Security :: Get The System To Actually Prompt The User To Login With Credentials?

Feb 5, 2010

I am the web developer at a medical clinic. I have 2 scenarios going on:

First, I have a physicians only component of our employee portal to allow access to only physician shareholders or physician non-shareholders. My structure is built like:

Physicians Only
Administration
Affiliations
Calendars
Compensation
Minutes

The Affiliations folder is only going to be accessible by the physician shareholders. Therefore, I have security roles set for Physicians Only and Affiliations. When I test, the security is set correctly on the folders. However, when I try to login as different people, all with different roles, I have to login with user name and password, twice, before the system allows me in.

Secondly, I have secured areas within the employee portal also. However, when I navigate to them, the system doens't usually prompts me to login. If it does prompt me to login, it too, is on the second try. So how does it know who I am? And more importantly, how do I get the system to actually prompt the user to login with their credentials?

View 15 Replies


Similar Messages:

Security :: How To Make An IIS Page Prompt For AD Credentials

Apr 1, 2010

We have an IIS/ASP web page from a vendor that we have just dropped onto a webserver within our company. The ASP pages do not come with any sort of authentication built in, so I am trying to configure the site to prompt for credentials before being accessible. I would like the site to prompt for the credentials in all cases (ie. I don't want Internet Explorer to pass through the credentials of the logged in user). I want authorization to this site to be allowed only to members of a certain security group with Active Directory.

Is there a way to do this? I'm not really an IIS guy, nor an ASP developer, so I'm kind of feeling my way through the dark here.

Based on some searching, I have tried adding the following to the web.config file:

[Code]....

I have also installed the IIS URL authorization role service, and have tried playing around with the authentication settings within IIS, to no avail.

I am using IIS7 on Server 2008.

View 4 Replies

Security :: Credentials Prompt When Using Domain Account In AppPool Identity In IIS 6.0?

Mar 4, 2011

I have an asp.net application which was working fine with the AppPool Identity set to Netwrok Service or Local System or Local Service. But If I change the app pool identity to a domain account (I am using my account itself) I am unable to access the application from any other machine except the web server.I am using Windows Integrated Authentication.I tried resetting IIS, Restart W3SVC, aspnet_regiis -ga . But no luck.

View 5 Replies

Security :: How To Restrict Windows Credentials Prompt Window For The Application

Oct 24, 2010

We have created an Intranet Web Application with Windows Authentication.

That asking a prompt to get Username and Password each time when we access the application.

How can we restrict that prompt other than IE --> Security --> Custom Level --> User Authentication.

(Because, with this option we need to set these settings in each and every user's system)

View 3 Replies

Security :: Restrict The User To Login Only From The System Which He Registered From The Computer?

Aug 28, 2010

In my website, if one user registered from a computer, we have to allow that user to be able to access the site from that computer only. If he try to login from another system even in LAN, we have to deny the access.

View 5 Replies

Security :: Get Roles Working - User To Be Able To Login And The System Recognize?

Apr 22, 2010

I have a sitemap of 5 items. 2 items i only want the admin to see. I want the user to be able to login and the system recognise who it is and if an admin, bring up the 2 items in the sitemap. If not an admin, hide the items.

View 3 Replies

Security :: Login Prompt When Using Mozilla Firefox But Not When Using IE

Jul 9, 2010

I have a problem with a simple site that is not requiring login. When run in internet explorer

it works as it should. But when I try to access the page with Mozilla Firefox or Apples Safari

i get a login prompt and no valid useraccount can be entered. I have tried setting authentication mode to either Windows or Forms but it makes no difference.

I can cancel to get the page to load but then I see my logo is not showing

(Logo in Images/file.jpg) When I try to use a link to another page it does not allow me access denied.

As said before with IE everything works OK!! Frustrating, probably something simple...

Even more frustrating On another server it works OK,

Application in Swedish server works

Application in US Server does not work with other browsers but IE.

