Security :: Custom Webforms Authentication - Looking For A Basic Example
Jul 19, 2010
I'm looking to implement my own basic webforms authentication. I don't want to use the 'membership' features in this case because I don't want to modify the database schema with all the membership elements that I won't use, and I don't need to support users across multiple applications. I want to wind up with one simple 'users' table that has username, password, passwordSalt, and several other fields to support custom user attributes specific to this application.
I was looking at this:
http://www.xoc.net/works/tips/forms-authentication.asp
but it's rather dated... is this still valid? I'm looking for guidance on what I need to do to implement a custom webforms auth solution. A very basic skeleton I can expand upon, or a good tutorial/guide that illustrates the necessary parts... just the basics..
View 5 Replies
Similar Messages:
Jul 14, 2010
This could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.
View 3 Replies
Jan 4, 2011
What's the difference between Basic Authentication and Integrated Windows Authentication in IIS?
View 3 Replies
May 3, 2010
We have Novell's Access Manager protecting our site. After the user logs in, Access Manager forwards the request back to a web page. On that web page, I need to read a combination of some Basic Auth username information as well as some custom header variablest that AM is passing to the web page. AM will continue to send these variables/values on every page as long as the user stays logged in.
What I'd like to do is create a class that checks for these values to evaluate whether the user is logged in or not. How do I gain access to those variables from a .cs class file?
View 3 Replies
Oct 12, 2010
I have an Intranet which is on IIS 7.0. I want to authenticate my users and know who is logged in. What options do I have to set in IIS Authentication part that my users do not need to type their user name and password to login to Intranet. I have set the Authentication to Basic and Impersonation, but it is asking user name and password.
View 3 Replies
Oct 7, 2010
I have few websites based on the WebForms and one based on MVC. All websites have the same settings for forms authentication in web config.The problem is that once logged in to WebForms website, I have to re-login for MVC websites, but when I log out from MVC website, I am automatically logged out from WebForms websites.How can I pass information to the MVC website that user was successfully logged in when using WebForms.
View 1 Replies
Mar 30, 2010
I want to implement a custom authentication in my application using the basic authentication schema. I've configured it in the Web.config and enabled the basic authentication in the IIS, but when I try to open the service in the browser... appears a login dialog... what do I have to put ther? Besides, I want to control the authentication, I mean, I want to check whom is allowed in my custom list... where is it looking now?
When I use the WebRequest class, I'm getting a "401 - Unauthorized":
req = WebRequest.Create("http://localhost/RESTfulService/Service1.svc/Test");
req.Credentials = CredentialCache.DefaultNetworkCredentials;
WebResponse res = req.GetResponse();
What do I have to do for implement a custom basic authentication? (I cannot use membership providers).
I've set up in the Web.config:
[code]....
View 1 Replies
Aug 11, 2010
I have created a WCF service that will serve as authentication service for Silverlight client.The problem is that when I make a call to FormsAuthentication.SetAuthCookie in the Login method below, I get a null reference exception. I am following the 'Securing Applications Built on Silverlight and WCF' (http://www.componentart.com/community/blogs/milos/archive/2009/05/07/securing-applications-built-on-silverlight-and-wcf.aspx)
[Code]....
View 1 Replies
Sep 27, 2010
In my earlier verison, I used Active Directory to authenticate users which was Custom. In the sense that, I had passed UserName and password along with a token request through datalayer to authenticate against AD. it would eventually check the DomainNameUserName, password against AD and will get authenticated.
View 5 Replies
Nov 10, 2010
I created a database for user authentication. After I pass loging parameters to the stored procedure in the database and they return a user ID for that user I use the following line for authentication:
[Code]....
User gets authenticated but the problem is that ASP.NET does not recognise the user as authenticated until the page is refreshed.
View 5 Replies
Feb 8, 2010
I think I'm missing something simple...I have a customRole Provider set up and it seems to be working fine - I can add/change/delete info using the WAT.For my Authorization I do a custom routine that is separate from the .net provider that basically says the users is or is not authenticated (true/false).If the user IS authorized how do I set the cookie (or whatever) letting .NET know who they are so I can use the roles on a directory level?I know I can use Roles.IsUserInRole on individual pages but I'd like to be able to use directory based authorization too (from the web.config).
View 3 Replies
Feb 21, 2010
I've just started a small ASP.NET web application. In this project, I need to authenticate the users with Active Driectory. I managed to authenticate the users successfully with Active Directory. But with Authorization with Custom Role Provider, I'm so confused.You see, the user name and password are stored in AD. So, my approach is that after the LoggedIn event of the Login Control, I check if UserName is not yet stored in the Users table yet, then I will store the UserName there. Eventually, I have all the UserName of the AD users store in the Users table so I can assign Roles to the users.
Let's say I assigned UserA to RoleOne. After he logs in successfully, I do some query to look for his Roles.
Where do I keep the Role ticket? In the Cookie or in the session? How does the authorization of ASP.NET role provider work? I want to store the authentication ticket like ASP.NET role prover does too.
View 1 Replies
Apr 13, 2010
I'm using my own role management and user management in my application, i now need to use forms authentication. How can i do this?
View 3 Replies
Feb 9, 2011
In my asp.net MVC 3 web application, I want to implement basic authentication system in my webapp. I have been searching and reading for past two days but still not able to get a hold of it.
