Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
I am developing an asp.net website in which i need to create admin panel.
So please tell me how to decide role and membership and also way of development.
thanks
For that you will require some tools.
WebMatrix (or VS)
SQL Database.
Then by using these, the ASP.NET will automatically create the tables required using this:
WebSecurity.InitializeDatabaseConnection();
You can learn about it here: http://msdn.microsoft.com/en-us/library/webmatrix.webdata.websecurity.initializedatabaseconnection(v=vs.111).aspx
You will require to tell the name of Database and the Table name which will be used for the User Data. Remaining will be the job of ASP.NET like UserInRoles MemberShip and others
How to use those roles or others please go through this: http://www.asp.net/web-pages/tutorials/security
There you will learn:
How to allow users to Sign In or Sign Up.
How to add membership.
How to create Roles for users.
...and many more there. I will advise you to go to http://www.asp.net and learn the basics about it there. They are heplfull too. You will find many helpfull articles there. Find some community blogs too about ASP.NET.
Edit: They will teach you code regarding C# as well as VB.NET, but C# will be used more oftenly than VB.NET!
Here's an article on how to setup membership and roles in SQL: http://www.codeproject.com/Articles/281573/ASP-NET-Membership-and-Role-Provider
This would be a start:
Introduction to ASP.NET Membership
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
Apologies if this is in the wrong category. I'm currently developing and application in ASP, due to my inexperience with ASP I'm worried about vulnerabilities that a user can exploit.
My application is being coded from scratch, no templates used or defaults from Visual Studio, completely blank projects. The user is greeted with a login page where depending on there user access in active directory depends on which pages the user can access.
The exploit I'm worried about is if the user will be able to commit a directory traversal and access a page in which they're not allowed to access and change critical information.
I'm afraid my inexperience has caught up with me. Could someone explain to me how I could limit the access to the user or, If I'm over thinking the process, correct me? Constructive criticism is accepted.
Microsoft does try to help protect your application through their defaults, so if you're running in IIS, make sure the user the application pool is running under only has write access to the folders it needs to write into.
This is a very open-ended question and depends on many factors such as version of .net, server OS/IIS version, other handlers installed, etc. But a good start is to review the OWASP Top 10:
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project#OWASP_Top_10_for_2013
Here's a list of some automated tools you can use for testing your implementation:
https://geekflare.com/online-scan-website-security-vulnerabilities/
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I have a website which supports many kind of users based on their roles.
That is Sales,Customers etc.
I want to make my website to be accessible form other applications.
Like if any application want to fetch or send data to my application i should be able to grant them secure accessibility.
Please let me know how should i go about it to get the authentication part done.
Thanks in advance. Any help would be greatly appreciated.
The question is fairly broad so I'm afraid I can only offer general guidance. The common approach to this is to expose your functionality as an API secured by OAuth. Users must authenticate with your application to get a bearer-token that they can then provide along with calls to your API to identify themselves and authorize the request.
If you are usinging ASP.Net I would suggest looking at the Authentication and Authorization in Web API.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
We are converting a major.NET 2.0 project to MVC, we were learning MVC 4 and since MVC 5 is already out, we figured we might as well move straight to MVC 5 since it offers attribute based routing out of the box and .NET 4.5 seems like the platform to develop some chat features we were thinking about using SignalR.
The confusing part for us now is that there are so much information since .NET 2.0 regarding say membership
From research, we saw
Simple Membership
Universal Membership
Identify Membership (1.0, and then 2.x?? what?)
So boils down to one simple question, is ASP.NET Identity THE thing to learn regarding membership when we redesign the app in MVC 5? Simpler Membership / Universal, we can just completely ignore them right?
Sorry all, I'm just really late to the MVC game and I'm trying to catch up. A bit (actually completely) overwhelmed by different articles all talking about different things.
Thanks.
Take a step back and realize what all these "solutions" are doing. They are helping you create an identity in ASP.NET and help manage cookies on the client. When you think about it that way you will realize that you need very little to build a good authentication scheme. I always leverage what is in ASP.NET in regards to principal and cookie management, but ignore the database stuff and just implement it myself.
I wrote this post that I hope will help you. You will realize there really isn't much too authentication.
http://www.khalidabuhakmeh.com/asp-net-mvc-5-authentication-breakdown-part-deux
This article was recently listed on the asp.net community site. :)
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I wanted to crate an mobile app (using Flex) that let user upload some user generated content (eg. Text, Picture) to my website and also able to display/view it on the website as well.
I don’t much on the back end (web programming, website database, cloud).
What is the best way to do this or is there any ready build solution out there?
Thanks.
Look at httpService for your user upload and tie it to a back end web service using POST or GET parameters. Personally, I recommend PHP but any web capable service would work. Then, tie that service to store your images on your web server or in a database. Reverse the process to get it back out. Can this all be done in Flex? No. Can you tie it in with a web service easily? Yes. Good luck.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I'm in the beginning stage of building an Asp.net email control. I'm a big fan of asp because a developer can drop a control onto a page and all functionality is bundled into it.
So, my goal is to develop an EmailControl that encapsulates send/recieve into a single server control.
I would appreciate if anyone has some tips or technical references regarding this topic. For all of you wondering, I AM doing research of my own but some of you may have some additional sites that I could check out.
Thanks
To let users send, you just need the basic form elements and the code on the page below to send the mail.
Sending Email with System.Net.Mail
.NET doesn't have any native POP3/IMAP support but there are a multitude of libraries available, such as:
.NET POP3 MIME Client
(This answer assumes by "send/receive" you are referring to implementing a mail client as opposed to a mail server.)
Beware that Aspnet will be supersede by Aspnet MVC, where these kind of "drag and drop" controls don't exists any more..