I am experiencing problems with Forms Authentication. When I try to load my Login.aspx page neither javascript nor stylesheets do not load.
Here is part of my web.config file
[code]....
The default document feature is turned off in IIS and here's the situation... My start page for my project say is A.aspx. I run the project and sure enough, A.aspx appears in the url of the browser. Like it should though, A.aspx finds no user logged in and redirects to Login.aspx like it should. A.aspx:
if (Session["UserStuff"] == null)
Response.Redirect("~/Account/Login.aspx");
The login.aspx shows up BUT when the user Logs in, the code:
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, true);
always redirects to "Default.aspx" and not "A.aspx"
I've examined FormsAuthentication.GetRedirectUrl and sure enough it returns "Default.aspx"
i using authentication at my Login.aspx prety fine, but i loss my login page style, color etc.. how i set security for login page Free?
View 1 RepliesI'm trying to develop a simple web application where I need to redirect to main.aspx after successful login attempt in login.aspx page.However,it is redirecting the page to defualt.aspx... Is there a way to redirect my application to main.aspx??
View 3 Repliesi have made an .aspx page of c# in folder named as "USERPANEL". Also placed all my js in "js" folder and css files in "css" folder & all these pages are placed under "USERPANEL" folder same location where i have create a page. If i would placing the css on the page itself then it's working but not loading any external stylesheets. why? below is code as i am attaching the fontawesome file placed in fonts folder.
<link rel="stylesheet" type="text/css" href= "fonts/font-awesome.css" runat="server"/>.
I have my website in which there are free links and links that require login. Free links open even if the user is not logged in. But in case of links that require login, redirect to login.aspx specified in Web.Config in loginURL tag.
I want some way to override this and show Ajax modal popup (Ajax extender toolkit) with login control for only thos links that require login (not for the free links).
Our website runs on ASP.NET v4 and users log in user Forms authentication.
We are considering purchasing a web application that will add to our services. The only problem is that this new website is written in PHP.
We would like users to login to our ASP.NET site and then navigate to the PHP site. The PHP site should notice that users are logged-in though. So we probably need to transfer the ASP.NET SessionID cookie and somehow use that to verify whether or not the user has been authorized.
I wrote a test page that does a bunch of busy work in a method called at page load. This process as I have it now takes around 12 seconds.
If I try to load another page while the first long running page is loading, this second page doing nothing except writing out a world, it doesn't load until the first long running page is finished.
Why is this the case? I would think IIS would be able to handle multiple concurrent connections, it seems crazy that one long running page would stop every other page in the application from loading. I must be missing something or not understand how IIS works.
I would think multiple independent requests would be spawned on different threads. Is this only the case if the requests are from different sessions entirely? Are all requests from a single session bound to a single thread?
I would periodically get a message stating "too many redirects". I used debug this moring and found out that my login page, even with no code in the page_load and no script does 9 redirects back to itself. I use forms authentication and assume it has something to do with that.
View 3 RepliesA Login.aspx has been created to enforce security on several forms of a web site.How can it be best called by each form at page load and return to that form after succesful login? How could that requirement be declared in web.config?
View 3 RepliesI have an autopostback dropdown with a requiredfieldvalidator associated with it. If I click the submit button on the page without selecting an item from the dropdown, the validator will fire as expected. Then, if I select an item from the dropdown, the validator message goes away, but the postback does not occur. The postback only works if the validator has not fired first.Is this by design? How can I work around this so that the dropdown still does a postback when selecting an item after validator occurs?
View 13 RepliesI have at text box with a validator control which works fine (prevents letters being entered, only numbers)
However once it displays the error message I am unable to do anything else on the page, links don't work etc. I have to close down the window and start the website agin.
I am upgrading a website written using ASP.NET 1.1 and the logic for the login page includes verifying the credentials, calling FormsAuthentication.SetAuthCookie() and populating the Session with the user information.
I am updating this page to use Login controls and the Membership API and am trying to wrap my head around the concepts that have been changed.
Most of the samples I see do not do anything on the login button event handler, so is the logic of setting the cookie abstracted out into the control?
Also, how do I check if a user is logged in or not on other pages. Does it still store user information using the Session?
How do I check if a user belongs to a particular role or not (Earlier, I would look in the Session object to do something like this)Is the Session a bad way of storing user info?
we host a database for several users. We allow the users to host the login form on their own server. The form calls an ASP page that we host, which executes a stored procedure to authenticate the user.
We are in the process of moving to ASP.net. The "Forms" authentication method appears to only work if the login page is hosted locally. Is there a way to use Forms Authentication & allow the login form itself to be on a different server. I'm looking for a tutorial somewhere that will get me pointed in the right direction
I have 2 almost identical asp.net (vb) applications. 1 Development and 1 Production.
They use forms authentication that is configured to run in SQL server. Both apps use the same aspnetdb database but have different application names.
The problem I have is:I have an Identical login for each app (same username, same password), but If I change profile information for that user in the development app, the changes are reflected in production app. This isn't what I want.
I want to create a website that a user can logon and view their data. They should also be able to logout. I'm wondering how to achieve this WITHOUT using the Membership provider api provided by Microsoft. This is what I think should happen.
1. user enters name and password and clicks button.
2.If username and password are correct the user is redirected to a webpage with their details.
3.A session is created.
4.The user logouts and the session is deleted.
I have an existing website using forms authentication with Sql provider. Now i am trying to integrate with another website and use their authentication mechanism. I am already able to validate a user and trying to silently login the user into my application. Here is the code for "silent" login:
[code]...
and it works with the exception that Forms Authentication overrides the HttpContext.Current.User by the time i make it "default.aspx". Is there a way to bypass forms role and membership providers?
I have an ASP.NET application where users login using forms authentication. I have 3 roles and some users. My App is not some thing like anyone can Register and access pages. Only Admin can create users & then send them their username and temp password through email. Then User can change his security question, Password and access pages. I'm trying to build this architecture. I'm using SqlServerMembershipProvider I have created Roles and some test users using ASP.NET Configuration tool. How can I implement the same thing programatically? Like Admin can create user and set his Role. User should be able to Change his Security question & change his password after Admin sets his account with some password likeP@ssw0rd. Is there any article where I can read and learn. I'm dealing with Security for the first time
View 3 RepliesThe problem is as follows: If a visitor try to access a page in Admin folder he must be redirected to login page located in Admin folder, here I will take his username and password and then I will check this in SQL Server table, if he is authenticated then he will be redirected to Default page and he can access any page in Admin folder, but not any page in User folderHere is one thing is important and that is login page in Admin folder and login page in User folder are differentSame scenario is for User folder Please tell me what is the right way to achieve this functionality
View 2 RepliesI was wondering what the following error means: Login Failed. The Login Is From An Untrusted Domain And Cannot Be Used With Windows Authentication. Initially, when my application was much simpler, I had no permissions and roles and my authentication mode was set to "windows". Afterwards, however, I added authorization, changed the authentication mode to "Forms" and ever since, when I try to login, I get the error above.
View 5 RepliesI have an issue that I've been fighting with for some time. I have a large web form, with update panels and autopostback controls. When the users click "submit", some custom javascript runs which shows validation summaries and turns the fields with errors red, relatively easy, and it works as expected. The problem is that I have a dropdownlist which should autopostback an update panel. It does this perfectly if the user does not click the submit button, and therefore my custom client script dosesn't execute.However, if a user clicks submit, the custom client script executes (turns fields red and shows validation summaries), and then the dropdownlist does NOT autopostback the first time a user changes it's value. If the user changes the dropdownlist's value a second time, then the autopost back occurs and everything functions as it should. I don't understand why the autopostback is disabled for the first click after the javascript executes. Can someone please help me out? The DropDown List looks like:
[Code]....
The Submit button is:
[Code]....
Is it possible to have multiple login pages for different folders within an asp.net application? Say I have this structure:
/admin
/customer
/login-admin.aspx
/login-customer.aspx
I have 2 different login forms. One for the admin people and one for the customers (the forms are different as the customers need to provide extra information on their login page).
In the authentication section of the webconfig file (which is at the root of the web app), I can only specify one Login page. So how can I make sure thaf if anyone tries to access a webpage in /admin they will be redirected to /login-admin.aspx and if they try to access a webpage in /customer they will be redirected to /login-customer.aspx ?
I have an application that uses ASP.NET Forms Authentication. For the most part, it's working great, but I'm trying to add support for a simple API via an .ashx file. I want the ashx file to have optional authentication (i.e. if you don't supply an Authentication header, then it just works anonymously). But, depending on what you do, I want to require authentication under certain conditions.
I thought it would be a simple matter of responding with status code 401 if the required authentication was not supplied, but it seems like the Forms Authentcation module is intercepting that and responding with a redirect to the login page instead. What I mean is, if my ProcessRequest method looks like this:
[code]....
Then instead of getting a 401 error code on the client, like I expect, I'm actually getting a 302 redirect to the login page.
For nornal HTTP traffic, I can see how that would be useful, but for my API page, I want the 401 to go through unmodified so that the client-side caller can respond to it programmatically instead.
I am using forms authentication. It's works fine locally. Once I upload my web application to a remote iis server and run it I get a Windows authentication prompt. The server [URL] at [URL] requires a username and password.
View 1 RepliesI am using VWD 2010 on a windows 7 64 bit install. Using forms authentication I am not being redirected to the login page when not authenticated yet. Even if I start a new web site from template, clear out all cookies, I still go directly to default.aspx. The LoginView control displays the anonymous template verifing I am not authenticated.
configuration why redirection doesn't occur? Remember I am trying this with New Web site template with no mods so I don't think config issue is within application code.