I'm using the ASP.NET Login Controls and Forms Authentication for membership/credentials for an ASP.NET web application. It keeps redirecting to a Login.aspx page at the root of my application that does not exist. My login page is within a folder. ...
I'm using the ASP.NET Login Controls and Forms Authentication for membership/credentials for an ASP.NET web application. I've got pages such as PasswordRecovery.aspx that are accessable to only Anonymous users. When I click my login link from such a page, the login page has a ReturnUrl parameter in the address bar: http://www.examp...
I'm using the ASP.NET Login Controls and Forms Authentication for membership/credentials for an ASP.NET web application. I've got two roles: Users Administrators I want pages to be viewable by four different groups: Everyone (Default, Help) Anonymous (CreateUser, Login, PasswordRecovery) Users (ChangePassword, DataEntry) Administr...
I'm using the ASP.NET Login Controls and Forms Authentication for membership/credentials for an ASP.NET web application. And I'm using a site map for site navigation. I have ASP.NET TreeView and Menu navigation controls populated using a SiteMapDataSource. But off-limits administrator-only pages are visible to non-administrator users....
I'm writing an app using asp.net-mvc deploying to iis6. I'm using forms authentication. Usually when a user tries to access a resource without proper authorization I want them to be redirected to a login page. FormsAuth does this for me easy enough. Problem: Now I have an action being accessed by a console app. Whats the quickest way to...
I am using forms authentication. My users are redirected to a page (written in web.config) when they login, but some of them may not have the privilages to access this default page. In this case, I want them to redirect to another page but RedirectFromLoginPage method always redirects to the default page in web.config. How do I make the ...
I have a main asp.net app, which is written in asp.net 1.1. Runnning underneath the application are several 2.0 apps. To completely logout a user can I just logout of the 1.1 app with FormsAuthentication.SignOut or is it more complicated than that? ...
I am using Forms authentication in my asp.net (3.5) application. I am also using roles to define what user can access which subdirectories of the app. Thus, the pertinent sections of my web.config file look like this: <system.web> <authentication mode="Forms"> <forms loginUrl="Default.aspx" path="/" protection="All" timeout="360" ...
My team is working on a crappy old website and most of the pages are still ASP classic. However, we've recently migrated to forms authentication using ASP.NET and wildcard mapping. Everything works surprisingly well except for one thing: logged in users are timing out too quickly. After looking in the logs it appears people are timing...
Is there a way to implement forms authentication, but only for a specific URL. For example, I would want the formsAuthentication to protect the site on staging.mydomain.com but not hinder access to www.mydomain.com if the web.config accidentally got moved over to the production site. ...
I am trying to use forms authentication with Active Directory but I need roles (memberOf) from AD. I am trying to override members of RoleProvider to make this possible (unless someone knows of a better way). I am stuck on an error in the new class that is inheriting from RoleProvider. The error is: ADAuth.ActiveDirectoryRoleProvider' d...
Imagine that you have a simple site with only 2 pages: login.aspx and secret.aspx. Your site is secured using nothing but ASP.net forms authentication and an ASP.net Login server control on login.aspx. The details are as follows: The site is configured to use the SqlMembershipProvider The site denies all anonymous users Cookies are d...
I have an application that uses Forms Authentication to authenticate one type of user. There is a section in this application that needs to be authenticated for another type of user using a different table in the database. The problem happens if the second type of user's session times out, she is taken to the login page defined in the Fo...
Just starting out in asp.net. Have just created a login.aspx page in my site and stuck on a asp login control - that's all I did. Now my Welcome.aspx page won't show as the start page of my site when I debug - even though it is set as this. Plus I have even edited my web.config - (see below) - and it still does the same thing. How do I...
I'm looking for some examples for asp.net mvc that use the integrated asp.net forms-authentication based membership providers with edit and post scenarios. I'm looking for best practices here. Let's say I have a Contacts table in my database with a Name field, and a UserId field which is tied to the aspnet_Users UserId field. I thought ...
This seems like a pretty stupid question, but I'm trying to figure out the best way to do this. Would you simply redirect to a /Logout page and have the controller call the FormsAuthentication.SignOut function? That was my first thought, but then I wondered if it could be abused by third party websites. Let's say someone just decides ...
I'm trying to implement the "Writing Information to UserData" section of this article, but it doesn't work properly when the cookie is part of the URI. My code: // Create the cookie that contains the forms authentication ticket HttpCookie authCookie = FormsAuthentication.GetAuthCookie( userName, createPersistantCookie ); // Get the Fo...
In forms model, I used to get current logged in user by Page.CurrentUser How do I get current user inside a controller class in ASP.NET MVC? ...
Hi, We would like to have the FormsCookieName of FormsCookiePath change per instance of our application. We have an application which has multiple instances on 1 server/domainname. Because of this we can only work in 1 application at the same time, since the cookies will overwrite eachother. Same for the Sessions btw. Is there a way to...
I have one application which uses the standard .NET forms authentication cookie, now I need to get this cookie from an application hosted on the same domain but one folder down with it's own application. I can't seem to find any trace of the cookie using Request.Cookies.AllKeys, there must be a reason why because when I check to see wha...