I have an ASP.NET WebForms page with forms authentication. When users create a login, I use 'remember me' to create the authentication cookie.
What I now want to do is check the time of their last access. But LastLogin time is updated only when the user uses the login control (which they don't need to use when they have the authentication cookie on their machine), and LastActivity control is updated before any of my code runs.
It looks like the only way I can do this is to hook into the application event Application_AuthenticateRequest - right? Or is there some better way to do this?
is it possible to set a user defined timeout value on an asp.net website...i have a table that stores the time out value for each user of my website...i need to set the time out based on who logged in...i know that the default aspnet timeout setting is 20 mins of inactivity...is there any way i can circumvent this...and yes i do need to show a modal when the timeout expires and need to reset the timeout value if the user wants to continue the session or log them out if they choose not to continue...
I have a site that is using Forms Auth. The client does not want the site session to expire at all for users. In the login page codebehind, the following code is used:
// user passed validation FormsAuthentication.Initialize(); // grab the user's roles out of the database String strRole = AssignRoles(UserName.Text); // creates forms auth ticket with expiration date of 100 years from now and make it persistent FormsAuthenticationTicket fat = new FormsAuthenticationTicket(1, UserName.Text, DateTime.Now, DateTime.Now.AddYears(100), true, strRole, FormsAuthentication.FormsCookiePath); // create a cookie and throw the ticket in there, set expiration date to 100 years from now HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(fat)) { Expires = DateTime.Now.AddYears(100) }; // add the cookie to the response queue Response.Cookies.Add(cookie); Response.Redirect(FormsAuthentication.GetRedirectUrl(UserName.Text, false));
When I log into the site I do see the cookie correctly being sent to the browser and passed back up: However, when I walk away for 20 minutes or so, come back and try to do anything on the site, the login window reappears. This solution was working for a while on our servers - now it's back. The problem doesn't occur on my local dev box running Cassini in VS2008.
We have the timeout value set to 120 in our <form> tag within the web.config. We do not have a session timeout set.. and we have various connection strings.
We are having a problem where a session variable will disappear (become NULL) .. but, the form evidently remains 'open'.. or no re-login is required..... so, my question(s):
1. what is the relationship between form timeout and session timeout
I'm using default ASP.NET user controls and SQL user provider. How can I log somewhere when users login to web and when logout? Is there some tricks for it or just write to some .log file manually each time after user login. (Also , how can I check user IP adress?)
I am having a problem with my ASP.Net Web application. The application is developed using vb.net and is linked to a SQL Server database. Let me explain how the application works and the problem I am experiencing. The system is an online web app which allows registered users to create a CV online. One of the pages within the app gives users the chance to add a cover note to their CV. The page that allows them to do this consists of only a textarea control and a button control. The textarea allows users to input up to 4,000 characters.
Once the user clicks the 'Save' button to save their cover note info, the following code then executes.This code checks to see if the CV already has cover note info, if it does, then the application runs an update statement, otherwise, it runs an insert statement.The table within the database which records the cover note information is called tbl_covernote and has three columns, covernote_id (int and autoincrement), cv_id(int), covernote_text (nvarchar(max)).
The error which occurs sometimes is as follows:
Dim dr As SqlDataReader Dim param(0) As SqlParameter Finally [code]...
I have an ASP.Net application that makes an AJAX request to retrieve at report. The report can run for a long time so I set the asyncpostbacktimeout in <asp:ScriptManager /> to 600. However, when I try to run the report, if it runs for longer than 90 seconds it fails to come back. I can see in the IIS logs that the POST request succeeded with a 200 status and I can see the time taken is much less than 600.
The web page dutifully waits for the entire 600 seconds before returning with a timeout error:
Error:
Sys.WebForms.PageRequestManagerTimeoutException:
The server request timed out.
Is there any setting I should be checking in IIS? Connection timeout is 900 seconds.
i am not sure to which head does this problem belongs ....but this seems to be a security issue to me..I am writing this post after googling aroung for 2-3 days..Frown but still can't find any resolution to my problems. Let me describe my problem:-
I have created a website which does the following tasks:
1) Creates a user
2)Enables/Disables users
3)Delete users
4)Unlocks users
5)Reset password of a user
in Active Directory.
I have used impersonation in my application which uses the admin credentials to perform above tasks.When i run this application in debug mode through Visual Studio 2005 ,all the tasks are performed successfully .Now comes the deadly exceptions i am facing after publishing the website and hosting it on IIS. Task 2 & 3 are still working fine and i can enable/disable and delete user from AD even after hosting website but the problem comes in
Resettind password
Exception Details:-Exception has been thrown by the target of an invocation. || Trace: at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args) at ADHelper.ResetPassword(String currentDomain, String userToResetPwd, String newPassword) in e:New ProjectAD [code]...
