I'm working on an e-commerce website, using ASP and MS Access. The idea is that the user should register their FirstName, LastName, Email, Username and Password via an html form. This should be submitted to an ASP script which sends an auto responder email to the address submited in the form. The account should then be dumped in to the Access database, and the user should activate their account by clicking a link in the email.
I've got as far as sending the email when the user clicks the submit button on the form, but I'm very confused about how the link is sent in the email. I've been told that a random number generator should be used. I've been searching, but I can't find exactly what I'm looking for.
Using Windows Authorization I get the exception below: Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Net.WebException: The remote server returned an error: (401) Unauthorized.
I have an asp page with just Integrated Windows authentication set. It works fine if it is accessed with just the server name, but it prompts the user to enter their credentials if it is accessed with the full domain name.
Any suggestions on how to eliminate the login box? ( Without allowing anonymous access...)
in our company we use NT domain with NTLM. i have an asp login page for an app that will work in our intranet. but i couldn't find any resource for checking the username and password given in textboxes exists in domain or not.
i want to implement authorization with windows authentication and don't have the slightest clue of how to do this implementation. the basic windows authentication for this .NET application is already setup. my problem lies within my inability to manipulate the username captured in the authentication process and my knowledge of how IIS is involved.
specifically, i have the following questions:
1) what object(s) can be used so that the user's username can be manipulated for the authorization process?
2) in order to apply roles, do the users need to be placed in groups in IIS? if so, how does this work?
3) is all the code that the application uses for roles in web.config? or does global.asax play a role in this matter?
4) does the web.config file know to communicate with IIS because the authorization type is set to windows?
5) once authorization is in place, can a section of an .aspx file be visible to a group or can only entire files be secured for a group?
I am trying to integrate an application into our extranets.The extranet technology has its own authentication system requiring a domain user but uses anonymous authentication (from the perspective of IIS).I can get the username/password, but IIS is not aware of the user.
The application I am trying to integrate (to get the features I want) relies on either basic or NTLM authentication. The sites use SSL, so basic authentication is fine. Both applications live on the same server.I want to automatically authenticate the user in the second app. Any ideas?I have a few, but I don't know how to implement them.
One idea is to find a way to forward/redirect the basic authentication information to the secondary application. This would be easier (and less secure) if IE6 still supported the "http://user:pwd@server/" syntax.I could construct the authorization request-header myself on the server, but how would I convince browsers to send it?It should work with recent IE and NS browsers.
I have written an ASP.NET 2.0 application that uses Active Directory or ADAM to manage account users - the site has a page that allows people to create an account (much like any site). The page populates the AD with all the information and the user account but I am unable to enable the account. Microsoft has information on how to do that here --> http://msdn.microsoft.com/library/d...ting_a_user.asp (the sample is for Visual Basic) - and I am unable to complete the bottom portion of the script. Can some one point me in the right direction - or can you tell me how I can add a snippet of VBscript code to an ASP.NET page.
I am using the Active DS Type library - not sure why there are multiple ones (System.DirectoryServices) but it is rather confusing - I seem to accomplish one thing with one and another with the other (they did have trouble co-existing however). Anyway my script works very well but I am not able to access the properties required to enable the account.
Here is a simple version (no error checking) of the code.....
how to go about setting up an asp script or flash action script to take the input from a user of his/her username and password then send an email to the user with the information. I am able to do all of this but the problem is that the users pc is the one sending the email. I want the server to send the email instead.
I'm having a real tough time getting a User's NT login after they submit a form.
I have Anon. Login disabled. I'm using Digest Authentication (although I've tried everything).
Every time I run the page, I get a blank string instead of the requested information.
The information is in a hidden field, with the value set to: <%=Request.ServerVariables("LOGON_USER")%>
The icing on the cake is that when I run this on my PWS, I can pull the information and it shows up in the SQL DB I'm sending it too. But, when put on our live box, it doesn't show up. The setting on each box are exactly the same.
I have a classic ASP program running on a server in the DMZ. I need to consume a web service so that I can consume data from that web service. However I am not able to call the web service from the DMZ since the server can not send messages out on the internet.
Thus, I need to send the call to another server running within the internal area of the company's internet. I need to send this message to an IIS server and then from the IIS server call the web service. I was thinking that I need to call the service on the IIS server with an ADO.NET connection. This ADO.NET connection object would be generated just long enough to call the web service, get a response from the web serice, and return the message to the server running in the DMZ.
Let me know if you think this would be a good solution and tell me how you would setup this interface. (Should C#.NET or Visual Basic.NET be used or some other lanaguge.)
Also after this solution works, I will need to implement this similar type of solution to call other web services.
does anyone know a way to show a users USER name instead of just there login name its for a school intranet currently we retrieve a lot of data based on the login name by using this script:
[code] <%=Request.ServerVariables("LOGON_USER")%>
it would be a lot more functional if i could pull the full name, we are using Active Directory 2003 and iis6, and all the logins have the full username inputted in the AD?
I'm developing an ASP form registeration system. The details of the form must be added to a text file not the tradional database. Each time a new user adds a record it should be added to the list at the bottom to the previos adder. Does anyone have a script sniplet of how i could do this. Remember details from the form i.e. name, firstname should be added to a text file...
