Security :: Create A Window Authentication When Access System?
May 24, 2010if window based using c# .net,how can i create a window authentication when access system.
View 2 Repliesif window based using c# .net,how can i create a window authentication when access system.
View 2 RepliesI have a web farm web project, and want to make sure windows authentication is working well without any problem in web farm, can any one give me some web sites or information about that?
View 1 RepliesThis could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.
View 3 RepliesAsp.net can be use window authentication. In my web site i want to control with window authentication and form. Is it possible to do?
If it possible to do how can be make it? Another one is, if i use window authentication, how can be identify group. For example. Sales group cannot be see purchase or etc. Window log in can be give group. So how can i define this part?
In the web.config, how do add a connection string by using a window authentication with the username and password? I have tried like this and it keeps ignoring the username and password
<connectionStrings>
<clear/>
<remove name="LocalSqlServer"/>
<add name="LocalSqlServer" connectionString="Integrated Security=SSPI;Initial Catalog=ufiledb;Data Source=MyServer;User Id=user1;Password=xxxxxx" providerName="System.Data.SqlClient"/>
</connectionStrings>
I need to convert a web site using traditional ASP.Net login,membership/role with SQL to a custom system. I need to use a third party (CAS) authentication system while still using membership and roles to control access to content and User.Identity functions.What would be the best way to accomplish this? I use the <deny> and <allow> user throughout the site to control page access.
View 3 RepliesI'm writing a simple Intranet application using windows authentication. I want to restrict access to Safe/UCantSeeMe.aspx. I am aware of the AuthorizeAttribute, but this only works on methods. I also found a good post on doing this with the MVC pattern, but I'm not using MVC. This can be done with roles in forms based security. I read on MSDN that using windows based security means roles are based on groups, but it doesn't go into any detail. how can I restrict access to Safe/UCantSeeMe.aspx?
View 1 RepliesWe have a link in our site that pin points to sharepoint documents and we are retreiving some documents files (*.doc). Our sharepoint uses IWA (integrated windows authentication) which is prompted if we're trying to access that documents, unfortunately we don't want to prompt that window to authenticate the user. We need is to create a username and password and authenticate it. how can we do that.
Note* we have 2 server one for our application and the other one is for sharepoint.
I am running Windows Server 2008, ASP.NET 3.5, IIS7 i wonder if it's IIS7 problem, or .NET Framework or even security updates problem suddenly all websites do not work, and from event viewer there're two errors
Exception: System.TypeLoadException
Message: Could not load type 'System.Security.Authentication.ExtendedProtection.ChannelBinding' from assembly 'System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.
StackTrace: at System.Web.Hosting.IIS7WorkerRequest.Dispose()
at System.Web.Hosting.PipelineRuntime.DisposeHandlerPrivate(HttpContext context)
at System.Web.HttpRuntime.FinishRequestNotification(IIS7WorkerRequest wr, HttpContext context, RequestNotificationStatus& status)
at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr managedHttpContext, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr managedHttpContext, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
Faulting application w3wp.exe, version 7.0.6002.18005, time stamp 0x49e023cf, faulting module kernel32.dll, version 6.0.6002.18005, time stamp 0x49e037dd
it's on SP2 already
I need to put windows authentication on a site (so when a user access the site they are prompted with a username/password box) but I need certain IP addresses to bypass this authentication.
View 2 RepliesI have a website developed in ASP.NET created by someone else, sitting on another server... until now... a simple(ish) setup with login to update content. The site was zipped up and I was told it would be a simple case of uploading all the files onto the new server. I've managed to upload the site and it works fine... but I can't access the editing pages as it will no longer accept the username and password when I go to login. The host server is running ASP.NET v4 and IIS v7. Hosting is with [URL] so I'm also getting used to their way of doing things.
View 1 Replies1. How do i limit access to admin directory to only admin roles ?I logged in with a user whose role is Customer and went to the url of mysite.com/admin/ and it shows be the directory listing for that directory.
2. Have I implemented the roles/web.config correctly ?
[Code]....
