Security :: Allowing Login To A Forms Authenticated Site From Another Location?

Jun 14, 2010

I have a site almost finished that uses ASP.Net membership, forms authentication and roles. There are one or two requirements remaining and I'm not even sure how to properly approach one of them.

The site I've created is going to provide service ONLY through SSL, if that matters. Yes, I'll redirect a request that lands on port 80 but the intent is to encrypt everything.

Is there a "best practice" for creating a session with my site, from another site? In other words the company is building a marketing page that has spaces for a login and password. I can find lots of posts about passing a username and password to another
site to start a session, but very few if any about receiving the username and password.

If anyone can point me to an article or posting with a code sample where the login control of a forms-authenticated site is used as the target of a form hosted as part of a different web page/application on a different host, it'd be awesome.

To be clear, the scenario is essentially "brochureware website on a 3rd-party host" providing the visitor the ability to log in to a secure site on a more "internal" server.

View 1 Replies


Similar Messages:

Security :: Accessing Shared Location With Authenticated User?

Jul 12, 2010

I have develop an ASP.NET website and I want store some uploaded files in a shared location in some different server. On that server one user has the access.

how it is possible to get the access of the shared location on the server with my Web site?

View 1 Replies

Security :: Why Access Files Inside A Forms Authenticated Part Of Site

Aug 18, 2010

Why can I still access files inside a forms authenticated part of my site? Any webpages say that you need to login to view them, but people can still access images by typing in the address bar. I am using forms authentication with my own database, so none of the aspnetdb services like membership roles etc. Is this a bad way to do things because I'm pretty deep into it now and it would be very difficult to change.

View 16 Replies

Security :: Why A Forms-authenticated User Needs To Login Again To Role Subfolders In An IIS Server Environment

May 7, 2010

Followed the code sample of Chapter 10 (Logging in) of the Book, Microsoft ASP.NET 2.0, I created an ASP.NET 3.5 website with Forms Authentication. The sample code used Website Administration Tool (WAT) to manage the users, roles, and authorization.When running in the ASP.NET Development server environment, I can first login, then click to open the links for each for the 3 roles.

However when running the sample code in the IIS server environment, I can login but can not open the links for the role subfolders.Clicking each link popped up an error message for opening a login.aspx from the specific subfolder. I don't have a Login.aspx file in each subfolder.The 3 role subfolders were configured as the virtual folders in the IIS Server. Why the sample code worked fine inASP.NET Development server environment, but got an error message from theIIS Server environment? Why an authenticated user can not open the subfolder homepage?

View 5 Replies

Security :: How To Concerns With Allowing Post Login Information

Oct 5, 2010

I have a third party company that we need to allow they users to pass into our website without loging in. TO keep it easy I was thinking of having them post to a custom login page on my site.

So their code would be something like this:

[Code]....

My landing/login page would do soemthign liek this.

[Code]....

My question is whether there are any security issues when using this kind of method? I am not sure yet what their site is written in. I figured that they could figure out how to do the post as long as I have the landing page for them and there is no security issues.

View 4 Replies

Security :: Website Not Allowing To Login Through IE But Works Fine With Firefox?

Aug 6, 2010

I have an ASP.net application hosted on Win2003 server. When I set the Authenticated Access to just Integrated Windows Authentication, IE7 & IE8 started failing in loging into the site with an error 401.1 ("You are not authorized to view this page"). But Firefox has no issues in loging into the site. why IE is failing to login with Integrated Windows Authentication where FireFox works perfectly?

View 1 Replies

Security :: Grant Access To Default Page For All Users - Authenticated & Non-Authenticated?

Aug 18, 2010

I've a default.aspx page in my application's root folder. I added a a page in the root of inetpub that redirects requests to the default page. The idea is that the user need only enter the server name to get to the default page. How can I set things up so that all users have access to the default.aspx and that they only have access to the other pages once they've been authenticated?

I am using Windows Integrated Security and the users are being challenged and authenticated properly. I want them to be able to access Default.aspx without any challenges.

(On a side note which may answer this question, when using WIS does the user *allows* have to be challenged? Isn't it possible to pass through their Windows User and ID without the prompt?)

c: inetpubwwwroot
edirect.aspx (set as default document in IIS and simple executes Response.redirect("sites/mercury/default.aspx")
c:documents and settingsall usersdocumentswebsitesmercurydefault.aspx (home page for the site & server)web.config includes

[Code]....

View 2 Replies

Security :: Secured Site Using The Login Control / Do Not Want Them Redirected Based On Their Login Status?

Mar 24, 2011

I am doing a simple secured site using the login control. I would like users to be redirected to their dashboard page once they log in, but after that if they choose to browse I do NOT want them redirected based on their login status. I am using the generic template provided in VWD with the basic login setup in the template including the tabbed ASP menu control - nothing fancy, nothing custom. This is intended to be something very simple and quick. Here is the code I am using for the page load...

[Code]....

So if I do this code WITHOUT the "IsPostBack", logged in users are always redirected to their dashboard and cannot see the hompage. However with that IsPostBack test, the redirect after initial login doesn't work.

I know this is extremely basic and simple, but I am restarting with this stuff after a year away, and I need a nudge.

View 4 Replies

Security :: How To Restrict User To Login From Multiple Location

Jun 22, 2010

Can anyone explain how to make unique login in asp.net

<b>Problem:</b> If user is logged at a client machine and tries to login from other client machine at the same time, then he should be prompted that "You are already logged in, Do you want to continue?" on continue user should be logged out from other machine and logged in to current machine.

View 3 Replies

Security :: Specify Location Of Aspnetdb With Login Control Db Admin?

Feb 25, 2010

my current vs2005, when setting up the login control, and using the built in admin the db function right on the

login control, creates the aspnetdb db in the folder, app_data, directly under the vs project folder. I want to get the db

in a folder of my choice under wwwroot in my inetpub. can this be done? otherwise it seems i have to copy the vs version

using my server mgt sql express. i've seen how to respecify the roles and membership functionality from the 4guys article

[URL], which i'm ready to do when the db is moved.

also isn't something like this necessary anyway when moving a vs project to some actual web app server?

View 4 Replies

Security ::web Site Runs But No Users Can Login To The Site>?

Dec 2, 2010

I have an application that uses the ASPNET role provider.My SQL Server crashed so I took a backup of the database and restored it to a new SQL Server and changed the db connection string to that server.The web site runs but no users can login to the site.Is there something that I should have done when the db was on the other server?

View 6 Replies

Security :: User Login And Admin Login On The Same Site?

Oct 21, 2010

I have a login page for my users. And I want my admin login to have its own page. Right now I have to login as an admin in the same page as the users.

How can I have 2 login on my site? I get an error if I have authentication forms on both my web.configs.

View 6 Replies

Security :: Login From One Site To Another?

Mar 24, 2010

i have two different sites that uses the same mysql database for login.

the first one is the main page of a company and the second is the e-order site of the same company.

how can i login at the first site and redirected to the other site and stay logged in?

View 2 Replies

Security :: Cannot Login To .net Production Site

Dec 17, 2010

we cannot login to one of our asp.net production website. Once login ID and password are entered on the login page, the site just stays on the login page without giving any errors whatsoever and without opening the default page.

View 3 Replies

Security :: Automatic Login To A Site?

Mar 1, 2010

Actually i want to to open new website such as gmail.com and i have username and password of that login.... now i want to do direct login without fill username and password box

all this is done on single click of button which is on my website..

View 5 Replies

Security :: Login Page For Whole Site?

Aug 23, 2010

For my website, there will be an admin site. I want to create users in my website database, i have a logins table with a hashed password column. The problem i have is making sure that every request if not already logged in send the user to the login page.

