Hi All,
We are about to develop a Content management system, that can view, edit
content online.
In our system, we have a file called "sample business letter"
workers... in ur system... are only allow to read (online through IE) what
ever the content they are permisionned to read
there are two workers named w1 and w2. who belong to the worker role
requrement comes saying "DON"T ALLOW W2 TO READ THE 'SAMPLE BUSINESS
LETTER'"
Assume that both know the direct url of the file "sample business letter".
How can I achieve this...
Get me a direction
Thanks,
Regards,
Nirosh. 7 1657
Nirosh,
I assume that you are developing an ASP.NET web application to achieve the
scenario that you detailed.
You therefore need to do two things:
1. Set up user authentication for your web application. In order to do this
you need to add an <authenticati on mode="Windows" /> or <authenticati on
mode="Forms"><f orms loginUrl="login Form.aspx" /></authentication> to your
web.config file (use Windows only if everyone is accessing the application
from a company LAN/WAN, use Forms if connecting from the general internet).
For Forms authentication you will need to add your own loginForm.aspx page
which accepts the username & password - check out MSDN library for more info.
For Windows authentication you will need to add <identity impersonate="tr ue"
/> to web.config to force the application to run with the same domain user
credentials as the user on the client.
2. Enable role based authorization on the pages whose access you wish to
restrict. For windows authorization, you can simply set file access security
on the relevant web page files to allow the users who should have access and
deny those who shouldnt.
For Forms based security, you will have to add your own access logic to each
ASP.NET page which is accessed. If the user is not allowed access you can
(for example) use Server.Transfer to dump the user onto an "Unauthoris ed
Access" page.
I know this is all a bit complicated, but hopefully this will give you
enough information to find what you actually need in the online help.
Cheers,
Chris.
"Champika Nirosh" wrote: Hi All,
We are about to develop a Content management system, that can view, edit content online.
In our system, we have a file called "sample business letter" workers... in ur system... are only allow to read (online through IE) what ever the content they are permisionned to read
there are two workers named w1 and w2. who belong to the worker role
requrement comes saying "DON"T ALLOW W2 TO READ THE 'SAMPLE BUSINESS LETTER'"
Assume that both know the direct url of the file "sample business letter".
How can I achieve this... Get me a direction
Thanks, Regards, Nirosh.
Hi Chris,
Thanks for the detailed help. It definitely give me a direction to restrict
ASPX pages... it is also a one part of this..
The section I need little more clarification is .. if I have some content
files that are not aspx.. let assume they are some word documents.. whcih I
have to give diferent access permission for each user.. as a example if u1
and u2 belong to the same role but I may give read access/permission for u1
while given read/write access/permission to u2 for the same document.. can
you get me a hint on this line as well.
Thanks,
Nirosh.
"Chris Ballard" <Ch**********@d iscussions.micr osoft.com> wrote in message
news:0A******** *************** ***********@mic rosoft.com... Nirosh,
I assume that you are developing an ASP.NET web application to achieve the scenario that you detailed.
You therefore need to do two things: 1. Set up user authentication for your web application. In order to do
this you need to add an <authenticati on mode="Windows" /> or <authenticati on mode="Forms"><f orms loginUrl="login Form.aspx" /></authentication> to your web.config file (use Windows only if everyone is accessing the application from a company LAN/WAN, use Forms if connecting from the general
internet). For Forms authentication you will need to add your own loginForm.aspx page which accepts the username & password - check out MSDN library for more
info. For Windows authentication you will need to add <identity
impersonate="tr ue" /> to web.config to force the application to run with the same domain user credentials as the user on the client.
2. Enable role based authorization on the pages whose access you wish to restrict. For windows authorization, you can simply set file access
security on the relevant web page files to allow the users who should have access
and deny those who shouldnt.
For Forms based security, you will have to add your own access logic to
each ASP.NET page which is accessed. If the user is not allowed access you can (for example) use Server.Transfer to dump the user onto an "Unauthoris ed Access" page.
I know this is all a bit complicated, but hopefully this will give you enough information to find what you actually need in the online help.
Cheers, Chris.
"Champika Nirosh" wrote:
Hi All,
We are about to develop a Content management system, that can view, edit content online.
