.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
Easy Web
Imran Ghani
Post New Web Links

How to Provide Security at User level base in asp.net for certain pages

Posted By:      Posted Date: September 08, 2010    Points: 0   Category :ASP.Net
 
 Hi I have a site We have different Pages under one folder. we have stored these pages information in a database table with pageid. Then we have User access table. there we store userid and pageid , for which pages user has access. Now I need to provide access to that pages only . What to do. Could you please provide answer asap.   Thanks  


View Complete Post


More Related Resource Links

Secure It: WS-Security and Remoting Channel Sinks Give Message-Level Security to Your SOAP Packets

  

As more organizations adopt XML-based Web Services, the need for message-level security has become evident. WS-Security, now supported in the Microsoft .NET Framework, addresses this need. Using the WS-Security framework, developers can implement channel sinks to intercept Remoting messages as they pass through the .NET Remoting infrastructure. The sink can read the message, change it, and pass it along. During this process, the message can be signed for added security. This article explains how to implement a Remoting channel sink that will modify the Remoting message by including a UserName token in the header, then sign the body using the token.

Neeraj Srivastava

MSDN Magazine November 2003


Active Server Pages+: ASP+ Improves Web App Deployment, Scalability, Security, and Reliability

  

ASP has been rebuilt from the ground up. The result? Active Server Pages+. ASP+, with a host of new features, provides for easier to write, cleaner code that's simple to reuse and share. ASP+ boosts performance and scalability by offering access to complied languages; development is more intuitive thanks to Web Forms; and an object-oriented foundation facilitates reuse. Other important features include page events, Web Controls, and caching. Server Controls and improvements in data binding are also new with ASP+. Libraries for use with ASP+, and the Microsoft .NET Framework which allows custom business functions to be exposed over the Web, provide more new development opportunities.

Dave Sussman

MSDN Magazine September 2000


How Restrict and Allow user to Pages of Website.

  

i have 4 pages of website

2 pages are authorized to used by USER and 2 pages are restricted for user

admin can authorized to go all 4 pages

 

i need coding for Login window from which Admin/User Login

 

 


stsadm Import command + include user security

  

Hi,

When I move sites from test to staging to production, I am using the stsadm –o export command with the –includeusersecurity option in the staging environment.  In production environment, I then use the stsadm –o import command with the –includeusersecurity option.  I was assuming that this option was bringing over the security on the exported site only.  This does not seem to be the case.

Last night I exported one sub site to produtction.  Today, I was notified that the security groups on other sub sites have been altered.  

 

So why is it when using the –includeusersecurity option effect all sub sites and not just the one sub site being moved from staging to production

Web Part working fine on the top-level page but 'Not Safe' error on lower-level pages.

  
Hi,

I have created a Web Part which reads and parses the SharePoint logs in order to display usage information of the page it resides on.  The Web Part works perfectly on the top page, reading and displaying the information desired.  However, once the Web Part is added to any page lower in the site heirarchy (sub-page) the same Web Part throws the following error:

Error 
 
Web Part Error: A Web Part or Web Form Control on this Page cannot be displayed or imported. The type could not be found or it is not registered as safe.

Show Error Details
Hide Error Details

[UnsafeControlException: A Web Part or Web Form Control on this Page cannot be displayed or imported. The type could not be found or it is not registered as safe.]
  at Microsoft.SharePoint.ApplicationRuntime.SafeControls.GetTypeFromGuid(Guid guid)
  at Microsoft.SharePoint.WebPartPages.SPWebPartManager.CreateWebPartsFromRowSetData(Boolean onlyInitializeClosedWebParts)
 


Of course the current version of the Web Part is in the SafeControls list on the web.config.

The Web Part was originally designed to return site activity only for the top default.aspx page and worked fine but started to fail in the manner described above once I added the following line of code to return a SPCo

Generating and storing html pages in User Directories on the server

  

Hi,

I come from corporate asp.net development, and I am now working on a public website which will get a lot of traffic, perhaps a million users a day.  So I am faced with a ton of performance and scalability questions.

I would like to share some thoughts and see if my approaches resonate with any good practices, or perhaps I am heading down the wrong path...  Either way, I want to hear opinions.

(My number one concern is the fact that I am using asp.net for a public website.  I don't know of a lot of websites using asp.net)

I am using asp.net 2.0 (I know, its not the latest technology but I don't need any advanced features of asp.net 3.5 or 4, unless there are significant improvements geared towards what I am doing) 

On launch date, this will be running on a dedicated Windows Server 2008 running on Intel ATOM 330 1MB L2 Cache 1.6Ghz Dual-Core with 2GB DDR RAM.  Its fully managed by a full service hosting company which gives me an option to upgrade to a bigger server within a few hours.  I can even move the site to a webfarm if the traffic demands it.

