Is there an easy way to cache ASP.NET whole page for anonymous users only (forms authentication used)? Context: I'm making a website where pages displayed to anonymous users are mostly completely static, but the same pages displayed for logged-in users are not. Of course I can do this by hand through code behind, but I thought there mi...
In an ASP.NET MVC application when using a custom Dependency Injection container (in this case, Unity), is it possible to intercept a request before GetControllerInstance is called to determine if forms authentication timeout has occurred? I have the following in web.config: <authentication mode="Forms"> <forms loginUrl="~/Home/Index...
Hi there, I am gettin this exception: Parser Error Message: The container specified in the connection string does not exist And here`s my case: I have an WebApp with 2 pages Default.aspx & Login.aspx. The later contains a login control. The application is configured to work with and AD LDS instance as a membership store. Here are s...
In ASP.Net, is anyone aware of a way to bypass Forms Authentication if a specific query string parameter is passed in? Such as: mydomain.com/myprotectedpage.aspx ...I would like to be protected by Forms Authentication (and so, redirected to login page) mydomain.com/myprotectedpage.aspx?myBypassParameter=me ...I would like the page...
I have been tasked with implementing point 4 in this article: http://support.microsoft.com/kb/900111 This involves using the Membership provider to add a comment to users server side records when they log in and out, and then confirming that when a cookie is used to authenticate, that the user hasn't logged out. This makes perfect sense...
Hello everyone, I am using SharePoint Server 2007 Enterprise with Windows Server 2008 Enterprise. And I am using publishing portal. And I am using a custom Forms authentication solution -- I store user name and password in a custom (schema) SQL Server database. The database stores user profile information. I am developing using VSTS 200...
I intend to use SSL on the login form so that the username and password is encrypted during user login. But, after the user has been authenticated, if I return to HTTP, the Autentication Cookie will be passed from client to server on each request. How safe is this? Obviously i'll use SSL on pages where the user is entering sensitive in...
This is an odd issue. We have forms auth for a site, and we recently adjusted the forms auth in web.config to include: <authorization> <deny users="?" /> </authorization> <authentication mode="Forms"> <forms name="ourCookie" loginUrl="~/../Default.aspx" protection="All" path="/" domain="ourdomain.com"/> </authentication> ...
After browsing the MVC section on CodePlex I noticed that the [Authorize] attribute in MVC returns a HttpUnauthorizedResult() when authorization fails (codeplex AuthorizeAttribute class). In the source of HttpUnauthorizedResult() from CodePlex is the code (I'm not allowed to enter another URL as my rep isn't high enough, but replace t...
Am trying to design login page for my website and I am looking for methods other than forms authentication. The way in which I am trying is to have a table in the database that stores user information and check for the user validity. The point where I get struck is how do i set cookies and session variables and how will I carry it throu...
I wanted to use FormsAuthentication to secure my static files as well on my site, so I followed the instructions located here http://learn.iis.net/page.aspx/244/how-to-take-advantage-of-the-iis7-integrated-pipeline/ under title "Enabling Forms Authentication for the Entire Application". Now though, when I try to visit the site by going...
I'm working on a website where I get a feed of usernames / hashed passwords from another service. When someone sucesfully logs in I set a forms authentication cookie with FormsAuthentication.SetAuthCookie. My client doesn't like multiple people logged with the same credentials. They would like a log in to invalidate any currently logg...
I am using DotNetOpenAuth in my ASP.Net Website. I have modified it to work with Facebook Connect as well, using the same methods and database structures. Now I have come across a problem. I have added a Facebook Connect button to a login page. From that HTML button, I have to somehow pull information from the Facebook Connect connect...
I am using ASP.NET MVC, on my login action I am doing: [AcceptVerbs("POST")] public ActionResult Login(FormCollection form) { User validatedUser = // tests username/pwd here. FormsAuthentication.RedirectFromLoginPage( validatedUser.ID.ToString(), rememberMe); if(String.IsNullOrEmpty(Request["ReturnUrl"])) s...
Do we know the algorithm that asp.net uses to create the authentication cookie (when using forms authentication?) Can we basically create our own copy implementation? if so, how? What does it use to generate the encrypted cookie value, I know it uses whatever you pass into the SetAuthCookie call (which is usually the userID/username). ...
Hey Everyone, I am using Forms Authentication and have the basic logon page and default page. When I am on the logon page, and call the SignOn this works just great. However, when I am still on the Logon page the Membership.GetUser() returns null. When I redirect to my default page, the Membership.GetUser() returns my user information....
Hello everyone, I am using SharePoint Server 2007 Enterprise with Windows Server 2008 Enterprise. I have deployed a publishing portal. It is using a custom forms authentication solution, which is described in the following URL. I am developing using VSTS 2008 + C# + .Net 3.5 + ASP.Net + SharePoint Server 2007 SDK. http://msdn.microsoft...
Hi. I have an app with multiple subdomains, subone.parent.com, subtwo.parent.com. I have a logon page at parent.com/login. When a user logs in I redirect them to the proper domain based on which one they are a member of. This works fine. FormsAuthenticationTicket ticket = new FormsAuth... string encTicket = FormsAuthentication.Encry...
Hello Im tryint ot build a custom validation where I check if the user contains in a role. And I'm having problems with string array, what is best way to check if it contains a specific value? public string[] AuthRoles { get; set; } public override void OnActionExecuting(ActionExecutingContext filterContext) { if...
Hello I'm using asp.net and trying to assign roles for a user with forms authentication like this: public ActionResult AdminLogin(string password, string username) { User _user = _us.GetUsers(username, password).FirstOrDefault(); if (_user != null) { string _username = _user.Username; ...