.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
Kaviya Balasubramanian
Imran Ghani
Post New Web Links

Security concerns with allowing post login infromation

Posted By:      Posted Date: October 05, 2010    Points: 0   Category :ASP.Net
 

I have a third party company that we need to allow they users to pass into our website without loging in. TO keep it easy I was thinking of having them post to a custom login page on my site.

 

So their code would be something like this:

  

<form method="post" action="https://www.mywebsite.com/TestLandingPage.aspx">
username: <input id="username" name="username" type="text" />
Password: <input id="password" name="password" type="text" />
<input id="sbmtLogin" type="submit" value="Login" />
</form>

My landing/login page would do soemthign liek this.

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        If Not IsPostBack Then
            If Not Page.Request.Form("username") Is Nothing AndAlso Not Page.Request.Form("password") Is Nothing Then
                Dim sUsername As String = Page.Request.Form("username").ToString()
                Dim sPassword As String = Page.Request.Form("password").ToString()

                'test user credentials

            Else
                ' login error
            End If
        E


View Complete Post


More Related Resource Links

Desktop Security: Create Custom Login Experiences With Credential Providers For Windows Vista

  

Why is a change to the Windows logon plug-in interface so exciting? Because with credential providers you can customize the logon experience for your users.

Dan Griffin

MSDN Magazine January 2007


Report Manager Security: If a user login to Report Service than he should be able to see only a fold

  
Report Manager Security: If a user login to Report Service than he should be able to see only a folder for which he has role assing and rest of the folder should be hidden for him. How this security i can achive with c#

An exception occurred when trying to issue security token: The trusted login provider did not supply

  
We are facing the issue after got authenticated by OpenID and forwarded back to Sharepoint, it crashed at the /_trust/ page the error "Operation is not valid due to the current state of the object." and event log shows this:   "An exception occurred when trying to issue security token: The trusted login provider did not supply a token accepted by this farm... "    

Windows Security Login popup for 3 times after logged in after changed theme banner

  

Hi experts,

I do have problem with my SharePoint theme. I have actually create new theme by customized a theme from the default theme in SharePoint. I have replace with new banner and do some changes in the coding site.

After i have applied the theme to my portal, i face problem when i try to logged in using a username from Read Only group, it will appear the windows security login for 3 times before the portal can be access, unfortunately the banner are still not visible. Sometimes, its appear, sometime it didn't. 

However, when i logged in user System Account, i have no problem accessing the page without windows security login appear and the banner are there.

What am i missing, please do let me know. Thank you.


SharePoint 2010 Security (Prompts for Login) Issue with SSRS report with Out of Box Web Part

  

Hi All,

I have a SSRS Customized Report (.RDL). I have a web part with association on one of the report. When I try visit the page I am prompted for credenatial.

My Data Source Properties are as per below

Use this user and Password

  user name: domain\myadminuser

  password:****

Selected: use as win auth

Selected: Impersonate

 

How Can I get rid of prompt?

 

 

 

 


Pathik

SharePoint 2010 Security (Prompts for Login) Issue with SSRS report with Out of Box Web Part

  

Hi All,

I have a SSRS Customized Report (.RDL). I have a web part with association on one of the report. When I try visit the page I am prompted for credenatial.

My Data Source Properties are as per below

Use this user and Password

  user name: domain\myadminuser

  password:****

Selected: use as win auth

Selected: Impersonate

 

How Can I get rid of prompt?

 

 

 

 


Pathik

Changing WindowsIdentity creates sql login errors for integrated security connections

  

I am using winows authentication to connect to a web page and user.identity and principle.windowsidentity are showing as my currently logged in active directory user.  I can successfully connect to SQL Server with a integrated security connection string at this point.

I then prompt the user for login as a different account on the domain and change the principle.windowsidentity to this login using

 

<DllImport(

 

"advapi32.dll", SetLastError:=True)> Private Shared Function LogonUser(ByVal lpszUsername As String

SharePoint Tutorial - Security

  
Security in SharePoint is comprised of users, groups and roles.



Users, Groups and Roles

Users
A user account comes from the authentication system. For example, if Active Directory is used to authenticate then the user accounts will come from it.

