473,320 Members | 2,083 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

C# Web-App: Authentication how to give read/write permissions to ASP.net pages

hi friends, Can anyone tell me how to give read/write permissions to users based on their role(present in a table of SQL Server2000) in ASP.net?....please help me out....Thks for any help..
Nov 21 '07 #1
13 3495
mzmishra
390 Expert 256MB
when the user login you have to take the user ID/Name .
query the databas eto find the role associated with that.
Then put some switch case or if else block for permission
Nov 21 '07 #2
thanks for reply but is there any way to do this by using windows authentication providers?...i dont know much about windows authentication providers but i have been searching in google and found that it can also be done using role based security providers....but i dint understand it.....can u please suggest me a best way to accomplish my task.....thanks for any kind of help......



when the user login you have to take the user ID/Name .
query the databas eto find the role associated with that.
Then put some switch case or if else block for permission
Nov 21 '07 #3
Frinavale
9,735 Expert Mod 8TB
thanks for reply but is there any way to do this by using windows authentication providers?...i dont know much about windows authentication providers but i have been searching in google and found that it can also be done using role based security providers....but i dint understand it.....can u please suggest me a best way to accomplish my task.....thanks for any kind of help......

Windows authentication is not typically used in web applications because of the lack of security that it offers.

What's typically used is Forms Based authentication.

Are you using the .NET Framework version 2.0 to develop this project?

If you are there is a lot of tools out there that simplifies the task of role based authorization.

(PS what language are you using to develop this site?)

-Frinny
Nov 21 '07 #4
thanks for ur reply...yes am using .Net Framework 2.0 to develop this site and C# is the language....and i dont have a login page here in this site instead i pick the role from the SQL Server 2000 using the windows user account.can u plz tell me how to accomplish my tasks.......plz reply soon.....thanks for any knid of help..





Windows authentication is not typically used in web applications because of the lack of security that it offers.

What's typically used is Forms Based authentication.

Are you using the .NET Framework version 2.0 to develop this project?

If you are there is a lot of tools out there that simplifies the task of role based authorization.

(PS what language are you using to develop this site?)

-Frinny
Nov 22 '07 #5
Frinavale
9,735 Expert Mod 8TB
thanks for ur reply...yes am using .Net Framework 2.0 to develop this site and C# is the language....and i dont have a login page here in this site instead i pick the role from the SQL Server 2000 using the windows user account.can u plz tell me how to accomplish my tasks.......plz reply soon.....thanks for any knid of help..

When a user logs into a website ASP.NET authenticates the user, in your case with Windows Authentication. A Principal object representing the user is then placed into the HttpContext.User variable so that your application can determine what roles the user has.

Use HttpContext.User in your program to determine the user's role.

-Frinny
Nov 22 '07 #6
thanks for reply.....if i use HttpContext.User then it gives the current user who logged in.....with this i can fetch the role the from the database.....is this what u intented to tell me in ur reply.....right?
u also told ASP.NET authenticates the user, can u tell me how it authenticates...do i need to write any code for this?..please me soon...thanks...



When a user logs into a website ASP.NET authenticates the user, in your case with Windows Authentication. A Principal object representing the user is then placed into the HttpContext.User variable so that your application can determine what roles the user has.

Use HttpContext.User in your program to determine the user's role.

-Frinny
Nov 23 '07 #7
Frinavale
9,735 Expert Mod 8TB
thanks for reply.....if i use HttpContext.User then it gives the current user who logged in.....with this i can fetch the role the from the database.....is this what u intented to tell me in ur reply.....right?
u also told ASP.NET authenticates the user, can u tell me how it authenticates...do i need to write any code for this?..please me soon...thanks...
The HttpContext.User gives you the current user who is logged in.
ASP.NET is the technology that serves your web applications. You set how ASP.NET authenticates the users in your web.config....in your case all you have to do is set it to be Windows Authentication.

When ASP.NET Authenticates the user it sets a Principal object that represents the user and stores it in the HttpContext.User.

You should really check out this article:
Explained: Windows Authentication in ASP.NET 2.0

The article describes how everything works in depth. So you should be able to understand the process that happens during this type of authentication and also how to set up your application to use it.

-Frinny
Nov 23 '07 #8
thanks for replying to messages.....the article(link) which u sent me says that it requires Windows Server 2003 and IIS 6.0......but i am using XP and IIS 5.0.....dont know what to do now...can u please suggest me a best way to do this?...





The HttpContext.User gives you the current user who is logged in.
ASP.NET is the technology that serves your web applications. You set how ASP.NET authenticates the users in your web.config....in your case all you have to do is set it to be Windows Authentication.

When ASP.NET Authenticates the user it sets a Principal object that represents the user and stores it in the HttpContext.User.

You should really check out this article:
Explained: Windows Authentication in ASP.NET 2.0

The article describes how everything works in depth. So you should be able to understand the process that happens during this type of authentication and also how to set up your application to use it.