In our system, we have a file called "sample business letter" workers... in ur system... are only allow to read (online through IE)
what ever the content they are permisionned to read
there are two workers named w1 and w2. who belong to the worker role
requrement comes saying "DON"T ALLOW W2 TO READ THE 'SAMPLE BUSINESS LETTER'"
Assume that both know the direct url of the file "sample business
letter". How can I achieve this... Get me a direction
Thanks, Regards, Nirosh.
Hi Nirosh,
There are two ways (that I can immediately think of) to achieve this. If you
are using windows authentication, then setup security as per my last post.
If you are using forms based authentication, then you can store the secured
data files outside of your web virtual directory (i.e. so you cannot access
them remotely via a URL), then add an aspx page to handle access to the
files. The code behind on this page will use the credentials of the
authenticated user to determine whether or not they should have access. If
they are allowed access, it then returns the file data only on the response
stream.
See http://www.codeproject.com/aspnet/imagehandler.asp for a definition of
this technique (the example is in VB, but the technique can easily be
transferred to C#).
Regards,
Chris.
"Champika Nirosh" wrote: Hi Chris,
Thanks for the detailed help. It definitely give me a direction to restrict ASPX pages... it is also a one part of this..
The section I need little more clarification is .. if I have some content files that are not aspx.. let assume they are some word documents.. whcih I have to give diferent access permission for each user.. as a example if u1 and u2 belong to the same role but I may give read access/permission for u1 while given read/write access/permission to u2 for the same document.. can you get me a hint on this line as well.
Thanks, Nirosh.
Chris,
That sounds great ... I think that is what I was looking for..
Thanks for this..
Nirosh.
"Chris Ballard" <Ch**********@d iscussions.micr osoft.com> wrote in message
news:80******** *************** ***********@mic rosoft.com... Hi Nirosh,
There are two ways (that I can immediately think of) to achieve this. If
you are using windows authentication, then setup security as per my last post.
If you are using forms based authentication, then you can store the
secured data files outside of your web virtual directory (i.e. so you cannot
access them remotely via a URL), then add an aspx page to handle access to the files. The code behind on this page will use the credentials of the authenticated user to determine whether or not they should have access. If they are allowed access, it then returns the file data only on the
response stream.
See http://www.codeproject.com/aspnet/imagehandler.asp for a definition of this technique (the example is in VB, but the technique can easily be transferred to C#).
Regards, Chris.
"Champika Nirosh" wrote:
Hi Chris,
Thanks for the detailed help. It definitely give me a direction to
restrict ASPX pages... it is also a one part of this..
The section I need little more clarification is .. if I have some
content files that are not aspx.. let assume they are some word documents..
whcih I have to give diferent access permission for each user.. as a example if
u1 and u2 belong to the same role but I may give read access/permission for
u1 while given read/write access/permission to u2 for the same document..
can you get me a hint on this line as well.
Thanks, Nirosh.
Hi Chris,
I was bit over excited earlier ...
Do you think that this same technique can be applied for a html page that
has images embedded in them as well..
I have some html files as well...
Nirosh.
"Champika Nirosh" <te**@test.lk > wrote in message
news:uM******** ******@TK2MSFTN GP15.phx.gbl... Chris,
That sounds great ... I think that is what I was looking for.. Thanks for this..
Nirosh.
"Chris Ballard" <Ch**********@d iscussions.micr osoft.com> wrote in message news:80******** *************** ***********@mic rosoft.com... Hi Nirosh,
There are two ways (that I can immediately think of) to achieve this. If you are using windows authentication, then setup security as per my last
post. If you are using forms based authentication, then you can store the
secured data files outside of your web virtual directory (i.e. so you cannot access them remotely via a URL), then add an aspx page to handle access to the files. The code behind on this page will use the credentials of the authenticated user to determine whether or not they should have access.
If they are allowed access, it then returns the file data only on the response stream.
See http://www.codeproject.com/aspnet/imagehandler.asp for a definition
of this technique (the example is in VB, but the technique can easily be transferred to C#).
Regards, Chris.