So I have a User Dashboard, where users can create albums and upload pictures.  So what I am doing

provide detailed security configuratin for web forms

  
hi I'm considering solutions for enforcing a security model to porvide much more than granting or denying access to a person or group of people. I need to indicte which controls on the page can user take advantage of based on its group. for example there might be a form that users can Create Retrieve Update Delete some contents. I want to restrict a specefic group of people from Updating And Creating date. but I don't have a seprate web form for each of them. all of the stuff is done in a single page.   kind regards to those who readI'm waiting for smart replies. Thank you.

user permission in granula level in SharePoint version 2

  
Hi, everyone:   I am administrator of a SharePoint v2 site. I found that I can either give "view item" or "view item, insert item, remove item and update item" permission to users, no middle. However, I do wish to give some users "view, edit" permission, but no "insert and remove item" permission.   So, does SharePoint v2 support this in out of box feature? if yes, how to make it, if no how can we achieve in easiest way?   Thank u MySTfrom Finland :D

Developing common content pages that can be hosted at the Web application or TLS level and can be sh

  
We are working on a Publishing site and planning to provision each client as a sub-site under the top level site (TLS). All of these sub-sites will almost have the same web pages and based on the client specific requirement they can customize these pages if needed. To meet the above requirement: I want to develop common content pages or application pages with the publishing capabilities and host them at the TLS, making these common pages available for all sub-sites under the TLS with the following requirements. ·        Sub-sites will not have any of these pages on their own and there would be only one central copy of this common page at TLS. ·        The sub-sites should be able to access these common pages in their context that means using the sub-site specific Master page & Themes. ·        When there is a specific customization is required such as adding a different web part, or updating the HTML data on the page, the common page will be edited in the sub-site and eventually making its own copy of the common page and resulting breaking apart from the common page for any future changes. ·        When the user edits the page he should be alerted that customizing this common page will make a local copy an

Long execution times for Search pages even after 4th or 5th user has accessed the same page.

  
Hi Guys We have a Sharepoint 2010 farm with two NLB web fronts ends, a Index server and a two box SQL cluster. The same problem also occurs on a dev box which has Sharepoint 2010 and SQl server running on the same single box. When a user access the search or advanced search page we get long execution times of between 15 and 30 seconds.  The strange thing is that the user will have a slow response the first time, then they are fine for a period of an hour or two and then they hit the slow response again.  Below i have copied info from the developer dashboard.  Does anyone have a suggestion of where to start tackiling this issue. Thanks 1st Run.  (Note this site was accessed by 3 other users first) BeginRequestHandler (0.05 ms) PostAuthenticateRequestHandler (0.06 ms) PostResolveRequestCacheHandler (18.48 ms) GetWebPartPageContent (16.87 ms) GetFileAndMetaInfo (15.57 ms) GetWebPartPageContent (35.25 ms) GetFileAndMetaInfo (34.99 ms) GetWebPartPageContent#1 (89.27 ms) GetFileAndMetaInfo (89.06 ms) Add WebParts (3975.17 ms) Search Box (3974.54 ms) SearchBoxEx.OnLoad (15426.56 ms) SearchBoxEx.HandleContextualScoping (0.01 ms) UserPreference.GetUserPreference (15418.52 ms) UserPreference.GetFromCache (0.04 ms) SearchServiceApplicationProxy.GetUse

SSAS 2008 Metadata Repository data - User Knowledge base

  
Hello, We have the SQL Server 2008 Analysis services instance with some databases, cubes, Dimensions, Measure groups, partitions, etc. The business users are find difficulty to search for a particular measure. I mean, it is difficult for them locate a measure from the available cubes; again finding the respective Measure Group/ Folder is not an easy task for them. Also, they need to know the source system of a particular attribute in a dimension, formula for the calculated measure and etc. So, we have planned to develop a knowledge repository, which needs to store the business metadata for the SSAS databases. The user needs to be access this information using the SharePoint site and should help them locate and understand the data. The User Interface needs to be user friendly too. I need your valuable suggestions for the design of this system. Note: I have referenced the below articles http://dwbi1.wordpress.com/2010/01/01/ssas-dmv-dynamic-management-view/ http://social.msdn.microsoft.com/Forums/en-US/sqlanalysisservices/thread/c610850f-16b4-4eaf-9b91-a2d32816f40e