Same setup for server, IIS 6 Windows server 2003 .Net 2 & 3.5

View 1 Replies

Security :: How To Set 3 Credentials For Login

Jun 22, 2010

I have to post my request to the web page [URL] and this require 3 credentials namely account id ,username and password and i have to pass the some data for the fields in the page

View 3 Replies

Security :: Keep Getting Popup Login Prompt - Using Forms Authentication

Nov 10, 2010

I am using forms authentication. It's works fine locally. Once I upload my web application to a remote iis server and run it I get a Windows authentication prompt. The server [URL] at [URL] requires a username and password.

View 1 Replies

Security :: Windows Auth - Still Showing Login Prompt In IE?

Sep 17, 2010

I'm trying to setup my IIS 7.0 MVC2 site but having problems.I want to use Integrated Security so that the app can obtain the user's credentials. We can then do a look-up of some AD groups to determine what they can do from that point onwards.The problem is - Every time we browse to the application, instead of navigating to our main page immediately, we get a login prompt provided by IE. I've read that we need to make sure that in the browser's Tools->Options->Advanced-> (Securiy-> ENable Windows Intagrated Security) must be checked - which it is on ALL 3 machines where I try this.

The machines AND the server are all in the same domain.My config file states <authentication mode="Windows" /> and I've tried every combination for <identity...> and <authorization...> but to no avail. I can only get the "login" prompt to go away if I enable Anonymous Authentication - but then I can't detect the windows user or their group membership.

View 1 Replies

Security :: Windows Authentication And Still Asking For Login Credentials?

Jul 20, 2010

I have an intranet web application, where i have windows authentication = true in web.config. I hear from end users that the website is aksing for their login credentials and they don't like it. By the way i am getting theusername from HttpContext.Current.User.Identity.Name and Domain Name from Mid(UserNameID, 1, InStr(UserNameID, "") - 1).In IIS, anonymous access is unchecked and Integrated wnidows authentication is selected.

View 9 Replies

Security :: Using Different Windows Login Credentials Whithin A Webpage?

Jan 22, 2010

Is the above possible? Basically i need it as I am creating a site where users can upload files to a shared network drive which is secure and has a system account

When a user clicks on upload file, If possible I would like the page to automatically kind of log in with the system account, copy the files and then log off. I know I could achieve something similar mapping a drive but would prefer not to do that for these reasons;

- Security risk if the mapped drive for some reason isnt removed by the code

- User may not have the drive letter free.

View 1 Replies

Security :: Writing A Login Page That Checks Against AD Credentials?

Sep 8, 2010

I'm trying to write a simple login page, that will allow my users to login to my site using their Active Directory credentials (using their username / password we give them through AD).

I want to do 2 things with the login:

1. I want to check the username / password against our AD and verify the person is a valid user within the directory.

2. I also want to store the entry within a global variable so when the user fills out one of the forms within the site it can Insert the data into a SQL table i have running.

** we are using this site to do Setup Change Request Forms / Termination forms etc. and I just want to verify the person signing off on the form is the person logged into the machine -- use it as an "electronic signature per say".

I'm using a vb.net 2.0 approach - as i only have access to visual studio 2005 and i'm more of a vb programmer then a c#.

If anyone has any examples or can walk me through how to go about writing out this page that would be great.

View 1 Replies

Security :: Authentication Login That Access MySql To Validate The Credentials Entered?

Mar 29, 2011

have a form based authentication login that access MySql to validate the credentials entered.I was wondering how you would encrypt the password??

View 3 Replies

Crystal Report Credentials Prompt After Deployment

Jan 26, 2011

I am Publishing crystal reports on remote server using the following code. when i try to run the crystal report page Crystal report viewer prompt me for database info. As the published crystal report were created using development server. In my crystal report i was using OLEDB ADO Connection

