Hey I just got a question, I haven't used asp.net before but am using c#/managed c++ but I was wondering how hard would it be to do the following.
1) Make a login system where users can register.
2) each user can upload 1 file each to a server.
And those files can only be accessed by that specific user by longing in.
I think its pretty basic so it shouldn't be to hard. Im guessing im going to need a database as well where both the username/passwords/files will be stored?
If anyone has any tutorials on this I would really appreciate it.
That's quite a broad question and there are plenty of resources are out there on the web to help get started.
It's easy to set up a forms authentication system in ASP.Net 4 by just creating a new website as it automatically creates the login and registration pages for the website in a database using a "Membership Provider":
Website User Authentication
You could create an "UploadFile" table in the database that has a reference to the file path and userName. When a user is authenticated you can get their User name from User.Identity.Name property and then check if they can upload a file. You can use an ORM for easier database access and there are plenty to choose from such as Linq To SQL, Entity Framework, or NHibernate.
There are several tutorial videos on file uploads:
Simple File Upload
Of course there is much more to this but hopefully will give you some ideas on where to start learning.
Related
I am a total newbie.
I create a website with 2 pages
Update data (update.aspx)
Add data to database (add.aspx)
I want to create login page before they can access this pages.
Even if they tried accessing by typing direct url like : www.example.com/add.aspx
they should not be allowed
And secondly,
I want to generate txt log files when they click update or add button
example
User: abc updated current field in databse on (time and date)
I hope you guys help me out. :)
am using visual studio 2012 and SQL Server
As I understand of your question, you want to activate authentication in your project. In this way there is a great article about Authentication in ASP.NET that is suitable for newbies.
ASP.NET authentication and authorization
The "Forms Authentication" section in the article can fulfill you expectation.
Also, there are some logging libraries like NLog, Log4Net, Logging Application Block that are advanced and have lots of facilities, but for starting I recommend you reading Create Simple Error Log Files using ASP.NET and C#. With a bit change in the code you can log the text that you've mentioned.
If someone gives me WebForm/MVC website code using ASP.NET Membership (and he does not know the username/password), or I download it from the Internet without username/password information, how do I retrive username/password such that I can load it into VS2010, set up breakpoints, enter correct username/password, and run it to learn the code?
That information is stored in a database. The web.config file will tell you where is the database located. Once you know this, you can query the table for user information but the passwords will be hashed; however, you can always create new users programmatically or even just run straight queries against the database to do whatever you want/need.
I'm working on adding a new webapp to an existing website. I've been directed to write the webapp in ASP.NET. The existing website is written in ColdFusion. For the most part, the ASP.NET webapp is completely stand-alone, but it needs to interact with the ColdFusion code in one important way - if somebody logs in to the ColdFusion site, we don't want them to have to log in again when visiting an ASP.NET page.
When someone logs in to the ColdFusion site, their username is stored in a cookie, along with a login token that can be looked up in our database. My .NET is a little rusty, so I'm having trouble visualizing how the ASP.NET code should use this data. I've already written a simple MembershipProvider that can be used to log in/out out the ASP.NET app using the data in our existing database tables, which are shared with the ColdFusion code.
What I'd like to know is - how can I make sure the ASP.NET app detects the cookies set by the ColdFusion app (I imagine they'd be sent to the ASP.NET pages, since everything is hosted on one domain), and automatically logs the user in using the MembershipProvider and Forms Authentication, using the credentials supplied in the cookie? I'm thinking that putting some kind of cookie check and log in function in the Global.asax file, set to run every page load for every page... but that seems kind of clunky. Also, do people still use the Global.asax file anyway? I had thought there was a more modern method.... Also, how can I manually log someone in using Forms Authentication and a custom membership provider? Currently my code allows the user to log in using the provided login control, but I'm not sure how to log the user in without them having to do anything.
Thanks in advance for any help. Looking over the MembershipProvider tutorials and the MSDN documentation it seems to me like the answer should be staring me in the face, but for some reason I just can't see it. Maybe not enough coffee....
Not sure if this is what you're looking for:
FormsAuthentication.SetAuthCookie("the username goes here",false);
Reference
I'm a CF developer ususally, but we had to do some integration with a .NET application recently and the way we approached it was to keep the CF and .NET sessions separate but ensure that login happened on both so when the user moved from one to the other they were still logged in.
So is there perhaps a way for you to hit your ASP.NET application with a request to login a user when you login using the CF application? Perhaps you could have an iframe on the page that you can load when the CF login is complete that holds a login service for the .NET app?
This way you would not need to worry about one app server reading the other app server's cookies, instead there would be two sets of cookies, one for ASP and one for CF.
Hope that helps!
