asp.net-authentication

ASP.Net - What is current best practice for tracking state and session variables?

We're creating a new consumer/public-facing ASP.Net web app. There are two concerns: --Use cookie or cookieless forms authentication? --If we decide not to use cookies at all, how would you store the data that would otherwise be stored in the cookie (Customer ID, AffiliateID, etc.). Does the ASP.Net authentication framework track s...

ASP.Net Authentication with MVC2--how to integrate with DB?

I'm trying to understand the authentication section of the sample project that opens in a new MVC2 project in VS2010. It essentially lets you register, login, etc. I looked through the code that implements this briefly, it looked fairly complicated. (10 tables, 40 sprocs, 10 views, 4 models, 1 model, 1 controller, etc.) Is it best to...

asp.net authentication in a web farm

We need to implement authentication for an ASP.Net MVC project and are looking at the ASP.Net authentication framework to see if it will work. One concern is that apparently it stores the UserID in the session. I just got off the tel with Microsoft, and they advised that in a web farm scenario we would need a state server, and that the...

How do you get asp.net anonymous authentication token for profile support?

So I have an asp.net Web Application (Not Web Site) that I am trying to support profiles for anonymous users. I have a form and I want anonymous users to be able to enter their name and email only once, and have that information automatically accessible on the next load for them. In my Web.config I have anonymous ID setup like so: <...

How to best handle permissions (not roles) in asp.net membership, specifically in ASP.NET MVC

There are plenty of questions (and information) on setting up asp.net membership, role providers and the like. Whether or not you should use the built in platform provided by microsoft, or role extend the base classes and role your own. I have decided to extend the default providers and implement my own membership and role providers. No...

Execute custom code after windows / form authentication

Hi, I implemented web application (C#, ASP.NET) that, depending on customer demands, uses windows or forms authentication. Now, I need a way to execute custom code after user logs in. Code must be executed only once and should work for both types of authentication. It doesn't need to be in same place but it must execute after successful ...

Custom ASP.NET Forms Authentication Service with WCF

I am trying to create a custom ASP.NET Forms Authentication Service using WCF. I am calling it via a test page that contains only a single line of JS (except for the ScriptManager scripts). The problem is that the server returns response code 500 and the response body is empty. My breakpoints in the service method and in the Application_...