The below code and the config works fine, but force to enter user name/password case sensitively, i want to make it non case sensitive. Code: protected void LoginButton_Click(object sender, EventArgs e) { try { string uid = UserText.Text.Trim(); string pwd= PwdText.Text.Tr...
We have a web application that uses forms authentication to authenticate a user based on a user table in the database. (I.e. no active directory or SQL server user accounts are involved here). The web application accesses the SQL server using a service account. However, for auditing, authorization and other purposes, our stored proced...
I have a web site I would like to log in to and display in a WebBrowser control by passing a username and password which the client desktop application already has. What would be the best and most secure way to go about doing this? Can I make a Web Service to authenticate and then somehow pass the Session to the browser control? I am ...
Hi, I'm having trouble with a site that just went to production. For some reason, although the settings seem to be correct for a 15 minutes session timeout, users are reporting that in about 5 minutes they have to log in again. What can I check? how can I troubleshoot this? I can't reproduce it locally, or in our QA environment. Are the...
Hi there, I hope someone can help with solution to this problem? Currently my ASP.Net MVC website uses forms authentication is set up like this my web.config: <authentication mode="Forms"> <forms loginUrl="en/User/Signin" timeout="2880" /> </authentication> We have some routing rules that use the prefix /en/ in the url as a identi...
So its a ASP.NET problem where two users using the same machine, same browser. User 1 logs in the domain. User 1 changes some data without saving it. User 2 logs in the domain in a separate tab. User 1 switches back to his tab and saves the data. User 1 actually saved the data into User 2!! This is caused by the following mechanism: ...
Hi! my user will use form authentication against Active Directory or database. Theres no Windows Integrated Authentication there!! What i want is when the user submit the authentication form, it will try to validate the user against Active Directory and if it fail, try with the database. How can i do that? What i had in mind was to bu...
I have two level authentification, first the user enters their nt/password and it is validated by LDAP and afterward I have a custom role provider that make sure the user has access to said page. That being said, in my web.config I have: <authentication mode="Forms"> <forms loginUrl="~/Account.mvc/LogOn" timeout="2880"/> </authentica...
Hi Guys. Here's what i have: ASP.NET 4.0 Web Application Forms Authentication (Cookie Based) Here's what i'm trying to do: Integrate with Facebook Connect (using the JavaScript & Graph API's) Provide a Single-Sign-On Service for my users (automatically log in users if their logged in and connected to Facebook)...
Is this possible? I want to have a PHP login form on my website. When the user enters a username and password and clicks submit, they should be directed to a remote website logged in (therefore skipping the login form on the remote site). As mentioned in the title, the remote site is built using ASP.NET. I've tried to search for a sol...
Hi Guys, I have developed an application in ASP.NET 3.5 which utilizes the Membership and Roles Providers and Forms Authentication to manage user access and profiles. There are various area's of this application that are only to be used by an admin users whom login using their email and password and the rest of the users log in using t...
I've often wanted to create applications that provide a simpler front-end to other websites that require users to login before the pages I want to use can be accessed. I was wondering, if (1) any website with a POST to an http page can be authenticated by POSTing postField1name=pf1Value&postField2name=pf2Value to the website, if tha...
In my website, I am not using any authentication or authorization. I've created login page to capture the user credentials and check against database. If the user successfully authenticates, it's storing the user data in session and navigating to other pages. How thinking of implementing Forms Authentication, but my concern is how to s...
Hi, I am developing an application that will mainly be used internally and want to know how i can automatically authenticate users against Active Directory without prompting them to login. However, when a user is not automatically authenticated (i.e. they have connected via the internet) I want to display a form that will authenticate...
I want to store extra information in the authenticated user so that I can have it easily accessible (like User.Identity.Id, for example), instead of just the name, since I'm planning on having that non-unique. So far I've gathered that I should look to implement custom Principal and/or Identity, but I'm not sure how to go about it. I'v...
I'm reading about how to protect Forms Authentication and have som questions. 1) When the authentication ticket is both encrypted and integrity checked, is there any reason to still use SSL? If I understand this correct, a hacker can't read the ticket's data in plaintext since it's encrypted, and modifying the data will throw an except...
I've implemented a custom role provider, and configured it in my web.config file like this: <roleManager enabled="true" defaultProvider="TDRoleProvider" cacheRolesInCookie="true"> <providers> <clear/> <add name="TDRoleProvider" type="TDRoleProvider"/> </providers> </roleManager> I've overridden the GetRolesForUser function...
Hello everybody I need to do some cleaning when an authentication ticket is expired. Is there any event that i can subscribe to? Thanks for any suggestions, HF ...
The reason i need to do this is because of Facebook Connect - which is another story, so i'll save you the drama for that. =) Anyway, i have this function that runs on window.onload: function userAuth() { SomeFunctionWhichGetsFacebookCookes(); if (!loggedInUsingFormsAuth && loggedInViaFacebook) { window.location.reload(); //...
I have a Forms-Based-Authentication no Active-Directory-Authentication. There were two limits in Win Vista and Win XP, the first was half open TCP/IP-Connections which is solved with Win 7 http://deepxw.blogspot.com/2009/05/say-bye-to-half-open-tcp-connections.html The second limit regarding to this post http://serverfault.com/questions...