read a cookie of a site with a different domain? I am currently trying to avoid an extra of step of logging into a website that I am currently developing.
View 1 RepliesSo I know you can share your cookies across subdomains eg. staging.mysite.com and www.mysite.com etc by setting the domain of the cookies to ".mysite.com"
BUT, is there a way to share across all the sub domains EXCEPT one. e.g. the cookies will not persist on images.mysite.com?
Is there a way to share cookies across different domains and different applications (classic ASP and ASP.NET)
View 4 RepliesTrying to share cookies accross 2 domains in asp.net, for some reason 1 domain has a '.' before the domain, and the other doesn't.
Why is that? e.g:
.staging.example.com
and
staging.example.com
Is this something to do with how I create the cookie, or a web.config change?I am not using forms authentication, just creating a cookie manually.
I am setting the cookie domain like:
HttpCookie c = new HttpCookie("blah");
c.Value = "123";
c.Expires = DateTime.Now.AddHours(12);
c.Domain = ".staging.example.com";
Response.Cookies.Add(c);
For some reason not getting the '.' in the cookie.
I'm handling cookies using JavaScript to store some values in my asp.net web application.I use document.cookie to save some values (converted into a lengthy string). But i want that value to be accessible across all the pages in my application.When i try to get that value from a different page, i get the values pertaining to the document in the current URL.
In short i save the value in the cookie in http://myapp/doc1.aspx and want to retrieve it in http://myapp/doc2.aspx
So is document.cookie is pertaining to a single document scope? How can i save/read cookies across the site?
Update.This is how i get and set cookies
function getCookie(c_name)
{
try{ [code]...
But i'm getting different values for the cookies in different pages.
I have 2 asp.net pages. However, now I realized that I should had placed the content of the two pages in a
MultiView control with 2 tabs (each one getting the content of the pages that I had developed).
How can I do that? Should I place the hole content of the page in a View control inside the MultiView Control? this would be a lot of work =/
I have a web app located at [URL] and I have several domains, such as [URL], [URL], etc. all pointing to the same directory in IIS. I use Host Headers to acheive this by setting the 'Host Header Values' under properties for the main site (under the Web site identification section). Based on the host header value I perform different functions in my pages.
Because of the way I have it set up, all the domains share the same files, web.config, etc. I have set the 'machinekey' in my web.config and have forms authemtication. However, when I go to MyMainSite.com and log in and then the user clicks a link and gets directed to MyFirstSite.com the user is shown as logged out. I need the user to be logged in and I need to be able to access the logged in user profile to display certain information. I thought by setting the 'machinekey', i could acheive this, but it does not seem to work.
how to go about having a single log on for my users?
The articles I have found show the same domain or have different domains each with a different web.config. The way they describe does not seem to work for me.
I've set up an ASP.NET MVC application for my company's Intranet that grabs the user's NT creds via System.Web.HttpContext.User and checks against its own database to perform authentication/authorization.This works just fine on my local machine, and I assume it will also work once deployed to the production server, but the development server is on a different domain than the users. While trying to test the app, Iget prompted for a username and password, which isn't supposed to happen. Worse, entering my login creds still doesn't work. I'm deploying a MVC 2 application to an IIS 6 server.The steps I read to take to get Integrated Windows Authentication to work included putting these lines in my Web.config file:
[Code]....
Then, on IIS in Directory Security uncheck the checkbox that allows anonymous authentication, and make certain that only Windows authentication is checked in the access methods section. I've done these things, but since I'm dealing with cross-domain authentication, it's dead in the water. I tried a Google search, and I'll continue with this, but I haven't found anything yet. I'm not incredibly savy when it comes to domain issues, so I might have seen a possible solution and not recognized it.
We are buling a hosted ecommerce shopping cart solution and I would like to use asp.net's built-in membership provider. We dont really want to have a seperate database for each domain, we want to share the same database across mupltiple domains for different customers. Each domain is a seperate store.
My problem is that since it's a shared hosted solution people coming from different domains might use the same user name and it would show as if already existed. Is there an addional field I can use to store the domain name so basicly would be unique by username and domain name. We don't want to share information between stores.
got [URL] - two separate apps in IIS.
Want the forms based auth to persist (they use the same database for membership)
I tried to simply add a "." before the domain name in the forms tags (see below for example) - but this didn't work - it acutally prevented me from logging in at all. how i can persist the login? Does the admin need the same values for "name", "path" and "domain" as the main site?
