Custom Authentication Module Inheriting IHttpModule
Feb 3, 2011
LoginPage.aspx:-
protected void Button1_Click(object sender, EventArgs e)
{
Context.Items["Username"] = txtUserId.Text;
Context.Items["Password"] = txtPassword.Text;
//
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, Context.Items["Username"].ToString(), DateTime.Now, DateTime.Now.AddMinutes(10), true, "users", FormsAuthentication.FormsCookiePath);
// Encrypt the cookie using the machine key for secure transport
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(
FormsAuthentication.FormsCookieName, // Name of auth cookie
hash); // Hashed ticket
// Set the cookie's expiration time to the tickets expiration time
if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;
Response.Cookies.Add(cookie);
Response.Redirect("Default.aspx");
}
Global.asax file:-
void Application_AuthenticateRequest(object sender, EventArgs e)
{
if (HttpContext.Current.User != null)
{
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
if (HttpContext.Current.User.Identity is FormsIdentity)
{
FormsIdentity id =
(FormsIdentity)HttpContext.Current.User.Identity;
FormsAuthenticationTicket ticket = id.Ticket;
// Get the stored user-data, in this case, our roles
string userData = ticket.UserData;
string[] roles = userData.Split(',');
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(id, roles);
Response.Write(HttpContext.Current.User.Identity.Name);
Response.Redirect("Default.aspx");
}
}
}
}
I get the following error after signing in This webpage has a redirect loop.
The webpage at [URL] has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.
View 2 Replies
Similar Messages:
Nov 29, 2010
I am creating a custom control by inheriting a server control, say LinkButton. There are properties like "BorderColor" available in LinkButton. Let's say, I don't want this particular property to be available when I create an instance of the custom control.
I want to completely hide this particular property (I don't want to override it but disable it.)
My code is as follows:
[Code]....
View 3 Replies
Feb 8, 2010
Am going to develop authentication part in the web site. I want my authentication module should not be hacked by any one and also want in secure side.
View 1 Replies
Feb 21, 2011
I have a very simple CustomValidator control as follows:
[Code]....
If I use this on a basic aspx page as follows:
[Code]....
When I press Button1, I would expect the CustomValidator to fire only if there is a value in TextBox1.Instead, the CustomValidator is ALWAYS fired. Even adding ValidateEmptyText="false" to the validator does nothing to change this behaviour.What am I missing from my control implementation that is causing this?
View 6 Replies
Dec 16, 2010
This is my first "request for help" post - I've spent the past few weeks helping others, so I'm hoping someone can shed some light here.I've dealt with server controls before, so it's not new to me, but it was some time ago and I'm a bit rusty. I have an inherited calendar control, that works fine:
[Code]....
I've overriden the Render method, hoping to be able to modify the HTML output of the control - I want to hide the back arrow if the Month & Year in MinDate is reached in the calendar, and the same goes for MaxDate and the forward arrow.On top of this, I want to be able to display icons in the day cells, under certain data-bound conditions. Once I've figured one out, I'm sure I'll be able to work the other one out.Are there any other methods, events or properties more suitable for this? Are there any other controls that do what I'm looking for that I've maybe overlooked?I'm using C#.Net 4.0 Webforms - it's a very small app, so I've not used MVC etc... just a few LINQ queries to the database.
View 2 Replies
Mar 3, 2011
I am making a Http Module for authentication in my web application in asp.net 2.0. When the AuthticateRequest event is fired then I get the userid and password values from current request. But Every time I am getting null in both. My code is here
[code]....
View 1 Replies
Jul 20, 2010
I am working on building a custom form builder module for our customers ... and wondering if you know any good .NET code base references for this module.
Requirements:
Customer should be able to add a form field(radio button, text box, dropdown menu) and customize the values real time.
View 1 Replies
Mar 16, 2011
I am writing a custom HTTP module to implement user authentication and appropriate access rights. And for identifying access rights for the user also depends on identifying the client's machine details like IP address, machine name, etc. The access rights will depend based on from which location or machine the user is trying to login.
Can we get these details from the HttpApplication or HttpContext object?
View 2 Replies
Dec 16, 2010
I am new to MVC framwork and have a big project on my hand.The MVC given a inbuilt membership provider .But I want to a custom database account management of users like admin user,subadmin user and site users.provide me functionlity(total step by step ) about login module with work with stored procedure and how i validate valid user login in the site and redirect from home page with displaying username etc.
View 3 Replies
Mar 8, 2011
i trying to inject js to page (to tags) by using ihttpmodule.but js isn't injected.
the page:
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="MyTempProject._Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
[Code]....
View 1 Replies
Aug 6, 2010
All implementation of IHttpModule I've seen looks following:
[code]....
I am wondering why is the Dispose method always empty? Shouldn't we unsubscribe the event which we subscribe in the Init method?
View 1 Replies
Nov 7, 2010
I've declared an event on an HTTP Module so it will poll subscribers for a true/false value to determine if it should go ahead with its task of tweaking the HTTP Response. If only one subscriber answers true then it runs its logic.
Are there potential pitfalls I'm not seeing?
public class ResponseTweaker : IHttpModule {
// to be a list of subscribers
List<Func<HttpApplication, bool>> listRespondants = new List<Func<HttpApplication, bool>>();
// event that stores its subscribers in a collection
public event Func<HttpApplication, bool> RequestConfirmation {
[Code]....
View 1 Replies
Jan 31, 2011
What is the difference between HttpApplication class and IHttpModule? Are they both same or different?
I see articles that mention the same events in both the classes.
View 4 Replies
Nov 7, 2010
An IHttpModule implementation I created
public class ResponseTweaker : IHttpModule { // my module ...
is registered in Web.config
<system.web>
<httpModules>
<add name="redman" type="ResponseTweaker"/>
</httpModules>
and an instance of it is sitting in the pipeline.
