Credentials Prompt For An Aspx Page Configured For Anonymous Authentication?
Oct 11, 2010
From Flex we call a Upload.aspx page which is configured for anonymous authentication. Most of the time, it works like a charm, but once in a while, the browser does prompt a enter credentials popup...The whole site is configured for Windows Authentication, but some pages and folders are set to use anonymous authentication. This is done using the location tag in web.config.What could be the reason for this?
View 3 Replies
Similar Messages:
Apr 1, 2010
We have an IIS/ASP web page from a vendor that we have just dropped onto a webserver within our company. The ASP pages do not come with any sort of authentication built in, so I am trying to configure the site to prompt for credentials before being accessible. I would like the site to prompt for the credentials in all cases (ie. I don't want Internet Explorer to pass through the credentials of the logged in user). I want authorization to this site to be allowed only to members of a certain security group with Active Directory.
Is there a way to do this? I'm not really an IIS guy, nor an ASP developer, so I'm kind of feeling my way through the dark here.
Based on some searching, I have tried adding the following to the web.config file:
[Code]....
I have also installed the IIS URL authorization role service, and have tried playing around with the authentication settings within IIS, to no avail.
I am using IIS7 on Server 2008.
View 4 Replies
Oct 8, 2010
i'm wondering is there a way that i can add my configuration User to a specific role ?
so i have this in my web.config file
<forms loginUrl="/Account/Login.aspx">
View 1 Replies
Jan 26, 2011
I am Publishing crystal reports on remote server using the following code. when i try to run the crystal report page Crystal report viewer prompt me for database info. As the published crystal report were created using development server. In my crystal report i was using OLEDB ADO Connection
MyRepository _MyRepository = new MyRepository();
System.Data.SqlClient.SqlConnection myConnection = new System.Data.SqlClient.SqlConnection();
myConnection.ConnectionString = ConfigurationManager.ConnectionStrings["MyConnStr"].ConnectionString;
System.Data.SqlClient.SqlCommand MyCommand = new System.Data.SqlClient.SqlCommand("dbo.spMySP");
MyCommand.Connection = myConnection;
MyCommand.Parameters.Add("@PositionID", SqlDbType.Int).Value = (cmbPositions.SelectedValue == "" ? 0 : Convert.ToInt32(cmbPositions.SelectedValue));
MyCommand.CommandType = System.Data.CommandType.StoredProcedure;
System.Data.SqlClient.SqlDataAdapter MyDA = new System.Data.SqlClient.SqlDataAdapter();
MyDA.SelectCommand = MyCommand;
ASale _DS = new ASale();
MyDA.Fill(_DS, "dbo.spMySP");
rptSale oRpt = new rptSale();
oRpt.SetDatabaseLogon("sa", "mypass");
oRpt.SetDataSource(_DS);
oRpt.SetParameterValue(0, "param1");
oRpt.SetParameterValue(1, "param2");
oRpt.SetParameterValue(2, "param3" );
oRpt.SetParameterValue(3, (cmbPositions.SelectedValue == "" ? 0 : Convert.ToInt32(cmbPositions.SelectedValue)));
CrystalReportViewer1.ReportSource = oRpt;
View 1 Replies
Feb 5, 2010
I am the web developer at a medical clinic. I have 2 scenarios going on:
First, I have a physicians only component of our employee portal to allow access to only physician shareholders or physician non-shareholders. My structure is built like:
Physicians Only
Administration
Affiliations
Calendars
Compensation
Minutes
The Affiliations folder is only going to be accessible by the physician shareholders. Therefore, I have security roles set for Physicians Only and Affiliations. When I test, the security is set correctly on the folders. However, when I try to login as different people, all with different roles, I have to login with user name and password, twice, before the system allows me in.
Secondly, I have secured areas within the employee portal also. However, when I navigate to them, the system doens't usually prompts me to login. If it does prompt me to login, it too, is on the second try. So how does it know who I am? And more importantly, how do I get the system to actually prompt the user to login with their credentials?
View 15 Replies
Mar 4, 2011
I have an asp.net application which was working fine with the AppPool Identity set to Netwrok Service or Local System or Local Service. But If I change the app pool identity to a domain account (I am using my account itself) I am unable to access the application from any other machine except the web server.I am using Windows Integrated Authentication.I tried resetting IIS, Restart W3SVC, aspnet_regiis -ga . But no luck.
View 5 Replies
Oct 24, 2010
We have created an Intranet Web Application with Windows Authentication.
That asking a prompt to get Username and Password each time when we access the application.
How can we restrict that prompt other than IE --> Security --> Custom Level --> User Authentication.
(Because, with this option we need to set these settings in each and every user's system)
View 3 Replies
Dec 20, 2010
[Code]....
View 4 Replies
Mar 10, 2010
I set authentication mode to Windows in the web.config and I enable Windows Authentication and disable the Anonymous Authentication in IIS 7 on win 7, but HttpContext.Current.User is always null.It works fine when I host the web app in IIS 6.0.
