Is it Possible to have an ASP.NET Application in Microsoft Outlook - asp.net

Users need to fill out an access request and once they are done and hit the submit, it emails the request to their supervisor.
Is it possible to email the entire form(with the user data and also to be filled fields by supervisor) in an email so that the supervisor can select accept and the change would be reflected in a SQL database from Outlook itself?

Emailing the form can be done. Writing an Outlook add-in can also be done. But you'll save yourself a lot of time if you just write an "approval" page in your web app and send a link to this page in the email to the supervisor. You can put any information you want in the email, of course.
ETA: But to actually suggest a solution: you could send an email that included a hyperlink, that included identifying information in the query string, and use that as a way of signalling to a web page or web service that the request should be approved. You'd have to work out something with security and authentication, of course, so that not just anybody could call that page and approve the request.

Related

Deploy InfoPath form to a users who don't have access to Intranet

I would want to deploy an InfoPath (2007) form to users who at the time of filling the form, may not have internet access, then after filling it out, they can go to an internet cafe, connect their laptops to the internet and submit the form to a public web service. I don't want to deploy to SharePoint, I would just want to send the form directly to the user, something close to what you can do with an Adobe PDF form. Is this possible?
Thanks in advance.
I have done something similar before with Infopath 2003 a couple of years ago. I used submission via email though. The advantages of using the email is that it will sit in the outbox of outlook.
all our forms were emailed to a specific email address with a windows service that polled the inbox of the recieving mailbox to extract the form and continue with the workflow. found this was easier path to take than trying to submit to a public webservice. one was almost submit and forget (apart from opening email). Your scenario requires that the user fill out a form during the day and then remembering to submit when they are next connected to the internet is just asking for trouble, IMO.
People will tend to forget that they have to reopen the form and submit it next time they are online whereas if you submit it via email then the only thing they need to do is open and read their email at the end of the day.
I all comes down to user behaviour. if your users are willing to go through the processes that you are thinking about, then yes it is possible to do what you are suggesting.

ASP.NET MVC Registration With Captcha

I would like to allow my users to register from homepage by entering name, surname, email and password information. After submitting the form, I want to redirect my users to a security check page for a capthca validation. User will be saved to the database after this captcha validation. The scenario is similar to Facebook's homepage registration feature.
My problem is, after collecting name, surname, email and password information how can I send them to the captcha validation page in a secure manner (not sending them with querystring, because password will be plain there). TempData and Session usage will not be followed in this project.
Thank you!
First of all, you can use Recaptcha for .NET (http://recaptchanet.codeplex.com) to use a robust and secure captcha solution for your MVC .NET project.
When you submit the form, create a cookie and encrypt its values with the user's session ID as its key and have its expiration time to be something like 5 minutes. Read the cookie from the captcha page. I am assuming that you don't want to store the values on the server and query string is obviously not feasible.
I would recommend using MVCRecaptcha (https://mvcrecaptcha.codeplex.com/). Please note - specifically MVCRecaptcha and not some of the other closely related implementations.
Download the package from Nuget, however, make SURE that you don't download the other Recaptcha packages that are available - you should specifically download MVC recaptcha.
Then follow the rest of the instructions on the MVC recaptcha codeplex site to get up and running.

Open protected web page passing in credentials programmatically

I have code examples from some of my previous work that help me to post form values to a web page (login credentials) and retrieve the text from that page. Now I want to pass in form values (login credentials again) but actually open that web page in a browser given those credentials.
How do I do that? I'm not doing anything nefarious. In our CRM app (home-grown as it is), I want to create a link button that opens our web site's protected products page given the user's credentials (based on the user's login credentials). Normally, I'd copy the user's credentials in our login page which then takes me to the products page. I'm trying to do this now by just clicking a link button.
Any suggestions?
How are you launching the browser? Is this an internal network app? If so, I would recommend using Windows Authentication for your ASP.NET app, and then you don't have to worry about passing credentials. If you can't do that, then you'll probably have to pass the credentials on the querystring generated by your CRM app. Obviously, this is a huge security risk. But the next step would be to perform your internal authentication and then call FormsAuthencation.RedirectFromLoginPage or FormsAuthentication.SetAuthCookie().

Persisting data cross domains?

I have 2 applications, each in different domains. When a user comes to the first application, clicks a link, the user is sent to the second application.
My problem is as follows: I need to persist a sessionId from the first application to the second application. Simple enough but here's the catch. I can't use query string and I can't use cookies(since in different domains). I was thinking, is there a way to insert custom values into HTTP Headers or set some form values on an intermediate page which would then POST to the second application? So the process would be as follows:
User clicks a link on the first page, this takes the user to an "intermediate" page, this "intermediate" page sets a sessionId value in the form or http Header, then the "intermediate" page sends the user to the second application via a POST where the app will have the sessionId.
I can't use a Server.Transfer since the app is not on the same server. Help?
This is how Microfot tried to do it Does Issuing Passports Make Microsoft a Country?.
You could try and make a secure SOAP or XML request with a secure token referencing a session id you stored for the user in a shared database. You could then load the user's session based on that session id stored in the db if a match is found.
One way that you could do it is to use webservices. Before the user is to switch sites, you could give the user an unique authentication token that has been agreed upon prior to leaving.
Another thing you could do (this is not a great solution, but it works) is to use frames, and to send the child frame information through javascript (login information). I really don't like this method, because it presents so many problems that its best avoided.
What I mean:
Web services: Communicate with the other site to say "this user is currently logged in here," you can do this at login (depends how much you trust the other domain), or you can do it when the user requests to leave
Giving the user an authentication token: You can post it as a form element. Or if you had an agreement with both domains you could send it to a URL that could later be interpreted as a rediection service+authentication token confirmation portion. I.E.: domain.com/page/token+pageid-mixture
Use OpenID. It's designed for this purpose (common authentication to web sites on multiple domains). The protocol's been under development for years and has probably encountered and solved a lot of the problems you'd be likely to run into if you roll your own solution.

Email Application Question

I have created some webforms that will allow users to fill in their data. Afterwards, the information is processed and inserted into a database with a follow up email to me afterwards letting me know who signed up.
The problem is that I use different email addresses on all of these webforms.
What I would like is some sort of dashboard email application where I can view all the emails being sent to me from one central point.
I think that Thunderbird allows you to receive multiple emails from different accounts. Is something like this even possible?
You can configure just about any email application to receive mail from multiple accounts. Thunderbird does this as does outlook (not outlook express). Just go through the normal process you do to add an account, then go ahead and add another account under a different email address.
Here's a link to a walk through on how to do this on Thunderbird.

Resources