I have implement Form Authentication <location path="Admin"> <system.web> <authorization> <deny users="?"/> <allow roles="Admin" /> <deny roles="systemAdmin"/> </authorization> </system.web> </location> Since in above mentioned rights, Admin can have access to Admin folder and systemAdmin can't have. I have make ...
I need to pass some data from a classic ASP application to my ASP.NET app using the POST method (can't use GET sorry) in a form. This doesn't seem to work if my action is the target aspx page but my ASP.NET app is using forms authentication, because it looks like somewhere in the pipeline my data is lost, given that the Request.Form co...
Hi, Im working on a web project in ASP .NET MVC 2. In this project we store some info inside an ecripted cookie (the ASPXAUTH cookie) to avoid the need to query the db for every request. The thing is the code for this part has suddenly stopped working. I reviewed the changes made to the code on the source control server for anything ...
Can I force a log out through SQL for asp.net membership account? ...
I have a WSS 3.0 site that uses forms authentication. In addition to my authentication cookie I get a cookie that contains data like this: 2FDiscovery=WorkspaceSiteName=aHR0cDovL3d3dy5rZWxldi5iaXo= path=/_vti_bin/Discovery.asmx; This cookie does not have the Secure attribute set, even though I have requireSSL="true" in my web.config ...
I started using dotless css in my asp.net site which requires a special httphandler to work. The site uses Forms Authentication. Here's the problem: When I'm logged in the request to http://mysite.com/stylesheets/mystyles.less works fine. It gives me back the appropriate css. If I'm not logged in the request is denied and I'm redirected ...
My website can be access from many domain (a my own blog engine). So, how i can cross authentication? I'm using: IIS7, C#, asp.net membership, form authentication. ...
So, I've been coding for a little (2 years), and I have a very subjective question: Is it wrong to use $_REQUEST for Data? This mainly pertains to authentication by the way. If you think about the 3 ways data can occur in $_REQUEST, it can come from either a cookie, a form, or a query string. Now, I know that most people directly gra...
I'm trying to implement Authorization and Authentication in my current winforms project. The Authentication also has to match a user in an SQL Server 2008 database. The thing is, it's a multi-user program, so when a new user is added, a database is created and the users identity added to the database. I wondered if that is possible im...
Hello, 3 Years ago I came across a really nice script. It was just an aspx and aspx.cs script, nothing more. It allowed me to see all the roles and users on site. I could easily add/remove roles and add users to roles. It used ajax for nice ui too. Does anyone know where I can find this script? I would like to use it again because s...
Hi, I am using the .Net memebership system, and uptil now I haven't had any real troubles with it. I now have a overlay where a user can create a profile. When the profile is created I just want to redirect to the same page, and not to the default page or the return url - which doesn't exists. I have tried to stop the FormsAuthenticati...
I have a ASP.NET MVC app on IIS7 using Forms Authentication in Integrated Mode. I am noticing that the ASP.NET runtime is being hit for every request that comes in even if it is only for static files (probably because of Integrated Mode). Is there a way to configure IIS7 to serve up static files without hitting ASP.NET? I've been thinki...
Using the Silverlight Business Application template in VS2010 creates a nice default solution with a Silverlight project and an ASP.NET project. It also automatically provides some nice authentication that seems to store usernames/password/etc for newly registered users into your local SQL Server database. Is it possible to customize th...
I am using Forms Authentication for the default MVC site, and i also have a custom DB table with extra user information (LINQ2SQL). I have some logic that loads the extra data from the db when the user logs in manually on the site, but the same logic is not executed when the users data is loaded from the persistent cookie stored when the...
I have a site that works as expected on my development box. That is, the formsauthentication ticket expires after 30 days. This is achieved through the following code string roles = UserManager.getAuthenticationRoleString(txtUsername.Text); HttpCookie formscookie = FormsAuthentication.GetAuthCookie(txtUsername.Text, true); FormsAuth...
Hello, every one. I am developing an asp.net web site & I am not using inbuilt authentication controls of asp.net. I have created manually tables for users for site. What I want is as follows After logging in user can access the pages ( that is already done ) When user press sign out. ( user goes to specific page - example - default...
Hello everyone, I am using VSTS 2008 + C# + .Net 3.5 + ASP.Net + IIS 7.0. And I am implementing Forms authentication. I want to know in Forms authentication, how to check whether a user is already authenticated or not? thanks in advance, George ...
When I copy my URL and paste in other browser, the page opens which should not happen. This shows lack of security. I want the forms authentication. How to do that? ...
Hi there, I was wondering if it is possible to use two different formsauthentification logins with the following directory structure: /default.aspx /login.aspx /web.config /subdirectory/sublogin.aspx /subdirectory/subdefault.aspx /subdirectory/web.config The web.config in the root contains the following settings: <authentication mod...
As a user, when I see a "remember me" checkbox, I expect it to remember me -- not just when I close my browser, but when I come back to the site after a week. So in my ASP.NET MVC application I am considering the following web.config values: <authentication mode="Forms"> <forms defaultUrl="/" loginUrl="/account/login" name=".ASPXAU...