when ever i check User.Identity.AuthenticationType the returned string is 'Custom' always, doesn't matter my authentication type is 'Windows' or '''Forms'.
I want to do some different coding in aspx.cs for windows and forms authentication, but i am unable to differentiate between them because 'User.Identity.AuthenticationType' always returns 'Custom'.
I have a page where, when the user has successfully logged in, I store some values in the session.
I then use these values to load an application list page. This page is automatically refreshed after 20.1 minutes, with the sessionstate timeout and forms timeout in web.config set to 20 minutes (with sliding expiration). This means, if the user does not use any page for more than 20 minutes, he is timed out.
My problem is that the User.Identity.IsAuthenticated sometimes returns true, when the session has expired.
I have created a web services (WCF) and i have a webmethod that return a string that string is a HTTPCONTEXT.USER.IDENTITY.USER unfortunately it does not return any value.
this works fine on my local site but as soon as i upload the site to my live server i get stem.NullReferenceException: Object reference not set to an instance of an object
on the first line of this:
if (!Page.User.Identity.IsAuthenticated) { pnlSignIn.Visible = true; pnlSignOut.Visible = false; }
if (Context.User != null) { if (Context.User.Identity.IsAuthenticated) { if (!(Context.User is AdministratorPrincipal)) { Admin.Web.Principal.AdministratorPrincipal newUser = new Admin.Web.Principal.AdministratorPrincipal(Context.User.Identity.Name); } } }
to Application_AuthenticateRequest in global.asax file i always get an error when I try to reference it
Unable to cast object of type 'Admin.Web.Identity.AdministratorIdentity' to type 'Admin.Web.Identity.AdministratorIdentity'. protected void Page_Load(object sender, System.EventArgs e) Line 26: { Line 27: this.adminID = ((AdministratorIdentity)HttpContext.Current.User.Identity).AdminID.ToString(); Line 28: }
I did a test and tried to move the code from global.asax to a Page_Load() of webform and worked fine.
I have identity impersonate = true in the Web.config file. I have integrated security = true in the DB connection string in the Web.config file.Before identity impersonate was true,users were able to access the DB through the web service account (seemingly).Now I get an error which says " Login failed for ... " because I am aware there is no specific account for that user in the permissions for that DB instance.I needed to set identity impersonate = true because the web service does not have access to the Active Directory,which I need to retrieve certain user information.
My question is,does identity impersonate = true override the integrated security and attempt to user the authenticated user's account to connect to the DB? Is there a simple way to prevent this in the Web.config itself?If not,would programatically impersonating the user within the Active Directory query functions and setting identity impersonate = false do the trick here?
In the website we have several folders, some folders are accessible by anonymous users, others are accessible by members only, some by administrators or a both administrators and members can view this folder. Each folder contains some forms; these forms are based on the role as well. We'd like to add "user.identity" as to authenticate the user based on the user_id from table websit_ users.
However we are not sure , wither we need to specify each and every form, folder or this will be done automatically once authentication is applied. And where do we put the user.identity and what is the exact format of it. Do we include it in our Global.asax after the authentication part?! This is the code in global.asax:
I wanted to be able, as an administrator, to create new users using the createuser wizard. When I use the wizard to add a new user, however, I end up logged in as that user, instead of as my admin account. How do I prevent from being logged in as the user I just created?
I'm in the middle of moving a web application from IIS6 to IIS7. I've enabled "Windows Authentication" and added <deny users="?" /> to the authorization section of my web.config file. When the app was running on IIS6 my users where able to access the web app without logging in because their windows login was automatically recognized. This does not seem to be the case in II7. I can not get a value for "Current.User.Identity.Name" in my ASP.Net code.
I have an aspx page which displays a user's details in a Label. It takes their User.Identity.Name and queries Active Directory using the following code:
I have created an asp.net site with anonymous access turned off. Its for an internal (intranet) system which uses User.Identity.Name.ToString() to get the users login windows ID and then displays some records from a datagrid depending on their login ID. Is this secure? Also i am struggling to workout how best to store the result of User.Identity.Name.ToString() as I am not keen on storing it in a hidden text field and would rather not call it all the time unless this is the best way?