[code]....
im using visual studio 2008. my requirement is to implement single sign on across many domains without using cookies. is this possible? for example, i have 3 domains (hosted in 3 different systems). www.domain1.com www.domain2.com www.domain3.com and cookies are disabled. i implemented single sign on with cookies, if the sites are hosted in single system then it is working. but it doesnt work if cookies are disabled. i tried all made all possible google searches, but couldnt find anything useful.
View 5 RepliesMy requirement is multiple domains (not subdomains) share cookie of form authentication
how to implement same?
I have an intranet site that is used to pull several other intranet applications/tools and database info to one place.One of the most popular features uses iFrames and jQuery tabs to give a broad overview of activities, signal etc in a network node. Chrome and Firefox eat it up with no problems, IE will work if you override the cookie policies that restrict 3rd party cookies
without a valid p3p (what a worthless standard). IE also works if you already authenticated yourself on the individual sites and the session cookies are still valid.
I would like to set the Login which will log auto when he return to site, if the user hasent logged off the site.and if he enter the site again he'll be logged in already.
View 5 RepliesHow to implement Forms Authentication using Cookies?
View 2 RepliesDoes Forms Authentication require that cookies be enabled to use MembershipProvider and RoleProvider? If so, can anyone tell me the minimum security level I need to tel clients to use.
View 2 Repliesi am having this weird problem only when i deploy my site [localy Everything works fine] when you try loging in from IE 8, the page simple refreshes! and no authentication takes place After lot of research, i found out that Internet Explorer 8 denies session cookies and to confirm this, i unchecked Enable protected mode (can be found in, internet options, security), and then tried logging in, it worked perfectly fine just like it did in other browsers [Firefox and google chrome]. I have found one solution which is to lower the security level, but i cant tell every visitor on my site to do that since its not practical.
View 1 RepliesI'm writing an ASP.net application that uses Windows Identity Foundation. My ASP.net application uses claims-based authentication with passive redirection to a security token service. This means that when a user accesses the application, they are automatically redirected to the Security Token Service where they receive a security token which identifies them to the application.
In ASP.net, security tokens are stored as cookies.
I want to have something the user can click on in my application that will delete the cookie and redirect them to the Security Token Service to get a new token. In short, make it easy to log out and log in as another user. I try to delete the token-containing cookie in code, but it persists somehow.
How do I remove the token so that the user can log in again and get a new token?
It has been a while since I've built an entire ASP.NET web application from the ground up but I'm about to jump in again. I've built many individual pages, controls, web parts, etc. recently, but nothting 'soup to nuts' for a couple of years. My question is in regards to login security control. I do not want to use the built in ASP.NET Memberhip functionality for various reasons and already have custom code that authenticates the user, controls passwords, login attempts, etc. I am really concerned though about how to validate that the user is logged in (and the best way to do it). For instance, right now I use a Base page that all of my .aspx pages inherit from. In the OnInit() method, it executes code which includes:
[Code]....
I set the Session["LoggedIn"] object to "true" after the user has successfully been authenticated at the Login.aspx page. So, when a user attempts to access any page in the application, if that Session object isn't true, they will be redirected (you can't visit any page without being logged in). This all works great, but I'm thinking I need something more and that brings me here. First, do I need more? Is this enough? I was thinking about creating a cookie with a GUID value and the SessionID (both encrypted perhaps?) and adding that to my Base page so it checks both the current Session["LoggedIn"] value
and the values in the cookie.
How to implement Forms Authentication using Cookies against database?
View 3 RepliesHow can I emulate the effects of user cookies being disabled?
View 2 Repliesi used security in login page which restricts all users who have not logged in to all pages. I need to restrict specific users to specific pages. I'm not using AspSqlService provider. So i cannot create roles and restrict automatically. And the pictures i use in login page are not visible @ runtime.
View 1 RepliesI have a site We have different Pages under one folder. we have stored these pages information in a database table with pageid. Then we have User access table. there we store userid and pageid , for which pages user has access. Now I need to provide access to that pages only .
View 8 RepliesI have coded my application to send mail and it works fine some of the time depending on the to or from address specified in the particular message but at other times I am getting a relay error.
"The server will not relay mail for foreign domains".
I HAVE authenticated myself to the mail server using a valid username and password in the code.Basically here is the setup. Our site is hosted overseas in the states with one company, our nameservers are also in the states but with our company not the hosting company. Our mail server is local (that is here in New Zealand). I'm pretty sure that the code is right because I've read dozens of posts on here which point to coding errors and it seems to be right.
Do I need MX records or anything like that in some place?
I am getting patient detail and stored that details in the form of XML (.xml) file.
As soon as XML file is created then I need to transfer that file to Java application automatically. (From one server it need to Transfer to another)
Note : I am using ASP.NET (.Net FW 3.5)
How to do it?