The way I would approach it, is I would have a specific page that acts as a liaison between the CF and .NET layer. That page would implement your business layer and just check to see if the Cookie is there, if so read it in, do the lookup and login the user or whatever business logic that needs to be done. How would you accomplish the login/authentication, well that’s all based on your login/authentication code.
The only link I can offer is the basic of cookies in ASP.net
http://msdn.microsoft.com/en-us/library/aa289495(v=vs.71).aspx
Edit: found another link that might be helpful.
http://www.aspnettutorials.com/tutorials/network/cookies-csharp.aspx
Currently using DNN 5.2.x and we are using only 1 portal on the site. We need to make a mobile version of the portal and eliminate most of the extra DNN stuff as info will be just displayed. So what we decided to do was create seperate ASP.NET Web Forms website and utilize the DNN providers (membership, roles, etc) to do the logging in. However we are currently having issues. The one in particular is ("unknown exception trying to write to log"). We've moved most of the DNN Global.asax (i.e. SimpleContainer instructions) file to the new website and added the necessary web.config sections and references however we get this error when a user logs in. We did copy over the same web.config machine key to the new website. The connection strings are also there (app settings and connection string sections and is named SiteSqlServer).
So my question is, has anyone created a new website around DNN without using DNN except for the membership? i.e. no modules, no skins, etc. Just validate user and get roles.
If you have what needs to be done to get DNN 5.2.x (or later) to log a user in and return the roles, could you post your steps?
The default DNN login is based on ASP.NET membership. If all you really want is the login feature, it will be MUCH MUCH easier to simply use the ASP.NET membership directly than try to rip it out of DNN.
What you are trying is not impossible, but certainly will require substantial patience with trial and error.
For only validation users and getting roles you could write your own simple providers that utilize dnn special tables in the databse like (Users, Roles, UserRoles, Profile etc). The table User is associated with the aspnet_Membership and aspnet_Users standard tables via the Username field.
There are many options which are open for you.
If you really don't want to digg into complecations of how to integrate the dnn membership and role provider will work, you can check dnn single sign on
Another option is to have your webforms application as a subfolder in your dnn website. that way you don't have to do much effort and you will have all the good things ready to get started. even you can directly convert your skin to master page and reuse almost all the css and image related suff
In addition to above, I also suggest another smart way to do this. Since you are considering a mobile site, why don't you try and detect the browser using Request.Browser and create a separate skin for dnn that is of smaller size. We can easily switch skins dynamically for service requests.
I hope this will help. If you have more questions regarding this, I will be happy to help. Just drop me and email and I will try to help you get as close as possible to get you going.
Good Luck
This is the route we took. We basically implemented DNN in the mobile version of the website. Except we only utilized the User Membership features of DNN. To do this we had to use all the same core DNN dll's and also include all the "bootup" features in the global.asax file. We also had to on every request inject a UserInfo object into the session context. I forget the key name for the UserInfo oject used but it is used by DNN and must be set in a DNN handler that we did not incorporate. Other than that it works perfectly. We have the ability to get all the roles a user is in and etc.
I have been Googling a problem that I have with trying to integrate the web application that I am working on with SharePoint 2010.
The web application is a wiki style tool that allows users to log in via forms authentication or WIA against Active Directory and create content for themselves and others.
What we would like to do is to allow a user have a page with the content they have created in our web application mixed in with content that they have living on the SharePoint server. For example, they may want to see a list of documents that they have on the SharePoint server mixed in with some of their content.
To accomplish this, we would like to take the credentials the user has logged into our web application with (for example MYDOMAIN\jsmith) and be able to query SharePoint for the documents of that same user (MYDOMAIN\jsmith) WITHOUT the user being prompted to re-enter their credentials to access the SharePoint server (we are trying to avoid the double-hop problem)
We have come up with some options for how we want to do this, but we are unsure of what the best approach is.
For example, we could
- Have a global user, shared by all users to get information we need from SharePoint. The downside is that we cannot filter SharePoint content to a particular user
- We could store the users credentials when they log in, but that would only work for users authenticating via forms auth and would be a security issue that some users/clients would not like
- Writing a SharePoint extension using WCF to allow us to access the information we need, however we'd still have the issue of figuring out how to impersonate the user we want.
Neither of these options are ideal and in our investigation we came across the Claims Authentication/STS option which seems like it is trying to solve the problem we are having.
So my question is, based on what I have written, is Claims/STS the best approach for us? We have not been able to find much direction on how to use this method to call into SharePoint from a Web Application and pass along the existing credentials.
Does anyone have any experience with any of these issues?
It sounds like you may be overcomplicating the problem. The reason that the user gets asked for credentials twice is that the two parts of the system are on different servers. The easiest solution is probably to implement your custom web app as custom pages/web parts within SharePoint.
If that isn't an option, a smaller amount of code on the SharePoint server (maybe a custom web service) should give you a few more options for impersonating a particular user.