Security :: FormsAuthentication.Authenticate Always Returns False?
May 9, 2010
I have configured Forms Authentication in my web config file as below.
Following is my code
[Code]....
The issue is that FormsAuthentication.Authenticate never returns true. This is a very simple website with only two pages and no other code(The code too was copied from MSDN).
[Code]....
View 3 Replies
Similar Messages:
Mar 12, 2010
I Need to Authenticate a User by using FormsAuthentication.SetAuthCookie and Check User is Authenticated in Another page Load How to Do this anyone?
Login Page
if (txtuname.Text == "mike")
{
FormsAuthentication.SetAuthCookie("mike", true);
Response.Redirect(FormsAuthentication.DefaultUrl);
}
Welcome Page
PageLoad()
{
}
View 1 Replies
Mar 26, 2010
How do I use the FormsAuthentication.Authenticate(Username,Password) method to match against the generated Database?..since as far as I have read, it matches the values against the Web.config.
View 1 Replies
Apr 21, 2010
I'm trying to encrypt some userData to create my own custom IPrincipal and IIdentity objects using Forms authentication - I've serialized an object representing my logged in user to Json and created my FormsAuthentication ticket like so:
string user_item = GetJsonOfLoggedinUser();/*get JSON representation of my logged in user*/
System.Web.Security.FormsAuthenticationTicket ticket =
new System.Web.Security.FormsAuthenticationTicket(1,
WAM.Utilities.SessionHelper.LoggedInEmployee.F_NAME + " "
+ WAM.Utilities.SessionHelper.LoggedInEmployee.L_NAME,
DateTime.Now, DateTime.Now.AddMinutes(30), false, user_item);
string encrypted_ticket = System.Web.Security.FormsAuthentication.Encrypt(ticket);
HttpCookie auth_cookie =
new HttpCookie(System.Web.Security.FormsAuthentication.FormsCookieName, encrypted_ticket);
Response.Cookies.Add(auth_cookie);
However, the string encrypted_ticket is always null. Is there a limit on the length of the user_item string?
View 1 Replies
Feb 8, 2011
I currently have an odd problem with ASP.Net authentication. Consider the two following lines:
MembershipCreateStatus ct = new MembershipCreateStatus();
Membership.CreateUser("admin", "mypassword", "test@gmail.com", "1", "1", true, out ct);
This does register my user in my database. I have verified this.However, when I run this immediately after:
FormsAuthentication.Authenticate("admin", "mypassword");
The authentication fails. The weird thing is I know for a fact that the user does exist in the db, and that is further confirmed if i run
MembershipUserCollection uc = Membership.FindUsersByName("admin");
and uc does hold my admin user withe all the proper info. why Authenticate would return false?
View 1 Replies
Apr 14, 2010
Our web application hosted from windows 2003 server, is trying to access a file present in a shared folder of another windows 2003 server. The path for the shared folder is configured in the webconfig file in the below format.
<add key="ReportPath" value="\<Server_Name>Reports"/>
if (!File.Exists(ReportPath))
/ Show the report in a link
This function File.Exists() always returns false and when I try to remove the check, it returned the exception, "Logon failure: unknown username or bad password."
View 2 Replies
Jul 22, 2010
What is the use of FormsAuthentication.SetAuthCookie(Session["UserSession"].ToString(), false);
View 1 Replies
Nov 12, 2010
We have just migrated our application from VS 2008 to VS 2010 and our database from Sql server 2005 to 2008. Everything was working great until i tried to login to the site.
As when i try to log into the site, i am surprisingly always getting "FALSE" from Membership.Validateuser (). I goggled it and now i know i am not the alone victim of this irritating bug. Our live site is going to be down...
View 6 Replies
Dec 20, 2010
I am having some trouble with active directory authentication using FormsAuthentication in ASP.NET MVC 2 (VS 2010).
As I understand it I should be able to step into/through the Microsoft source code for FormsAuthentication.Authenticate if I check 'Enable source server support' and 'Enable .Net Framework source stepping' in Options->Debug->General and specify 'Microsoft Symbol Servers' in Options->Debug->Symbols.
I have done this and can step into a whole bunch of MS source code, but not FormsAuthentication.Authenticate. The debugger simple steps over it.
If I could step into FormsAuthentication.Authenticate it would make my life a whole lot easier.
View 1 Replies
Jul 5, 2010
The below code and the config works fine, but force to enter user name/password case sensitively, i want to make it non case sensitive.