I have a page Login.aspx which i have created, but if i enter [URL] it bypasses the login screen and shows the page!!

i have created Login.aspx myself and verified that the username and password enetered are correct.

View 8 Replies

Security :: Logout From Site Without Login Status

Jul 12, 2010

How to logout from web site without any login status? i mean when my loginstatus control is not visible i want a method that makes the user loged out.

View 1 Replies

Security :: Allow Users To Register At Site And Login?

Feb 25, 2010

I'm at the point where I want to allow users to register at my site and then allow users to login, so I am trying to get a feel for how everyone is handling this use case.

View 1 Replies

How To Auto Redirect A Forms Authenticated User To An NT Site If They Have Equivalent Credentials On The Domain

Dec 9, 2010

I have a requirement that whenever a user logs onto a website using forms based authentication [FBA] that the site checks whether they have a related domain NT user record. There will be a matching lookup table between the ASPNETDB membership database and related domain accounts for users.Whenever an FBA user logs in and a related domain account is located then the member should be redirected to an alternative site / URL which is Windows NT authenticated rather than FBA. Before transferring them I would like to be able to pre authenticate them on the windows domain rather than an additional NT Login dialog box coming up and asking them to enter the related NT credentials.Is it possible to programatically preauthenticate using NT credentials before redirecting a user to an NT authenticated site?Note: This isn't technically a single sign on style scenario. The FBA / NT authenticated sites are not related other than the relationship between the original FBA credentials and the NT credentials lookup.

View 1 Replies

Security :: Howto Enable Session When Login Site

Mar 26, 2011

Should I created the Session?Or it is by default exist, and I just need to enable it?What to do?which data found in this session?

View 7 Replies

Security :: .NET Web Site Administration Tool And Login Controls

Aug 10, 2010

login control portion of Murach's web dev w/ c# book. According to the books instructions, you create a Login.aspx page, add the login control to the page, and create the users and roles for the directories within the asp.net web site configuration tool. I still do not get prompted for user name and passord to access the pages I want to be secured. Why is this? Isn't the asp.net configuration tool supposed to edit the web.config file? I'm trying to follow the book to the letter and ensure that I am following correctly before posting for answers online. According to the book you do not have to edit anything or write code withing login.aspx page.

View 3 Replies

Security :: A Login Window Has Appeared To Connect To Site?

Dec 22, 2010

When I browse some of my websites a login window has appeared to connect to site. This happens to websites in random and disappeares the login window Automatically.

why this happens and how can i repair it?

it it because of any problem in iis osf server? the version of iis is 6.

View 6 Replies

Security :: Post Login/password From Aspx To A Form On Another Site?

Feb 13, 2011

My employer would like me to create a login page with our logo that:

1.User enter their login and password on our page

2.posts the login/password to the form on one of our client's login pages

3. Takes them user to the client's site, logged in.

I tried searching but most examples don't show how I can then bring the user to the client url, logged in. Any suggestions? Thanks.

View 3 Replies

Allowing Users To Create Their Own Minisite Within Main Site?

Mar 25, 2010

I am trying to do something similar to www.mytripjournal.com where they allow the users to create their own wesite within the top level website. So the URL would look something like www.somesite.com/username/. Can someone tell me the best technique to emulatesomething like this? Are there any .NET solutions readily available. I am trying to think this through before I begin coding but to be honest I am at a loss.

View 2 Replies

Security :: Want To Encrypt The Password Of The User Who Register On My Site And Also Decrypt It To Enable Him In Login Again.2?

Mar 19, 2010

am working on a new site and i want to do tothings for security1. I want to encrypt the password of the user who register on my site and also decrypt it to enable him in login again.2. I will make an online exams so I want to disable the user functions to hack the exams materials such as (print page, print screen , or even selecting data manual by mouse )I googled a lot about this matter I found java scripts to make this but what about the users who will disable scripts on their browsers. So I want to do this with C# Code.

View 4 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved