I just created a small site with form authentication with route handling. Without forms authentication, the pages route just fine. With forms, it returns back to the login page as it is not one of my allowed locations specified in my web.config file.
I know I probably need to write a custom route handler. Does anyone have an example I can follow for this?
when the server reboots, one route sometimes returns a 404 until the site is manually restarted. why is that? using mvc 3 rc1 and razor views.
View 16 RepliesI have 3 seperate applications (under the same domain) for which I use Forms authentication with single sign-on.
The 3 applications have different session timeout periods. I was on various articles that when we use forms authentication and specify the loginurl in the <Forms> tag in the web.config, it should automatically get redirected to the login page, when the session timesout. But in my case, it doesn't happen, I think because of different timeout values.
I have a website secured using Forms:
[Code]....
My login page is the usual login.aspx so I don't need to set the loginurl.I have a standard loginsatus control to display the current status and allow the user to login/logout.
[Code]....
On the my development machine this works fine. However when I release it to a test site when I click the "login" link the request sent to the server includes as number of percentage-coded / so the request looks something like this:
http://wwwmysitehere.com/%2flogin.aspx%3fReturnUrl%3d%252fDefault.aspx
(returns a "A potentially dangerous Request.Path value was detected from the client (?)." error)
or without the "Default.aspx" returnurl:http://wwwmysitehere.com%2flogin.aspx%3fReturnUrl%3d%252f
(returns page not found)
Ok, I almost hate to ask this because I'm sure it's been covered many times on this forum, but I'm starting to get too frustrated trying to get it to work, so I'm gonna ask anyway.I have setup forms authentication on my site and have it working without any issues. What I'm trying to do now is to add "Remember Me" functionality so that the users don't have to log in each time they access the site. I'm able to get the authentication part down, but the issue I'm having is that when the user logs in, I set certain attributes in Session variables for that user (name, site role, etc.). These values are obtained from a database after the user has been authenticated, based on the username. What I'm having problems with is getting at this username from the FormsAuthentication cookie.
After I authenticate the first time, I setup my cookie this way:
[Code]....
I have tried getting at the Username utilizing the User prinicipal, but it just returns blank.
I have an ASP.NET MVC web application, and I've registered a number of routes in my Global.asax.
I would like to know how I can programmatically build (generate a string url) any one of those registered routes from within my Controller.
I did the same thing in Web Forms with .NET 4.0 using Page.GetRouteUrl(routeName, routeParams) but can't figure out how to do the same thing in MVC (I'm an MVC newbie).
Let's say I want to forward all requests at /js/* to a JavaScript controller Index method. In other words, these routes should all invoke JavaScriptController.Index():
/js/root/index.css
/js/user/account/index.css
/js/master.css
What would the route definition be in my Global.asax.cs file? This doesn't seem to work:
routes.MapRoute("JavaScript", "js/{*path}",
new { controller = "JavaScriptController", action = "Index" });
The breakpoint is never invoked during Debug mode with:
public class JavaScriptController : Controller
{
[HttpGet]
public void Index(string path)
{
var browser = HttpContext.Request.Browser;
System.Diagnostics.Debugger.Break();
}
}
I have the following routes setup in my route config file. I have a config reader that maps these to MVC-style routes.
[route name="customers" url="customers/{statename}/{marketname}/{pagenumber}"]
[controller name="Customers" action="Display" //route]
[route name="pcustomers" url="{customername}/customers/{statename}/{marketname}/{pagenumber}"]
[code]...
I want to create a website that a user can logon and view their data. They should also be able to logout. I'm wondering how to achieve this WITHOUT using the Membership provider api provided by Microsoft. This is what I think should happen.
1. user enters name and password and clicks button.
2.If username and password are correct the user is redirected to a webpage with their details.
3.A session is created.
4.The user logouts and the session is deleted.
I have an ASP.NET application where users login using forms authentication. I have 3 roles and some users. My App is not some thing like anyone can Register and access pages. Only Admin can create users & then send them their username and temp password through email. Then User can change his security question, Password and access pages. I'm trying to build this architecture. I'm using SqlServerMembershipProvider I have created Roles and some test users using ASP.NET Configuration tool. How can I implement the same thing programatically? Like Admin can create user and set his Role. User should be able to Change his Security question & change his password after Admin sets his account with some password likeP@ssw0rd. Is there any article where I can read and learn. I'm dealing with Security for the first time
View 3 RepliesI am using forms authentication. It's works fine locally. Once I upload my web application to a remote iis server and run it I get a Windows authentication prompt. The server [URL] at [URL] requires a username and password.
View 1 RepliesI am using VWD 2010 on a windows 7 64 bit install. Using forms authentication I am not being redirected to the login page when not authenticated yet. Even if I start a new web site from template, clear out all cookies, I still go directly to default.aspx. The LoginView control displays the anonymous template verifing I am not authenticated.
configuration why redirection doesn't occur? Remember I am trying this with New Web site template with no mods so I don't think config issue is within application code.
I have a few pages that need to use SSL and I am confused bc I read you should set the forms authentication section in the web.config to use SSL. so if this is the case, the user logs in (login page is using ssl) the forms auth cookie is created and now if i redirect to the non ssl enable home page, does this mean the auth cookie will not be transmitted, so i can't display like a welcome module or know the username of the user who logged in?
View 6 Repliesi have a problem with forms authentication. i have a website and want to restrict access to an especific folder. i want the access to this folder be made via the login form this is what i have in the web.config
<authentication mode="Forms">
<forms name="Compra" loginUrl="wfLogin.aspx" path="/" protection="All" timeout="30" />
</authentication>
<authorization>
<allow users="*"/>
</authorization>
Then this to restrict folder
<location path="Admin">
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</location>
the problem is that when the user login with valid information the website return to the login form.
I was wondering what the following error means: Login Failed. The Login Is From An Untrusted Domain And Cannot Be Used With Windows Authentication. Initially, when my application was much simpler, I had no permissions and roles and my authentication mode was set to "windows". Afterwards, however, I added authorization, changed the authentication mode to "Forms" and ever since, when I try to login, I get the error above.
View 5 RepliesI have some problems regarding login form authentication.Can anyone of you share running login authentication codes.
View 3 RepliesI get a 404 error when I navigate to the following URL using the route below:
http://localhost:53999/properties/
However, all the following are correctly routed to the List action in my controller:
http://localhost:53999/properties/usa/new-york/manhattan/12
http://localhost:53999/properties/usa/new-york/manhattan
http://localhost:53999/properties/usa/new-york
http://localhost:53999/properties/usa [Code]....
In PropertiesController.cs: [Code]....
It looks like it should just go to the default controller/action,
I have developed an Interanet web application using the windows Active directory authentication if user find then it automaticaly authenticated working correctly now my user wants the capability of being able to login to the intranet site as another user by providing the username and Password . For example, Team lead needs to login on other team memeber System to pefrom some task on his behalf if he or she is not aviable in office .
I have created a standard MS Login Page. However when I try to login on the page only by providing the Username system authenitcate the user ( not validating the password of that user)
My Web.config is shown below
[Code]....
I have an intranet web application, where i have windows authentication = true in web.config. I hear from end users that the website is aksing for their login credentials and they don't like it. By the way i am getting theusername from HttpContext.Current.User.Identity.Name and Domain Name from Mid(UserNameID, 1, InStr(UserNameID, "") - 1).In IIS, anonymous access is unchecked and Integrated wnidows authentication is selected.
View 9 Repliesi using authentication at my Login.aspx prety fine, but i loss my login page style, color etc.. how i set security for login page Free?
View 1 RepliesI am using login control in my website for authentication. after login successfully i am storing value in session variable in session["LoginId"] and after login the template of login control gets converted into loggedInTemplate by calling authentication.redirectFromLoginPage(). But sometimes what happens the login template is gets converted into anonymous template while there is a session value in session variable i.e. session["LoginId"] variable has the value still login control shows anonymous template.
View 1 RepliesI am having problems using the login controls from a template i downloaded.they'r in HTML code and i dont know how to make any user that have credencialsto authenticate sucessfuly to my page. I know that i have to make the inputs in HTML run at ASP.NET this is what I did.
<form class="login" name="form2" method="post" action="">
<label class="text2">USER NAME</label>
<input name="textfield2" type="text" class="input2"runat="server" /><br />
[code]...
i want to create a login page and i have to use windows authentication. so what are the steps i have to follow to achive login contorl with windows authentication.
View 1 RepliesI am using FBA(Form Based Authen) and Windows Authentication for my web application. FBA is working fine with username and pwd. I want to use the same username, pwd for windows authentication without retering credentials in default login screen. How to avoid the default login screen with custom authentication..
View 2 RepliesI have read the many posts of people trying to use two different login pages: one for users and one for admins. My question is very different. I have a Site.master page with a LoginView and LoginControl. I then have three root level pages Default.aspx, About.aspx, and Contact.aspx that derive from the Site.master. All three pages are set in the web.config to be allowed to all users. I then have a MemberPage in a Member folder which is only accessible to authenticated users. What I want to have happen is to be able to login from either the Default, About, or Contact pages and then be directed to the MemberPage.
View 2 Replies