Wednesday, December 24, 2003
How to implement Security model in Gen6 applications
1) Modify Global.asax file
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
Security.AuthenticateAndAuthorize(Context);
}
2) Create Login.aspx page.
3) Modify Web.config in every Virtual Folder:
4)Create "Security" class
public void AuthenticateAndAuthorize(System.Web.HttpContext Context)
{
if (Context.Current.User == Null)
{
Authenticate(Context);
}
else
{
Authorize(Context);
}
}
private void Authenticate(System.Web.HttpContext Context)
// This method redirects unauthenticated user to the login page
{
string strURL = Context.Request.Url.ToString();
string strRedirectPath = "../Gen6/Login.aspx?ReturnUrl=" + strURL;
Context.Response.Redirect(strRedirectPath, true);
}
private void Authorize(System.Web.HttpContext Context)
// This method checks if Authenticated user has permission to access current page
{
// Got roles which the user belongs to
// Check if at least one of the roles has permission to access current page
if (PermissionIsGranted)
{
// Save information into cache
// Return to the current page
return;
}
else
{
// Forbid access to the current page and redirect user to login.aspx page
Authenticate(Context);
}
}
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
Security.AuthenticateAndAuthorize(Context);
}
2) Create Login.aspx page.
3) Modify Web.config in every Virtual Folder:
4)Create "Security" class
public void AuthenticateAndAuthorize(System.Web.HttpContext Context)
{
if (Context.Current.User == Null)
{
Authenticate(Context);
}
else
{
Authorize(Context);
}
}
private void Authenticate(System.Web.HttpContext Context)
// This method redirects unauthenticated user to the login page
{
string strURL = Context.Request.Url.ToString();
string strRedirectPath = "../Gen6/Login.aspx?ReturnUrl=" + strURL;
Context.Response.Redirect(strRedirectPath, true);
}
private void Authorize(System.Web.HttpContext Context)
// This method checks if Authenticated user has permission to access current page
{
// Got roles which the user belongs to
// Check if at least one of the roles has permission to access current page
if (PermissionIsGranted)
{
// Save information into cache
// Return to the current page
return;
}
else
{
// Forbid access to the current page and redirect user to login.aspx page
Authenticate(Context);
}
}
Exact time
311495 - HOW TO: Implement Role-Based Security with Forms-Based Authentication in Your ASP.NET Application by Using Visual C# .NET
Assign the Roles to the Authenticating User:
===
public void Application_AuthenticateRequest
{
...
String[] myRoles = new String[2];
myRoles[0] = "Manager";
myRoles[1] = "Admin";
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(id,myRoles);
...
}
===
Check the User Roles
===
public void Page_Load() {
if (User.IsInRole("Admin")){
Response.Write ("You are an Administrator");}
else {
Response.Write ("You do not have any role assigned");}
}
===
311495 - HOW TO: Implement Role-Based Security with Forms-Based Authentication in Your ASP.NET Application by Using Visual C# .NET
===
public void Application_AuthenticateRequest
{
...
String[] myRoles = new String[2];
myRoles[0] = "Manager";
myRoles[1] = "Admin";
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(id,myRoles);
...
}
===
Check the User Roles
===
public void Page_Load() {
if (User.IsInRole("Admin")){
Response.Write ("You are an Administrator");}
else {
Response.Write ("You do not have any role assigned");}
}
===
311495 - HOW TO: Implement Role-Based Security with Forms-Based Authentication in Your ASP.NET Application by Using Visual C# .NET
Wednesday, December 17, 2003
"Request cancelled by the user." "CrystalDecisions.CrystalReports.Engine" problem
When I try to print report from production IIS server (IISServer --- http://www.wurzburg.com/DataReports/PrintSalesOrder.asmx)
I get error message: "Request cancelled by the user." "CrystalDecisions.CrystalReports.Engine"
Here is proposed solution:
Printing reports from ASP.net or from Web Service
The idea is to update Machine.Config file (C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG\machine.config). Particularly tag.
I updated "userName" tag and replaced original "machine" value with "system" value.
Crystal Reports started to work after that. But Gen6 identification was broken...
Current solution: I put DataReports web service (with Crystal Reports printing functionality) on QAServer computer (and set 'userName = "system"'.
Also "iisreset" is necessary in order to apply this web.config changes.
I get error message: "Request cancelled by the user." "CrystalDecisions.CrystalReports.Engine"
Here is proposed solution:
Printing reports from ASP.net or from Web Service
The idea is to update Machine.Config file (C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG\machine.config). Particularly
I updated "userName" tag and replaced original "machine" value with "system" value.
Crystal Reports started to work after that. But Gen6 identification was broken...
Current solution: I put DataReports web service (with Crystal Reports printing functionality) on QAServer computer (and set 'userName = "system"'.
Also "iisreset" is necessary in order to apply this web.config changes.
Wednesday, December 10, 2003
"Bad Data" error at FormsAuthentication.Decrypt method call
"Bad Data" error appears in .NET Framework 1.1.
"Bad Data" appears if Authentication ticket is encrypted in one Virtual Folder application and is decrypted in another Virtual Folder application.
In order to prevent this "Bad Data" error you need to remove "IsolateApps" attribute from element in C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG\machine.config file.
See also:
microsoft.public.dotnet.framework.aspnet.security group: "System.Security.Cryptography.CryptographicException: Bad Data Error"
"Bad Data" appears if Authentication ticket is encrypted in one Virtual Folder application and is decrypted in another Virtual Folder application.
In order to prevent this "Bad Data" error you need to remove "IsolateApps" attribute from
See also:
microsoft.public.dotnet.framework.aspnet.security group: "System.Security.Cryptography.CryptographicException: Bad Data Error"
Machine.config is located here
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG
