Security :: Forms Authentication With Route Handling - Error Routes Not Recognized, Returns To Login
Oct 1, 2010
I just created a small site with form authentication with route handling. Without forms authentication, the pages route just fine. With forms, it returns back to the login page as it is not one of my allowed locations specified in my web.config file.
I know I probably need to write a custom route handler. Does anyone have an example I can follow for this?
View 1 Replies
Similar Messages:
Dec 19, 2010
when the server reboots, one route sometimes returns a 404 until the site is manually restarted. why is that? using mvc 3 rc1 and razor views.
View 16 Replies
May 13, 2010
I have 3 seperate applications (under the same domain) for which I use Forms authentication with single sign-on.
The 3 applications have different session timeout periods. I was on various articles that when we use forms authentication and specify the loginurl in the <Forms> tag in the web.config, it should automatically get redirected to the login page, when the session timesout. But in my case, it doesn't happen, I think because of different timeout values.
View 6 Replies
Sep 18, 2010
I have a website secured using Forms:
[Code]....
My login page is the usual login.aspx so I don't need to set the loginurl.I have a standard loginsatus control to display the current status and allow the user to login/logout.
[Code]....
On the my development machine this works fine. However when I release it to a test site when I click the "login" link the request sent to the server includes as number of percentage-coded / so the request looks something like this:
http://wwwmysitehere.com/%2flogin.aspx%3fReturnUrl%3d%252fDefault.aspx
(returns a "A potentially dangerous Request.Path value was detected from the client (?)." error)
or without the "Default.aspx" returnurl:http://wwwmysitehere.com%2flogin.aspx%3fReturnUrl%3d%252f
(returns page not found)
View 4 Replies
Jan 25, 2010
Ok, I almost hate to ask this because I'm sure it's been covered many times on this forum, but I'm starting to get too frustrated trying to get it to work, so I'm gonna ask anyway.I have setup forms authentication on my site and have it working without any issues. What I'm trying to do now is to add "Remember Me" functionality so that the users don't have to log in each time they access the site. I'm able to get the authentication part down, but the issue I'm having is that when the user logs in, I set certain attributes in Session variables for that user (name, site role, etc.). These values are obtained from a database after the user has been authenticated, based on the username. What I'm having problems with is getting at this username from the FormsAuthentication cookie.
After I authenticate the first time, I setup my cookie this way:
[Code]....
I have tried getting at the Username utilizing the User prinicipal, but it just returns blank.
View 2 Replies
Nov 25, 2010
I have an ASP.NET MVC web application, and I've registered a number of routes in my Global.asax.
I would like to know how I can programmatically build (generate a string url) any one of those registered routes from within my Controller.
I did the same thing in Web Forms with .NET 4.0 using Page.GetRouteUrl(routeName, routeParams) but can't figure out how to do the same thing in MVC (I'm an MVC newbie).
View 1 Replies
Jan 4, 2011
Let's say I want to forward all requests at /js/* to a JavaScript controller Index method. In other words, these routes should all invoke JavaScriptController.Index():
/js/root/index.css
/js/user/account/index.css
/js/master.css
What would the route definition be in my Global.asax.cs file? This doesn't seem to work:
routes.MapRoute("JavaScript", "js/{*path}",
new { controller = "JavaScriptController", action = "Index" });
The breakpoint is never invoked during Debug mode with:
public class JavaScriptController : Controller
{
[HttpGet]
public void Index(string path)
{
var browser = HttpContext.Request.Browser;
System.Diagnostics.Debugger.Break();
}
}
View 2 Replies
Aug 7, 2010
I have the following routes setup in my route config file. I have a config reader that maps these to MVC-style routes.
[route name="customers" url="customers/{statename}/{marketname}/{pagenumber}"]
[controller name="Customers" action="Display" //route]
[route name="pcustomers" url="{customername}/customers/{statename}/{marketname}/{pagenumber}"]
[code]...
View 2 Replies
Oct 18, 2010
I want to create a website that a user can logon and view their data. They should also be able to logout. I'm wondering how to achieve this WITHOUT using the Membership provider api provided by Microsoft. This is what I think should happen.
1. user enters name and password and clicks button.
2.If username and password are correct the user is redirected to a webpage with their details.
3.A session is created.
4.The user logouts and the session is deleted.
View 10 Replies
Jul 26, 2010
I have an ASP.NET application where users login using forms authentication. I have 3 roles and some users. My App is not some thing like anyone can Register and access pages. Only Admin can create users & then send them their username and temp password through email. Then User can change his security question, Password and access pages. I'm trying to build this architecture. I'm using SqlServerMembershipProvider I have created Roles and some test users using ASP.NET Configuration tool. How can I implement the same thing programatically? Like Admin can create user and set his Role. User should be able to Change his Security question & change his password after Admin sets his account with some password likeP@ssw0rd. Is there any article where I can read and learn. I'm dealing with Security for the first time
View 3 Replies
Nov 10, 2010
I am using forms authentication. It's works fine locally. Once I upload my web application to a remote iis server and run it I get a Windows authentication prompt. The server [URL] at [URL] requires a username and password.