View 1 Replies
Feb 26, 2010
Here are the structure of my web site:
Login.aspx in the root path
UserInfor.aspx and 1.txt in the sub-directory folder named 'Restricted'
Authenticate this website with form authentication configured in IIS, and does not allow anonymous to get into the Restricted folder with the web.config file.
I think it should work this way, if I manually access the 1.txt in the browser, I should be able to view the content, and if I go to the modules configuration for this applicaiton in IIS7, find the 'UrlAuthorization' module, and cancle the listbox for 'invoke for requests to asp.net ...', I should be directed to the loginurl setting in the root web.config file when I access the 1.txt file without logging, however, I still can see the content of 1.txt.
View 9 Replies
Jan 14, 2011
I have set up a copy of a website on a server and think I Have replicated the folder permissions and the IIS settings, but I am getting a windows authentication prompt, once i login with my admin details the site loads.
View 3 Replies
Jan 5, 2010
Does anyone know how to get to work the authentication mechanism configured using Web Site Administration Tool under Linux running Mono? Is it even possible?
View 3 Replies
Jul 29, 2010
I have an asp.net c# site that I have setup in IIS 7 and am loading into a sharepoint frame. Sharepoint doesn't prompt for domain credentials but my site does?In IIS I have enabled basic and windows authentication so I can get the domain users username, so if there is a way to get this without prompting that'd be a perfect solution for me.I am using the follwing statement to get username:
System.Web.
HttpContext.Current.User.Identity.Name
View 12 Replies
Feb 12, 2010
I been strugling with this for 2 days now without comming any closer to solution. I have read 20-30 threads alteast and stil can not resolve this.I have disable anonymous authentication, enable asp.net impersonation.I have added <identity impersonate = "true" />I have added the a user to the security logins that is connected to the database I try to connect tThis is the connectionstring I use:
Data Source=IPTOSERVER;Initial Catalog=Phaeton;User Id=User;Password=Password;errormessage
View 6 Replies
Jun 14, 2010
So I have an asp.net Web Application (Not Web Site) that I am trying to support profiles for anonymous users. I have a form and I want anonymous users to be able to enter their name and email only once, and have that information automatically accessible on the next load for them.
In my Web.config I have anonymous ID setup like so:
<anonymousIdentification enabled="true" cookieless="AutoDetect" />
I have my profile section setup like this:
<profile defaultProvider="SqlProvider" enabled="true" inherits="QA_Web_Tools.UserProfile">
<providers>
<clear />
<add connectionStringName="QAToolsConnectionString" name="SqlProvider"
type="System.Web.Profile.SqlProfileProvider" />
</providers>
</profile>
Finally, due to my app being a Web App and not a Web Site, I am using the profiles via this custom object:
public class UserProfile : ProfileBase
{
public static UserProfile GetUserProfile(string username)
{
return Create(username) as UserProfile;
}
public static UserProfile GetUserProfile()
{
return Create(Membership.GetUser().UserName) as UserProfile;
}
[SettingsAllowAnonymous(true)]
public string FullName
{
get { return base["FullName"] as string; }
set { base["FullName"] = value; }
}
[SettingsAllowAnonymous(true)]
public string BuildEmail
{
get { return base["BuildEmail"] as string; }
set { base["BuildEvmail"] = value; }
}
}
This code is based off of this reference. The issue is that that code does not support anonymous users, or if it does I don't know how. I can't use the GetUserProfile() method with no parameters because if the user is anonymous, Membership.GetUser() is null. I could pass in the anonymous ID token into the first GetUserProfile(string username) method but I cant' find any way to get the anonymous ID token for the current user. Does anyone know how to get this information? Google doesn't seem to be returning useful results.
View 1 Replies
Feb 14, 2011
I am using windows authentication in my web application. All we need is when the application will be executed it will launch login.aspx page. If users put correct userid and password(checked from active server directory) it will be redirected to a difference page. But if any unauthenticated user tries to access any other page in the application by typing the Url on the address bar it will be again redirected to the login page. We have to do this by changing our web.config file.I can achieve this using form authentication but not windows. But our requirement is windows. The requirement is very basic but all effort is just not working.
View 2 Replies
Apr 8, 2010
I have a web site that is using Windows Integrated Security for authentication. Under the site in the IIS there is a virtual directory that inherits these security definitions. Assuming I have several pages under the virtual directory, is it possible to apply anonymous access on on 1 (one) of them?
