Search Results

Search found 1026 results on 42 pages for 'membership'.

Page 13/42 | < Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >

  • PayPal Payments Pro Sandbox requires membership?

    - by Kevin
    Do I need to pay the $30 just to play around in the sandbox for Website Payments Pro? I'm trying to get Active Merchant working in Rails, and it's giving me an error "invalid merchant configuration"... after digging around a bit it says I need to "accept the billing agreement" and/or sign up for the Payments Pro first. So, do I need to pay the $30 just to test in sandbox? Or is there another workaround for this error?

    Read the article

  • Custom membership provider via WCF authorization question

    - by Diego
    I've made a global authentication via WCF to use with the most of our systems, but found that load data via WCF not very so fast. What I need to do now is verify every time that the page is loading if the user has access granted to that page.... Its a good pratice to go back in WCF request this info for every page that the user access?This will not slow down my entire system?

    Read the article

  • Drupal Views limiting content posted by group membership

    - by digital
    Hi, I have various different content types and I want to filter by using views. So say a block only displays content posted in groups that you are a member of. I've created my generic view which so far displays all content of that type, but I'm struggling with linking this to content only posted in groups your a member of. I've looked at the Organic Groups filters but no luck there. I suspect I might need to use some sort of relationship but I'm stuck there. Any help would be greatly appreciated.

    Read the article

  • Create a link to delete membership in web2py

    - by user1741325
    I'm trying to do something really simple but it's taking me ages to figure out how to do it properly. I want to have a button that simply deletes a member from a group. So in my view I have <div id="del-role">{{=A('Delete Role',_class="btn btn-danger", callback=URL('test'),delete='#del-role')}}</div> However, when I click the button, the only thing I get is a Javascript prompt asking whether I'm sure I want to delete the specified object, yes/no. That's fine but, what I'd really like to do is just auth.del_membership('role') What needs to go in my controller? I do not want any page redirection, I just want to auth.del_membership(role) This seemingly simple thing is taking me forever to understand. Thanks!

    Read the article

  • Membership with Microsoft Access

    - by sanfra1983
    Hi, I'm doing project in asp.net mvc with Micorsoft Access database and I need to figure out how to make a login system and roles with Microsoft Access. I have seen some examples on the web: [http://binarywater.com/OleDbASPNETMembershipProvider.html][1] [http://imar.spaanjaars.com/QuickDocId.aspx?quickdoc=404][2] I want to understand if they are examples that can be used in asp.nt mvc frmework 1.0 with 3.5. Because the first link talks about asp.net 2.0 and also create the DataBase aspnetDB.mdb how do I use tables in my db? You want to be one of your suggestions Thanks again for your help

    Read the article

  • ASP.Net Authentication with MVC2--how to integrate with DB?

    - by alchemical
    I'm trying to understand the authentication section sample project that opens in a new MVC2 project in VS2010. It essentially lets you register, login, etc. I looked through the code that implements this briefly, it looked fairly complicated. (10 tables, 40 sprocs, 10 views, 4 models, 1 model, 1 controller, etc.) Is it best to utilize this provided framework for authentication? If so, how would I integrate this with my own database models (which has user and role tables, etc.). Also, if I use their framework, are there any performance issues at higher traffic volumes (like SO for example), do I need to become responsible for maintaining the authentication DB as well in this case?

    Read the article

  • Password Recovery without sending password via email

    - by Brian
    So, I've been playing with asp:PasswordRecovery and discovered I really don't like it, for several reasons: 1) Alice's password can be reset even without having access to Alice's email. A security question for password resets mitigates this, but does not really satisfy me. 2) Alice's new password is sent back to her in cleartext. I would rather send her a special link to my page (e.g. a page like example.com/recovery.aspx?P=lfaj0831uefjc), which would let her change her password. I imagine I could do this myself by creating some sort of table of expiring password recovery pages and sending those pages to users who asked for a reset. Somehow those pages could also change user passwords behind the scenes (e.g. by resetting them manually and then using the text of the new password to change the password, since a password cannot be changed without knowing the old one). I'm sure others have had this problem before and that kind of solution strikes me as a little hacky. Is there a better way to do this? An ideal solution does not violate encapsulation by accessing the database directly but instead uses the existing stored procedures within the database...though that may not be possible.