-Frinny
Nov 23 '07 #9
Frinavale
9,735 Expert Mod 8TB
thanks for replying to messages.....the article(link) which u sent me says that it requires Windows Server 2003 and IIS 6.0......but i am using XP and IIS 5.0.....dont know what to do now...can u please suggest me a best way to do this?...
What?
Windows authentication works with XP IIS 5.0 as well....
That article is very detailed on what happens when authenticating the user and how to use Windows authentication.

I strongly recommend reading it and trying out the material that it covers for Windows authentication.
Nov 23 '07 #10
Frinavale
9,735 Expert Mod 8TB
thanks for reply but is there any way to do this by using windows authentication providers?
i pick the role from the SQL Server 2000 using the windows user account

Soo, what you need to do is follow that article that I linked you to above to set up your site to authenticate the user using Windows Authentication.

At that point you will have the Principal object that represents the user made available to you through the HttpContext.User (I think I've already mentioned this)

Base on this Principal object you can retrieve the user's roles from your database.


Oh wait a sec...

Are you attempting to use Role Management?
Nov 23 '07 #11
Yes, its role management but the thing is the roles are defined in the table(sql server) and i need to fetch the roles from the table based on which i need to allow the users to edit(write or create data) or view( read) the data......please give me reply soon..thanks for ur help...


Soo, what you need to do is follow that article that I linked you to above to set up your site to authenticate the user using Windows Authentication.

At that point you will have the Principal object that represents the user made available to you through the HttpContext.User (I think I've already mentioned this)

Base on this Principal object you can retrieve the user's roles from your database.


Oh wait a sec...

Are you attempting to use Role Management?
Nov 26 '07 #12
here is the detailed picture as to what should be done.....please read this too....
i have a few ascx(user control) pages and an aspx page(on this, i have a placeholder column where i put an ascx page based on the user request)and also a table with columns as role, permisssion(read or write),page(any of my ascx pages).......i have to allow the users to read(i.e., view few ascx pages) and write(i.e.,edit few ascx pages) based on their role(role can be anything like manager,analyst etc.)...


Soo, what you need to do is follow that article that I linked you to above to set up your site to authenticate the user using Windows Authentication.

At that point you will have the Principal object that represents the user made available to you through the HttpContext.User (I think I've already mentioned this)

Base on this Principal object you can retrieve the user's roles from your database.


Oh wait a sec...

Are you attempting to use Role Management?
Nov 26 '07 #13
Frinavale
9,735 Expert Mod 8TB
Yes, its role management but the thing is the roles are defined in the table(sql server) and i need to fetch the roles from the table based on which i need to allow the users to edit(write or create data) or view( read) the data......please give me reply soon..thanks for ur help...
Check out this article on Understanding Role Management and especially the link on Role Management Providers. The second link explains how to connect to your SQL database.
Nov 26 '07 #14

Sign in to post your reply or Sign up for a free account.

Similar topics

0
by: Phillip J. Eby | last post by:
PEP: 333 Title: Python Web Server Gateway Interface v1.0 Version: $Revision: 1.1 $ Last-Modified: $Date: 2004/08/27 17:30:09 $ Author: Phillip J. Eby <pje at telecommunity.com> Discussions-To:...
18
by: jabailo | last post by:
I wrote a program that loops through a file of records. It parses each line in the file and sends them to a web service that inserts them into an AS400DB2 database using Asynch calls. This is...
10
by: Jeremy Ames | last post by:
I have created a web application that uses a custom control and a web service on my local system. I have gotten all of the bugs worked out on my local system and now it is time to move it to the...
0
by: Diego F. | last post by:
I've been days with that. I'm trying to work with web services sending and returning objects, and the web service must store some objects. - My first try (the most obvious in my opinion) was to use...
15
by: JJ | last post by:
A current requirement I am facing is the all business objects be stateless remote components hosted in IIS. I am partial to web services myself. However, it is insisted that IIS hosted remoting be...
16
by: C. Woody Butler | last post by:
I have a strange problem with a website and a web service. They're both on the same server, running Windows server 2003. The website is set up as the default website for the server. I've got...
0
by: Erick Lopez | last post by:
When I send my web page to browser in ouput windows recibe this message and the web page the error BC32400 Please Help me Auto-attach to process ' aspnet_wp.exe' on machine 'TABLET'...
7
by: Jonas | last post by:
Hi. I'm trying to develop a web custom control that uses a programmatically created treeview. My problem is that I get an exception when I try to render the control. With properties do I have to...
0
by: nicomp | last post by:
I created a Web Service: I imported System.Data.SqlClient so I could access SQL server tables programmatically. The web service builds and deploys with no problems. When I try to add the...
2
by: Jeff | last post by:
Hey asp.net 2.0 My asp.net 2.0 project has got a assembly load problem: Some of my web.config settings: <membership defaultProvider="AH_MembershipProvider" userIsOnlineTimeWindow="15">
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.