I was following [URL]
I created a CustomMembershipProvider class in my models
[Code]....
In my webconfig file, I do have [Code]....
Now, I created a AccountController, in that I added following code
[Code]....
After that I added view fo Logon
[Code]....
Now, the first problem which I am facing is, when I Debug the webapplication, I get HTTP404 error. Url generated
[URL]
But when I try to open
[URL]
View 7 Replies
Aug 23, 2010
I need to create an application (ASP.NET or WinForms or Windows Service, not sure) that needs to make a call to a url including username and password for basic authentication and have the url return a csv file. I then need to use the csv file in the application. I don't know how to do this. How do I call the url in my app. There can be no user interaction, it needs to be completely automated in the returning of the csv file.
View 2 Replies
Sep 30, 2010
i call my project web service, previously there was no pre-authetication. Now i didn't work web service. My code is as follows:
[Code]....
View 5 Replies
Aug 25, 2010
I have an XML web service where the authentication used is BASIC WINDOWS. Following is my client code to connect to the service.
[Code]....
Now, the issue is that the client is really authenticated only in the first attempt(First time I execute the code in VS). Further attempts succeed even if the code to assign credentials is commented or even after providing wrong user id/ password. I ensured that the server is hit each time(Just to make it clear that it not just because of client side caching).Is this the behavior of Basic authentication/credential cache. I would prefer the client be authenticated each time he hits the server.
View 2 Replies
Oct 7, 2010
I have few websites based on the WebForms and one based on MVC. All websites have the same settings for forms authentication in web config.
The problem is that once logged in to WebForms website, I have to re-login for MVC websites, but when I log out from MVC website, I am automatically logged out from WebForms websites.How can I pass information to the MVC website that user was successfully logged in when using WebForms.
View 1 Replies
Mar 4, 2011
I got a ASP.Net webforms app which is using Forms authentication. It needs to authenticate against a webservice which uses windows authentication (+ impersonation).
I've tried (amongst other things) to supply credentials by using:
service.Credentials = new NetworkCredential(myUserName, thePassword, theDomain)
The problem is that I get 401 from the webservice no matter what I try.
View 2 Replies
Dec 20, 2010
I am researching phasing MVC into our WebForms site. The caveat is that we already have our own SEO mechanism for mapping/rewriting URLs via an httpHandler. So in the web.config:
[Code]....
Now my existing URL mapping code is not called, so a request like "http://mySite/sally/admin.aspx" throws a 404 when it should be rewriting the URL as "http://mySite/admin.aspx?userId=2". I found that all is well until I call routes.MapRoute...it seems that is the point where MVC takes over for all requests, even though I have code to explicitly ignore requests for "*.aspx".
View 2 Replies
Aug 2, 2010
I created tables in my database for managing a user's profile.I have the user table (username, password, passwordSalt, etc.) report (1 to 1) with a table ProfiloUser (idprofilouser, iduser, name, sex, DoB, email, etc.), the latter table reports (1 to 1) with the table ProfiloAzienda (idprofilouser, idprofiloutente)
and finally I have another table that is related profilodestinazioni (1 to many) with the table profilouser.
how I can create a custom profile is on web.config, which side code.I've created this in web.config:
[Code]....
The code then I created the following classes
[Code]....
View 5 Replies
Jun 28, 2010
Here's the situation. I have an aspx page that is designed to receive a POST request with some XML values, parse the XML, grab the relevant items, and write them to the page. The problem arises when I try to launch the page using the POST request. When I launch using Fiddler, building the request manually and just pasting the XML in the body of the request everything works fine and dandy. When I launch the page from a basic HTML form, however, things don't go so great. The HTML form that I'm using looks like this:
[Code]....
When the page loads I get the error:
A potentially dangerous Request.Form value was detected from the client Everything I've read so far has told me that the solution is to add ValidateRequest="false" to the page directive in the top of the .aspx file, or in the pages element of the web.config file. But neither of these work. Afterwards, I still get the same error. Any idea what I need to do to make this work?
View 5 Replies
Jul 5, 2010
I have an intranet run with IIS, with basic authentication config. See more in this screenshot:
[URL]
Of course, then, when user login, this screen will appear:
[URL]
After successfully login, is there any method to get UserName (very easy to get) and also Password (don't know yet) from asp.net coding (run at server)
View 5 Replies
Sep 8, 2010
I am trying to figure out what are the basic assemblies required to run a basic ASP.NET 4.0 website. Say.. a website with just a label in it. I looked online and didn't find a list there. I know installing the framework 4.0 will give me all the dlls but I just need the basic ones that will make a basic site work on ASP.NET 4.0.
View 1 Replies
May 5, 2010
I'd like to create a custom datasource that is shared between a Winforms and Webforms project. This functions as a middle layer for a reporting tool(DevExpress Reporting). The Webforms project is a designer for these reports. So we want for the reports to be capable of going to the server to get data and such. So our datasource would abstract away all the communication overhead. Then, for consistency, the datasource would also run on the server for reporting, except for their would be no communication.
What would be the best course of action? There doesn't seem to be such a thing as a DataSource in Winforms. Is DataSource not the thing I'm looking for?
Edit: After some research, it appears that IDataAdapter may be good for my purpose. Any opinion on that?
View 1 Replies