Code:
protected void LoginButton_Click(object sender, EventArgs e)
{
try
{
string uid = UserText.Text.Trim();
string pwd= PwdText.Text.Trim();
if (string.IsNullOrEmpty(uid) ||
string.IsNullOrEmpty(pwd)).....
View 3 Replies
Mar 16, 2010
What is the difference between:
FormsAuthentication.RedirectFromLoginPage
AND
FormsAuthentication.SetAuthCookie(Text_txtUserName.Text, true);
HttpContext.Current.Response.Redirect(RedirectFromLoginAddress);
View 3 Replies
Nov 22, 2010
I have an ASP.NET MVC app and am using Forms auth. When going to a page that requires authentication, meaning there is an [Authorize] attribute on the controller action, it redirects the user to the login page with a return url like http://localhost/Login?ReturnUrl=/MyAuthorizedUrl.
This is how my config is setup:
<authentication mode="Forms">
<forms loginUrl="~/Login" timeout="2880" defaultUrl="~/" />
</authentication>
This is how I'm getting the redirect url:
var url = FormsAuthentication.GetRedirectUrl( model.Email, model.RememberMe );
This always returns the default url.
View 1 Replies
Jan 16, 2011
I've an EntityCollection< T > which contains an element but the Contains method returns false.
I've overriden T's 'Equals' method but the 'Contains' method does not call it (while it's said so in documentation).
When I do foreach (T x in coll), x.Equals(element) returns true.
code:
contains(object entCol, object val)
{
var coll = (ICollection<GraphicSockets>)entCol;
var socket = val as GraphicSockets;
foreach (GraphicSockets sock in coll)
socket.Equals(sock); //true for first element, GraphicSocket's Equals function called
coll.Contains(socket);//false, Equals function not called}
the code i'd actually like to use is
private static bool contains(object entCol, object val)
{
Type entColType = typeof(EntityCollection<>).MakeGenericType(val.GetType());
MethodInfo contains = entColType.GetMethod("Contains");
return (bool)contains.Invoke(entCol, new object[] { val });
}
this worked once but stopped when i started using wcf, i wonder how this contains method works.....
View 2 Replies
Nov 17, 2010
I'm using a model which receives some input from a form and has some validation logic attached via attributes. In one case I'm validating personal names, which should include only letters, apostrophes, spaces and dashes, and be no more than 50 chars long. So I have a model property like:
[Code]....
Everything works fine BUT the RegularExpression attribute: if I add it, I always get a validation error, even when what I type in my form is a valid name (e.g. "Foo"). No matter how I modify the regular expression or what I type, I always get an invalid name error.
(For some reason, I cannot see the regex posted correctly here: it is just ^ followed by the Unicode Letter class and []+ including a Unicode letter class, apostrophe, whitespace and dash, ended by dollar: i.e. start of string - any letter - any of the following: letter, apostrophe, whitespace, dash, 1 or more times; end of string).
What I'm doing wrong here?
View 8 Replies
Jan 24, 2011
I've created a script that adds user data to a database, however, I'd like to check the email entered is unique within the database.
I've already started the query at comm2 but not sure how to progress the script so it tells the user if the email address is already taken.
[code]....
View 9 Replies
Mar 11, 2010
I have a ListView control and under ItemTemplate I have following code:
Code:
<asp:Label ID="Label1" runat="server" Text='<% #MatchCategory(dtCategories.Rows[i]["ID"].ToString().Trim(), Eval("CategoryID").ToString()) %>'></asp:Label>
The MatchCategory method just checks if two values are equal and return true or false. Just below this code I am separately printing dtCategories.Rows[i]["ID"].ToString().Trim() and Eval("CategoryID")
acan see matching values but MatchCategory method always returns false.
View 5 Replies
Jun 7, 2010
I don't understand how the stored procedure is returning false. It's supposed to continue looping and continue writing rows. Right now it writes the very first row, and then it goes into the If Not AdvanceLinkBanned.Add(banrec) Then and it goes in here, prints the message and exits the sub. Why is it thinking the add returns false? If Not AdvanceLinkBanned.Add(banrec) ? Doesn't this return the id of the new record? Isn't this not zero? Zero would make it false. How can this be false? Isn't it supposed to return the next record created ? Doesn't SELECT SCOPE_IDENTITY() return the value of the record id? How do I test this?
[Code]....
View 2 Replies
Feb 11, 2010
What I'm trying to achieve is to track any change made on a form. I thought DataSet.HasChanges and DataSet.GetChanges would be a good way to accomplish this. However, in the code below DataSet.HasChanges always returns false.
EmployeeDs represents a strongly typed DataSet.how to get changes from the updated row into the new dataSet?
[Code]....
View 2 Replies
Apr 1, 2011
I have a detailsView inside the update panel., and in the detailsView I have a FileUpload Control and a button btn_Upload. In the click event I have written code :
[code]...
View 2 Replies
Feb 15, 2010
I have some trouble using the openid check_authentication. The answer from the openid providers (I tried with google and myopenid) is always: is_valid:false I do already get the openid.sig and openid.identity but when I try to verify my data with the check_authentication call it always returns is_valid:false. What I have done so far (authentication with google openid in this example, but for myopenid it was the same): I redirect the web user from my page to the following: [URL]
(Without the line breaks of course, I put them in this post only to keep it readable. localhost:104/evalgoogle.aspx is my local test environment) I will then get redirected to the google login page where I can sign in and accept that I will login at Localhost. I unchecked the remember checkbox though. After logging in I will get redirected to the return_to page I set and get the following data in the request:
openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
&openid.mode=id_res
&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud
&openid.response_nonce=2010-02-12T14%3A46%3A52Z1PDyxBssEN9p5g
&openid.return_to=http%3A%2F%2Flocalhost%3A104%2Fevalgoogle.aspx
&openid.assoc_handle=AOQobUfpVnBFYzFO15z92rru88nWjEnw0u8ethVscpjDwkssp8GjVc0u
&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to
%2Cresponse_nonce%2Cassoc_handle
&openid.sig=24Hetky5HrNwrY3%2B%2B2vtIGnvmnI%3D
&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D{SOMEID}
&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D{SOMEID}
(where {SOMEID} is my google id) To verify this signature and google id, I composed a webrequest calling the check_authentication as described in openid.net/specs/openid-authentication-1_1.html#mode_check_authentication. My problem now is that this always returned is_valid:false To eliminate possible problems in my webrequest, I now create just a html form with the data I get back from google like this:
<form method="post" action="<%=Request.Params["openid.op_endpoint"] %>">
<div>
<input type="text" name="openid.mode" value="check_authentication" />
<input type="text" name="openid.assoc_handle" value="<
%=Request.Params["openid.assoc_handle"] %>" />
" />
" />
" />
" />
" />
" />
But this also just yields the is_valid:false
View 1 Replies
Sep 23, 2010
I have an .aspx page with a couple of textfields. I validate these with jQuery validation plugin when the user clicks the submit button. When the submit button is clicked I also open up a new window, but I only want to open the window if the fields are correctly filled out.How do I stop the window from opening if the fields are not validated?
.aspx.cs
protected void Page_Load(object sender, EventArgs e)
{
[code]...
View 1 Replies
May 5, 2010
I have the following code in my secure/login.aspx page using .NET 3.5 and VB.NET
[Code]....
[Code]....
I read some articles that mentioned specifying the domain attribute within the <forms tag but that did not seem to work either. e.g.
View 4 Replies
Oct 7, 2010
what is the use formsAuthentication.user.identity
is it one of the property of page
View 1 Replies
Apr 23, 2010
I have a login page that is set to the loginUrl property in the authentication section of my web.config file. I am trying to reference a CSS stylesheet, but it doesn't seem to be doing anything. Here is my markup:
[Code]....
I am able to do this just fine on my other page. One thing I noticed was when I click on "View Source" and try to click the link to the stylesheet, it doesn't take me there, and instead changes the "action" property of the form element to this:
[Code]....
View 2 Replies
Dec 1, 2010
Just a quick question i've been asked to look at enhancing security but encrypting passwords we store in a db table, essentially the data thats linked to the user account isnt sensitive however its more to stop someone reading passwords out of the table directly etc
I've read multiple ways of implimenting hashing etc i've started using FormsAuthentication.HashPasswordForStoringInConfigFile
//create new salt and update the password
Hashtable newInfo = new Hashtable();
newInfo["salt"] = GenerateFriendlyPassword(5);
string tmppass = FormsAuthentication.HashPasswordForStoringInConfigFile(txtNewPass1.Text.ToString() + newInfo["salt"].ToString(), "SHA1");
newInfo["passwordHash"] = tmppass;
Generate friendly password returns a 5 char string based on a random position in a valid char array containing a - z and 0 - 9At present the functionality is at page level in the code behind, re this is the forms authentication HashPasswordForStoringInConfigFile function thread safe? Or do i need to look at implimenting this in a different wayCheers appreciate your response as im always jubious about multi threading etc,
View 1 Replies