I am new to .NET and I am trying to get the user name from a kerberos ticket and I have no idea how to do that. There seems to be some ability to do it using WSE 2.0 but I cant really see why there is not an easier way. how to do this?
I have a admin-page wich is username and password protection and Microsoft Access database with table called "member" and fields "username and "password" in it. I wan't to have a welcome message when user is successfully logged in so he/her can see for example "Welcome Chris". How to I do this?
I'm running IIS5 on a Win2K server, and I want to have an ASP page that creates new users. I have some simple code to test this, but am getting a "500" error when I run it. The ASP looks like:
<%
strDomain ="Foo.com" strUser ="Foo1"
' Create new user with password Set oDomain = GetObject("WinNT://" & strDomain) Set oUser = oDomain.Create ("User", strUser) oUser.SetPassword = "password" oUser.SetInfo %>
Just for this testing, I've added IUSR_machinename to the Administrators group, but am still getting the 500 error.
I have a login page. and more users. Let's call them users A, users B and Users C. Users A can only access page A, users B page B, ... All the pages uses the same DB, but different tables (table A, table B, table C).
I surveyed 1000 people and 884 of them said that they prefer forms that are filled out in sections (multiple pages) instead of one long form. I am trying to do that with my site. Currently the way I was planning it was:
register.asp - sets up username >> stage1.asp - checks for unique username >> stage2.asp - personal info >> stage3.asp - more personal info >> stage4.asp - even more personal info >> stage5.asp - yet more personal inf >> stage6.asp - employer info >> stage7.asp - Finished
When users go to register, I want to: select a user name and password, then make sure the user name isnt taken, make sure the passwords match, collect personal info over a few pages, then finish.
I would like to do all this only utilizing the register.asp and possibly a process page. Anyone have any links or tutorials on creating pages like this.
Do you know how to get windows login variables (i.e. the LOGON_USER server variable) from ASP without having to fill in the challenge response message box that automatically appears when you configure IIS to Integrated Windows Security for a particular site? I don't want users to have to log in again to the site as they have already logged in to windows but I want to use their username on the back end to verify permissions. Is it possible?
I'm facing a situation where my team leader wants me to create some ASP code that will pull the user's ID (which is no problem - request the LOGON_USER server variable) and THEN pull that user's NT Permissions to determine what kind of permissions the user will have when he/she comes onto the website. There is to be no logon screen at all. The permissions cannot be determined via a database or through cookies. Only NT Authentication can be used.
I have a small hunch that the HTTP_AUTHORIZATION server variable might provide a clue, but the value of that variable is a bunch of (encrypted?) gibberish that means nothing to me, except probably the NTLM part at the beginning. Is there a way to decode the value of that variable into something coherent that I can use in my code?
I have a button that would allow a user to logout of the program, how can this be done? Also, how can I allow the program to logout and terminate if not used after so many minutes?
I have five forms in my website, what I'm trying to accomplish is to track the users history. For an example if the user save their information on the first page and exit the system; Whenever that user logs back in I want them to be where they left off. I hope I'm clear on what I need help with. Does anyone know how to accomplish this task? P.s I'm using Deamweaver to create my page.
What I am trying to do is to develop a dhtml based chat system. So far everything is working as planned, took me over 6 hours to get it working, but I am pleased with the results, it is comparable to java chat. With no page refresh. My problem is How do we manage which users are online on chat and which are not. I do not wish to use any application variables nor do i wish to use session variables. i am trying to avoid the 2 Either the user may simply close the chat window, or he might just go and browse another site. Either way I do not get to write the even to the database.
I have created a form with simple fields such as address and phone number. I would like to, in real time, take the value a person puts in for name (ex. John Smith), check a database to see if he is there, then to populate his address fields and phone number to save the user the trouble of typing it in repeatedly. Any ideas how to go about this? I created a button for the user to "look up" to see if his info is saved but cant seem to get the syntax write. I have written similar code for the information to be put in the database, and it works, just need to retreive it while the user is on the form.
I just made a simple thing on my page that says Active Users: and the number by adding 1 to session_onstart in global.asa. It seems to work. Is there a way I can have this store IP's of the active user, etc without using a database to store the stuff in?
I'm trying to get a very simple task to work. Using the users login name (gained from IE) I want to get their full name from AD (Win 2k and 2003 AD domain).I'm using this ASP code on the IIS server:
usr=mid(request.ServerVariables("LOGON_USER"),8) Set User = GetObject("WinNT://domainname/" & usr & ",user") response.write "Name is " & User.Fullname set usr=nothing
This code works fine when run on the server direct using wscript, but when served by the web server I get the error:
Active Directory (0x80070005) General access denied error
i was asked to " Write an ASP page that prompts a user to enter the value for the radius of a circle then calculates its area (Area = ∏ * (radius)2) and another ASP page that also prompts the user to enter the radius and then calculates the circumference (circumference= 2 * ∏ * radius ). Both pages should access the value of ∏ (∏ = 3.142) stored in the application state."
*** my problem is in prompting to the user i cant prompt a window in the asp script and if i prompt the window from the javascript i don't know how to send the value to the asp script.
