User-level Security
I want to open the MS Access file with user-level Security. I know that if I do NOT setup user-level Security in the MS Access file, and create the table for login in the MS Access file (Put the MS Access file in the server), then it works.
I did that. But, I want to know whether or not we can use ASP code to open the MS Access (MS Access user-level Security setting). This way I can put the MS Access file in the public place.
Can we do it in ASP?
The following code cannot do that:
<%
set conn=Server.CreateObject("ADODB.Connection")
conn.Provider="Microsoft.Jet.OLEDB.4.0"
conn.Open "c:/try.mdb"
%>
View Replies
ADVERTISEMENT
I tried to make our menu differend for Users for example :
If user level = 2 than
show Menu (Add Contact)
I used this code:
View Replies
View Related
i'm going to ask the way to use database to check user permission level in asp..
View Replies
View Related
how to create a user security and authentication. I mean in a form of logging in or registration automatically in to a database in access.
View Replies
View Related
I'm trying to design a web application where people can create user Ids and passwords while signing up and then use that information to login to an account. (I know, very basic). I just can't get my mind around how to make this system most secure. the user id and password is verified at the time of logging in and at that point, I would like to create something like a session key before openning the new page.
I basically don't want to start the new page by passing regular parameters through the URL because that's very easy to manipulate and break. Can someone give me some information about creating a secure system like this and/or forward me some useful sources?? btw.. I'm using, IIS as my server, ASP.Net and VB.Net.
View Replies
View Related
I want to decide what should be displayed dependent on what security groups (2k server) the user belongs to. I don't appear to be able to do it with frames.
View Replies
View Related
I am working on a document management system for a client. I am planning to
set up the system so that documents are protected, sort of.. A user has an
access level and based on that access level, a list of available documents
will display as an HTML page and the user can click a hyperlink to download
or view the selected document.
I am planning to handle this all through a SQL database and ASP..
What I would REALLY like to do, though, is protect a set of directories so
that a user could not just enter a URL and download a document without being
prompted for a username and password if he/she hasn't already logged in.
I have done something like this using AuthnetiX from Flicks Software, but
this current client is trying to create a solution "on the cheap", and so
I'd like to see if I can build the solution using the secuirty mechanisms
built into the O/S.
What I'm thinking is that I'll set up the directories and assign a group
access to each directory.. My question then is, can I add users to the
"Local Users and Groups" for Windows 2000 via ASP?
View Replies
View Related
It has been said that When attempting to load an XML file saved as UTF-7 (a transfer encoding format for Unicode), the XML parser in Internet Explorer generates the following error message: Invalid at the top level of the document. The same error also occurs when using the MSXML parser from server-side or client-side script.
I am getting this error when I use MSXML 3.0 as reference in a VB DLL function called by a ASP file.
View Replies
View Related
I have a website that is running perfectly on windows 2000 server and IIS 5. However we are now moving it to server 2003 and IIS6. No problem there however after setting everything up a problem has occurred. My directory structure is websites then webroot within that which contains the site files. Within webroot is also a directory called connections, which contains the database connection asp file.
It is a mysql database. Ok the problem is that I am calling the connection in my asp pages as follows (<!--#include file="../Connections/connLUKTrading.asp" -->). but the server will not navigate up a directory level as the ../ indicates. The site works fine if I place the directory connections in at the same level the site works but then I will have to do this at each of wwwroot's sub directories I should not have to. I believe it is a permissions problem to do with IIS6 but not sure. I have spent hours trying to find it.
View Replies
View Related
In our application, we have noticed on two rare occasion where the
data stored in application level arrays has disappeared. We have 3
application level arrays, and many other data types stored at
application scope as well. The other data types appear to have been
unharmed.
All session level data remained unharmed as well. The data
in the arrays seemed to have disappeared all of the sudden. No IIS
restarts, for example, were performed. Is there any known issues with
arrays being stored at application level.
View Replies
View Related
On our IIS 5 windows 2000 web server we have many .asp's.most of which (When right clicked / security tab / edit authentication) are
using Integrated Windows Authentication.
Is there an easy way to check ALL of them? Some of the pages require a
higher level of security (Our password reset page for example) and I am just
auditing everything and want to make sure that only the few pages that
require it are using the elevated security level. (By the way this is
accomplished by using anonymous access with a domain account that is
'elevated'...
I hate right clicking on 1000 different .asps to see the file / directory
level authentication methods... is there an easy way to do this? Maybe
through resource kit command line tools or some meta edit type tool
View Replies
View Related
I am creating a simple XML file via asp and want the XML to appear in the browser. Here is what I have tried: Code:
View Replies
View Related
I have to create a web base application program, I think to use ASP but I would like to see If it supports comparison Graph. Does it support different levels of access because I have different kind of users or i have to do it manual?
View Replies
View Related
I have made sufficent pages for our site and same have been in use in our LAN since long.
Now my company has asked me to put the same on web and we are buying a domain for the same.
However I am worried for a file level security. When the output comes in asp from cod below: Code:
Response.Write("<td><a href=Documents" & adorst("ProjectNo") & "/" & adorst("Client Drg No") & ".pdf target=NEW>" & adorst("Client Drg No") & "</a></td>")
We can simply open a file from our server's folder. Even if someone knows the full path, he can simply open file. Even someone expert can delete pdf file also.
