Security :: User Login Fails When Authenticating A Users?
Apr 25, 2010
I have a website that requires users to login, but I am having problems when authenticating a users.I create a user which works fine, I then test the login on the development machine and everything works fine the user is logged in.But if a try to login the user in via the live website (same database) I get errors stating that the login attempt has failed.I don't understand why it would work on the development machine but won't work with the live version of the website.
View 5 Replies
Similar Messages:
Dec 20, 2010
In my web application when I start my webpage from Visual Studio the URL to my ligin page looks like this:
[Code]....
And when logging out, the following are executed:
[Code]....
Question: I need to have the return URL set to Default.aspx as it is when logging in the first time. Does anyone know how I can achieve that?
View 1 Replies
Jun 3, 2010
I am using Login control and validationg the user against SQL datasource. below is the code:
Protected
Sub Login1_Authenticate(ByVal sender
As
Object,
ByVal e
As System.Web.UI.WebControls.AuthenticateEventArgs)
Handles Login1.Authenticate
e.Authenticated = IsValidUser()If IsValidUser() =
True
Then
Response.Redirect("Orders.aspx")End
If
End
Sub
Here is IsValidUser
Private Function IsValidUser() As Boolean
Try
Dim sql As String = String.Empty
Dim RecCount As Integer = 0
sql = "Select count(*) from UserLogins where UserName='" & clsDB.RemoveQuote(Me.Login1.UserName.Trim) & "'"
sql = sql & " AND UserPass='" & Me.Login1.Password.Trim & "'"
RecCount = clsDB.ExeScalar(sql)
'If Invalid ==> 0 means no record is being returned by Query
If RecCount = 0 Then
IsValidUser = False
'MessageBox.Show("Invalid User Name/Password.", "Invalid", MessageBoxButtons.OK, MessageBoxIcon.Stop)
Exit Function
End If
If RecCount = 1 Then
IsValidUser = True
Exit Function
End If
'Error handler
Catch ex As Exception
End Try
End Function
Here comes the problem validation code is working fine and it validates the user and redirects the user to the "Order.aspx" page
For example: I type
Login Name: Nashy
Password: 1234
Order.aspx page has a textbox which supposed to display the current user login name and i am usiong the following code for that
textbox1.text=Web.HttpContext.Current.User.Identity.Name.tostring()
when i test it on my local PC it shows the current user like this DOMAIN ashyMastrew.. what i want that the textbox should disply "nashy" not my current windows login name. and when i deploy it to the server and access it from other pc textbox does not show anything.
View 5 Replies
Jun 24, 2010
i intent to prevent user to login after 3 fails. After that, system said the user have to wait about 20 minutes.
How the best approach to do that?
View 2 Replies
Mar 23, 2011
I have a asp.net (3.5) web-app that will be used in an intranet. I need to enforce that users type in their network credentials (windows credentials) before they can log into this application. I intentionally need to disallow Integrated Windows Authentication. I need to authenticate these users against my company's Active Directory, that is obviously on the same network as my .net web app.
I have been reading a bit about Forms Authentication using ActiveDirectoryMembershipProvider - [URL]. I also stumbled upon this - [URL]. Based on what I can tell, both seem to do what I need to get done. Could somebody tell me what are the major differences, pros/cons and when you would use which method? Or are these exactly identical, and both achieve the exact same results?
From the security perspective...what do I need to watch for? I am assuming if I use SSL that will cover me for when I pass the username/pwd to AD for verification?
View 1 Replies
May 6, 2010
well i designed a simple login form which checks the user and password with sql server
but now i want to make it a little bit more secured
basically i want if a user attempts wrong password with more then 3 /5 times.
his id or username should be locked(which i will be running a update procedure) or he must be redirect to denied.htm
and one more thing he should be able to get only n only 3/5 attempts whether he opens firefox browser, internet explorer ,safari,google chrome or any other browser
View 4 Replies
Oct 12, 2010
how to make login control allow users to login by either username or email address
View 1 Replies
Sep 27, 2010
I have two application (one of this is mojo portal): [URL] for some users when they login into "app" then the login in "mojo" doesn't work and viceversa. I've set the machinekey into web.config file. When the users remove all cookies and session data the login works again. The two application are into a Web Farm. Should be ARR the problem?
View 2 Replies
Nov 11, 2010
trying to create a stored procedure to authenticate users, if users are authenticated their data like userid, first name, etc are returned in a cursor. However, if users are not authenticated an error is returned or something that indicates users were not authenticated.
But I don't know how to do this in a stored procedure.
View 2 Replies
Aug 31, 2010
I have a main website say www.main.com which is developed in asp.net. We have used forms authetications here.
Now the thing is I have a no of subdomains on the same server say domain1.main.com, domain2.main.com, domain3.main.com etc.
I had put some functionality there. What i want is when i redirect my users to the subdomains user has to log in again.
what are the method where i can preserve the users state in my subdomains also.
View 5 Replies
Jun 23, 2010
i used security in login page which restricts all users who have not logged in to all pages. I need to restrict specific users to specific pages. I'm not using AspSqlService provider. So i cannot create roles and restrict automatically. And the pictures i use in login page are not visible @ runtime.