From the perspective of a caller (e.g. from the Global.asax.cs file), how should I get a reference to that module instance?
View 1 Replies
Nov 9, 2010
public class NHibernateSessionPerRequest<T>:IHttpModule
{
public void Dispose() { }
public void Init(HttpApplication context)
{
context.BeginRequest += BeginRequest;
context.EndRequest += EndRequest;
}
}
How can it be registered in web.config?
View 2 Replies
Jan 20, 2011
I have done it as mentioned in the readme file in the samples folder. But after completing all the steps when I open my browser and give in the url http://<servername>:<portnumber>/Reports, it shows the following error:
The report server is not responding. Verify that the report server is running and can be accessed from this computer.
View 4 Replies
Jan 3, 2011
I want to use authentication on my site in order to login to the Admin section. I already have my database schema, I don't want to use the ASP.NET membership tables for SQL Server. I have three tables: Employees, Roles, and EmployeesInRoles.
I'd really like to keep this as simple as possible, but I'm having trouble finding a solution. I just want to use forms authentication with my tables so employees can log in, log out, change their password, etc.
View 2 Replies
Feb 15, 2011
I am using Windows authentication in my asp.net project. We need to implement the security based on the configured GroupNames.
To simulate the Project environment i have 3 pages in my application .
1.TestPage.aspx 2.Main.aspx 3.ErrorPage.htm
When logged in user is in group or role "MyDomainDatawarehouse" i need to give access to Main.aspx page.If User not in that group and user tries to access the Main.aspx page by typing url in the address bar of Browser then i need to redirect user to the ErrorPage.htm. But this is the place where my code is faling. I guess some thing wrong in the web.config.
Note: All the authenticated users are permittedto see TestPage.aspx irrespective of their roles.
Note : All the .aspx and htm pages are in the same root
[Code]....
View 7 Replies
May 24, 2010
I'm trying to get forms authentication working for an mvc site. I have a custom database with a users table, and I would like to do my own password validation. I am logging in my user like this:
if (PasswordHasher.Hash(password) == dataUser.Password)
{
FormsAuthentication.SetAuthCookie(email, true);
return true;
}
The problem is, when the session expires obviously the user has to login again. I am thinking I should be storing this Auth cookie in my users table? Update: I'm obviously in desperate need of more education in this area. I just noticed that the user stays authenticated even after an iisreset.
I guess what I'm asking is how can I get persistent and non persistent authentication working properly. I want a user to not have to login again if they click "remember", and if they don't then their authentication should expire when the forms authentication is set to expire.
View 2 Replies
May 11, 2010
I'm trying to upgrade my mvc 1.0 application that had a custom written login. I assign the authcookie like this:
[code]...
And here if I debug _authRoles has "Admin" in it, and isAuthorized is always false.
If I check the "ticket" it has some: UserData = "Admin".
What can be wrong there? Is it the "User.IsInRole" that is different, or do I need to add something in web.config?
View 1 Replies
Aug 11, 2010
I have created a WCF service that will serve as authentication service for Silverlight client.The problem is that when I make a call to FormsAuthentication.SetAuthCookie in the Login method below, I get a null reference exception. I am following the 'Securing Applications Built on Silverlight and WCF' (http://www.componentart.com/community/blogs/milos/archive/2009/05/07/securing-applications-built-on-silverlight-and-wcf.aspx)
[Code]....
View 1 Replies
Jan 9, 2010
Im trying to make a solution like this [URL] Now the question is how do I filter the request, I only want to Open an ISession if the request is for an ASPNET MVC Action, not for *.gif, *.css etc. How should I handle this filtering?
View 3 Replies
Mar 24, 2010
i am in the process of developing an asp.net mvc 2 social web app and some of the requirements have to do with users authentication and personalization. Site visitors should be able to login using credentials not only by registering to my site but also by entering external account credentials (Live ID, facebook, etc...). Also, users should have a custom profile, where they could enter personal details, preferences, etc...
Is there any good tutorial on how to implement custom membership and profile providers? The default Role provider that comes with asp.net mvc is ok and does not need to be re-implemented.
View 5 Replies
Sep 27, 2010
In my earlier verison, I used Active Directory to authenticate users which was Custom. In the sense that, I had passed UserName and password along with a token request through datalayer to authenticate against AD. it would eventually check the DomainNameUserName, password against AD and will get authenticated.
View 5 Replies
Sep 15, 2010
I am using Kerberos as the Authentication mode for a WCF Client to interact with an ASMX Web Service. I am using customBinding in the WCF Client. I am getting the below mentioned Fault Exception when I invoke the HelloWorld Method by creating a Proxy using SVCUTIL.
`System.Web.Services.Protocols.SoapHeaderException: Server unavailable, please try later ---> System.ApplicationException: WSE841: An error occured processing an outgoing fault response. ---> System.Web.Services.Protocols.SoapException:
System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.InvalidOperationException: WSE914: This instance of derived key token does not support encryption, decryption, or key wrapping. It can only be used to sign or verify signature. Please make sure that the length of the derived key matches the length of the key required by the symmetric encryption algorithm configured for the derived key token manager.
at Microsoft.Web.Services3.Security.Tokens.DerivedKeyToken.Psha1SymmetricKeyAlgorithm.get_EncryptionFormatter()
at Microsoft.Web.Services3.Security.EncryptedData.ResolveDecryptionKey(String algorithmUri, KeyInfo keyInfo)
at Microsoft.Web.Services3.Security.EncryptedData.Decrypt(XmlElement encryptedElement)
I am badly struck with this exception and unable to progress further.
View 2 Replies