I am running my application locally -- ie. No external traffic and very low number of queries, fully under my control. I see tons of 'Audit Login' and 'Audit Logout' events. What are these and where are they actually stored (ie. Where is this audit log)? Are these a hint of a problem with connections, because I have only a simple connection string within my app and thought that connections would remain active throughout the operation of my app (ie. a single login at launch, and then a single logout when terminating).
I have a page of each every click has ajax call to my server (hence, the ASP extends the session)
I have ASP.NET session set to Xmin. I want when X+1 min expires, I have expiration page. what I did was to set the JS timer to validate every x+1min to see if the session expired (the problem is that the JS and the ASP session timeouts are not synced)
I have an issue to where my users are logged into my system but thier session is null so when they try to do something in the system after 20 minutes, i get null reference expceptions because my session is gon What is the best practice for handleing the session, should i kick the users out before thier session ends and when they log back in thier session will return or atleast a new one will be created right? How should I handle this?
i have an administrators page that gets a list of the users that are members of my site and i want to display their profile each time i clikc on the user name.
In order to do so, i use the following code:
[Code]....
This way, the last activity date is updated and the IsUserLogedOn property is set to true, without the user actually enter the application (since it is a calculated value that depends on the last activity date). As a result, each time i click a user name to view his profile, the user seems to be loged in.
I need to display current status of a document approval workflow task in asp.net web page with a specific activity highlighted.
I have seen the Visual workflow tracker example (in wf & wcf samples) but I have two issues,
I have to render workflow in asp.net not in a WPF app. I don't need to display current status with workflow running, all activities that need to be highlighted are the ones that require user input. e.g. "waiting for approval from department head" etc.
If I could just convert the workflow XAML to JPG after highlighting a specific activity by activity id "that created a bookmark and waiting for resumption the bookmark" it would do the work.
check the attached file for required workflow image to be rendered on asp.net page:
Workflow with current activity highlighted (that is waiting to be resumed)
Im working on my first ASPX webpage now, and Im wondering if there is some way to make a cache?
With a cache, I mean a list of variables that gets transferred from a db to for insance a hashtable the first time a user loads the page. When the next user loads the page, the db doesent get touched, but the variable is collected from the hashtable.
I tried to make a static class, but it re-loaded for each time I refreshed the page.
I am running a Access Database and I have a Intranet site, Administrators can post News to a table in the Access database and Intranet users can see the news when they go to the Intranet site.
Any important/companie news is posted to the Front page and the user can access the news vie a link.
BUT;
if there are more than one post when the user clicks on the link they can only read the first post.
When they click on the 2nd link the first post opens but the Activity ID from my table in access changes!
The Activity Id changes but the page content does not, I am using form view on the Activitydetails2.aspx to view the news table
I have created a web user control called Activity. I have defined a public-facing event on that web user control called OnActivityDelete. There is a delete button in the Activity control. When the delete button is clicked, the Activity control fires the OnActivityDelete event. I am using this web user control in a repeater. I assign an event handler to the OnActivityDelete event on the repeater's item data bound event. When I click the delete button for the Activity control, the event fires from the Activity control, but it never hits the event handler in the page that's using the control. (I have stepped into the code with the debugger and confirmed this behavior).
My suspicion is that this behavior has something to do with the fact that the event handlers are added in code behind when I bind the repeater to a datasource, which I only do if the page is not posting back.Is it possible to define the event handler for the Activity control in the markup of the aspx page? If so, will this solve my problem?If not, do I have to bind the repeater and hook up to the events every page load in order to solve my problem (this works, I just tested it), or is there some viewstate trick to getting the events to persist? Markup of Repeater on page:
I have this web application built. I am using windows authentication for this application. I have to log all the user activity as wells as site activity in this application. I have the below mentioned class established to log some activity regarding the user to an SQL server database table..
[code]....
I would still need to log many other items regarding the user and also the site, like the time spent by the user on the site, no: of currently logged in users on the site. Can anyone here suggest me as to how do I capture those items?? let me know if I am going in the right direction too.....?? If you can provide me with some links on this "user activity logging for windows authenticated applications".
I'm working with ASP.Net web services and am having a problem with a long-running process that takes about 5 minutes to complete, and it's timing out. To fix this, I was able to set the executionTimeout on the server's web.config to 10 minutes, and then set the .Timeout property on the Web Service object to approximately 9 minutes. Now, I'm worried that this may possibly cause some other web service calls to sit there for 10 minutes before they time out rather than the previous 90-100 seconds. I know the default on the client side is 100 seconds, but wasn't sure if updating the server's timeout setting would affect this.
Bottom line is - Is it safe to update the server's timeout setting to a long amount like 10 minutes, and rely on the default timeout on the client, or could this end up causing some problems?
Nowadays having activity logs of the system is needed for history and if someone who is trying to mess your site, it is easily to define who is it and when it happen. And even Facebook have it.
I know the difference between ASP.NET webforms and ASP.NET MVC and I've seen quite a few videos explaining that they both run on top of ASP.NET (and I've used both). However, my question is, how would one develop right on top of ASP.NET without webforms or mvc.net?