View 1 Replies
Jan 10, 2010
how to write/use/implement a script that will allow users to enter a web application by clicking a button rather than entering their ID/PW? Seems like a lot of terminology around, SSO, Blind logon, yet all seem to be doable with an ASP script -
Web App contains detailed security for users, not all users are on Win AD, so that is not an option., I'm told (?) Do I need to use a spreadsheet to validate users access to the application, ?
Script that would pass "cookie" info and allow users to enter app without ID/PW. We have a custom logon.asp page the is using forms.
View 1 Replies
Jun 25, 2010
I have an asp login control that uses the standard aspnet database structure.I am using my own user identification system to identify a user based on login values that are not in the aspnet database and setting the user's aspnet database login to a universal login user and password.this works fine and I am able to test this by having one machine log in as "User 1" and another login as "User 2" but I am wondering if there is a limit to the number of user's that can be assigned to one username and password in the aspnet database for website access?Will the system reach the max number of user's in the aspnet database?
View 2 Replies
Jan 23, 2011
asp.net 3.5 IIS7 Hosted on Windows Server 2008 (virtual machine)
I have a website which have been running for about a year without any problems. Users have been able to login etc, but now I get reports about users not able to login while using Internet Explorer. Users using other internet browsers like FireFox, Chrome etc have no trouble logging in.
The website are using the standard Forms authentication.
Also lately another website has been setup in IIS7, but these sites are using application pool. I've stopped this webapplication in IIS, but that doesn't have any effect on my problem
I see that Windows Update have failed to install a lot of patches lately, not sure if that is related to this problem. But some of the windows patches are security patches.
View 5 Replies
Feb 25, 2010
I'm at the point where I want to allow users to register at my site and then allow users to login, so I am trying to get a feel for how everyone is handling this use case.
View 1 Replies
Aug 5, 2011
I've got a website project and I use my own login security and save the user and other info in session variables. Is there any way to know when they are online and offline by their user name I have in a session variable? Or do I need to use another method such as the asp.net user security?
I do know with the asp.net security I can check if a user is authenticated.
View 5 Replies
Aug 13, 2010
i m currently creating an article module, and i want if user wana comment on to the any particular artical, than he should login any of his mail id like gmail, yahoo hotmail etc and than post his or her comment and after than comment should go into the DB.
View 3 Replies
Aug 9, 2010
I have a login form and users have to enter their username and password for entering the sites ..
Also now its possible for users to enter the sites without login .. they can select the options in the menu and access them ... But i want to restrict the users ..only allow them to access the menu componets after login ... If they tries to access the contents a text have to display ask them to login
how can i do that... i am using vb.net as my language in the page
View 22 Replies
Sep 9, 2010
I have a site witl forms authentication using te login control. I altered my sql server, I added a connectionstring and used the connectionstring in both, <rolemanager> and <Membership>. That part of the web.config is listed below.
The problem is that the login control goed to SQLserver to check the users and their passwords, but it goed to the SQLExpress database for the roles.....
[code]...
View 3 Replies
Apr 11, 2010
I have a Login.aspx in my application.
After users logged in, if they press "back" in the browser, it goes to the Login.aspx page.
But I don't want to show users the Login.aspx page when they are logged in. how to restrict users to see the login.aspx page if they are logged in??
I am using sql role based membership provider and standard login control provided by Visual web developer 2008.
View 7 Replies
Nov 5, 2010
I want to know how to do Active Directory Authentication in my intranet web application,
So far I created a simple login page and I am using the login control. my questions are how do I configure the application, how do I interface the login control so it will take the user to next page once they input their usual active directory username and password.
View 5 Replies
May 25, 2010
I've created a page to add users, using the CreateUserWizard, I use the Login Control to login.
I have setup the config file to use my SQL server, not express
<remove name="LocalSqlServer"/>
<add name="LocalSqlServer" connectionString="Data Source=xxxx.xxxx.xxxx.xxxx;Initial Catalog=aspnetdb;Persist Security Info=True;User ID=xxxx;Password=xxxxxx" providerName="System.Data.SqlClient" />
I go to the create user page, add a user.
I can SEE the user on the database using Server Management Studio...
I go to signon and get "Your login attempt was not successful. Please try again."
I have not customized the login control in any way. (OR the createuserwizard)
HOW can I tell where the Login tool is going to get userid and password info?
How can I tell if it is not finding the user or the password does not match?
View 2 Replies
Feb 5, 2011
we have a web site (Web Site 1) which is presently working and authenticates the users using ASP.Net login control.
We have a new site (Web Site 2) which will have a web page with user name and password fields and these values will be posted to Web Site 1. I am trying to authenticate those user credentials on Web Site1 using
Membership.ValidateUser(UserName, Password); method. but i am keep getting "User AuthenticatedObject reference not set to an instance of an object. " exception.
View 4 Replies
Sep 5, 2010
I have a java app with a .net application running in the java applications embedded browser.
I want the java application to call a .net WCF or web service with a username and password.
The wcf will set the user to authorized in forms authentication.
In the java desktop application I will then load a .aspx page that was protected via forms authentication.
How can I accomplish this? Is it even possible...?
View 1 Replies
Feb 7, 2011
I have built a login form that does not use the asp.net 'login' control.
in my code behind i have this:
[Code]....
but this does not seem to maintain my user loged in... as soon as the user navigates to the next page he is loged out again...
View 3 Replies
