No roles found... but roles-based security works anyway!!!????
I wrote a ASP.NET 2.0 application using the Membership framework for
security (roles and users). For debugging purposes I wrote some code in
the index.aspx page to simply write out a list of all the roles that
exist, using the good old Response.Write() method. I then published the
site to my domain. However, the behavior of the index page is dependent
on the running environment as follows:
IN VS 2005 ACCESSING LOCAL SQLSERVER: Runs great, all roles listed.
IN VS 2005 ACCESSING REMOTE (i.e. "LIVE") SQLSERVER: Runs great, all roles listed.
IN A WEB BROWSER VIEWING THE PUBLI...Roles, roles, roles
is it posible o have a role for a user to only update the content? I don't want that user to change skins or to make other admin changes...
I think if you allow a role to edit contents on a module level he wont be able to change anything else. Did you try that?
erikErik van Ballegoij, The Netherlands
if you allow a role to edit contents in a module lets say discussions module, then that role will be able to edit, delete the threads. so for a role to be able to add new thread only, do we need to write our own code?-keeara g------------------
see...Authorization Manager (AzMan) -v- .NET role based security
Comparing Windows Authorization Manager (AzMan) with .NET role based security, consider an application with these requirements:
The roles which will exist at run time are completely user-definable.
Role/operation assignments are completely user-definable.
Need hierarchical role support (create roles from other roles).
Users may be assigned different roles for different things.
Windows Authorization Manager seems to provide all the above, with user definable roles, operations, role/task/operation assignments, hierarchical roles, "scopes" to give users different roles for differe...Role Based Security
It appears that role based security is not morphed to certain section types ...
Does NOT work for Section Types:
(there may be more ...)
Does work just fine for Section Types:
(others not tested)
Is this as expected, a bug or operator error ?
I've created specific roles and assigned them throughout my site with no problems. Since I don't like to allow anyone who registers access into my pages, I have created a role that is assigned to specific user accounts. I have Links, ...Role base authorization
I am developing a web app and I need to set the security setting on a role base.
I tried to set as follow:<authorization>
<allow roles="Admin, Users"></allow>
<deny users="?" />
</authorization>Even though I only want to allow roles as Admin or Users, I found whoever has correct username and password would be permitted access. If I changed to <authorization>
<allow roles="Admin, Users"></allow>
<deny users="*" />
</authorization>It would behave correctly. Does th...Setting Role cookie in Role Based Authorization
When using Role Based Authorization, we can set the Roles of a user at the application level by specifying it in the Global.asax's Application_AuthenticateRequest method.
As soon as a user is authenticated, it will fetch his roles from the database and assign it to him so that we can use the User.IsInRole("RoleName") to check his role and perform actions based on the same.
You can find many resources on the above topic on how to set the roles. However, one disadvantage is that on every page you check the Role, the DB call is made which might affect the performance of ...Web Part Role Based Security
Do you know if it is possible to dynamically set role based security on Web parts (i.e. only users in the lecturers role will see the StudentMarks user control )?
Dim rgc As RoleGroupCollection
Dim rg As New RoleGroup
Dim strZone As String = "Zone1"
Dim uc1 As UserControl = LoadControl("StudentMarks.ascx")
uc1.ID = "Control1"
Dim wp As GenericWebPart = WebPartManager1.CreateWebPart(uc1)
Dim RoleList(1) As String
RoleList(0) = "Lecturers"
rg.Roles = RoleList
rgc = LoginView1.RoleGroups
WebPartManager1.AddWebP...Dynamically modify page role permissions in Role Based Security
Is it possible to configure page role access within a WebForm.
Suppose I have the following section in my web.config:
Is it possible to provide a user interface/webform that allows an "administrator" a person to change t...Duplicate Security Roles Showing up In Security Roles Manager
Anyone have any ideas? We have had and instance of 3.0.13 with one child portal running for about a month now. A few days ago our adminstrator noticed that we have duplicate entries for security roles. For example, the Security Roles Manager shows:Name Description Fee Every Period Trial Every Period Public Auto Administrators Portal Administration False False Administrators Portal Administration False False Registered Users Registered Users &n...Role based authorization (Based on Location)
I have worked with .net 2.0 Personalization and Authorization but I am wondering if it is possible to customize it (custom provider) to Match a Role to a Location when assigning to a User. Here is an example....
User ID : 19 (Bob)
Bob is an administrator for store 19 but...
Bob is a view only user for store 20 and 24.
When Bob searches products, he can only search stores 19, 20, 24 (an easy way to return Role and Location associated)
(Think a lot of locations (100+) so it does not make sense to create a Role for each Location AdminStore...Role based security based on Windows authentication
Hello there, A newbie question here.. I am trying to build an application using role-based security (ie. it would let in only selected users) and I am using Wingdows Authentication as a security model. The problem is that no matter what I do I cannot restrict usage only to specific users. It works on the all or none basis. Ie no matter what I set in the web.config file, it does not effect the security, except setting <deny users="*"/> blocks access altogether..Currently I have the following settings set in the web.config file with no other settings/code set anywhere &nb...Roles not working without role provider ?
Hallo,i created a web site by using the standard asp.net 3.5 Membership Provider and the Role Manager.I have used a sitemap with securityTrimmingEnabled enabled and i have set the roles i need for each seperate folder. Everything worked perfectly. Now, i changed my authorization procedure and i removed the memberhip provider, as long as i needed some functionallity it didn;t provide me.I builded a "default" authorization procedure by using a login button, creating the Cookie and the ticket and also i do handle the Application_AuthenticateRequest.The sitempap seems to be ...Forms Security for Role base security. Nirdesh Puri
Hi,I am using IBuySpy portal framwork and using Role based security. But I got some security problem in this type of security.Can you solve my problem.Role base security: Role is based on Task Group and Task Group based on Task and Task based on pages url.Create Two different roles: A and BCreate one user User1User1 assign role Aif User1 login on site and get the menu of Role A. But any how he get the url of Role B page. How we prevent Role B pages from this user.Warm Regards,Nirdesh Puri...Login with form based authentication and roles based security
I've develop Sign In pages apply Forms Authentication and Roles Based Security. It means, 1 user can have many roles (HttpContext.Current.User = New GenericPrincipal(fi, astrRoles)). Let's say User ID: sr102, then it roles is Sales, Marketing and Logistic.
Im using User.IsInRole("Sales") to control the applications modules. My application like as follow
1. After login success, application show all the application modules such as Logistic, Sales, Marketing, IT, Human Resource and Warehouse.
From user id, application will know the roles assigned.
How to enable and di...Role Based Security
I would be interested in role based security for the following scenario:
In an NT envrionment I want to rely on integrated login based on group
membership. When user_X runs App1, App2, App3 ...or AppN, I want the user
to have the minimum set of permissions necessary for each application to
I don't see that this is possible in the current product. The best that I
can do is map the NT group to a Db login that has the maximum set of
permissions that will allow App1, App2...or AppN to function.
Do all of those applications use the same database or do they use sep...