    Read the article

  • How to write a test for accounts controller for forms authenticate

    - by Anil Ali
    Trying to figure out how to adequately test my accounts controller. I am having problem testing the successful logon scenario. Issue 1) Am I missing any other tests.(I am testing the model validation attributes separately) Issue 2) Put_ReturnsOverviewRedirectToRouteResultIfLogonSuccessAndNoReturnUrlGiven() and Put_ReturnsRedirectResultIfLogonSuccessAndReturnUrlGiven() test are not passing. I have narrowed it down to the line where i am calling _membership.validateuser(). Even though during my mock setup of the service i am stating that i want to return true whenever validateuser is called, the method call returns false. Here is what I have gotten so far AccountController.cs [HandleError] public class AccountController : Controller { private IMembershipService _membershipService; public AccountController() : this(null) { } public AccountController(IMembershipService membershipService) { _membershipService = membershipService ?? new AccountMembershipService(); } [HttpGet] public ActionResult LogOn() { return View(); } [HttpPost] public ActionResult LogOn(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { if (_membershipService.ValidateUser(model.UserName,model.Password)) { if (!String.IsNullOrEmpty(returnUrl)) { return Redirect(returnUrl); } return RedirectToAction("Index", "Overview"); } ModelState.AddModelError("*", "The user name or password provided is incorrect."); } return View(model); } } AccountServices.cs public interface IMembershipService { bool ValidateUser(string userName, string password); } public class AccountMembershipService : IMembershipService { public bool ValidateUser(string userName, string password) { throw new System.NotImplementedException(); } } AccountControllerFacts.cs public class AccountControllerFacts { public static AccountController GetAccountControllerForLogonSuccess() { var membershipServiceStub = MockRepository.GenerateStub<IMembershipService>(); var controller = new AccountController(membershipServiceStub); membershipServiceStub .Stub(x => x.ValidateUser("someuser", "somepass")) .Return(true); return controller; } public static AccountController GetAccountControllerForLogonFailure() { var membershipServiceStub = MockRepository.GenerateStub<IMembershipService>(); var controller = new AccountController(membershipServiceStub); membershipServiceStub .Stub(x => x.ValidateUser("someuser", "somepass")) .Return(false); return controller; } public class LogOn { [Fact] public void Get_ReturnsViewResultWithDefaultViewName() { // Arrange var controller = GetAccountControllerForLogonSuccess(); // Act var result = controller.LogOn(); // Assert Assert.IsType<ViewResult>(result); Assert.Empty(((ViewResult)result).ViewName); } [Fact] public void Put_ReturnsOverviewRedirectToRouteResultIfLogonSuccessAndNoReturnUrlGiven() { // Arrange var controller = GetAccountControllerForLogonSuccess(); var user = new LogOnModel(); // Act var result = controller.LogOn(user, null); var redirectresult = (RedirectToRouteResult) result; // Assert Assert.IsType<RedirectToRouteResult>(result); Assert.Equal("Overview", redirectresult.RouteValues["controller"]); Assert.Equal("Index", redirectresult.RouteValues["action"]); } [Fact] public void Put_ReturnsRedirectResultIfLogonSuccessAndReturnUrlGiven() { // Arrange var controller = GetAccountControllerForLogonSuccess(); var user = new LogOnModel(); // Act var result = controller.LogOn(user, "someurl"); var redirectResult = (RedirectResult) result; // Assert Assert.IsType<RedirectResult>(result); Assert.Equal("someurl", redirectResult.Url); } [Fact] public void Put_ReturnsViewIfInvalidModelState() { // Arrange var controller = GetAccountControllerForLogonFailure(); var user = new LogOnModel(); controller.ModelState.AddModelError("*","Invalid model state."); // Act var result = controller.LogOn(user, "someurl"); var viewResult = (ViewResult) result; // Assert Assert.IsType<ViewResult>(result); Assert.Empty(viewResult.ViewName); Assert.Same(user,viewResult.ViewData.Model); } [Fact] public void Put_ReturnsViewIfLogonFailed() { // Arrange var controller = GetAccountControllerForLogonFailure(); var user = new LogOnModel(); // Act var result = controller.LogOn(user, "someurl"); var viewResult = (ViewResult) result; // Assert Assert.IsType<ViewResult>(result); Assert.Empty(viewResult.ViewName); Assert.Same(user,viewResult.ViewData.Model); Assert.Equal(false,viewResult.ViewData.ModelState.IsValid); } } }

    Read the article

  • Run both Authorize Filter and Action Filter on unauthenticated ASP.NET MVC request

    - by Bryan Migliorisi
    I have decorated my base controller with a couple of action filters. They work fine. One of those filters sets up the request - does things like set the culture based on the domain, etc. I also have a handful of actions that require authorization using the Authorize attribute. My problem is that when an user attempts to request a page they are not authorized to access, the authorization filter kicks in and redirects them to a page telling them that they cannot vie the page. The issue is that the action filters never run so the culture and other request data is never set. This effectively causes language to be wrong in the view and other data to be missing. I know that authorization filters run first but my question is this: How can I design this such that I can ensure that certain methods are always run before the view is returned, regardless of the authorization. Hope that makes sense.

