Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Security (Urgent!!!)

Reply
Thread Tools

Security (Urgent!!!)

 
 
Vinod
Guest
Posts: n/a
 
      06-27-2005
Hi,

I am developing a aspx login screen based on the roles (Admin,User). If
the role is Admin he needs to acess a
particular folder in the system.

If the role is User he needs to access another folder in the system.

How can i accomplish it.
Currently i am using this code but its not working fine

<location path="alfa/admin">
<system.web>
<authorization>
<allow roles ="Admin" />
<deny users="*" />
</authorization>
</system.web>
</location>

<location path="engine">
<system.web>
<authorization>
<allow roles ="Users"/>
<deny users="*" />
</authorization>
</system.web>
</location>

In the login screen if i enter a valid login also it is not redirecting
it to a page in the admin folder . It attaches the redirection url and
stays in the same page.

Any Help will be very grateful


Regards
Vinod


 
Reply With Quote
 
 
 
 
Dominick Baier [DevelopMentor]
Guest
Posts: n/a
 
      06-27-2005
Hello Vinod,

what do you use to redirect back?

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Hi,
>
> I am developing a aspx login screen based on the roles
> (Admin,User). If
> the role is Admin he needs to acess a
> particular folder in the system.
> If the role is User he needs to access another folder in the
> system.
>
> How can i accomplish it.
> Currently i am using this code but its not working fine
> <location path="alfa/admin">
> <system.web>
> <authorization>
> <allow roles ="Admin" />
> <deny users="*" />
> </authorization>
> </system.web>
> </location>
> <location path="engine">
> <system.web>
> <authorization>
> <allow roles ="Users"/>
> <deny users="*" />
> </authorization>
> </system.web>
> </location>
> In the login screen if i enter a valid login also it is not
> redirecting it to a page in the admin folder . It attaches the
> redirection url and stays in the same page.
>
> Any Help will be very grateful
>
> Regards
> Vinod




 
Reply With Quote
 
 
 
 
Vinod
Guest
Posts: n/a
 
      06-28-2005
I user response.redirect and it doesnot redirect to the location instead it
adds the path as a query string to the url

regards
vinod


"Dominick Baier [DevelopMentor]" <(E-Mail Removed)>
wrote in message news:(E-Mail Removed).. .
> Hello Vinod,
>
> what do you use to redirect back?
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > Hi,
> >
> > I am developing a aspx login screen based on the roles
> > (Admin,User). If
> > the role is Admin he needs to acess a
> > particular folder in the system.
> > If the role is User he needs to access another folder in the
> > system.
> >
> > How can i accomplish it.
> > Currently i am using this code but its not working fine
> > <location path="alfa/admin">
> > <system.web>
> > <authorization>
> > <allow roles ="Admin" />
> > <deny users="*" />
> > </authorization>
> > </system.web>
> > </location>
> > <location path="engine">
> > <system.web>
> > <authorization>
> > <allow roles ="Users"/>
> > <deny users="*" />
> > </authorization>
> > </system.web>
> > </location>
> > In the login screen if i enter a valid login also it is not
> > redirecting it to a page in the admin folder . It attaches the
> > redirection url and stays in the same page.
> >
> > Any Help will be very grateful
> >
> > Regards
> > Vinod

>
>
>



 
Reply With Quote
 
Dominick Baier [DevelopMentor]
Guest
Posts: n/a
 
      06-28-2005
Hello Vinod,

like this :

Response.Redirect(FormsAuthentication.GetRedirectU rl(txtUsername.Text, false));

??

i have a full working example on my blog - maybe this clarifies things
http://www.leastprivilege.com/conten...stPractice.zip

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> I user response.redirect and it doesnot redirect to the location
> instead it adds the path as a query string to the url
>
> regards
> vinod
> "Dominick Baier [DevelopMentor]"
> <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed).. .
>
>> Hello Vinod,
>>
>> what do you use to redirect back?
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> Hi,
>>>
>>> I am developing a aspx login screen based on the roles
>>> (Admin,User). If
>>> the role is Admin he needs to acess a
>>> particular folder in the system.
>>> If the role is User he needs to access another folder in the
>>> system.
>>> How can i accomplish it.
>>> Currently i am using this code but its not working fine
>>> <location path="alfa/admin">
>>> <system.web>
>>> <authorization>
>>> <allow roles ="Admin" />
>>> <deny users="*" />
>>> </authorization>
>>> </system.web>
>>> </location>
>>> <location path="engine">
>>> <system.web>
>>> <authorization>
>>> <allow roles ="Users"/>
>>> <deny users="*" />
>>> </authorization>
>>> </system.web>
>>> </location>
>>> In the login screen if i enter a valid login also it is not
>>> redirecting it to a page in the admin folder . It attaches the
>>> redirection url and stays in the same page.
>>> Any Help will be very grateful
>>>
>>> Regards
>>> Vinod




 
Reply With Quote
 
Vinod
Guest
Posts: n/a
 
      06-29-2005
I am just using Reponse.Redirect.