Groups
There are two types of groups SharePoint uses: domain groups and SharePoint groups.

Asp.net web site security database

  

Hello all, I'm new to asp.net and I'm currently practising some few stuffs. I'm creating a hotel reservation system using ASP.net Web site in visual studio 2008 and I currently don't have an App_Data in my solution explorer unlike visual web developer.

1. I have planned to make users of the website login before making their reservations.

2. I have also planned to develop the website such that I will be able to know all reservations made by each user.

First and formost, I will like to know how I can access/View the security database?

Secondly, how do I link my custom made reservation database and the security database in order to achieve my second plan above.?


Someone help me.


Thank you.


System.Security.SecurityException:

  

hello i have the following problem

i have upload my content to hosting server but i get the following error

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[SecurityException: Request for the permission of typ

Post back puzzle

  

Hi, I have a website where the user makes a selection from a combo box and it then fills a couple text boxes with text based upon the selection. I'm sure as you know it could take a second for the text to appear in the text box due to the post back. I know there is no way to make it instantanious, so what I would like to do it fill the text box with somthing like "Loading Info..." so the user does not type in it while the information is loading.

If you would like to see what I mean please go to this page: www.epiclinks.com/create.aspx and mess around with the combo boxes and You'll see what I mean.

What I would like to do is have it do a post back to write "Loading Info..." and then do another post back to fill it in based upon their selection. How would I do this?

I'm up for anything, so if you have a better solution than that please let me know.

Thanks.


I thought this would be simple... Trying to create a login does an ajax check before submit

  

I have the standard .net login control that is working.  (Still learning .net after 15yrs of classic)

What I want to do is OnButtonClick run a javascript function (to do an ajax call to the db to check if login is valid or not) and if it returns true, then submit the form normally, else don't submit. The piece that I can't figure out, is how to correctly override the default click even to hit my JS routine and then submit the form properly afterwards.

Thanks ahead of time


Formview LinqData source not allowing updates

  

OK, I'm confused.  I've set up a formview with a Linqdata source to allow users to edit records.  When I run it, edit data and submit, it blows up and tells me "Linq datasource6  does not support the Select property when the Delete, Insert or Update operations are enabled."  I googled that warning and saw a couple of posts on this forum saying the problem is the slect statement has to be removed from the Linq data source for it to allow updates. 

But if I remove the select statement then how do I show the user specific info on pageload?   plus I thought the two way databind was an advantge of the datasource control.

 

 

 


Looking for ASP.Net JQuery Post Sample

  

Hi, iam looking for a JQuery Post Sample, without reload of the current Page. I want on a webform enter a search text, onclick on the submit button i want get (webservice?) back clean html code that will be shown in a div tag
i found something like

<form id="formsearch" onsubmit="jQuery.ajax({type:'POST',dataType:'html',data:jQuery(this).serialize(),success:
function(data, textStatus){jQuery('#ajaxcontent').html(data);},beforeSend:function(XMLHttpRequest){$('#indicatorSearch').
show();},complete:function(XMLHttpRequest, textStatus){$('#indicatorSearch').hide();},
url:'/Search'}); return false;" action="/Search" method="post">

but how is the source asp.net (or webservice) build up?

can you give me some samples, how i can realize that with asp.net

thanks


How to modify the login control

  

Hi,

I'd like to record more information than the default control allows as well as perform actions with the input when the form is submitted but I'm having trouble figuring out how.

So firstly, if I want to record the middlename for example, how would I do that, and by default, where would it go if anywhere?
When the form is submitted, I'd like to take specific input, such as just the middlename for example, and write some linq to sql code to specify when and how it's stored.
In what event would I put this code?

Thanks 


create user wizard login error message dont show in a message box?

  

hi

 

i am using create user wizard and capturing other information within content template when a new user

registers. Some of the textboxes are binded to required field validators.

 

there is a validation control on the page and ShowMessage box is True.

If they dont complete some of the text boxes then the message box pops Up with the error message.

It does not however include information errors like "User already exists" or Email address already exists

from the create user wizard membership  UserName and Password Textboxes

 

is it possilbe to hook all of these up so I get one message box with all errors including membership ones?

 

thanks

 


Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend