Hi All,
We are about to develop a Content management system, that can view, edit
content online.
In our system, we have a file called "sample business letter"
workers... in ur system... are only allow to read (online through IE) what
ever the content they are permisionned to read
there are two workers named w1 and w2. who belong to the worker role
requrement comes saying "DON"T ALLOW W2 TO READ THE 'SAMPLE BUSINESS
LETTER'"
Assume that both know the direct url of the file "sample business letter".
How can I achieve this...
Get me a direction
Thanks,
Regards,
Nirosh. 7 1631
Nirosh,
I assume that you are developing an ASP.NET web application to achieve the
scenario that you detailed.
You therefore need to do two things:
1. Set up user authentication for your web application. In order to do this
you need to add an <authentication mode="Windows" /> or <authentication
mode="Forms"><forms loginUrl="loginForm.aspx" /></authentication> to your
web.config file (use Windows only if everyone is accessing the application
from a company LAN/WAN, use Forms if connecting from the general internet).
For Forms authentication you will need to add your own loginForm.aspx page
which accepts the username & password - check out MSDN library for more info.
For Windows authentication you will need to add <identity impersonate="true"
/> to web.config to force the application to run with the same domain user
credentials as the user on the client.
2. Enable role based authorization on the pages whose access you wish to
restrict. For windows authorization, you can simply set file access security
on the relevant web page files to allow the users who should have access and
deny those who shouldnt.
For Forms based security, you will have to add your own access logic to each
ASP.NET page which is accessed. If the user is not allowed access you can
(for example) use Server.Transfer to dump the user onto an "Unauthorised
Access" page.
I know this is all a bit complicated, but hopefully this will give you
enough information to find what you actually need in the online help.
Cheers,
Chris.
"Champika Nirosh" wrote: Hi All,
We are about to develop a Content management system, that can view, edit content online.
In our system, we have a file called "sample business letter" workers... in ur system... are only allow to read (online through IE) what ever the content they are permisionned to read
there are two workers named w1 and w2. who belong to the worker role
requrement comes saying "DON"T ALLOW W2 TO READ THE 'SAMPLE BUSINESS LETTER'"
Assume that both know the direct url of the file "sample business letter".
How can I achieve this... Get me a direction
Thanks, Regards, Nirosh.
Hi Chris,
Thanks for the detailed help. It definitely give me a direction to restrict
ASPX pages... it is also a one part of this..
The section I need little more clarification is .. if I have some content
files that are not aspx.. let assume they are some word documents.. whcih I
have to give diferent access permission for each user.. as a example if u1
and u2 belong to the same role but I may give read access/permission for u1
while given read/write access/permission to u2 for the same document.. can
you get me a hint on this line as well.
Thanks,
Nirosh.
"Chris Ballard" <Ch**********@discussions.microsoft.com> wrote in message
news:0A**********************************@microsof t.com... Nirosh,
I assume that you are developing an ASP.NET web application to achieve the scenario that you detailed.
You therefore need to do two things: 1. Set up user authentication for your web application. In order to do
this you need to add an <authentication mode="Windows" /> or <authentication mode="Forms"><forms loginUrl="loginForm.aspx" /></authentication> to your web.config file (use Windows only if everyone is accessing the application from a company LAN/WAN, use Forms if connecting from the general
internet). For Forms authentication you will need to add your own loginForm.aspx page which accepts the username & password - check out MSDN library for more
info. For Windows authentication you will need to add <identity
impersonate="true" /> to web.config to force the application to run with the same domain user credentials as the user on the client.
2. Enable role based authorization on the pages whose access you wish to restrict. For windows authorization, you can simply set file access
security on the relevant web page files to allow the users who should have access
and deny those who shouldnt.
For Forms based security, you will have to add your own access logic to
each ASP.NET page which is accessed. If the user is not allowed access you can (for example) use Server.Transfer to dump the user onto an "Unauthorised Access" page.
I know this is all a bit complicated, but hopefully this will give you enough information to find what you actually need in the online help.
Cheers, Chris.
"Champika Nirosh" wrote:
Hi All,
We are about to develop a Content management system, that can view, edit content online.
In our system, we have a file called "sample business letter" workers... in ur system... are only allow to read (online through IE)
what ever the content they are permisionned to read
there are two workers named w1 and w2. who belong to the worker role
requrement comes saying "DON"T ALLOW W2 TO READ THE 'SAMPLE BUSINESS LETTER'"
Assume that both know the direct url of the file "sample business
letter". How can I achieve this... Get me a direction
Thanks, Regards, Nirosh.
Hi Nirosh,
There are two ways (that I can immediately think of) to achieve this. If you
are using windows authentication, then setup security as per my last post.
If you are using forms based authentication, then you can store the secured
data files outside of your web virtual directory (i.e. so you cannot access
them remotely via a URL), then add an aspx page to handle access to the
files. The code behind on this page will use the credentials of the
authenticated user to determine whether or not they should have access. If
they are allowed access, it then returns the file data only on the response
stream.
See http://www.codeproject.com/aspnet/imagehandler.asp for a definition of
this technique (the example is in VB, but the technique can easily be
transferred to C#).
Regards,
Chris.
"Champika Nirosh" wrote: Hi Chris,
Thanks for the detailed help. It definitely give me a direction to restrict ASPX pages... it is also a one part of this..
The section I need little more clarification is .. if I have some content files that are not aspx.. let assume they are some word documents.. whcih I have to give diferent access permission for each user.. as a example if u1 and u2 belong to the same role but I may give read access/permission for u1 while given read/write access/permission to u2 for the same document.. can you get me a hint on this line as well.
Thanks, Nirosh.
Chris,
That sounds great ... I think that is what I was looking for..
Thanks for this..
Nirosh.
"Chris Ballard" <Ch**********@discussions.microsoft.com> wrote in message
news:80**********************************@microsof t.com... Hi Nirosh,
There are two ways (that I can immediately think of) to achieve this. If
you are using windows authentication, then setup security as per my last post.
If you are using forms based authentication, then you can store the
secured data files outside of your web virtual directory (i.e. so you cannot
access them remotely via a URL), then add an aspx page to handle access to the files. The code behind on this page will use the credentials of the authenticated user to determine whether or not they should have access. If they are allowed access, it then returns the file data only on the
response stream.
See http://www.codeproject.com/aspnet/imagehandler.asp for a definition of this technique (the example is in VB, but the technique can easily be transferred to C#).
Regards, Chris.
"Champika Nirosh" wrote:
Hi Chris,
Thanks for the detailed help. It definitely give me a direction to
restrict ASPX pages... it is also a one part of this..
The section I need little more clarification is .. if I have some
content files that are not aspx.. let assume they are some word documents..
whcih I have to give diferent access permission for each user.. as a example if
u1 and u2 belong to the same role but I may give read access/permission for
u1 while given read/write access/permission to u2 for the same document..
can you get me a hint on this line as well.
Thanks, Nirosh.
Hi Chris,
I was bit over excited earlier ...
Do you think that this same technique can be applied for a html page that
has images embedded in them as well..
I have some html files as well...
Nirosh.
"Champika Nirosh" <te**@test.lk> wrote in message
news:uM**************@TK2MSFTNGP15.phx.gbl... Chris,
That sounds great ... I think that is what I was looking for.. Thanks for this..
Nirosh.
"Chris Ballard" <Ch**********@discussions.microsoft.com> wrote in message news:80**********************************@microsof t.com... Hi Nirosh,
There are two ways (that I can immediately think of) to achieve this. If you are using windows authentication, then setup security as per my last
post. If you are using forms based authentication, then you can store the
secured data files outside of your web virtual directory (i.e. so you cannot access them remotely via a URL), then add an aspx page to handle access to the files. The code behind on this page will use the credentials of the authenticated user to determine whether or not they should have access.
If they are allowed access, it then returns the file data only on the response stream.
See http://www.codeproject.com/aspnet/imagehandler.asp for a definition
of this technique (the example is in VB, but the technique can easily be transferred to C#).
Regards, Chris.
"Champika Nirosh" wrote:
Hi Chris,
Thanks for the detailed help. It definitely give me a direction to restrict ASPX pages... it is also a one part of this..
The section I need little more clarification is .. if I have some content files that are not aspx.. let assume they are some word documents.. whcih I have to give diferent access permission for each user.. as a example
if u1 and u2 belong to the same role but I may give read access/permission
for u1 while given read/write access/permission to u2 for the same document.. can you get me a hint on this line as well.
Thanks, Nirosh.
Hi,
That might not be so easy. You can of course send and HTML file back to the
client using the same technique as the binary file, which will display as
normal in the browser. However the images in this HTML file would have to
have URLs as normal, and could therefore be accessed even if the HTML file
was blocked.
One other possibility would be to have two seperate applications (i.e.
running under different IIS virtual directories). One being the generic
application, the other being the more secure application. You would have to
devise a method to ensure that the user only enters login details once for
both applications, and also have the problem that the applications cannot
share state.
Chris.
"Champika Nirosh" wrote: Hi Chris,
I was bit over excited earlier ...
Do you think that this same technique can be applied for a html page that has images embedded in them as well..
I have some html files as well... Nirosh.
"Champika Nirosh" <te**@test.lk> wrote in message news:uM**************@TK2MSFTNGP15.phx.gbl... Chris,
That sounds great ... I think that is what I was looking for.. Thanks for this..
Nirosh.
"Chris Ballard" <Ch**********@discussions.microsoft.com> wrote in message news:80**********************************@microsof t.com... Hi Nirosh,
There are two ways (that I can immediately think of) to achieve this. If you are using windows authentication, then setup security as per my last post. If you are using forms based authentication, then you can store the secured data files outside of your web virtual directory (i.e. so you cannot access them remotely via a URL), then add an aspx page to handle access to the files. The code behind on this page will use the credentials of the authenticated user to determine whether or not they should have access. If they are allowed access, it then returns the file data only on the response stream.
See http://www.codeproject.com/aspnet/imagehandler.asp for a definition of this technique (the example is in VB, but the technique can easily be transferred to C#).
Regards, Chris.
