How To Implement Alternative Login For Asp.net Forms Authentication
Dec 21, 2010
I have an existing website using forms authentication with Sql provider. Now i am trying to integrate with another website and use their authentication mechanism. I am already able to validate a user and trying to silently login the user into my application. Here is the code for "silent" login:
and it works with the exception that Forms Authentication overrides the HttpContext.Current.User by the time i make it "default.aspx". Is there a way to bypass forms role and membership providers?
i want to have several domains A, B, C where a user can enter his username and password to login to a common main domain D.
So the user goes to A, B or C, enters his username and password, clicks the "login" button, and is then on the main domain D in a logged in/authenticated state. Then the user does the things he wants to do, and then clicks the logout-button and is then returned to the original domain that he came from, be it A, B or C.
What is the best way to do this?
I currently use forms authentication in ASP.NET 4.0 (C#).
I have my website in which there are free links and links that require login. Free links open even if the user is not logged in. But in case of links that require login, redirect to login.aspx specified in Web.Config in loginURL tag.
I want some way to override this and show Ajax modal popup (Ajax extender toolkit) with login control for only thos links that require login (not for the free links).
I have setup a site in asp.net with a web.config at the root of the site.I now want to provide an alternative version of the site for mobile devices and would like to have a login.aspx page for the mobile version of the site.I know I could use a stylesheet to provide a cut down display for mobile devices but this doesn't always work. I play to create a /mobile directory on my website (www.angleseyfood.net/mobile) and have a simplified version of the site in there. I wondered whether I could have another web.config within the /mobile directory which points to a different (mobile optimised) version of the site.
Our website runs on ASP.NET v4 and users log in user Forms authentication.
We are considering purchasing a web application that will add to our services. The only problem is that this new website is written in PHP.
We would like users to login to our ASP.NET site and then navigate to the PHP site. The PHP site should notice that users are logged-in though. So we probably need to transfer the ASP.NET SessionID cookie and somehow use that to verify whether or not the user has been authorized.
PROBLEM: I have a Login control with Username, Password, and an ImageButton named "LoginButton" for the Login Button. I want to apply the same onmouseover behavior to the Login Button as I do other buttons on the page. When I try to use the same programmatic syntax as above, I get this error message:
The name 'Loginbutton' does not exist in the current context
I am upgrading a website written using ASP.NET 1.1 and the logic for the login page includes verifying the credentials, calling FormsAuthentication.SetAuthCookie() and populating the Session with the user information.
I am updating this page to use Login controls and the Membership API and am trying to wrap my head around the concepts that have been changed.
Most of the samples I see do not do anything on the login button event handler, so is the logic of setting the cookie abstracted out into the control?
Also, how do I check if a user is logged in or not on other pages. Does it still store user information using the Session?
How do I check if a user belongs to a particular role or not (Earlier, I would look in the Session object to do something like this)Is the Session a bad way of storing user info?
we host a database for several users. We allow the users to host the login form on their own server. The form calls an ASP page that we host, which executes a stored procedure to authenticate the user.
We are in the process of moving to ASP.net. The "Forms" authentication method appears to only work if the login page is hosted locally. Is there a way to use Forms Authentication & allow the login form itself to be on a different server. I'm looking for a tutorial somewhere that will get me pointed in the right direction
I have 2 almost identical asp.net (vb) applications. 1 Development and 1 Production.
They use forms authentication that is configured to run in SQL server. Both apps use the same aspnetdb database but have different application names.
The problem I have is:I have an Identical login for each app (same username, same password), but If I change profile information for that user in the development app, the changes are reflected in production app. This isn't what I want.
I want to create a website that a user can logon and view their data. They should also be able to logout. I'm wondering how to achieve this WITHOUT using the Membership provider api provided by Microsoft. This is what I think should happen.
1. user enters name and password and clicks button.
2.If username and password are correct the user is redirected to a webpage with their details.
I have an ASP.NET application where users login using forms authentication. I have 3 roles and some users. My App is not some thing like anyone can Register and access pages. Only Admin can create users & then send them their username and temp password through email. Then User can change his security question, Password and access pages. I'm trying to build this architecture. I'm using SqlServerMembershipProvider I have created Roles and some test users using ASP.NET Configuration tool. How can I implement the same thing programatically? Like Admin can create user and set his Role. User should be able to Change his Security question & change his password after Admin sets his account with some password likeP@ssw0rd. Is there any article where I can read and learn. I'm dealing with Security for the first time
The default document feature is turned off in IIS and here's the situation... My start page for my project say is A.aspx. I run the project and sure enough, A.aspx appears in the url of the browser. Like it should though, A.aspx finds no user logged in and redirects to Login.aspx like it should. A.aspx:
if (Session["UserStuff"] == null) Response.Redirect("~/Account/Login.aspx");
The login.aspx shows up BUT when the user Logs in, the code:
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, true); always redirects to "Default.aspx" and not "A.aspx"
I've examined FormsAuthentication.GetRedirectUrl and sure enough it returns "Default.aspx"
The problem is as follows: If a visitor try to access a page in Admin folder he must be redirected to login page located in Admin folder, here I will take his username and password and then I will check this in SQL Server table, if he is authenticated then he will be redirected to Default page and he can access any page in Admin folder, but not any page in User folderHere is one thing is important and that is login page in Admin folder and login page in User folder are differentSame scenario is for User folder Please tell me what is the right way to achieve this functionality
I was wondering what the following error means: Login Failed. The Login Is From An Untrusted Domain And Cannot Be Used With Windows Authentication. Initially, when my application was much simpler, I had no permissions and roles and my authentication mode was set to "windows". Afterwards, however, I added authorization, changed the authentication mode to "Forms" and ever since, when I try to login, I get the error above.