View 1 Replies
Jul 25, 2010
I am using VWD 2010 on a windows 7 64 bit install. Using forms authentication I am not being redirected to the login page when not authenticated yet. Even if I start a new web site from template, clear out all cookies, I still go directly to default.aspx. The LoginView control displays the anonymous template verifing I am not authenticated.
configuration why redirection doesn't occur? Remember I am trying this with New Web site template with no mods so I don't think config issue is within application code.
View 3 Replies
Apr 15, 2010
I have a few pages that need to use SSL and I am confused bc I read you should set the forms authentication section in the web.config to use SSL. so if this is the case, the user logs in (login page is using ssl) the forms auth cookie is created and now if i redirect to the non ssl enable home page, does this mean the auth cookie will not be transmitted, so i can't display like a welcome module or know the username of the user who logged in?
View 6 Replies
May 28, 2010
i have a problem with forms authentication. i have a website and want to restrict access to an especific folder. i want the access to this folder be made via the login form this is what i have in the web.config
<authentication mode="Forms">
<forms name="Compra" loginUrl="wfLogin.aspx" path="/" protection="All" timeout="30" />
</authentication>
<authorization>
<allow users="*"/>
</authorization>
Then this to restrict folder
<location path="Admin">
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</location>
the problem is that when the user login with valid information the website return to the login form.
View 7 Replies
Feb 5, 2011
I was wondering what the following error means: Login Failed. The Login Is From An Untrusted Domain And Cannot Be Used With Windows Authentication. Initially, when my application was much simpler, I had no permissions and roles and my authentication mode was set to "windows". Afterwards, however, I added authorization, changed the authentication mode to "Forms" and ever since, when I try to login, I get the error above.
View 5 Replies
Feb 23, 2010
I have some problems regarding login form authentication.Can anyone of you share running login authentication codes.
View 3 Replies
Feb 19, 2010
I get a 404 error when I navigate to the following URL using the route below:
http://localhost:53999/properties/
However, all the following are correctly routed to the List action in my controller:
http://localhost:53999/properties/usa/new-york/manhattan/12
http://localhost:53999/properties/usa/new-york/manhattan
http://localhost:53999/properties/usa/new-york
http://localhost:53999/properties/usa [Code]....
In PropertiesController.cs: [Code]....
It looks like it should just go to the default controller/action,
View 5 Replies
Nov 25, 2010
I have developed an Interanet web application using the windows Active directory authentication if user find then it automaticaly authenticated working correctly now my user wants the capability of being able to login to the intranet site as another user by providing the username and Password . For example, Team lead needs to login on other team memeber System to pefrom some task on his behalf if he or she is not aviable in office .
I have created a standard MS Login Page. However when I try to login on the page only by providing the Username system authenitcate the user ( not validating the password of that user)
My Web.config is shown below
[Code]....
View 5 Replies
Jul 20, 2010
I have an intranet web application, where i have windows authentication = true in web.config. I hear from end users that the website is aksing for their login credentials and they don't like it. By the way i am getting theusername from HttpContext.Current.User.Identity.Name and Domain Name from Mid(UserNameID, 1, InStr(UserNameID, "") - 1).In IIS, anonymous access is unchecked and Integrated wnidows authentication is selected.
View 9 Replies
Jan 25, 2010
i using authentication at my Login.aspx prety fine, but i loss my login page style, color etc.. how i set security for login page Free?
View 1 Replies
Dec 4, 2010
I am using login control in my website for authentication. after login successfully i am storing value in session variable in session["LoginId"] and after login the template of login control gets converted into loggedInTemplate by calling authentication.redirectFromLoginPage(). But sometimes what happens the login template is gets converted into anonymous template while there is a session value in session variable i.e. session["LoginId"] variable has the value still login control shows anonymous template.
View 1 Replies
Jan 23, 2011
I am having problems using the login controls from a template i downloaded.they'r in HTML code and i dont know how to make any user that have credencialsto authenticate sucessfuly to my page. I know that i have to make the inputs in HTML run at ASP.NET this is what I did.
<form class="login" name="form2" method="post" action="">
<label class="text2">USER NAME</label>
<input name="textfield2" type="text" class="input2"runat="server" /><br />
[code]...
View 3 Replies
Apr 20, 2010
i want to create a login page and i have to use windows authentication. so what are the steps i have to follow to achive login contorl with windows authentication.
View 1 Replies
May 4, 2010
I am using FBA(Form Based Authen) and Windows Authentication for my web application. FBA is working fine with username and pwd. I want to use the same username, pwd for windows authentication without retering credentials in default login screen. How to avoid the default login screen with custom authentication..
View 2 Replies
Mar 10, 2011
I have read the many posts of people trying to use two different login pages: one for users and one for admins. My question is very different. I have a Site.master page with a LoginView and LoginControl. I then have three root level pages Default.aspx, About.aspx, and Contact.aspx that derive from the Site.master. All three pages are set in the web.config to be allowed to all users. I then have a MemberPage in a Member folder which is only accessible to authenticated users. What I want to have happen is to be able to login from either the Default, About, or Contact pages and then be directed to the MemberPage.
View 2 Replies