"Champika Nirosh" wrote:
> Hi Chris, > > Thanks for the detailed help. It definitely give me a direction to restrict > ASPX pages... it is also a one part of this.. > > The section I need little more clarification is .. if I have some content > files that are not aspx.. let assume they are some word documents.. whcih I > have to give diferent access permission for each user.. as a example if u1 > and u2 belong to the same role but I may give read access/permission for u1 > while given read/write access/permission to u2 for the same document.. can > you get me a hint on this line as well. > > Thanks, > Nirosh. >
Thanks Chris,
I really appreciate your helps..
I'll give a try on this line
Nirosh.
"Chris Ballard" <Ch**********@discussions.microsoft.com> wrote in message
news:D8**********************************@microsof t.com... Hi,
That might not be so easy. You can of course send and HTML file back to
the client using the same technique as the binary file, which will display as normal in the browser. However the images in this HTML file would have to have URLs as normal, and could therefore be accessed even if the HTML file was blocked.
One other possibility would be to have two seperate applications (i.e. running under different IIS virtual directories). One being the generic application, the other being the more secure application. You would have
to devise a method to ensure that the user only enters login details once for both applications, and also have the problem that the applications cannot share state.
Chris.
"Champika Nirosh" wrote:
Hi Chris,
I was bit over excited earlier ...
Do you think that this same technique can be applied for a html page
that has images embedded in them as well..
I have some html files as well... Nirosh.
"Champika Nirosh" <te**@test.lk> wrote in message news:uM**************@TK2MSFTNGP15.phx.gbl... Chris,
That sounds great ... I think that is what I was looking for.. Thanks for this..
Nirosh.
"Chris Ballard" <Ch**********@discussions.microsoft.com> wrote in
message news:80**********************************@microsof t.com... > Hi Nirosh, > > There are two ways (that I can immediately think of) to achieve
this. If you > are using windows authentication, then setup security as per my last post. > > If you are using forms based authentication, then you can store the secured > data files outside of your web virtual directory (i.e. so you cannot access > them remotely via a URL), then add an aspx page to handle access to
the > files. The code behind on this page will use the credentials of the > authenticated user to determine whether or not they should have
access. If > they are allowed access, it then returns the file data only on the response > stream. > > See http://www.codeproject.com/aspnet/imagehandler.asp for a
definition of > this technique (the example is in VB, but the technique can easily
be > transferred to C#). > > Regards, > Chris. > > "Champika Nirosh" wrote: > > > Hi Chris, > > > > Thanks for the detailed help. It definitely give me a direction to restrict > > ASPX pages... it is also a one part of this.. > > > > The section I need little more clarification is .. if I have some content > > files that are not aspx.. let assume they are some word
documents.. whcih I > > have to give diferent access permission for each user.. as a
example if u1 > > and u2 belong to the same role but I may give read
access/permission for u1 > > while given read/write access/permission to u2 for the same
document.. can > > you get me a hint on this line as well. > > > > Thanks, > > Nirosh. > > >
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Mohammed AlQuraishi |
last post by:
Hi all,
I'm trying to connect to an MS Access database using ADO.NET and C#, but I'm
getting the dreaded "Microsoft Jet database engine cannot open the file 'x'.
It is already opened exclusively...
|
by: Adam Kozlowski |
last post by:
Hello,
There is two lines from my script:
<script language="javascript1.2">
fso = new ActiveXObject("Scripting.FileSystemObject");
ws = new ActiveXObject("WScript.Network");
</script>
...
|
by: Jerome |
last post by:
Hi, I'm a bit confused ... when would I rather write an database
application using MS Access and Visual Basic and when (and why) would I
rather write it using Visual Studio .Net?
Is it as easy...
|
by: bill |
last post by:
I am trying to convince a client that dotNet is preferable to an Access
project (ADP/ADE).
This client currently has a large, pure Access MDB solution with 30+ users,
which needs to be upgraded....
|
by: Dave |
last post by:
Hello NG,
Regarding access-declarations and member using-declarations as used to
change the access level of an inherited base member...
Two things need to be considered when determining an...
|
by: Doron |
last post by:
Hi all
I need to Delete a user from a database open with user that
do not have permision to do so
I have created a function that will create new workspace
with UserName and Password of one that...
|
by: avenpace |
last post by:
Hi
I have python cgi script, but when I call it I got server internal
error. The log in my apache is
(13)Permission
denied: exec of '/srv/www/cgi-bin/helo.cgi' failed
Premature end of...
|
by: Jarod |
last post by:
Hey
I want to setup diffrent access permision to each page maybe even for some
elements on the page. What's the easiest way to do it ? I plan do develop
something like HasModuleAccess(string...
|
by: GregInHouston2 |
last post by:
I am attempting to access the files on a share on a server in my network so I can list the files there on an intranet web page.
At this point, the share permissions and the NTFS permissions are...
|
by: DolphinDB |
last post by:
Tired of spending countless mintues downsampling your data? Look no further!
In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: Vimpel783 |
last post by:
Hello!
Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
|
by: jfyes |
last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
|
by: ArrayDB |
last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
|
by: Defcon1945 |
last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
|
by: Shællîpôpï 09 |
last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
| |