturnUrl = Request.QueryString["ReturnUrl"];

       var returnUrl = HttpUtility.UrlEncode(Request.QueryString["ReturnUrl"]);
        if (!String.IsNullOrEmpty(returnUrl))
        {
            RegisterHyperLink.NavigateUrl += "?ReturnUrl=" + returnUrl;
        }
    }


    protected void Unnamed1_LoggedIn(object sender, EventArgs e)
    {
        var returnUrl = HttpUtility.UrlEncode(Request.QueryString["ReturnUrl"]);
        if (!String.IsNullOrEmpty(returnUrl))
        {
            RegisterHyperLink.NavigateUrl += "?ReturnUrl=" + returnUrl;
            Response.Redirect (RegisterHyperLink.NavigateUrl);
        }
    }

I have this code and for some reason, 'user' is always null. I've even tried to use GetUser(string Username). Same problem. The function is in an external class

public static bool LockStatus(Guid id)
        {
            ///returns true if the account is locked out and false otherwise
            //get user with id
            MembershipUser user = Membership.GetUser(id);

           
            //return users lock status
            return user.IsLockedOut;
        }

I've mostly ported my site to use asp.net security classes, but it leaves me with some questions.  

1) The login-cookies are encrypted, but what if a user gets his own login to the site, and then steals a fellow user's session cookie.  Then he could presumably get at all the data of that fellow user.  Is the session cookie as safe as the login-cookie? 

2) Suppose my login control has a "remember me" feature enabled.  That means that whenever he accesses a protected page on the site, that page has to do the automatic validation (which is fine) but it also has to retrieve some additional info about the user. There are many protected pages on the site, and they share a master page.  So I would think that I could go to the Page_Load event of the master page, and check if the additional info is present, and if not, load it.  The problem is this, though.  The Page_Load event of the master page only executes after the child page has been assembled, and after the child page events have fired.  If I need to use some of the user additional info  (like whether he has paid cash for the database info retrieval services offered by the page or not) before I assemble the child page, I'm out of luck.  Is there a solution to this apart from putting extra code in the page-load event of every child page?

I am working on a web based app that I have added an encrypted routine to read and write the connection string using a encrypted file for better security. connection string I pull from the file works fine for all the regular database operations, but I have run into a road block when it comes to membership, Profile, and roles. I have not been able to completely remove the "ApplicationServices" 'ConnectionString' element from the web.config file yet because these three elements in web.config (AspNetSqlMembershipProvider , AspNetSqlProfileProvider, & AspNetSqlRoleProvider) use "ApplicationServices" for the "ConnectionStringName".

Is there a way to set the properties for AspNetSqlMembershipProvider, AspNetSqlProfileProvider, & AspNetSqlRoleProvider from code at start up? I would like to be able to remove these three items from the web.config file and set the element properties from code instead. Below is a snip from a web.config with an example of the lines I would like to remove from web.config and set from code.

<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" applicationName="/" connectionStringName="ApplicationServices" passwordFormat="Encrypted" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="true" requiresUniqueEmail="true" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="8" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="5"/>

<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" applicationName="/" connectionStringName="ApplicationServices"/>

<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" applicationName="/" connectionStringName="ApplicationServices"/>

Dear All

I  am working on e tution website.  where study contents are being displayed as video using JWPlayer . i want to disable downloading of videos . i would appreciate if some cud help me.

its very Important for me kindly reply sooner as possible.

hi everyone!

i saw the alpha version of Microsoft.AspNet.Identity and i didnt see any tables to supportapplication roles. So i would like to know if it's something that you will support before the RTM version or if we can adapt the model easly on our side to support application's roles.

thank you!

alexandre jobin

Suppose a user is watching a long video on my asp.net website.  To see the video, he had to log in using membership.  My question is, what happens if the session and the login expire at different times.  I could see that messing up data entry etc.

Thanks

I'm using asp.net 3.5 to build a web application. It's now time to integrate user memberships so that users may create an account on our site. I've been up and down the internet looking for a guide or a tutorial to help me accomplish this.

I plan on using Microsoft's default login system.  When using the CreateNewUserWizard control it gives me the following error:

 A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)

Everything works perfectly on the local environment.  What changes to the web.config file or to the database do I need to make to help me set this up?  Every time I add to the web.config file it gives me an error on the new opening tag. (ex: <membership>)

Thanks for taking the time to help me with this issue!

Note: This is the first time I've worked on a published server.