View Replies
View Related
I am using Request.ServerVariables("SCRIPT_NAME") to get the extention from the url and need to know if I am in the root or down a directory. i have two folders, one called 'local' and one called 'group'
View Replies
View Related
how I can make a dhtml menu into a dynamic menu that pulls its links from an access database instead of the hardcoded html.
I would like to know because I'm working on a site that needs such a menu and most of my administrators using my site don't understand html and won't be able to update the menu unless I can give them a simple form that allows them to add links.
View Replies
View Related
How do I create an array inside an array? This certainly doesnt work...
Dim TmpArray(0 to 10)(0 to 50)
View Replies
View Related
give me a session level timer code? I'm trying to time a quiz.
View Replies
View Related
I need to know how to disable a button based on the username that logs onto the web application.
View Replies
View Related
I want to display a different message deppending on the amount of stock left. For example if there is no stock i would like to display "out of stock", if the item is in stock display "in stock". Code:
View Replies
View Related
how can i retrict user to only access the web page iif and only if they have the username and password, they neeed to login before can access the certain pages. How is the coding for that web pages?
View Replies
View Related
This is a standard ASP application that has several pages at the root
withthe global.asa. I set a session variable session("accountid") =
"123456" within an asp page and then response.redirect to the next page and
immediately response.write session("accountid") and I get back nothing.
But if I set a session variable session("accountid") = "123456" within an
asp page and response.redirect to a page in a sub directory and immediately
response.write session("accountid") I get back 123456 on the screen.
View Replies
View Related
I am developing a simple ASP-Access system for invoicing purpose, and the system is in 98% progress. What I want to do now is to add some sort of "control stock levels".
Let say I have set the quantity of an item/product (eg, pencil=100) in my database (in my database it refer to the table tblProducts with the field called PStockLevel) When one customer want to buy 10 pencil, the system will automatically set the PStockLevel to 90. All the calculation will be done in the page called tasks.asp.
View Replies
View Related
I have written an ASP.NET 2.0 application that uses Active Directory or ADAM
to manage account users - the site has a page that allows people to create an
account (much like any site). The page populates the AD with all the
information and the user account but I am unable to enable the account.
Microsoft has information on how to do that here -->
http://msdn.microsoft.com/library/d...ting_a_user.asp
(the sample is for Visual Basic) - and I am unable to complete the bottom
portion of the script. Can some one point me in the right direction - or can
you tell me how I can add a snippet of VBscript code to an ASP.NET page.
I am using the Active DS Type library - not sure why there are multiple ones
(System.DirectoryServices) but it is rather confusing - I seem to accomplish
one thing with one and another with the other (they did have trouble
co-existing however). Anyway my script works very well but I am not able to
access the properties required to enable the account.
Here is a simple version (no error checking) of the code.....
View Replies
View Related
how to go about setting up an asp script or flash action script to take the input from a user of his/her username and password then send an email to the user with the information. I am able to do all of this but the problem is that the users pc is the one sending the email. I want the server to send the email instead.
View Replies
View Related
I now have a login page for user authentication.
But I am kind of paranoid about security.
Is it enough just to have that to secure my site?
How do hackers do "sniffing"?
And how to prevent that?
If there is any GOOD website security tutorial, I would love to read it.
View Replies
View Related
IIS can handle security on its own without the need for complex scripting and i like the idea of being able to just let the system do it however im not sure how to set such things up and would that mean that if you used something like integrated windows authentication that security is delt with by windows and its users info rather than getting the info from a database of my choosing ?
the whole concept is quite confusing to me but there must be a simple ish way to set up at least some form of secure site area within my web.
View Replies
View Related
I am starting to learn asp and I have IIS installed on my WIN xp pro machine. Do I have to worry about security for any reason at all. I don't believe I have file sharing on at all, then again, I don't know if that has anything to do with this.
View Replies
View Related
How do I run security through all of the pages? The users log in, an asp checks their password, then what do I do to secure the pages from users that do not enter the password?
View Replies
View Related
Developed a web application which adopts a custom security model which displays a login page and requests a username/password combination. The username works in a mixed-mode of usernames matched with the windows login name and some extra accounts (similar to SQL mixed-mode security). Web application is executed both in the corporate intranet and externally on the web.
Getting user complaints about having to login to the web application when they have already logged-on to windows. I have coded a challenge/response (response.status=401) to get a user's window login through the ServerVariables. This seems to work OK for the intranet access. If the user's windows account is not located in the application database then I redirect to the standard login page for the username/password combination. When the application is executed across the internet through a firewall, the user is prompted by IE to enter the windows domain, username, and password. There seems to be no mechanism to avoid this because of the challenge/response code. I wish that with external access from the internet that users are automatically directed to the application login screen and not faced with the IE windows authentication dialog.
View Replies
View Related
Does anyone know how to implement one way hashing or encryption using ASP 3.0 and no additional components.
I need to secure a intranet application which is being moved online, currently the passwords are stored in plain text, ideally id like to hash the passwords in the database and hash the form data when testing, but I don't seem to be able to find any hashing methods for standard ASP, perhaps someone has a nice code snippet for hashing.
View Replies
View Related
is there a way to login to a particular security group from asp?I use IP addresses and email addresses to identify web users and most have general IWAM_COMPUTERNAME access.
Once web users login is there a way to give SOME of them access to a NT security group based on stored NT user/password information?
View Replies
View Related
I am working on a new feature on my website where people can write their own HTML files. They are actaully going to have .ASP extensions, and are hosted on my webserver. So, what security issues can you suggest? So far all I have got is disabling '<% %>' tags. Anything else?
View Replies
View Related