I have a web site that is using Windows Integrated Security for authentication. Under the site in the IIS there is a virtual directory that inherits these security definitions. Assuming I have several pages under the virtual directory, is it possible to apply anonymous access on on 1 (one) of them?
View 4 RepliesDo we know the algorithm that asp.net uses to create the authentication cookie (when using forms authentication?)
Can we basically create our own copy implementation? if so, how?
What does it use to generate the encrypted cookie value, I know it uses whatever you pass into the SetAuthCookie call (which is usually the userID/username).
I'm a lowly DBA.I am supporting a web app that allows users to upload images (among other documents). The system is deployed and working and not having issues with the uploads. However, I upgraded my development box recently and since then I have been encountering an "access denied" issue. Initially I thought it was a simple security issue but now it seems it is more complex.
View 4 RepliesI need to have a root web site using Windows Authentication and subweb under it as Forms Authentication. But when I access the subweb it still ask me for the Windows Authentication.
View 3 RepliesI am new to developing asp.net. I have a Microsoft Access database file (.mdb) I am including as a data source on a form. This populates a drop down list on the page. When I run the page in a browser it immediately asks for authentication. If I put in my windows username and password the page pulls up fine, and the drop down is populated with the data. If I don't, it just give me a 403 error and says I'm not authorized. I cannot figure out how to make this page stop requiring authentication. I have only tried one thing. In the web.config file there is an attribute called authentication. It was set to "Windows" I tried setting it to "None" but that did not appear to have any effect. It still asked for my username and password. How can I make an asp web page using a Microsoft Access data source not reqire user authentication to view the web page?
View 1 RepliesI have a web app, which contains a folder Uploads, to which users (authenticated) upload their files (for some reason it has to be a folder in the root of the web app).I want to deny access to this folder and files to all non-authenticated users.
In my web.config I have:
[Code]....
and everything seems to work in development, but on a staging server it redirects non-authenticated users to login page ONLY from aspx pages, but not when entering the url to the file in Uploads folder.
I have a problem in my asp application. In my application I have an own authentication mechanism so in the web.config file I have <authentication mode="None"/>
Inside the application users can upload files to the folder I've created (App_Files). I would like to give access to the folder only once they are logged in (Session["Login"] is no null).
I dont want not logged in users to be able to access the files over a url address in the browser (like http://<server>/App_Files/Filename.pdf)
I have been trying to avoid the windows login userid and password window when I use the Windows Authentication mode for a web site. I need to capture the the windows logon user name without prompting for the user id and password and display that on the web site. I had tried almost everything... changed authentication,security setups on IE and IIS etc... still not being able to avoid the window...
View 1 RepliesI have tried using asp.net createuserwizard and login control.But i m not able to customized them according to my liking.so i created my own user registration webform and login control with the records getting stored in sql database.I dont know whether its a correct way of using asp.net..but its working.Now I am creating a online attendace system which lets user to enter username, logged in and logged out time of each day in thedatabase .The problem is that my user logins in the morning and closes the website and again logins in the evening and exitsthe website.So how to perform this task since i am using a same login form to enter both login time and logout time?Is this possible?my table has colums id,username,logintime,logout timeThe thing is I am using a login from created earlier to enter the username,logindateandtime,logoutdateandtime fields in the databasein which logintime and logouttime gets values from system.
View 33 RepliesI am using asp.net authentication and authorization with form authentication for my web application.
When I create a new user using asp.net create user control,the newly create user automatically gets logged in,the already logged users looses his session.
Don't know why this is happening.Is there some setting for this?
I have an intranet site that i set up to windows authentication. It works fine most of the time but some departments wont be able to access the site and will be asked to enter user name and password.I checked their Active Directory account and the only difference i could see was that the organizational unit parameter was different than the rest of the users.
View 5 RepliesUsing VS 2010 RC, VB, and Forms authentication to allow access to the site, depending on the login rights of a user, I want to turn on and off access to certain pages. I can turn on and off buttons to access the pages, but a user can type the page into the url, and it will still go to them.
View 5 Replieshave a form based authentication login that access MySql to validate the credentials entered.I was wondering how you would encrypt the password??
View 3 Replies