    Read the article

  • Does SmtpClient class represent POP3 client or…?

    - by SourceC
    I assume that web controls (such as the PasswordRecovery control) use SmtpClient to send email messages. If so, does SmtpClient represent a POP3 client or does SmtpClient forward email message to POP3 client? Do attributes specified inside <smtp> element in web.config map to SmtpClient class? <system.net> <mailSettings> <smtp deliveryMethod="Network" ...></smtp> </mailSettings> </system.net> One of the possible values for the attribute deliveryMethod is Network, which tells that email should be sent through the network to an SMTP server. In other words, this value tells to send email to SMTP server using SMTP protocol?! For the PasswordRecovery control to be able to send email messages, we need to set basic properties in <MailDefinition> subelement of the PasswordRecovery control. Thus I assume MailDefinition is used by controls to create an email message?!

    Read the article

  • Asp.net: Replace GenericPrincipal

    - by Pickels
    Hello, I was wondering what the best way is to replace the genericPrincipal with my own CustomGenericPrincipal. At the moment I have something like this but I aint sure if it's correct. protected void Application_AuthenticateRequest(Object sender, EventArgs e) { HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); var identity = new CustomIdentity(authTicket); var principal = new CustomPrincipal(identity); Context.User = principal; } else { //Todo: check if this is correct var genericIdentity = new CustomGenericIdentity(); Context.User = new CustomPrincipal(genericIdentity); } } I need to replace it because I need a Principal that implements my ICustomPrincipal interface because I am doing the following with Ninject: Bind<ICustomPrincipal>().ToMethod(x => (ICustomPrincipal)HttpContext.Current.User) .InRequestScope(); So what's the best way to replace the GenericPrincipal? Thanks in advance, Pickels

    Read the article

  • MembershipProvider, IPrincipal, IIdentity?

    - by MRFerocius
    Hello guys; I have a conceptual question... I am making an Intranet application (Web platform) for a company. I have a SQL Server DB with these tables: Users (userID, userName, userPass, roleID) Roles (roleID, roleName) Pages (pageID, pageURL) RolesXPages(pageID, roleID) How is the best way to create a structure to store all this information while the user navigates the site, I mean, on the thread I should be able to check his role, his pages (the ones he can access) I have been reading and there is a lot of stuff there where Im confused, I saw the MembershipProvider, IPrincipal, IIdentity, etc classes but Im not sure what should be the best one for me. Any thoughts... Thanks in advance! Edit: Everytime gets more confusing... I just want to handle those structures at runtime and be able to mantain state during page callbacks or changing pages...

