How To Check User Is Authenticated While Using Forms Authentication
Mar 10, 2011How to check if user is authenticated while using Forms Authentication ..?
View 2 RepliesHow to check if user is authenticated while using Forms Authentication ..?
View 2 RepliesHow to Check whether user is valid and authenticated without using Session in ASP.Net ....
View 1 RepliesAfter a user is authenticated I store their username in session state but if the session times out, I want to create a new session for the user based on their username they authenticated with original. How can I get from Forms Authentication the currently authenticated user?
View 2 RepliesI have 3 pages which they use Master page. I want to check if user is authenicated in page load event of master page.
1-Is it correct method to check authenication is page load of master page?
2- I want to know which of the following lines should I user and is there any difference between them?
Request .IsAuthenticated
Page.User.Identity .IsAuthenticated
HttpContext .Current .User .Identity .IsAuthenticated
I want to check if user is autheneicated in control (ascx). I use HttpContext.Current.User.Identity.IsAuthenticated; for this purpose.
When I browse pages using ASP.Net Developement server -VS 2008- it works fine, But when I use IIS 7 then it always return false , even if user is authenicated.
Note that it's even work fine with IIS 6 but With IIS no hope (Classic/Integrated mode). does it related to IIS 7 or what the method that I use?
I have used the Forms Authentication for logging in and in that i have created the Forms Authentication Ticket and in that ticket i have passing the data with comma seperated values.how can i get the data which is in the ticket to access in the Authenticated user pages
View 1 Repliesi have an application and a user must log-in before he/she can access pages. now once the user logs in i keep the user details in a session variable (say Session["CurrentUser"]).now if a user tries to jump to a page directly i will check if the Session["CurrentUser"] has a value or not...if not then the user will be directed to the login page...my problem is that i have done this or rather say written this "Checking Code" on almost all the pages.
View 3 Repliesthe Web Part for anonymous user and authenticated user is displayed differently. I faced this problem twise. First time when used Silverlight control in the Web Part and second time when used devexpress control in the Web Part. In both cases problem was with displaying for anonymous user. Silverlight control didn't display. Devexpress control lost it's styles. Both controls had properties that pointed to files. Silverlight control property pointed to the XAP file, and Devexpress control property pointed to the CSS file. It seems to me, that for anonymous user the Web Part cannot find this path or doesn't allow to link to other files.
View 1 RepliesI am using form authentication in my website. I have a scenario wherein the user is authenticated but the session has timed out. So, i would like to initialize some session variables in Session_Start of Global.asax (First i check if Request.IsAuthenticated=True). For that i required the name of the user who authenticated. On .aspx pages we can get it using Page.User.Identity.Name but how to get it in global.asax page.
View 1 RepliesI have a requirement that whenever a user logs onto a website using forms based authentication [FBA] that the site checks whether they have a related domain NT user record. There will be a matching lookup table between the ASPNETDB membership database and related domain accounts for users.Whenever an FBA user logs in and a related domain account is located then the member should be redirected to an alternative site / URL which is Windows NT authenticated rather than FBA. Before transferring them I would like to be able to pre authenticate them on the windows domain rather than an additional NT Login dialog box coming up and asking them to enter the related NT credentials.Is it possible to programatically preauthenticate using NT credentials before redirecting a user to an NT authenticated site?Note: This isn't technically a single sign on style scenario. The FBA / NT authenticated sites are not related other than the relationship between the original FBA credentials and the NT credentials lookup.
View 1 RepliesFollowed the code sample of Chapter 10 (Logging in) of the Book, Microsoft ASP.NET 2.0, I created an ASP.NET 3.5 website with Forms Authentication. The sample code used Website Administration Tool (WAT) to manage the users, roles, and authorization.When running in the ASP.NET Development server environment, I can first login, then click to open the links for each for the 3 roles.
However when running the sample code in the IIS server environment, I can login but can not open the links for the role subfolders.Clicking each link popped up an error message for opening a login.aspx from the specific subfolder. I don't have a Login.aspx file in each subfolder.The 3 role subfolders were configured as the virtual folders in the IIS Server. Why the sample code worked fine inASP.NET Development server environment, but got an error message from theIIS Server environment? Why an authenticated user can not open the subfolder homepage?
I've a default.aspx page in my application's root folder. I added a a page in the root of inetpub that redirects requests to the default page. The idea is that the user need only enter the server name to get to the default page. How can I set things up so that all users have access to the default.aspx and that they only have access to the other pages once they've been authenticated?
I am using Windows Integrated Security and the users are being challenged and authenticated properly. I want them to be able to access Default.aspx without any challenges.
(On a side note which may answer this question, when using WIS does the user *allows* have to be challenged? Isn't it possible to pass through their Windows User and ID without the prompt?)
c: inetpubwwwroot
edirect.aspx (set as default document in IIS and simple executes Response.redirect("sites/mercury/default.aspx")
c:documents and settingsall usersdocumentswebsitesmercurydefault.aspx (home page for the site & server)web.config includes
[Code]....
There are 10 check boxes in one page. How to code to allow user only check one?
View 2 Repliesprotected void Login1_LoggedIn(object sender, EventArgs e)
{
{
User.SetUser(Login1.UserName // and what is user ID ?
and how to check in other module if user authenticated or not?
I have a WCF service that will be using basic authentication and would like to be able identify "who" is trying to use the service. I know that the HttpContext.Current is NULL and in the WCF service, but do not know what the alternative is to get the username.
For the website, I can use:
userName = HttpContext.Current.Request.ServerVariables["LOGON_USER"];
How do I get userName in the WCF Service?
I have created a website which has Secure folder in which i have got a form which only "admin role" users can see. Now that form will appear if login is successful and it works great, if password or username is wrong then again the loginForm will appear which works great too.
Now the problem is if the users which are not in "admin role" enter the user name and password correctly, instead of coming back to the login page and showing them the "Not Authenticated" message, it gives me an error that myWebsite/login.aspx is not found. I think this is because the name for my login page is "AdminLoginPage.aspx" and which is not found and hence it shows me the error. I dont know where to change the login Page name to "AdminLoginPage.aspx"
I want to have my code fetch the authenticated user name that is running my code. There's a line or two of code that will accomplish this and I had it but I've misplaced it.
I have a web application on IIS that will authenticate using windows authentication (Active Directory). So when they access the application http://iisserver/webappname/ it ask for username pwd and domain. (currently working) How can I get information of the authenticated user in the web app through c#?
View 3 RepliesI am trying to integrate my asp.net 4.0(non MVC) website with facebook. I want to retrive the authenticated user info.The samples listed in facebooksdk is based on MVC. i tried to implement it in my website, but getting errors. i am struck.If anyone implemented the facebook connect logic and retrieved the user information using facebook-c#-sdk, please help me how to do this.I tried the same using facebooktoolkit, and i am able to retrive the user info. but the toolkit is having issues with .net 4.0.
View 2 RepliesI have Forms authentication setup for an ASP.NET 4.0 application on http://example.com - we'll call it MainApp. I also have an ASP.NET 4.0 app running on http://static.example.com which (let's call it SubApp) doesn't have access to the main app.
Now, SubApp needs to figure out usernames of users who first logged in to the MainApp and then came to SubApp. I thought that it's enough for those two apps to have the same machine keys and for the SubApp to specify in web.config, so it could read the MainApp's authentication cookie and get username from it.
I did a simple test and when I try to hit some page on SubApp it keeps redirecting to http://static.example.com/login.aspx - which doesn't even exist not specified in web.config. Apparently my approach doesn't work, though I don't understand why - main domain's cookie should be accessible on a subdomain, right?
This is how I configure authentication in SubApp:
<authentication mode="Forms">
<forms domain="example.com"/>
</authentication>
<authorization>
<allow users="*"/>
</authorization>
I am building a RESTful service using WCF. I basically want to save information about a user when they authenticate to the WCF service. For example I want to save their first name, last name, account number , and password in order to access the information in other requests in the same session. Since this information is sensitive I can not store it in a cookie.
I don't want to use asp.net session state because I plan to run this WCF as a Windows Service. Is there something (class, Assembly) I can use that can save user information and retrieve it per request or do I have to create a custom solution that will create an entry in a database every time a client authenticates to the WCF service.
We have a SSO solution with ADFS for logging into our web app, we also have standard setup that uses authentication with our database. I want to setup a solution that allows for both. So now I am trying to figure out, is there any way for ASP.NET to detect if a user is authenticated with Active Directory so I could do this on the fly? If user is logged in through AD, send through ADFS, else, show login screen. I also realize that this may not work if they are setup to use forms based authentication only after the ADFS process is started.
View 1 RepliesI got only one ideas to control with the session. When user log into the master page, I insert the current login user and session ID and active status to the SQL table. if user logout manually or close the browser or session expired, I want to change the inactive status. So I can check how many active user are there and the system can prompt the required info to the user. But now, I can't find the soultion to change the inactive
status in above condition.
That doesn't seem right to me. I m sure I 'm making incorrect assumption about this matter.
I am trying to create a httphandler which will intercept a sample pdf file which we have in our website. The httphandler works fine from within my development machine and even my locally published website that if I just try to connect to the test url: [URL] I will get sent to the invalid access page. So pushing it to our IIS6 machine when I try to go to the URL it serves up the PDF document. context.User.Identity.IsAuthenticated is always showing as true. I'm using forms authentication. below is the code I am using as the handler.
public void ProcessRequest(HttpContext context)
{
if (context.User.Identity.IsAuthenticated)
{
string SampleURL = context.Request.AppRelativeCurrentExecutionFilePath;
context.Response.Buffer = true;
context.Response.Clear();
using (FileStream fs = new FileStream(HttpContext.Current.Server.MapPath(SampleURL),FileMode.Open))
{
int length = (int)fs.Length;
byte[] buffer;
using (BinaryReader br = new BinaryReader(fs))
{
buffer = br.ReadBytes(length);
}
context.Response.Clear();
context.Response.Buffer = true;
context.Response.ContentType = "application/pdf";
context.Response.BinaryWrite(buffer);
context.Response.End();
}
}
else
{
context.Response.Redirect(
"~/Error/invalid_access.aspx");
}}
in web.config I have the following for form authentication:
<authentication mode="Forms">
<forms name="Sample.Web" loginUrl="~/Security/" defaultUrl="~/default.aspx" protection="All" timeout="60" path="/" requireSSL="false" slidingExpiration="true" enableCrossAppRedirects="false" cookieless="UseDeviceProfile" domain="">
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
How do you handle ajax requests when user is not authenticated?
Someone enters the page, leaves room for an hour, returns, adds comment on the page that goes throuh ajax using jQuery ($.post). Since he is not authenticated, method return RedirectToRoute result (redirects to login page). What do you do with it? How do you handle it on client side and how do you handle it in controller?