Report Level Security in SSRS using Tsql

  
So i am Brand new in this area i have developed reports before and deployed them but never got an oppurtunity to work on security and who gets to see what.. Purpose of the view is thats what im thinking..   We have a reports database has 100 reports . What we are trying to do is have a faster way to manage report subscriptions. The tables i have is Analysts, SalesRep,SalesRepSubs and dbo.users.Dbo users are our web portal users where they can view reports. I want to create a table in which every report is viewed per security level. We have 6 layers of security layer 1 is lowers to layer 6 being highest. This is the relationship between tables Salesrep(SRID PK) Salesrep_sub (SRID_SUBID PK) Analysts : (AnalystIDPK) Users: The Table has all Users who are Salesrep,Sales Repsub and Analysts)(PKID PK) and we have cols SRID, SRID_SUBID & AnalystID) in this table. use Pricing go Alter View dbo.User_Access   AS select S.SR_name,u.SRID,sr.SRsub_name,u.SRID_SubID,U.Userid,u.username,u.Email, u.SecurityLevel,a.AnalystID from dbo.Users u join tbl_Analyst a on a.AnalystID=u.UserID join tbl_SalesRep s on s.SRID=u.SRID Join tbl_SalesRep_Sub sr on sr.SRID_SubID=u.SRID_SubID My question is what do i do next? Add this view to Report server? or how can i make it functionl?????????FM

User control or sub-form inside tab-pages? Best practice?

  
I've got a Windows Forms application with numerous tab-pages within a tab-control. Each tab-page is a diffirent user entry form with different controls of varying types. As the application is fairly large it is important that more than one developer can work on it simultaneously. Thus we decided to create a form for each tab so that different developers could work on different forms at the same time without overwriting each other's code. Each of these "sub-forms" are then assigned its relevant container tab-page as its parent. This works well but I was wondering if this is good practice or not, after another colleague commented that we are making forms look like user controls and that we should rather be creating a user control for each tab. I've converted two of the forms to user controls with relative ease and it does work nicely as well but with one draw back. On the main parent form, e.g. frmMain, where the tab control lives, there is one single button the clear the current display. When you click "Clear display" it clears various others items displayed on the main from, finds the current selected tab and clears its contents. The latter is easy to do with sub forms as I can simply close and dispose the sub form inside the selected tab, and load a new instance. I don't have to write custom logic to go and reset/clear each control on that form. Thi

current user identity in custom security trimmer

  
The crux of my problem is that I want to impersonate  a user’s NTLM credentials in the context of a SharePoint custom security trimmer to execute HttpWebRequests to check user access to URLs.  When accessing WindowsIdentity.GetCurent() in the security trimmer, the System.Security.Principal.WindowsIdentity object returns the identity of the application pool running the search query service, NOT the currently logged in user.   When accessing System.Threading.Thread.CurrentPrinciple.Identity in the security trimmer, the Microsoft.IdentityModel.Claims.ClaimsIdentity object of the current logged in user is returned.  However, there is a catch.  …   If I execute the following code in a .NET web application, the cast of the ClaimsIdentity to a WindowsIdentity succeeds because the identity has the authentication type of NTLM.    WindowsIdentity winId = (WindowsIdentity)System.Threading.Thread.CurrentPrincipal.Identity; WindowsImpersonationContext wic = winId.Impersonate(); request.Credentials = CredentialCache.DefaultCredentials; //access means a response comes back when a request is made to the url using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) { returnStatus = true; } wic.Undo(); However, when I execute the same code in the context of the SharePoint security trimmer (the search query service li

Report Level Security in SSRS using Tsql

  
So i am Brand new in this area i have developed reports before and deployed them but never got an oppurtunity to work on security and who gets to see what.. Purpose of the view is thats what im thinking..   We have a reports database has 100 reports . What we are trying to do is have a faster way to manage report subscriptions. The tables i have is Analysts, SalesRep,SalesRepSubs and dbo.users.Dbo users are our web portal users where they can view reports. I want to create a table in which every report is viewed per security level. We have 6 layers of security layer 1 is lowers to layer 6 being highest. This is the relationship between tables Salesrep(SRID PK) Salesrep_sub (SRID_SUBID PK) Analysts : (AnalystIDPK) Users: The Table has all Users who are Salesrep,Sales Repsub and Analysts)(PKID PK) and we have cols SRID, SRID_SUBID & AnalystID) in this table. use Pricing go Alter View dbo.User_Access   AS select S.SR_name,u.SRID,sr.SRsub_name,u.SRID_SubID,U.Userid,u.username,u.Email, u.SecurityLevel,a.AnalystID from dbo.Users u join tbl_Analyst a on a.AnalystID=u.UserID join tbl_SalesRep s on s.SRID=u.SRID Join tbl_SalesRep_Sub sr on sr.SRID_SubID=u.SRID_SubID My question is what do i do next? Add this view to Report server? or how can i make it functionl?????????FM

Insert and Edit Pages with Web User Control Template for another table

  
Hi, I have an Address template(web user control) which holds the fields of the Address table.  The Address template is embedded in the School Insert Page.  I want to insert a new school together with its address(which means I have to insert a record into the address table).  Can you let me know how I can pass the newly generated addressId to update school table?  Also, how can I associate the Address.cs in the App_Code with the Address template?  I want it to be able to scaffold columns which needs to be hidden from user in the address table.  When I click on Insert School, the Address template shows in "insert" mode, I just need to link the two together. Thanks for your help! CC  
Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend