I've implemented custom authentication in ASP.NET MVC. If a valid user tries to login, I set the HttpContext.User = user in the Logon method of the AccountController. But it remains there for only that request. How can I set it for the session? I used an alternative, set HttpContext.Session["CurrentUser"] = user. If I want to see if the...
I'm trying to set up a custom backend that queries another database, for which I have created a model in the system. It uses its own rules (email instead of username, and a differently salted/hashed password) so I can't use built in authentication. I've set up a custom authentication backend like so: class BlahBlahBackend: def chec...
I have an ASP.NET MVC application, with some RESTful services that I'm trying to secure using custom basic authentication (they are authenticated against my own database). I have implemented this by writing an HTTPModule. I have one method attached to the HttpApplication.AuthenticateRequest event, which calls this method in the case of...
I have a custom-authentication-provider defined in my Spring Security configuration. This class implements AuthenticationProvider, and I can successfully log in using the form defined on my page. The issue is I want to call this class not just on the login page, but from the registration page as well. The registration page uses a dif...
Edit: When I execute test the service with a client I get a response. I should not get a response. What should happen is CertificateValidator.Validate() should throw an exception because there is no certificate being sent. I KNOW it is not being called because if I get it to throw an exception without making any tests it still doesn't. S...