    Read the article

  • ASP.net roles and Projects

    - by Zyphrax
    EDIT - Rewrote my original question to give a bit more information Background info At my work I'm working on a ASP.Net web application for our customers. In our implementation we use technologies like Forms authentication with MembershipProviders and RoleProviders. All went well until I ran into some difficulties with configuring the roles, because the roles aren't system-wide, but related to the customer accounts and projects. I can't name our exact setup/formula, because I think our company wouldn't approve that... What's a customer / project? Our company provides management information for our customers on a yearly (or other interval) basis. In our systems a customer/contract consists of: one Account: information about the Company per Account, one or more Products: the bundle of management information we'll provide per Product, one or more Measurements: a period of time, in which we gather and report the data Extranet site setup Eventually we want all customers to be able to access their management information with our online system. The extranet consists of two sites: Company site: provides an overview of Account information and the Products Measurement site: after selecting a Measurement, detailed information on that period of time The measurement site is the most interesting part of the extranet. We will create submodules for new overviews, reports, managing and maintaining resources that are important for the research. Our Visual Studio solution consists of a number of projects. One web application named Portal for the basis. The sites and modules are virtual directories within that application (makes it easier to share MasterPages among things). What kind of roles? The following users (read: roles) will be using the system: Admins: development users :) (not customer related, full access) Employees: employees of our company (not customer related, full access) Customer SuperUser: top level managers (full access to their account/measurement) Customer ContactPerson: primary contact (full access to their measurement(s)) Customer Manager: a department manager (limited access, specific data of a measurement) What about ASP.Net users? The system will have many ASP.Net users, let's focus on the customer users: Users are not shared between Accounts SuperUser X automatically has access to all (and new) measurements User Y could be Primary contact for Measurement 1, but have no role for Measurement 2 User Y could be Primary contact for Measurement 1, but have a Manager role for Measurement 2 The department managers are many individual users (per Measurement), if Manager Z had a login for Measurement 1, we would like to use that login again if he participates in Measurement 2. URL structure These are typical urls in our application: http://host/login - the login screen http://host/project - the account/product overview screen (measurement selection) http://host/project/1000 - measurement (id:1000) details http://host/project/1000/planning - planning overview (for primary contact/superuser) http://host/project/1000/reports - report downloads (manager department X can only access report X) We will also create a document url, where you can request a specific document by it's GUID. The system will have to check if the user has rights to the document. The document is related to a Measurement, the User or specific roles have specific rights to the document. What's the problem? (finally ;)) Roles aren't enough to determine what a user is allowed to see/access/download a specific item. It's not enough to say that a certain navigation item is accessible to Managers. When the user requests Measurement 1000, we have to check that the user not only has a Manager role, but a Manager role for Measurement 1000. Summarized: How can we limit users to their accounts/measurements? (remember superusers see all measurements, some managers only specific measurements) How can we apply roles at a product/measurement level? (user X could be primarycontact for measurement 1, but just a manager for measurement 2) How can we limit manager access to the reports screen and only to their department's reports? All with the magic of asp.net classes, perhaps with a custom roleprovider implementation. Similar Stackoverflow question/problem http://stackoverflow.com/questions/1367483/asp-net-how-to-manage-users-with-different-types-of-roles

    Read the article

  • ASP.NET MVC Users unable to login after password change, and being locked out.

    - by Russell Kay
    All, I have a website that is in use and has several users, using the MySqlMembershipProvider. We have had a few users that have been locked out (for some reason) and recently I unlocked them and reset the passwords, using the MembershipUser.UnlockUser and MembershipUser.ResetPassword methods. Now they are definitely marked in the database as Unlocked and the password has been reset, but they still cannot log in. Does anyone have any ideas why this might happen?

    Read the article

  • How to log off multiple MembershipUsers that are not the current user?

    - by Sgraffite
    I'm using the MembershipProvider that is part of the MVC2 default project. I'd like to be able to take a list of user names, and log the users off, and destroy their session if needed. The closest I can seem to come is this: foreach(string userName in UserNames) { MembershipProvider MembershipProvider = new MembershipProvider(); MembershipUser membershipUser = MembershipProvider.GetUser(userName, true); Session.Abandon(); FormsAuthentication.SignOut(); } I think I need to use a session and/or signout method related the user I want to log out, but I am unsure where those would be. What is the proper way to do this?

    Read the article

  • multiple applications using same login database logging each other out

    - by Axarydax
    Hello, I've set up two asp.net applications on a machine, their web.config files contain the same applicationName value in AspNetSqlMembershipProvider item so they share users and roles. The problem sequence is: user logs into application A, opens new tab in a browser logs into application B, his login in application A is signed out and vice versa. Should I use different approach to sharing login information between two applications? Thanks.

    Read the article

  • Asp.net Login Status Question: It Aint Working

    - by contactmatt
    I'm starting to use Role Management in my website, and I'm current following along on the tutorial from http://www.asp.net/Learn/Security/tutorial-02-vb.aspx . I'm having a problem with the asp:LoginStatus control. It is not telling me that I am currently logged in after a successful login. This can't be true because after successfully logging in, my LoggedInTemplate is shown. The username and passwords are simply stored in a array. Heres the Login.aspx page code. Protected Sub btnLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) _ Handles btnLogin.Click ' Three valid username/password pairs: Scott/password, Jisun/password, and Sam/password. Dim users() As String = {"Scott", "Jisun", "Sam"} Dim passwords() As String = {"password", "password", "password"} For i As Integer = 0 To users.Length - 1 Dim validUsername As Boolean = (String.Compare(txtUserName.Text, users(i), True) = 0) Dim validPassword As Boolean = (String.Compare(txtPassword.Text, passwords(i), False) = 0) If validUsername AndAlso validPassword Then FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, chkRemember.Checked) End If Next ' If we reach here, the user's credentials were invalid lblInvalid.Visible = True End Sub Here is the content place holder on the master page specifically designed to hold Login Information. On successfull login, the page is redirected to '/Default.aspx', and the LoggedIn Template below is shown...but the status says Log In. <asp:ContentPlaceHolder Id="LoginContent" runat="server"> <asp:LoginView ID="LoginView1" runat="server"> <LoggedInTemplate> Welcome back, <asp:LoginName ID="LoginName1" runat="server" />. </LoggedInTemplate> <AnonymousTemplate> Hello, stranger. </AnonymousTemplate> </asp:LoginView> <br /> <asp:LoginStatus ID="LoginStatus1" runat="server" LogoutAction="Redirect" LogoutPageUrl="~/Logout.aspx" /> </asp:ContentPlaceHolder> Forms authentication is enabled. I'm not sure what to do about this :o.

