Hi all, I am using some ASP.Net (web forms) code in order to force auth & auth over some content. Except for the auth code, all other content is non-aspx, i.e. html, png, etc. My application is using a centralized authentication service, which means if a user authenticates against that service, he/she has access to all apps that use th...
Does anyone know how the authenticity token is managed in rails 3? With all the unobtrusive javascript rails 3 articles showing how the html5 data attributes are used I don't see the authenticity token anywhere. ...
I have an existing ASP.NET application with lots of users and a large database. Now I want to have it in MVC 2. I do not want to migrate, I do it more or less from scratch. The database I want to keep and not touch too much. I already have my database tables and I also want to keep my LINQ to SQL-Layer. I didn't use a MembershipProvider...
I'm using Forms authentication on my MVC website. I administrate users and roles using the default ASP.NET Configuration option in Visual Studio. All good so far. I can successfully do Page.User.IsInRole("Moderator") in a View. True is returned as expected. However when calling Context.User.IsInRole("Moderator") inside Global.asax's Ap...
I am trying to use the ASP.NET forms authentication service with the MySQL connector version 6.3.2. I was able to get it working using cleartext passwords but unable to get hashed passwords working. Here is a snippet from my machine.config file <system.web> <membership defaultProvider="MySQLMembershipProvider"> <providers> ...
Hi, I want to access some pages of web site https://myoffice.bt.com which requires user authentication using java. We have to sign in first to access pages. I have wriiten following code. package root; import java.io.IOException; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.UsernamePasswordCred...
I've looked around and I can't find the concise steps that I need to take in order to implement forms authentication in my web site. I'm using C# 3.5 with an SQL Server backend. I have a User table and UserRole table in my database. I have 5 Directories in my app that contain aspx pages. Admin Common UserRole1 UserRole2 Public I want...
Hi all Is PrincipalPermissionAttribute only work on window login authentication? I would like to check the caller (currently only my website aspx pages) of my web service has passed my login authentication and is in the right membership rule, and I am using the asp.net membership provider. What is the best and microsoft recommand way to...
When trying to access my site: www.X.com The browser changes the url to: www.X.com/ The problem is that the result url is: www.X.com/HomePage.aspx?ReturnUrl=/ (HomePage.aspx is the default page) On IE: www.X.com/HomePage.aspx?ReturnUrl=%2f For some reason the Forms Authentication treats / as a page that the user is trying to acc...
I have a control that i've written that has a javascript component and a web service component. The problem i'm having is that the javascript is set to do: setInterval(this._checkAlertsHandler, this._messageCheckInterval * 1000); This calls a function which makes a webservice call like so: Alert.SiteAlertService.GetAlerts(this._rece...
Ive written a custom membership provider for my ASP.Net website. Im using the default Forms.Authentication redirect where you simply pass true to the method to tell it to "Remember me" for the current user. I presume that this function simply writes a cookie to the local machine containing some login credential of the user. What does...
Hello, I have a project containing an image, css and js folder. I want to make sure no css, image or js is blocked when using formsauthentication. I know you can do this with the locationtag in the web.config but I was wondering if you could do this otherweise? this is how I do it right now: <location path="css"> <system.web>...
Hi all, I'm working on an ASP.NET web application. We've got a login page (index.aspx), as well as a user's "home page", userhome.aspx. What's the most elegant way to deny a user to display index.aspx when they're logged in? At the moment, index.aspx can still be displayed by explicitly typing it into the browser address bar. I tried t...
Hi all In asp.net we specify the redirect url when using forms authentications like this: <authentication mode="Forms"> <forms name="myApp" loginUrl="Login.aspx" protection="All" defaultUrl="default.aspx" path="/" requireSSL="false"/> </authentication> this means that when a user log in, will be redirected to "def...
When a user logs in into my website I have a custom membership provider that overrides ValidateUser and verifies that the user has sufficient rights etc. However, when implementing a 'remember me' function through the default forms authentication using RememberMeSet, I also want to validate a user on the first request. Is there some h...
In my asp.net webforms application I am using plain and simple forms authentication hooked up into my database (with the standard membership provider). Everything works well, I can log in , log out, get roles, etc... However, after deploying my site to the intranet IIS server I noticed that IE cannot be authenticated. The actual authe...
Hi friends! In my web application (asp.net mvc) I have an restrict area. In my model, I have an entity called "User" represents a user can do login/logout in web app. I've used Forms Authentication to login/out my users and everything works fine but, I'd like to know, if is there any way to save an entity (of the user logged) during the...
I have an ASP.Net MVC app where I want to allow clients to download data via a webservice. However, I want to only allow authenticated clients to accesses their data. At first I added deny users="*" to the path in my web.config, but this creates difficulty when trying to add the webservice as a reference because I already have forms aut...
I'm using forms authentication in an ASP.NET application. I configure the FormsAuthenticationTicket to expire in 1 year but it actually expires after 1 hour or so. I can't figure out why. Here is all the code involved in the login process: public static bool Login(int id) { try { string s...
In the Web.Config we have a timeout property. Ex: <authentication mode="Forms"> <forms loginUrl="~/Login.aspx" timeout="2880"/> </authentication> When loggin in, we can specify a ticket expiry date. Ex: FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, id.ToString(), DateTime.Now, exp...