I created a database for user authentication. After I pass loging parameters to the stored procedure in the database and they return a user ID for that user I use the following line for authentication:
[Code]....
User gets authenticated but the problem is that ASP.NET does not recognise the user as authenticated until the page is refreshed.
i want a simpe login systemm using webconfig file and one login.aspx page.
View 3 RepliesI have created a WCF service that will serve as authentication service for Silverlight client.The problem is that when I make a call to FormsAuthentication.SetAuthCookie in the Login method below, I get a null reference exception. I am following the 'Securing Applications Built on Silverlight and WCF' (http://www.componentart.com/community/blogs/milos/archive/2009/05/07/securing-applications-built-on-silverlight-and-wcf.aspx)
[Code]....
In my earlier verison, I used Active Directory to authenticate users which was Custom. In the sense that, I had passed UserName and password along with a token request through datalayer to authenticate against AD. it would eventually check the DomainNameUserName, password against AD and will get authenticated.
View 5 RepliesI'm looking to implement my own basic webforms authentication. I don't want to use the 'membership' features in this case because I don't want to modify the database schema with all the membership elements that I won't use, and I don't need to support users across multiple applications. I want to wind up with one simple 'users' table that has username, password, passwordSalt, and several other fields to support custom user attributes specific to this application.
I was looking at this:
http://www.xoc.net/works/tips/forms-authentication.asp
but it's rather dated... is this still valid? I'm looking for guidance on what I need to do to implement a custom webforms auth solution. A very basic skeleton I can expand upon, or a good tutorial/guide that illustrates the necessary parts... just the basics..
I think I'm missing something simple...I have a customRole Provider set up and it seems to be working fine - I can add/change/delete info using the WAT.For my Authorization I do a custom routine that is separate from the .net provider that basically says the users is or is not authenticated (true/false).If the user IS authorized how do I set the cookie (or whatever) letting .NET know who they are so I can use the roles on a directory level?I know I can use Roles.IsUserInRole on individual pages but I'd like to be able to use directory based authorization too (from the web.config).
View 3 RepliesI'm trying to get forms authentication working for an mvc site. I have a custom database with a users table, and I would like to do my own password validation. I am logging in my user like this:
if (PasswordHasher.Hash(password) == dataUser.Password)
{
FormsAuthentication.SetAuthCookie(email, true);
return true;
}
The problem is, when the session expires obviously the user has to login again. I am thinking I should be storing this Auth cookie in my users table? Update: I'm obviously in desperate need of more education in this area. I just noticed that the user stays authenticated even after an iisreset.
I guess what I'm asking is how can I get persistent and non persistent authentication working properly. I want a user to not have to login again if they click "remember", and if they don't then their authentication should expire when the forms authentication is set to expire.
I have an application that has a user Login Control (provided by ASP). I am just now working with the integration of a dataBase created in MS visual studio 2010, to a developed website created in MS visual web developer 2010. My main goal is to create an authentication ticket that enables a user to be able to see a dataBase information only after that user has been successfully authenticated.
Up to now I'm able to see the dataBase when i run the website even if I'm not log-in, how i can create a home page that tells the user to log-in and once that user has successfully log-in it redirects the user to another page where the user can see the database and how I can add information to that dataBase only to specific members
I've just started a small ASP.NET web application. In this project, I need to authenticate the users with Active Driectory. I managed to authenticate the users successfully with Active Directory. But with Authorization with Custom Role Provider, I'm so confused.You see, the user name and password are stored in AD. So, my approach is that after the LoggedIn event of the Login Control, I check if UserName is not yet stored in the Users table yet, then I will store the UserName there. Eventually, I have all the UserName of the AD users store in the Users table so I can assign Roles to the users.
Let's say I assigned UserA to RoleOne. After he logs in successfully, I do some query to look for his Roles.
Where do I keep the Role ticket? In the Cookie or in the session? How does the authorization of ASP.NET role provider work? I want to store the authentication ticket like ASP.NET role prover does too.
I'm using my own role management and user management in my application, i now need to use forms authentication. How can i do this?
View 3 RepliesI am working in a school and we recently installed a new server running WinServer 2008R2. I want to be able to point people to a URL on our intranet and have them fill out a simple registration form and have this data written to a database. It would also be nice to have some data auto-populate (such as their name).
Is it overkill to set up a sharepoint server and try to do this with Access Webforms? Could I use something like dotnetnuke and find a module that works? Or how about options for writing custom forms?
when using Forms Authentication to validate against a SQL database, all the Forms Authentication samples utilizes the connection string from the web.config file. Is there a way of specifying the connection string for Forms Authentication to use, programatically at runtime?
Without going into great details, my web app will be utilizing different databases depending upon other factors. So, sometimes, the app will be utilizing Database1, and other times, Database2. Both databases will have the same Forms Authentication tables, just different values.I'm hoping there is a simple way of just specifying the database connection string to utilize, without having to go so far as to start implementing my own custom providers. Yet, I haven't come across any documentation that talks about how to do that (yet).
I wish to create a Single Login Page for the Various Applicatioins i am creating and So i wish to authenticate the Database connection in these other Web Forms (Landing Page) from the url.
http://localhost/Landing.aspx?<Username><Password>
How do i create this feature?? and then extract the username and password on the other web forms??
I am developing a web application which requires user to login. There will be N number of users using website concurrently. We have a MySQL database which will store user information like Name, User ID, Password etc. I am not able to understand on how to check username and password once they enter data using Login form which will be present in DB.
View 4 RepliesI am using Forms Based Authentication. I have extended the Forms Authentication Tables creating a custom table called Profile_Contact that holds the user's GUID, username, email address, and other information. I have another table called Profile_Account which holds company account information such as Company Name, address info, phone numbers etc. This table has a Key Field called IDProfileAccount. I include the IDProfileAccount field in the ProfileContact user table so I can associate the user with a specific Company. For the login page, I am using a basic login page created with using the Visual Studio login controls. When the user logs in, they are sent to the appropriate page as identified by the role the user has been given. This all works great.
Now I need to extend the login page so that when the user logs in not only is the user's name and GUID placed in session, I would also like to have the IDProfileAccount record placed in session as well so that I can filter the records the user sees as only those records of the Company the user is associated with. I know how to add static variable to a session and how to retrieve them to filter data, what I need to know is how to retrieve the data from the SQL table on login and sending it to the session. I would think it would be something along these lines:
[Code]....
I am trying to set up my intranet site so the user logs in with his windows domain account and that account is passed to the sql database to access the database. I have been able to succesfully set up the windows authentication to my website, but when I try to use
<identity impersonate="true"/>
in my webconfig I get a 500 errror on my site when trying to open any page. My server is 2008 R2
How to implement Forms Authentication using Cookies against database?
View 3 RepliesI have the following implementation and I'm sure there is an easy way to do what I want to do but I can't figure it out.
1. I use forms based authentication to authenticate to my site
2. I use active directory to authenticate the users
3. I use the Allow Users="xxx" tag to authorize the users limited to the list that can access my site. (e.g.. even though Mary is an AD user she can't access my site unless I put her credentials in the allow users tag in the web.config file)
All is working well but I want to move the users access list (e.g.. <allow users="john" />" from the web.config to a database table so that I can create a user maintenance page for my admins to add and delete user access. For the life of me I can't figure out how to do this and I can't seem to find an article on it either.
[code]....
ASPNETDB Problem - Unable to connect to SQL Server database
now, after some real soul searching, i managed to get it working, however i want to do the following:
I have a table in a database I created called "Students". Now, I have a studentId and a password in that table. What I want to do is allow users to login using their accounts.
However, I am having real trouble doing this. I want to create a custom membership provider, etc.
I have been crawling through the net looking for ways to do it but some of the sites I visited had too much complicated code.
What is the best and easiest way to do this?
I want to learn how to use authentication in your web appliction specially using some algorithm to encode your password so that it may be verified through a DB/file.
View 1 RepliesI have a custom SQL membership provider (NOT using aspdb files but our own 'People' table) that was working fine under development but doesn't even connect when it is deployed on web server. DB connection string has been changed to point to db server (checked against another web site & is fine there). The membership code (in VB) is in App_code directory so am I correct in thinking I don't need a separate DLL ? No error messages nothing just reports failed to login when I type some user credentials.
Web config file as follows
[Code]....
I try to construct a membership system using Walkthrough: Creating a Web Site with Membership and User Login. The membership system is going to be added to umbraco cms. I should admit that I am still in the learning process and need your guidance for my question.On my registration page other than standard fields which comes with CreateUserWizard, I need to add some extra fields in addition to that and those fields should be saved to database along with standard fields. Is it possible? If it is, how can I manage to do that?
View 3 RepliesThis could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.
View 3 RepliesWhat's the difference between Basic Authentication and Integrated Windows Authentication in IIS?
View 3 RepliesI set authentication mode to Windows in the web.config and I enable Windows Authentication and disable the Anonymous Authentication in IIS 7 on win 7, but HttpContext.Current.User is always null.It works fine when I host the web app in IIS 6.0.
View 1 Replies