    Read the article

  • Why am I getting a TypeLoadException when defining a custom profile?

    - by Jedidja
    I'm writing a .NET command-line application that will migrate users from an existing database into aspnetdb. To simplify the user-specific settings, I'm using the profile class that Joel Spolsky wrote about here. It works great in the ASP.NET MVC website, but for some reason it's throwing a TypeLoadException when being used from this new application. I'm not sure why the framework is trying to load the new class from System.Web.

    Read the article

  • Non RBAC User Roles and Permissions System: checking the user's City

    - by micha12
    We are currently designing a User Roles and Permissions System in our web application (ASP.NET), and it seems that we have several cases that do no fit within the classical Role-Based Access Control (RBAC). I will post several questions, each devoted to a particular case, this being the first post. We have the following case: not to allow a user view a certain page if the user lives in a particular city. This is a simple case that is coded in the following way: if (User.City == “Moscow”) // Allow the user to view the page. else // Do not allow the user to view this page. Though this case is very simple and straightforward, it has nothing to do with the RBAC. On StackOverflow, someone called this an Attribute-based Access Control. Under the classical RBAC, it seems that this case should be designed like this: introduce a permission “City where the person lives”, this permission will have a property City. Then create a role, add a permission of type “City = Moscow” to it and the assign the role to the user. Looks extremely cumbersome. The question is whether it is acceptable to introduce such non-RBAC approaches to our permissions system – does that break the design or not? This might seem a primitive question, but we found that most applications use pure RBAC, and we started to think that we might be doing something wrong. Thank you.

    Read the article

  • Non RBAC User Roles and Permissions System: a role with properties

    - by micha12
    We are currently designing a User Roles and Permissions System in our web application (ASP.NET), and it seems that we have several cases that do no fit within the classical Role-Based Access Control (RBAC). I will post several questions, each devoted to a particular case. This is my second question (the first question is here: http://stackoverflow.com/questions/2839797/non-rbac-user-roles-and-permissions-system-checking-the-users-city). We have the following case: we need to implement a Manager role in our web application. However, a Manager can belong to one or several companies (within a big group of companies for which we are creating this web app). Say, there can be “Manager of companies A and B”, “Manager of company C”, etc. Depending on the companies that the Manager belongs, he has access to certain operations: for example, he can communicate with clients only of those companies that he belongs to. That is, “Manager of companies A and B” can only have contacts with clients of companies A and B, and not with those of company C. He can also view clients’ details pages of companies A and B and not of C, etc. It seems that this case falls within the RBAC. However, this is not really the case. We will need to create a ManagerRole class that will have a Companies property – that is, this will not be just a role as a collection of permissions (like in the classical RBAC), but a role with properties! This was just one example of a role having properties. There will be others: for example, an Administrator role that will also belong to a number of companies and will also have other custom properties. This means that we will a hierarchy or roles classes: class Role – base class class ManagerRole : Role List Companies class AdministratorRole : Role List Companies Other properties We investigated pure RBAC and its implementation in several systems, and found no systems featuring a hierarchy or roles, each having custom properties. In RBAC, roles are just collections of permissions. We could model our cases using permission with properties, like ManagerPermission, AdministratorPermission, but this has a lot of drawbacks, the main being that we will not be able to assign a role like “Manager of Companies A and B” to a user directly, but will have to create a role containing a ManagerPermission for companies A and B… Moreover, a "Manager" seems to be rather a "role" (position in the company) rather than a "permission" from the linguistic point of view. Would be grateful for any ideas on this subject, as well as any experience in this field! Thank you.

    Read the article

< Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >