Security

Labels
AJAX(112) App Studio(7) Apple(1) Application Builder(245) Application Factory(207) ASP.NET(95) ASP.NET 3.5(45) ASP.NET Code Generator(72) ASP.NET Membership(28) Azure(18) Barcode(2) Barcodes(3) BLOB(18) Business Rules(1) Business Rules/Logic(140) BYOD(13) Caching(2) Calendar(5) Charts(29) Cloud(14) Cloud On Time(2) Cloud On Time for Windows 7(2) Code Generator(54) Collaboration(11) command line(1) Conflict Detection(1) Content Management System(12) COT Tools for Excel(26) CRUD(1) Custom Actions(1) Data Aquarium Framework(122) Data Sheet(9) Data Sources(22) Database Lookups(50) Deployment(22) Designer(177) Device(1) DotNetNuke(12) EASE(20) Email(6) Features(101) Firebird(1) Form Builder(14) Globalization and Localization(6) How To(1) Hypermedia(2) Inline Editing(1) Installation(5) JavaScript(20) Kiosk(1) Low Code(3) Mac(1) Many-To-Many(4) Maps(6) Master/Detail(36) Microservices(4) Mobile(63) Mode Builder(3) Model Builder(3) MySQL(10) Native Apps(5) News(18) OAuth(8) OAuth Scopes(1) OAuth2(11) Offline(20) Offline Apps(4) Offline Sync(5) Oracle(10) PKCE(2) PostgreSQL(2) PWA(2) QR codes(2) Rapid Application Development(5) Reading Pane(2) Release Notes(180) Reports(48) REST(29) RESTful(29) RESTful Workshop(15) RFID tags(1) SaaS(7) Security(80) SharePoint(12) SPA(6) SQL Anywhere(3) SQL Server(26) SSO(1) Stored Procedure(4) Teamwork(15) Tips and Tricks(87) Tools for Excel(2) Touch UI(93) Transactions(5) Tutorials(183) Universal Windows Platform(3) User Interface(338) Video Tutorial(37) Web 2.0(100) Web App Generator(101) Web Application Generator(607) Web Form Builder(40) Web.Config(9) Workflow(28)
Archive
Blog
Security
Tuesday, June 11, 2013PrintSubscribe
Password Recovery

Code On Time web apps using ASP.NET Membership automatically come configured with a password recovery form. This form can be opened by clicking on the Forgot your password? link on the dropdown login form.

The Forgot your password? link access the Password Recovery form.

When the user enters their User Name and Password Answer correctly, a new password will be sent to the email on file.

The Password Recovery form.

There are situations in which it may be necessary to allow users to access this form from a different location within the web app. In addition, if Custom Membership is used, the Forgot your password? link is not present. Let’s place the password recovery form in a custom user control and add this control to the home page.

Start the Project Designer. In the Project Explorer, right-click on Home / container2 node, and press New Control.

Adding a new control to the Home page.

Next to the User Control lookup, click on the New User Control icon.

Creating a new user control.

Assign a name to the user control:

Property Value
Name PasswordRecoveryForm

Press OK to save the user control. Press OK again to instantiate the user control on the Home page.

On the toolbar, press Browse to generate the user control. When complete, right-click on Home / container2 / control3 – PasswordRecoveryForm node and press Edit in Visual Studio.

Editing the user control in Visual Studio.

The file will open in Visual Studio. Replace the existing code after the <%@ Control %> element with the following:

<asp:PasswordRecovery runat="server" />

Press OK to save the file. Switch back to the browser. Notice that the Password Recovery form is placed after the Instructions text box on the Home page.

The standard password recovery form on the home page.

Note that you must configure SMTP settings in order for the password recovery email to be sent by the application.

Labels: Application Builder, ASP.NET Membership, Security, Web Application Generator
Tuesday, June 4, 2013PrintSubscribe
Custom Login Form

Code On Time web apps automatically include a dropdown login box pictured below when membership is enabled. As an alternative, a dedicated login page may be created. Learn more about the dropdown login box and dedicated login page.

Automatic dropdown login control in Code On Time web apps.

Sometimes it may be necessary to place the login control on another page. This can be easily done by adding the <asp:Login /> control to any .aspx page.

Let’s place a login control on the home page. Start the web app generator, click on the project name, and press Develop to open the project in Visual Studio. In the Solution Explorer, double-click on ~\Pages\Home.aspx.

Page 'Home.aspx' selected in the Solution Explorer.

Notice that there are two <asp:Content> elements in the page. Append the highlighted line to the end of the second element.

<%@ Page Language="C#" MasterPageFile="~/Main.Master" AutoEventWireup="true" 
    CodeFile="Home.aspx.cs" Inherits="Pages_Home" Title="^HomeTitle^Start^HomeTitle^" %>

<%@ Register Src="../Controls/TableOfContents.ascx" TagName="TableOfContents" TagPrefix="uc" %>
<%@ Register Src="../Controls/Welcome.ascx" TagName="Welcome" TagPrefix="uc" %>
<asp:Content ID="Content1" ContentPlaceHolderID="PageHeaderContentPlaceHolder" runat="Server">
    ^HomeTitle^Start^HomeTitle^
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="PageContentPlaceHolder" runat="Server">
    <div factory:flow="NewRow" xmlns:factory="urn:codeontime:app-factory">
        <uc:TableOfContents ID="control1" runat="server"></uc:TableOfContents>
    </div>
    <div factory:flow="NewColumn" xmlns:factory="urn:codeontime:app-factory">
        <uc:Welcome ID="control2" runat="server"></uc:Welcome>
    </div>
    <asp:Login runat="server" />
</asp:Content>

Save the file, and press F5 to open the web site in a browser window. The standard login control will be present at the bottom of the page.

Standard ASP.NET login control is present at the bottom of the page.

Labels: Application Builder, Security, Web Application Generator
Friday, January 4, 2013PrintSubscribe
Displaying Current User Name as a Virtual Field

Suppose that you need to display the name of the current user. Let’s implement a virtual field that will display the current user name on the Customers form.

Start the Project Designer. In the Project Explorer, switch to the Controllers tab. Right-click on Customers / Fields node, and press New Field.

Creating a new field in Customers controller.

Use the following values:

Property Value
Name CurrentUserName
Type String
Length 40
Allow null values. true
The value of this field is computed at run-time by SQL expression. true
SQL Formula 
@BusinessRules_UserName
Label Current User
Values of this field cannot be edited. true

Press OK to save.

Let’s add this field to the edit form. Drop Customers / Fields / CurrentUserName (String(40)), read-only) node onto Customers / Views / editForm1 node. This will instantiate a CurrentUserName data field.

Dropping 'CurrentUserName' field on view 'editForm1'.     Data field 'CurrentUserName' instantiated in view 'editForm1'.

On the toolbar, press Browse. Navigate to the Customers page and select a record. The Current User data field will display the user name at the bottom of the form.

'Current User' displays the current user name at the bottom of the form.

Log out, and log in as user / user123%. The current user will change to reflect the current user account.

The current user value has been updated.

Labels: Application Builder, Security, User Interface, Web Application Generator
Continue to Restrict Access to Fields with “Roles” Properties
© 2024 Code On Time LLC. All rights reserved. All trademarks mentioned on this website are property of their respective owners.
Watch | Blog | Roadmap | Learn | Community | Support