My code is working fine locally , but when i upload to the server it doesnot
work

regards
vinod
"Dominick Baier [DevelopMentor]" <(E-Mail Removed)>
wrote in message news:(E-Mail Removed).. .
> Hello Vinod,
>
> like this :
>
> Response.Redirect(FormsAuthentication.GetRedirectU rl(txtUsername.Text,

false));
>
> ??
>
> i have a full working example on my blog - maybe this clarifies things
> http://www.leastprivilege.com/conten...stPractice.zip
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > I user response.redirect and it doesnot redirect to the location
> > instead it adds the path as a query string to the url
> >
> > regards
> > vinod
> > "Dominick Baier [DevelopMentor]"
> > <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed).. .
> >
> >> Hello Vinod,
> >>
> >> what do you use to redirect back?
> >>
> >> ---------------------------------------
> >> Dominick Baier - DevelopMentor
> >> http://www.leastprivilege.com
> >>> Hi,
> >>>
> >>> I am developing a aspx login screen based on the roles
> >>> (Admin,User). If
> >>> the role is Admin he needs to acess a
> >>> particular folder in the system.
> >>> If the role is User he needs to access another folder in the
> >>> system.
> >>> How can i accomplish it.
> >>> Currently i am using this code but its not working fine
> >>> <location path="alfa/admin">
> >>> <system.web>
> >>> <authorization>
> >>> <allow roles ="Admin" />
> >>> <deny users="*" />
> >>> </authorization>
> >>> </system.web>
> >>> </location>
> >>> <location path="engine">
> >>> <system.web>
> >>> <authorization>
> >>> <allow roles ="Users"/>
> >>> <deny users="*" />
> >>> </authorization>
> >>> </system.web>
> >>> </location>
> >>> In the login screen if i enter a valid login also it is not
> >>> redirecting it to a page in the admin folder . It attaches the
> >>> redirection url and stays in the same page.
> >>> Any Help will be very grateful
> >>>
> >>> Regards
> >>> Vinod

>
>
>



 
Reply With Quote
 
Dominick Baier [DevelopMentor]
Guest
Posts: n/a
 
      06-30-2005
Hello Vinod,

try using

Response.Redirect("~/default.aspx");

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> I am just using Reponse.Redirect.
>
> My code is working fine locally , but when i upload to the server it
> doesnot work
>
> regards
> vinod
> "Dominick Baier [DevelopMentor]"
> <(E-Mail Removed)>
> wrote in message news:(E-Mail Removed).. .
>> Hello Vinod,
>>
>> like this :
>>
>> Response.Redirect(FormsAuthentication.GetRedirectU rl(txtUsername.Text
>> ,
>>

> false));
>
>> ??
>>
>> i have a full working example on my blog - maybe this clarifies
>> things
>> http://www.leastprivilege.com/conten...estPractice.zi
>> p
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> I user response.redirect and it doesnot redirect to the location
>>> instead it adds the path as a query string to the url
>>>
>>> regards
>>> vinod
>>> "Dominick Baier [DevelopMentor]"
>>> <(E-Mail Removed)> wrote in message
>>> news:(E-Mail Removed).. .
>>>> Hello Vinod,
>>>>
>>>> what do you use to redirect back?
>>>>
>>>> ---------------------------------------
>>>> Dominick Baier - DevelopMentor
>>>> http://www.leastprivilege.com
>>>>> Hi,
>>>>>
>>>>> I am developing a aspx login screen based on the roles
>>>>> (Admin,User). If
>>>>> the role is Admin he needs to acess a
>>>>> particular folder in the system.
>>>>> If the role is User he needs to access another folder in the
>>>>> system.
>>>>> How can i accomplish it.
>>>>> Currently i am using this code but its not working fine
>>>>> <location path="alfa/admin">
>>>>> <system.web>
>>>>> <authorization>
>>>>> <allow roles ="Admin" />
>>>>> <deny users="*" />
>>>>> </authorization>
>>>>> </system.web>
>>>>> </location>
>>>>> <location path="engine">
>>>>> <system.web>
>>>>> <authorization>
>>>>> <allow roles ="Users"/>
>>>>> <deny users="*" />
>>>>> </authorization>
>>>>> </system.web>
>>>>> </location>
>>>>> In the login screen if i enter a valid login also it is not
>>>>> redirecting it to a page in the admin folder . It attaches the
>>>>> redirection url and stays in the same page.
>>>>> Any Help will be very grateful
>>>>> Regards
>>>>> Vinod




 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Accessing higher security level from higher security level nderose@gmail.com Cisco 0 07-11-2005 10:20 PM
Going from higher security level interface to lower security interface- HELP!!! - AM Cisco 4 12-28-2004 09:52 PM
IT-Security, Security, e-security COMSOLIT Messmer Computer Support 0 09-05-2003 08:34 AM
How secure is the security from my security form? Aaron Java 1 08-04-2003 06:16 PM
MCSA: Security MCSE: Security question Rick Sears MCSE 0 07-29-2003 08:02 PM



Advertisments