View 4 Replies
Mar 23, 2011
I have a .NET 3.5 application running under IIS 7 on Windows 2003 server and cannot get integrated windows authentication working properly as I continue to get prompted for a login. I have set Windows Authentication to enabled in IIS with all other security types
disabled and my application web.config file authentication/authorization is set up as:
<system.web>
<compilation debug="true" strict="false" explicit="true" targetFramework="3.5" />
<authenticationmode="Windows"/>
<authorization>
<deny users = "?" />
</authorization>
</system.web>
With this setup, I'm expecting behind the scene verification of the Windows user to allow access and deny anonymous users. However, what I'm getting is a Windows login pop-up when I try to access the site. I have been troubleshooting this issue for a few days now and cannot figure out the problem. Based on posts with similar problems, I confirmed my URL does not include any periods, double checked that my IE settings are set to Enable Integrated Windows Authentication, and also added my URL to my intranet sites, but still getting the pop-up. To troubleshoot it further, I enabled Anonymous Authentication in IIS and modified my web.config file to which lets me right in and then added Response.Write(System.Security.Principal.WindowsIdentifity.getcurrent().user.name.toString()) to try to see what user is being used in the authentication. The result I'm getting is IIS APPPOOLmyapp which is obviously the IIS application pool for my application.
I'm still using only windows authentication but don't get the pop-up and the windows authentication is performed against the actual Windows user. Just noticed that when the login fails and the Windows login prompt displays again, it is showing the username that attempted to login as "SERVERNAME""USERNAME" which led me to believe it was trying to validate the user against the server vs. the domain. To confirm this, I created a local user account directly on the app server with the same username and password as the network domain user and tried to login again. The result was that I received the login prompt again but when I entered the username and password this time, I was able to successfully login. The network user and app server are on the same domain so really not sure why IIS authentication is pointing to the local app server accounts and not to the domain accounts. I realize this is an IIS question at this point so posting on forums.iis.net as well but anyone may have since have been troubleshooting this for days.
View 1 Replies
Nov 10, 2010
I am using forms authentication. It's works fine locally. Once I upload my web application to a remote iis server and run it I get a Windows authentication prompt. The server [URL] at [URL] requires a username and password.
View 1 Replies
Sep 23, 2010
We have a weird issue found during setting up a new Windows 2003 Server with IIS6.0 & ASP.NET 2.0, our site is built using ASP.NET forms authentication with general authorization to deny access to all users & allow explicitly to static, home pages etc, -- web.config setting for forms auth looking as below:
<authentication mode="Forms">
<forms name="appNameAuth" path="/" loginUrl="~/Pages/Users/Login.aspx" protection="All" timeout="60" defaultUrl="~/Pages/Inner.aspx">
</fo </authentication
View 1 Replies
Mar 22, 2010
If a user has signed into their computer and are connected to an intranet, is there a way to grab the users crendtials and authentication them in asp.net? What specific code would do this?
View 2 Replies
Oct 15, 2010
Since last week I've had a really odd issue with PageMethods and the back button which i've never seen before.
Essentially, I have a 'home page' which on document.ready (using jQuery), loads some data through PageMethods, and then renders a list - from which you can click through to a details page about the item. In general use, it works fine. However, using the back button after clicking through (ie: going back to the home page), it throws a PageMethods error. The browser's 'authentication required' prompt appears, and if you click cancel, the server returns a 401. The error returned by PageMethods on the client side is 'authentication failed'.
Just FYI, the application is using ASP.NET forms authentication. The weird thing is, this happens as soon as you click the link and click back. It's not like the authentication cookie has expired or anything, and if you click cancel when the prompt appears and refresh the page, it works fine. I just can't work out what is going on.
I've tried disabling caching on the page [as I thought it was something to down with some browsers' caches of the DOM), but the same thing happens.
One workaround i've had is to redirect the page to itself if the PageMethods error is 'authentication failed', which does work - but only when you cancel the authentication prompt. Obviously the prompt appears, which is not ideal.
I don't understand it, and the user is clearly authenticated. Does anyone have any idea which might be happening?
It's happening in Chrome, Firefox, and IE.
View 1 Replies
Mar 29, 2010
I am using a custom error page in IIS 6:<customErrors redirectMode="ResponseRedirect" mode="On" defaultRedirect="Error2.aspx"/>I want to disable authentication for the custom error page because the error being raised is related to an authentication module and I don't want to get into an infinite loop and I want to display a clean error page to the user. I have been trying the following configuration to do that.
<location path="Error2.aspx">
<system.web>
<authentication mode="None"/>
[code]...
View 3 Replies
Dec 15, 2010
I have a problem with using login controls form authentication ! as my website serves some pages for guest users(Anonymous user) and some pages are for only secure user(they must have to login for those requested pages)...... my problem is this that when i apply form authentication in web.config file to login control then visual studio directly shows only login page where i want that in general case only : guest user pages must be shown and if user clicks on login then after login the requested page he may open !
View 2 Replies
Jul 20, 2010
I have an intranet web application, where i have windows authentication = true in web.config. I hear from end users that the website is aksing for their login credentials and they don't like it. By the way i am getting theusername from HttpContext.Current.User.Identity.Name and Domain Name from Mid(UserNameID, 1, InStr(UserNameID, "") - 1).In IIS, anonymous access is unchecked and Integrated wnidows authentication is selected.
View 9 Replies
