I am trying to set up Single sign on for 2 websites that reside on the same domain e.g. http://mydomain (top level site that contains a forms-auth login page) http://mydomain/admin (seperately developed website residing in a Virtual Application within the parent website) Have read a few articles on Single Sign on e.g. http://www.cod...
I have a login script that when successful, should check to see if the session exists, if not, display login form, once posted, authenticate, if successful, set session. After I successfully post the form, and it binds successfully, then go back to the page, it completely ignores the session and displays the login page. I don't know wh...
I have 2 asp.net web applications running in IIS7: http://app1.local/ and http://app2.local/ My host.ini file just maps the above urls to localhost: ::1 app1.local ::1 app2.local I added the same machine key to both their web.config's. When I sign into app2, and then go to app1, the call to Request.IsAuthenticated is false? Sh...
We're using URL routing based on Phil Haack's example, with config modifications based on MSDN Library article #CC668202, to provide "shareable" links for a ASP.NET forms site, and have run into a strange issue: For users attempting to open links from PowerPoint presentations, and who have IE set as their default browser, using one of th...
Hello, Is there a way to make ChangePassword control work without Membership provider? Like the same way Login control works through an Authenticate event, could I make this component to use my password changing function and then showing success view without me writing custom provider? Thanks, Eugene. EDIT: Just to clarify after som...
I have 2 asp.net web applications. http://app1.local/ and http://app2.local/ App2 has a httpHandler that takes in some credentials, and logs the user in using forms authentication. FormsAuthentication.SetAuthCookie(cookieUserName, createPersistentCookie); HttpCookie authCookie = context.Response.Cookies[FormsAuthentication.FormsC...
If I am on a website#1, and I enter my username/pwd for website#2 on a login page that is on website#1, and website#1, behind the scenes, makes a httpwebrequest to website#2 and posts to the login page. If I then navigate to website#2, should I be logged in? website#2 uses formsauthentication and I call a httpHandler that is on website...
I have a problem at my production web, that I am not able to solve. I am not able to reproduce the problem in stage or development. It only appears when the website is under heavy load. I think it is solvable if somebody who has a very good understanding of the internals of FormsAuthentication would have a look at it by logging into ou...
I'm using Tomcat 6.0, and I want to know how can I configure Tomcat's server.xml file to connect to mysql database, and enable form based authentication in java. I'm currently using mysql 5.1, and I've already downloaded mysql connector jar file, and put in lib directory of Tomcat. ...
Due to a bug in Flash, I have to use the ASPXAuth cookie to log a user in on a page that a flash upload script calls after upload. See this page for more information: http://geekswithblogs.net/apopovsky/archive/2009/05/06/working-around-flash-cookie-bug-in-asp.net-mvc.aspx I have to make the ASPXAUTH string "public" in the sense that it...
I want to know how can I enable form based authentication in java through database. After connecting to database, how can I verify whether the username and password, which I'm entering through html page is correct or not? Do I have to change action servlets from j_security_check to another my own defined servlets, which will connect t...
If I have a look at my cookievalue .ASPXANONYMOUS it is a string ie WZnX-rXHygEkAAAAOTFhZjE5YTctZmEzZi00MTMwLWEwNTAtYjYwMzI0N2M0NTY4gQUsRlThiJWAjBgmBnpeIba7eGo1 The value Request.AnonymousID is a Guid. How do you get from ASPXANONYMOUS to AnonymousID ? I need this to debug some issues I have with FormsAuthentication. ...
I have a fairly complex business application written in ASP.NET that is deployed on a hosted server. The site uses Forms Authentication, and there are about a dozen different roles defined. Employees and customers are both users of the application. Now I have the requirement to develop a Windows Mobile client for the application that al...
Is it possible to configure ASP.NET MVC 2 RC and FormsAuthentication to achieve the following? The below scenarios need to be played out before a user logs-in to the system. Scenario 1 - The user navigates to "http://server/home/invalid-action". A custom 404 error page is displayed. Scenario 2 - The user navigates to "http://server/inv...
How to configure FormsAuthentication to allow access to root path for un-authenticated users? This needs to be accomplished by using the tag. The following URL should work for un-authenticated users - http://server/site/ . They should not be automatically re-directed to login page. ...
I have an ASP.NET web application that is using forms authentication. Everything is configured and working correctly. However, i'm dealing with the issue of creating and maintaining users and role membership. I know that I can roll my own solution but I'm wondering if there is an alternative solution? Does iis7 provide screens for man...
I have three current thoughts on how to do this: re-implement AuthenticationService, which uses lots of internal constructors and internal helpers, implement custom IIdentity and IPrincipal types and somehow hook these into FormsAuthentication. give up and roll my own. The problem is that we've got web apps and fat client apps using ...
Reading this question different users get the same cookie value in aspxanonymous and search for a solution, I start thinking, if it is possible for some one to really steal the cookie with some way, and then place it on his browser and login lets say as administrator. Do you know how form authentication can ensure that even if the coo...
Hi everyone, I'm hoping to learn a more about ASP.Net forms authentication, for use in a website we're building at work. I was wondering if there were some particularly good overviews out there on how it operates? One question that I was wondering about is how it stores the username and password info when you've signed in. I believe ...
Here is my issue. I have an ASPX web site and I have code in there to redirect from the login page with the call to "FormsAuthentication.RedirectFromLoginPage(username, false);" This sends the user from the root website folder to 'website/Admin/'. I have a 'default.aspx' page in 'website/Admin/' and the call to redirect works on a previo...