"Champika Nirosh" wrote:
Hi Chris,
Thanks for the detailed help. It definitely give me a direction to restrict ASPX pages... it is also a one part of this..
The section I need little more clarification is .. if I have some content files that are not aspx.. let assume they are some word documents.. whcih I have to give diferent access permission for each user.. as a example
if u1 and u2 belong to the same role but I may give read access/permission
for u1 while given read/write access/permission to u2 for the same document.. can you get me a hint on this line as well.
Thanks, Nirosh.
Hi,
That might not be so easy. You can of course send and HTML file back to the
client using the same technique as the binary file, which will display as
normal in the browser. However the images in this HTML file would have to
have URLs as normal, and could therefore be accessed even if the HTML file
was blocked.
One other possibility would be to have two seperate applications (i.e.
running under different IIS virtual directories). One being the generic
application, the other being the more secure application. You would have to
devise a method to ensure that the user only enters login details once for
both applications, and also have the problem that the applications cannot
share state.
Chris.
"Champika Nirosh" wrote: Hi Chris,
I was bit over excited earlier ...
Do you think that this same technique can be applied for a html page that has images embedded in them as well..
I have some html files as well... Nirosh.
"Champika Nirosh" <te**@test.lk > wrote in message news:uM******** ******@TK2MSFTN GP15.phx.gbl... Chris,
That sounds great ... I think that is what I was looking for.. Thanks for this..
Nirosh.
"Chris Ballard" <Ch**********@d iscussions.micr osoft.com> wrote in message news:80******** *************** ***********@mic rosoft.com... Hi Nirosh,
There are two ways (that I can immediately think of) to achieve this. If you are using windows authentication, then setup security as per my last post. If you are using forms based authentication, then you can store the secured data files outside of your web virtual directory (i.e. so you cannot access them remotely via a URL), then add an aspx page to handle access to the files. The code behind on this page will use the credentials of the authenticated user to determine whether or not they should have access. If they are allowed access, it then returns the file data only on the response stream.
See http://www.codeproject.com/aspnet/imagehandler.asp for a definition of this technique (the example is in VB, but the technique can easily be transferred to C#).
Regards, Chris.
"Champika Nirosh" wrote:
> Hi Chris, > > Thanks for the detailed help. It definitely give me a direction to restrict > ASPX pages... it is also a one part of this.. > > The section I need little more clarification is .. if I have some content > files that are not aspx.. let assume they are some word documents.. whcih I > have to give diferent access permission for each user.. as a example if u1 > and u2 belong to the same role but I may give read access/permission for u1 > while given read/write access/permission to u2 for the same document.. can > you get me a hint on this line as well. > > Thanks, > Nirosh. >
Thanks Chris,
I really appreciate your helps..
I'll give a try on this line
Nirosh.
"Chris Ballard" <Ch**********@d iscussions.micr osoft.com> wrote in message
news:D8******** *************** ***********@mic rosoft.com... Hi,
That might not be so easy. You can of course send and HTML file back to
the client using the same technique as the binary file, which will display as normal in the browser. However the images in this HTML file would have to have URLs as normal, and could therefore be accessed even if the HTML file was blocked.
One other possibility would be to have two seperate applications (i.e. running under different IIS virtual directories). One being the generic application, the other being the more secure application. You would have
to devise a method to ensure that the user only enters login details once for both applications, and also have the problem that the applications cannot share state.
Chris.
"Champika Nirosh" wrote:
Hi Chris,
I was bit over excited earlier ...
Do you think that this same technique can be applied for a html page
that has images embedded in them as well..
I have some html files as well... Nirosh.
"Champika Nirosh" <te**@test.lk > wrote in message news:uM******** ******@TK2MSFTN GP15.phx.gbl... Chris,
That sounds great ... I think that is what I was looking for.. Thanks for this..
Nirosh.
