Security :: How To Share Membership Between Applications
Jan 27, 2011
I'm looking into building a web application platform which users will log into and be able to access other applications based on permissions. I've set up the membership provider and it is being shared between apps. Here is my problem: If I log into application A, and click on a link that takes me to application B, I have to log in again. Is there any way to share that session between applications so the user can log in once, and not have to do it every time they access a different application?
View 6 Replies
Similar Messages:
Jan 9, 2010
Is there a way that I can share membership (login, etc.) between two different web applications? I would like to create a smaller debug application to test some stuff in my database.
View 2 Replies
Feb 11, 2011
I recall some way to use a single instance of the the asp.net membership for multiple applications. For example...if I have a main single sign on portal, perhaps I'd like them to have access to Application A, B and F, but not C, D & E. Instead of maintaining different security for each application, can we have a single membership table maintaining all of the enterprise applications? So user 'John Doe' would have a single membership record, but have access to different applications.
View 3 Replies
Mar 5, 2011
I am trying to integrate an existing asp.net application with sharepoint 2010. I would like to be able to have a logged in user on the application access a document library via an Iframe on the sharepoint 2010 site. I want to use FBA on sharepoint. Is it possible to share the membership database from the asp.net application with sharepoint? If not, what would be the best way to accomplish this?
View 1 Replies
Nov 6, 2010
I have a bunch of applications that currently share the authentication cookie in v3.5.
We're in the process of upgrading to 4.0 and also upgrading the applications as a whole. I have 1 done, and would love to deploy it. However, as soon as I do, I lose my sharing of authentication cookie in that application.
In each web.config, my machine key is declared. I removed the actual keys to protect the innocent. :)
<machineKey validationKey="..." decryptionKey="..." validation="SHA1"/>
<authentication mode="Forms">
<!-- DEV Server -->
<forms enableCrossAppRedirects="true" loginUrl="Logon.aspx" name=".COOKIENAMEHERE" protection="All" path="/" slidingExpiration="true" timeout="1440"/>
</authentication>
View 1 Replies
Mar 23, 2011
I have more of the same applications.All tables are identical.Each application has a new user.These different applications are located in different domains such as.: domena1.com, domena2.com, domena3.com.Each domain has different users.
For each domain in the web.config change the "ApplicationName", eg.:
ApplicationName = domain1, ApplicationName = DOMAIN2, ApplicationName = domain3 ...
View 2 Replies
Jun 22, 2010
I set up a really simple custom membership provider for my website, it is on shared hosting with 123reg which operate in medium trust mode. Due to this the membership provider throws an error. how it would work on medium trust on shared hosting? The hosting doesnt allow me to set the applications trust mode either.
View 2 Replies
Sep 22, 2010
im about to wirte an app that is an extension from the main application that is hosted on the IIS. My application is going to work as a child app (main app as parent) working in main application pool. User will be redirected from the menu to main app to my website. And here is my problem. I would like to pass informations like user login, login state etc. I cant do it via Query String - that wouldnt be safe. I thought I could pass it via Session state, since the SessionID is the same both sides but I cannot retrives parameters on my website(theyre null).
View 2 Replies
Aug 15, 2010
I have a website setup like this:
/Web --this is the client facing site /Web/Admin --this is the backend system and is setup as a Virtual Application
I'm using HttpRuntime.Cache for caching calls to the database. What I want to be able to do is clear something that is cached on the /Web site from the /Web/Admin site. It appears though that HttpRuntime.Cache is a single instance per application.
View 2 Replies
Jul 20, 2010
I have a solution with more than one ASP.NET web-application. Every application has its own virtual directory on the same IIS. One application is calling aspx pages in the other applications. How can I share some information (e.g. user/password) between these applications. Is the only way using querystrings (in this case, I must encrypt the information).
View 2 Replies
Oct 27, 2010
I have one website over at utopiapimp.com. The website is used for a popular web based game. Some company internets don't allow the website to be accessed so I opened up another domain at utopiashrimp.com. Same website but a different iss application. Both have same database backends. They also both sit on the same virtual machine. I put my brand new code on shrimp and solve bugs with that code. I host the solid code on pimp. So I can't just forward the shrimp domain to pimp because I need a test bed.
The problem is that they don't share the same application cache. So my question is, can two websites share the same application cache? I really need to figure this out. I would rather not create a webservice and or a handler that one website needs to hit to change the cache on the other application.
View 2 Replies
Aug 13, 2010
Is it possible to share the claims based authentication of a logged in Sharepoint 2010 user with a separate Asp.net application?
The following article describes how it was done using Sharepoint 2007 and forms authentication through forms auth and sharing machine keys etc however I cannot find any information regarding the external application consuming the claims authentication that is now used in Sharepoint 2010?
View 2 Replies
Nov 11, 2010
We are developing a framework which will be shared accross applications. What is the best way to share master pages, user controls accross applications by preventing other developers to modify the master pages and the user controls ?
Is the following way suitable one ? Embedding masterpages and the user controls in a dll and using VirtualPathProvider to load the master pages and user controls dynamically.
But in this approach developers can not view the design. Is there any other way to convert master pages and user controls to a different format as developers can able to view design?
View 2 Replies
Mar 16, 2010
I have created a asp.net solution with two applications. They bothe use the same database which is setup with .net membership and roles.
Application 1 uses the membership for sauthentication to an administration area - this works fine.
Application 2 - has a different applicationID to App1. I want to be able to use the existing user account to manage App2's authentication needs.
How is this best achieved? Do I just match App2 appliactionID to App1's or is there another way?
View 1 Replies
Mar 8, 2010
I have two websites (domain and subdomain), something like this: www.website.ro and en.website.ro and I am trying to share a cookie between them. I have set the cookie domain to "website.ro", I tried setting it to ".website.ro", but it doesn't work. I can only read the cookie in the website that created it.
View 5 Replies
Jun 16, 2010
I've developed a file browser that will browser a different server shared folder. In order to get this working I'm using the unc path (\ServerSharedFolder) to return the files/folders. I've also added the following to my webconfig to get around the security <identity impersonate="true" userName="domainadmin"
password="password" />
It's simply a file browser, no create or delete functions will occur. The solution works and what I want to know is that this the safest way to do this? or the best way? I did try to use a virtual directory instead of unc path but asp.net would support this.
View 1 Replies
Oct 28, 2010
It took me 6 hours to figure this one out and I'm wondering if someone can give me an answer why it has to work this way. I have two PCs, one is a webserver win2k 2003 and the other is the file server running Windows XP. Both PCs are on the same company domain therefore they can see each user. The share folder has NETWORK, NETWORK SERVICE, USERS (which include IIS authenticated users), a LOCAL account, and a specific User (which is me) that is given access to read. In my web application, I call a server.mappath. In IIS6.0, anonymous is disabled so users use integrated Windows Authentication. I can see this by verifiying User.Identity.Name.ToString(); Next, I also check WindowsIdentity.GetCurrent().Name.ToString();. In my first run, I set impersonate to true and thats it. Both User.Identity and both Windows.Identity show: mydomainsmith_B as an example.
When trying to access the UNC virtual path whcih has "Always use the authenticated user's credentials when validating access to the network directory" checked. This means , IIS6.0 will pass mydomainsmith_B credentials to the file server. I get an access denied which is verified by a thrown exception. I go back and check the file server and under the security tabs, I did add myself which shows smith_B under the security and for kicks, I'm also under Share tab.
Next, I try to authenticate using a "LOCAL" account on the file server. The local account is called username/password: temp/temp. So I set web.config to impersonate=true, userName=temp password=temp. Okay, so I go back into IIS 6.0 and for the virtual directory, I go to "Connect As" and set Username and password to: temp/temp and un-check "always use the authenticated user's credential". Finally, i reload the page. This time the page shows me:
User.Identity.Name: mydomainsmith_B
WindowsIdentity.GetCurrent().Name: temp
perfect, so now I'm impersonating temp. I click a button to access the UNC path and boom, it all works. So why doesn't my local PC authenticate ME, as MYSELF, which is on the domain, which is on the same domain. Why do I have to impersonate a local account to the file server? Why can't I just impersonate myself? Also, If I disable impersonation, it becomes NT AUTHORITYNETWORK SERVICE. This service also can't access the UNC path even when I have enabled the same security and same share settings.
View 1 Replies
Jul 5, 2010
I am using third party tool in my web site.Its running fine on my dev. PC.but when I upload it to serverm it says "System.Security.SecurityException: That assembly does not allow partially trusted callers."when I read about this error, many suggest to get it set trust level to high by admin bacause developer can not.
View 5 Replies
Jun 10, 2010
I need a code to have the ability to share my news on social networks.My site structure is in Asp.net and vb.net.
View 1 Replies
Jun 29, 2013
I am showing thumbnail images in dataList on a page of my website. When i click on any image they open in big size. How i will share(Facebook). that particular big size image. My code is given below:
<script type="text/javascript">
var CurrentPage = 1;
function GetImageIndex(obj) {
while (obj.parentNode.tagName != "TD")
obj = obj.parentNode;
var td = obj.parentNode;
[CODE]..
View 1 Replies
Feb 12, 2010
If I buy a CA certificate for the one site on the webserver, can I use the same certificate on a self-hosted wcf service.
The wcf service will use wsHttpBinding with username/password authentication.
View 2 Replies
Feb 9, 2010
i have a situation where i need to develop a web system where sys. admin can create a shared folder in server and set who can access the shared folder programmatically.
i've manage to find example to create a shared folder from here:[URL]
and i also manage to find example to add user and set folder Security setting from here:[URL]
My problem is how can i add user in the Sharing permission setting since it is a shared folder. Default sharing setting is set to 'everyone'. This mean anyone in my company can browse to the shared file unless i set everyone security setting. I want to remove "everyone" and add users based on the user that i've already add at Security setting.
View 7 Replies
Apr 26, 2010
If you use anonymous access + impersonation of a windows domain account to access a file on a network share, is the password sent in clear text?
View 3 Replies
May 1, 2010
I have more then 75 web application live on multiple surver and now I want to have single login(form authentication) for all. Anonymous user can access all the network but once login, they can manipulate info across network without login again and again.
View 1 Replies
Oct 27, 2010
A month ago I got everything working but now my code has changed and my server may have been misconfigured.
Basically, I'm running IIS 6.0 and Win2k 2003. The webserver will map a network path UNC share at: //wave/test
Also, I have webconfig set up to do: impersonate = true (no username/password defined)
the path //wave/test is another computer that runs Windows XP. Wave is the computer name, test is the folder name. So C: est is the folder to access. The current permissions under C: est on the file server is: Administrator, IUSR_WEB (read-only) and "Wave_user" (read-only)
Back in WinServer 2003, i've added a virtual directory and mapped to \wave est and applied a local username/password for Wave_user. I am able to see/browse all the files in IIS 6.0 and see the files/folders. I call the virtual directory alias: "Waves". Inside Authentication method for this virtual directory, i applied Wave_user and the local password of the local file-server PC , and checked enable anonymous access w/ integrated windows authentication.
Also, back in virtual directory, I set "Connect As" to wave est as username and password as the local password.
When I access the webapplication, using my current local PC credential, and try to access the network share, which in C# is the command: server.mappath@("wave"... i get a Server Error 401. in the browser.
View 2 Replies