To avoid going to the Databse to get the user Id, Id like to append userId to the Context.User.Idenity.name field. This way I can split the returned string to get the UserId without going to the database.
Where can I do this when using the login controls?
I create two pages, the first one is the login page with user name and password textboxes - (not asp login control) , when clicking login button I check the login authentication, if it is true redirect to default page. in the default page if !IsCallBack then i check httpcontext.current.user.identity.isauthenticated
if it is false i redirect the user to the login page. but my problem is that the httpcontext.current.user.identity.isauthenticated is always false.
I have a shared module in an asp.net web app which gets various information about a group or user. Since the Iuser account on the web does not have enough rights to query the AD, I need to supply an appropriate userid and passcode for the directoryentry in the shared code. Since my credentials so the have the appropriate rights to query the AD I like to impersonate myself(user.identity). This works fine for a webpage, but I can't pass the user.identity object to shared code. I get an error. Is there a way to pass the user.identity object to a shared function in another module?
And a SQL Server database with ASP.NET Membership and Roles. I am using the LoginView control with the AnonymousTemplate and LoggedInTemplate to manage the user's interaction with logging in and out. The problem I am having is that I am authenticating the user against the database:
If Membership.ValidateUser(_userName, _txtLoginPass.Text) Then returns True and: FormsAuthentication.SetAuthCookie(_userName, False) sets the cookie correctly: FormsAuthentication.Decrypt(FormsAuthentication.GetAuthCookie(_userName, False).Values(0)) {System.Web.Security.FormsAuthenticationTicket} CookiePath: "/" Expiration: #1/21/2010 1:42:27 PM# Expired: False IsPersistent: False IssueDate: #1/21/2010 1:22:27 PM# Name: "jaymo " UserData: "" Version: 2 but when I check HttpContext.Current.User.Identity.IsAuthenticated it always returns False. If done this before and it worked fine. I cannot find any mistake I might have made or where something might have changed between ASP.NET 2.0 and 3.5.
We have an SharePoint site no login (anonymous) with a search module using AJAX. Now the users complains that the module isn't working. When I check the code (not developed by me), I find that the code only runs if "HttpContext.Current.User.Identity.IsAuthenticated=true". Could that ever return true on an anonymous site?
I have a Stored Proceedure which DID return the Scope_Identity when this was executed in SQLServer 2000.
Now I am porting this over to SQLServer 2008, and this always returns 0, and not the Scope_Identity which it should.
Here is the Stored Proceedure which will pass null for the parameter @pProjId for an insert:
[Code]....
Here is the script which creates the hip_Project Table:
[Code]....
What do I need to change for SQLServer 2008?
Again, this executed fine in SQLServer 2000 and always returned the Scope_Identity as expected. This problem has come up with other stored proceedures as well for which I need the Scope_Identity returned.
I need an app pool recycle to be completely transparent to the users of my web app. I use ASP.NET 3.5 MVC 1.
Currently, upon an IIS 7 App Pool recycle all users logged into my web app are kicked out and are required to log back in (Context.User.Identity.IsAuthenticated is set to false). I employ SQL State Server, I use forms authentication and both are configured to use cookies. I was under the impression that .NET and/or IIS handles authentication of cookies.
However, every time the app pool is recycled Context.User.Identity.IsAuthenticated is set to false my users are kicked out and are required to log back in. I can see that the session id remains the same throughout logins, I can also view this session information in the database/state server.
Ok, I almost hate to ask this because I'm sure it's been covered many times on this forum, but I'm starting to get too frustrated trying to get it to work, so I'm gonna ask anyway.I have setup forms authentication on my site and have it working without any issues. What I'm trying to do now is to add "Remember Me" functionality so that the users don't have to log in each time they access the site. I'm able to get the authentication part down, but the issue I'm having is that when the user logs in, I set certain attributes in Session variables for that user (name, site role, etc.). These values are obtained from a database after the user has been authenticated, based on the username. What I'm having problems with is getting at this username from the FormsAuthentication cookie.
After I authenticate the first time, I setup my cookie this way:
[Code]....
I have tried getting at the Username utilizing the User prinicipal, but it just returns blank.