"Chris Ballard" <Ch**********@d iscussions.micr osoft.com> wrote in
message news:80******** *************** ***********@mic rosoft.com... > Hi Nirosh, > > There are two ways (that I can immediately think of) to achieve
this. If you > are using windows authentication, then setup security as per my last post. > > If you are using forms based authentication, then you can store the secured > data files outside of your web virtual directory (i.e. so you cannot access > them remotely via a URL), then add an aspx page to handle access to
the > files. The code behind on this page will use the credentials of the > authenticated user to determine whether or not they should have
access. If > they are allowed access, it then returns the file data only on the response > stream. > > See http://www.codeproject.com/aspnet/imagehandler.asp for a
definition of > this technique (the example is in VB, but the technique can easily
be > transferred to C#). > > Regards, > Chris. > > "Champika Nirosh" wrote: > > > Hi Chris, > > > > Thanks for the detailed help. It definitely give me a direction to restrict > > ASPX pages... it is also a one part of this.. > > > > The section I need little more clarification is .. if I have some content > > files that are not aspx.. let assume they are some word
documents.. whcih I > > have to give diferent access permission for each user.. as a
example if u1 > > and u2 belong to the same role but I may give read
access/permission for u1 > > while given read/write access/permission to u2 for the same
document.. can > > you get me a hint on this line as well. > > > > Thanks, > > Nirosh. > > >
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Mohammed AlQuraishi |
last post by:
Hi all,
I'm trying to connect to an MS Access database using ADO.NET and C#, but I'm
getting the dreaded "Microsoft Jet database engine cannot open the file 'x'.
It is already opened exclusively by another user, or you need permission to
view its data."
Any ideas as to why? I set up a connection using Jet 4.0 and I'm able to
open the database from within VC#.
|
by: Adam Kozlowski |
last post by:
Hello,
There is two lines from my script:
<script language="javascript1.2">
fso = new ActiveXObject("Scripting.FileSystemObject");
ws = new ActiveXObject("WScript.Network");
</script>
Everything working fine, but sometimes some admin change default IE options
and during loading the page on screen i can see something like that "Can I
|
by: Jerome |
last post by:
Hi, I'm a bit confused ... when would I rather write an database
application using MS Access and Visual Basic and when (and why) would I
rather write it using Visual Studio .Net?
Is it as easy in Visual Studio to create reports and labels as it's in
Access?`
The advantage of VS.net is that not every user needs Access, right? And
that would eliminate the Access version problem as well I guess.
|
by: bill |
last post by:
I am trying to convince a client that dotNet is preferable to an Access
project (ADP/ADE).
This client currently has a large, pure Access MDB solution with 30+ users,
which needs to be upgraded.
I believe a dotNet solution is better, but I'm trying to be as convincing as
possible -- and maybe I'm wrong!
I would appreciate any input or references which could help me.
|
by: Dave |
last post by:
Hello NG,
Regarding access-declarations and member using-declarations as used to
change the access level of an inherited base member...
Two things need to be considered when determining an inherited base member's
access level in the derived class: its access level in the base class and
the type of inheritance (public, protected, or private). After this
determination is made, the following possibilities exist for manually
changing the...
| |
by: Doron |
last post by:
Hi all
I need to Delete a user from a database open with user that
do not have permision to do so
I have created a function that will create new workspace
with UserName and Password of one that can
The function run O.K.
But the deleted user is only realy deleted after I restart
access
I don't know how to refresh the main workspace with
|
by: avenpace |
last post by:
Hi
I have python cgi script, but when I call it I got server internal
error. The log in my apache is
(13)Permission
denied: exec of '/srv/www/cgi-bin/helo.cgi' failed
Premature end of
script headers: helo.cgi
caught SIGTERM, shutting down
|
by: Jarod |
last post by:
Hey
I want to setup diffrent access permision to each page maybe even for some
elements on the page. What's the easiest way to do it ? I plan do develop
something like HasModuleAccess(string pageName,string moduleName) function
and depending on this check... Maybe already there is something like this ?
I could use roles but what's the way to check the role without hardcoding
it's name ? So for example I have my page only for AdminUsers:...
|
by: GregInHouston2 |
last post by:
I am attempting to access the files on a share on a server in my network so I can list the files there on an intranet web page.
At this point, the share permissions and the NTFS permissions are set so open that it scares me but my GetFiles() call still generates an "access denied" exception. I have even given "Everyone" read access to the share and read, read&execute, and list folder contents permision on NTFS.
The Directory Security...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
| |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |