I am creating a web application using Form Authentication of Asp.Net with C# and back end Sql Server. Here in my application administrator login and creates new users. I am using the create user wizard under login controls. My problem is when the new user is created by Admin he is automatically logged out and logged in with new user credentials which he has just created. Any help would be highly appreciated.
The CreateUserWizard has a property called LoginCreatedUser. Set it to false, and this will solve the issue.
Perhaps that wizard is meant for new users so that they can create their own account when they visit the site. it is not intended to work the way your admin is using it.
Related
I am trying to create a simple login application using WPF c#. I got the login part down but I cannot figure out how to create unique pages for individual users.If user "A" creates a new account, then he should have his own new profile form. This means every time I create a new user, a new profile form is generated and that new form is assigned to the user and no other user can make modification to that user's profile. For example: Skype profile. I am sure there are questions like this floating in stackoverflow but I can't find them. I would really appreciate if someone could guide me through this.
You're overthinking the problem. The form is the same for all the users. The content of each user's form varies. When the user logs in, your database should store some variables detailing that user. Simply set the forms controls to reflect the users details. Don't "create a new profile form".
I have a ASP.NET MVC project which connects to SSRS using ReportingService2010 web service endpoints to retrieve and download reports.
Connection works fine using CredentialCache.DefaultCredentials when developing locally with Visual Studio running with admin privileges
When published to virtual directory or used with NetworkCredential with domain\username it doesn't work as expected. I added the windows system user in SSRS as a system administrator.
Current syntax which only works when running locally in Visual Studio with admin privileges.
ReportingService2010 service = new ReportingService2010();
service.Credentials = CredentialCache.DefaultCredentials;
CatalogItem[] items = service.ListChildren(reportsFolderPath, true);
Is there a way to configure domain\username password with NetworkCredential
ReportingService2010 service = new ReportingService2010();
var credentials = new NetworkCredential("insharp", "abc123", "insharp-lenovo");
service.Credentials = credentials;
You can't just add a user only (e.g. insharp-lenovo\insharp in site settings, you need to give that user "browser" rights, and maybe some more - for testing, just give the user all rights, then remove them step by step)
But instead of calling the SSRS web-service, why don't you just use the ReportViewer control in your application ?
Nobody is ever going to configure SSRS for your application anyway, so don't set yourself up for failure. If configuration can be avoided, then it should be. Also then you're independent of the ReportServer installed at customer X, which is a good thing.
Also, you don't want to be at the mercy of the installed SSRS-version.
You can use it to export a report (latest version is reportviewer SSRS2016-preview):
You can find a complete example here:
https://github.com/ststeiger/ReportViewerWrapper
This is what you'll need to do for one report:
https://github.com/ststeiger/ReportViewerWrapper/blob/master/Embedded2016/Umzugsmitteilung.cs
Edit:
You only added the user in the site settings here:
Now you need to give the user permissions in the folder settings tab
Then click on "Assign New Role", or whatever it is called in English.
Locate your reportsFolderPath path in SSRS, and open Security settings for it (you can reach it through direct link or Manage > Security).
In Security tab you will see a list of users with their permissions, your user name should be here in order to give an access to list folder contents. If your user is present in the list, then click to Edit it and ensure all checkboxes are set. If user name is not present, then just add the new one, and check all checkboxes.
I am using nopCommerce 3.50. And trying to make it a multi storied. Every user signup here will have there specific e-commerce like nopCommerce.
Main features I have to focus is:
Every user(store owner(1 store/user)) will have their own subdomain.
user's will have full control on their store.
They can change theme or configure any settings as an admin of
NopCommerce can.
So what I am thinking to do is:
Create a new project(mother project).
Link One NopCommerce Solution with it.
when a user signup there, they create a new database as nopcommerce.
Name database uniquely for the user.
store db name and all user info in mother project.
When user sign's in, get the user db from mother db and set the path to nopCommerce Solutions db-path.
when a user logs in, user is redirected to a subdomain.
and loads the respective database for the user using same server-side and client-side code.
Is it possible or there is any other better way to do this?
I am new to MVC and actually new to web development all together. I have about 7 years of development experience but in services, database, object models, etc.. basically middle-tier and back-end development. I am trying to learn ASP.NET and decided to build a site using MVC3 for a personal site for myself. I will be hosting this from an account at dotnet-hosts.com. Here is my question... I don't have a domain and I will be using the built in membership provider. I noticed in the auto generated code that was created when I added the project template that in the AccountController in the method ChangePassword (ChangePasswordModel model) there is this line of code...
MembershipUser currentUser = Membership.GetUser(User.Identity.Name, true /* userIsOnline */);
My question is specifically around User.Identity.Name, this looks like it would be returning the Windows user name just like Environment.UserName would. The Visual Studio template I used is the (Mobile Ready HTML5 MVC.NET) as I want to be able to support clients from any device...Windows PC, Apple, Windows Phone, iPhone, etc... If the call to User.Identity.Name is correct then I would like to ask how does this work on devices that are not Windows like an iPhone? If my assumption is correct that this will only work for Windows computers with a domain then how can I achieve this? would I need to perhaps use some caching? If so could I maybe grab the user name and their IP address to be used as the cache key from the Authentication page?
My high level question is... How do I get the current logged in user's userName regardless of the device/platform? I know this question is probably not written well and may be hard to understand... I apologize for that. I am new to web development and trying to get my feet wet and would like to start to the latest technology.
The call is correct. The User.Identity.Name is filled out by whatever authentication provider is in use - Windows authentication, Forms authentication, some custom authentication provider, or whatever. It isn't bound to a specific user "type". The authentication provider has the responsibility of making sure the Identity object corresponds to the current user on every request. Usually that part is taken care of using a combination of cookies and database.
The MVC template (although I haven't had a look at the template since MVC 2) uses ASP.NET's Membership class, which in turn uses a membership provider - for example SqlMembershipProvider or ActiveDirectoryMembershipProvider - the former stores your users' credentials (username and password etc.) in an SQL Server database, the latter uses Active Directory (i.e. primarily Windows logons). SqlMembershipProvider is the default, and MVC is set up to use a local SQLExpress database file as its user store.
The authentication provider that's implemented in the template project uses FormsAuthentication, which does the login procedure through a simple HTML form (the one in the LogOn view) and keeps the user signed in by way of an encrypted cookie. Works on any platform.
The setup for both FormsAuthentication and SqlMembershipProvider can be found in web.config (the one in the root of the site). There you can find the connection strings for the SQLExpress database (and e.g. change them to use a "real" SQL Server if needed), the timeout for logins etc.
(Note that you can do a lot of that configuration easily in a GUI through the "ASP.NET Configuration" button in the toolbar of Solution Explorer in Visual Studio - it also provides an easy way to set up the first users).
In short, it's all ready to go - and doesn't lock out non-Windows users.
Like you said User.Identity.Name is indeed correct. for returning the logged in users name. But the membership section like you said, provides only windows accounts. You can use similar without the user of windows accounts, to work in every scenario, and can still verify against windows if present. If you call it without membership, and follow the default MVC3 template it should work fine.
String Username = User.Identity.Name;
When you log on, using the template MVC3, it creates an authcookie. See account controller code. Here, two parameters are passed into it. The username, and to persist (when browser is closed - login is still cached).
The username is a string field, which is what is called by User.Identity.Name and infact, anything can be put into it, and is not in anyway linked to Windows login.
You could test the login via method you desire, and if yes, set a cookie using the authcookie method. (its encripted). And set the username to what ever you want. And if your verification of the user fails, dont create one, and redrect back to page.
See the example code. This is all from memory, as I dont have code infront of me for reference. But its all in the account controller, Login Action.
When the cookie is set, The users login state is cached for the session. You will need to ensure the user is logged in when visiting a webpage. Otherwise loggin in will be pointless. This is a simple attribute on the controller/action.
Note: dont do this to the Account/logon controller, as you wont be able to visit the logon page, as you are not logged in.
[Authorize]
public ActionResult DoSomething()
{
// ...
}
Hope I have helped.
My project has a Guest folder and an admin folder.
Guest has a guest1.aspx page and admin has admin1.aspx page.
Now I am trying to figure out a login control which will check the role of the user and send them to the respective pages accordingly.
The names are not in the database or the active directory...
These names are on the windows 2003 server...
So I need to check from the server if the user exists and what is its role in it..
what is the best way to achieve this... please any suggestions...
this is very important for me
any help is appreciated
thanks
#John_ Let me explain
Suppose there is company which has 10 employees and one administrator.. the company has a server and these employees are on the same domain. So the admin can add that machine to the server or delete it.. now every machine has its username password and domain.. i want my gui to use the same credentials to log into the gui and send them to the respective pages according to the role..
In the LoggedIn event check the roles of the user and use the DestinationPageUrl property of the Login control to redirect to the proper page.
You can find some examples of checking the active directory group that the user is a member of here: http://www.codeproject.com/KB/system/everythingInAD.aspx#38