I have a set of four ASP.NET roles that I have been trying to delete - they never want to die.
Simply put, I've deleted them successfully by using the website administrator tool and by running the stored procedure:
exec aspnet_Roles_deleteRole '/', 'CameraOwner', 1;
My application name is '/'. I see the records getting deleted from the database. No one is using it. I refresh my role management page - it is gone. However, the next time my application restarts - and sometimes after a page refresh, the deleted roles get re-inserted.
Added: If I delete the roles and do an iisreset: the roles are still deleted. As soon as I hit my application (even with a wget that doesn't have any pre-existing cookies) the roles get re-inserted.
Has anyone experienced this before?
UPDATE: Found my problem. Yet Another Forum.NET had linked Roles. Everytime you reloaded the application, it recreated the missing linked roles.
How did the roles get into your system in the first place? Do you have any code that automatically adds roles? Can you try changing the DB name to make sure another system isn't hitting the same database?
Related
We have a number of webpages that employees can access. I have a table, in a database, which determines who can access the individual pieces.
I use HttpContext.Current.User.Identity.Name, to get the current username, and then determine whether they are allowed to access the page they are requesting. If not, they are redirected to an access denied page, which has contact details where they can request access.
This is been working for months and is still working for everybody, except me! As well as my usual active directory account, I have what we call a developer account to login to servers et cetera. When I run the webpages on my PC, either through visual studio or IIS, I have determined that it is working because it is using my standard active directory account.
I am not aware of making any changes. I was actually just going through the pages as part of a documentation exercise.
However, as soon as I try to browse the pages on the server, it appears to be using my developer account! How do I know this? Firstly, I have built a test page that displays the current username. Secondly, I have an audit table, which records who try to access what page, when and whether they were allowed access.
Yes I could add my developer account to the users table but that would obviously not be my preferred solution. I have been working on something else for the past few days (nothing to do with this) and based on the audit table, I think this problem started today.
Any ideas?
I'm finishing off an ASP application, and in testing, my sa-enabled account was fine for everything.
However, this is not best practice. I did not want to individually assign permissions to windows groups and users for every database object a given group of users touches through the app. I know application roles are a thing for SQL Server, and that executing sp_setapprole to sign into the app role for permissions is the way I want to manage this, but I'm new to ASP and can't seem to find a way to get the pages to execute this procedure for every time it makes a connection. I feel like I'm missing an event somewhere. I have several pages which will need to behave this way, and one master page. If the code can be centralized, advise on how to do that would also be appreciated.
I'm trying to limit the ability for user accounts to be created. My host has noticed spam activity on my account and has suggested that it is being generated by accessing the user account creation script directly.
When I try to access that feature in Drupal 7, the Setting tab doesn't render correctly. Fields and Display tabs function correctly.
Screen Snap
If your host is right about the script being accessed directly, then your site might be hacked.
Since you also have problems with rendering of the settings tab, I would execute these steps in this order:
Follow the instructions for updating Drupal, starting with backup of
the database and the files:
https://www.drupal.org/docs/7/updating-your-drupal-site/update-procedure-minor-version-change
Set secure permissions for files and folders: https://www.drupal.org/node/244924
The second step alone might help stopping the user creation by direct access to the script, but it will not get back the original settings tab.
In back-end go to Configuration -> People -> Account settings. There is a section Registration and cancellation and Who can register radio buttons group where you can forbid anonymous user create account. If that's already set well and people are still registering then it really is possible that your site has been hacked.
I used the Login control in my ASP.NET form.A database was created- ASPNETDB.
But once I create a user and then execute the form next time,I cant login, i.e., I've to register as a new user everytime I simulate the web form. The code cant retrieve my previously stored login id and password.How can I fix it?
The problem could be that the database file is been copied to the output directory everytime you run your application and overriding the previous copied file that contains the registration data.
If that was the problem, you can solve it by change the database file's Copy To Output Directory property value from always copy to copy if newer.
Solution #1: Under the "project" tab in Visual Studio, go to ASP.NET configuration. Make sure that the "active" check box is checked, under security, manage users (ASP.NET default login tables).
Solution #2: Use your login tables.
Solution #3: Still searching for it.
I am in the process of moving my drupal site to a new IIS server. I had it running perfectly on one server. I disabled all non-core modules, turned off clean urls, put the site in maintenance mode and moved the files and database to my new server. I am able to bring the new site up fine. I can view the main page as well as other content. I can even create new content.
However, whenever I try to access the admin page, I am getting a 500 error on the server. I am not getting anything in the server logs to indicate what the problem might be. Does anyone have any idea what might be going on?
Thanks for any thoughts.
Is the menu router menu system not rebuilt correctly?
Try getting to the Modules page, Menu page, or run cron.
There could be many reasons why you cannot access the administrative pages, including the fact the database tables have not been correctly moved.
Check the content of the table users, and verify the user account for the "super user" (the one with user ID equal to 1) has still the user ID equal to 1. That is a particular user that has automatically any permission; if the user ID is not 1 anymore, then the account becomes a normal user account, and it needs to be expressly allowed to do anything.
you don't need to disable clean urls, this is how your enable them in IIS:
http://learn.iis.net/page.aspx/505/install-drupal-on-iis/
could be something to do with clean urls, i also had this problem when recently removing my website to IIS, clean url's fixed this issue!