MyRepository _MyRepository = new MyRepository();
System.Data.SqlClient.SqlConnection myConnection = new System.Data.SqlClient.SqlConnection();
myConnection.ConnectionString = ConfigurationManager.ConnectionStrings["MyConnStr"].ConnectionString;
System.Data.SqlClient.SqlCommand MyCommand = new System.Data.SqlClient.SqlCommand("dbo.spMySP");
MyCommand.Connection = myConnection;
MyCommand.Parameters.Add("@PositionID", SqlDbType.Int).Value = (cmbPositions.SelectedValue == "" ? 0 : Convert.ToInt32(cmbPositions.SelectedValue));
MyCommand.CommandType = System.Data.CommandType.StoredProcedure;
System.Data.SqlClient.SqlDataAdapter MyDA = new System.Data.SqlClient.SqlDataAdapter();
MyDA.SelectCommand = MyCommand;
ASale _DS = new ASale();
MyDA.Fill(_DS, "dbo.spMySP");
rptSale oRpt = new rptSale();
oRpt.SetDatabaseLogon("sa", "mypass");
oRpt.SetDataSource(_DS);
oRpt.SetParameterValue(0, "param1");
oRpt.SetParameterValue(1, "param2");
oRpt.SetParameterValue(2, "param3" );
oRpt.SetParameterValue(3, (cmbPositions.SelectedValue == "" ? 0 : Convert.ToInt32(cmbPositions.SelectedValue)));
CrystalReportViewer1.ReportSource = oRpt;

View 1 Replies

Verify User Login Credentials Using Gmail (or Other Email Service Provider)

Jun 9, 2010

How to verify users login credentials using users login credentials of user's gmail account (like in stackoverflow on clicking gmail it takes to gmail login page and gmail verifies the user)

View 1 Replies

Security :: Windows Authentication Bypassing NT Challenge Login; Pass Credentials Manually?

Mar 17, 2011

Is it possible to bypass the NT challenge login, and just have a standard webform login, then authenticating programtically as that user and passing those credentials manually to my connection string so that the database sees me as that user?

View 1 Replies

Credentials Prompt For An Aspx Page Configured For Anonymous Authentication?

Oct 11, 2010

From Flex we call a Upload.aspx page which is configured for anonymous authentication. Most of the time, it works like a charm, but once in a while, the browser does prompt a enter credentials popup...The whole site is configured for Windows Authentication, but some pages and folders are set to use anonymous authentication. This is done using the location tag in web.config.What could be the reason for this?

View 3 Replies

Security - Secure Way To Validate The User's Credentials Against AD?

Mar 1, 2010

In my environment, we use Active Directory as our password repository. I'm writing an app that uses the users windows session (windows auth) to authenticate the user. This is working well, but I need to provide a way for users to log in as a different user. I setup a web form to accept a username and password. My question is this, I need a secure way to validate the user's credentials against AD. I cant have the credentials passed as clear text. Ive come across the impersonate user functions, but i'm leary because you have to pass a clear text password into the password field. I know I could also use LDAP, but without a certificate, I know plain LDAP is relatively insecure. Can someone point me in the right direction of a more secure solution to query AD with the credentials?

View 3 Replies

Security :: How To Use SqlClient To Verify User Credentials

Dec 3, 2010

I am building a web application that is limited to one database, thus I cannot use the handy ASP.NET config tool. I am attempting to use SqlClient to authenticate users from a user table I added to my database. Here is the code I have thus far:

[Code]....

[Code]....

View 5 Replies

Security :: Creating New User Changes Logged In Credentials

Nov 23, 2010

In my application, I have users request accounts, and then an admin goes in to approve or reject the account. When the admin approves the account, the create user wizard is used. After the user is created, I set the new user's role, and update a few other items in my database for user tracking, and send out an email to notify the new user of their account status. Here's the kicker: Once this new user is created, the admin, is now logged in as the new user. How is this happening? And how do I stop it? Here is my CreatedUser code, scrubbed of non-pertinent code.
[Code]....

View 1 Replies

Security :: Prompt User To Reset Password When It Is Expired Using Windows Authentication?

Mar 1, 2010

I have an Intranet web site that uses Windows Authentication and when a users password expires the do not get a prompt letting them reset it. We also have OWA and if they go there to check mail, it sends them to a page which allows them to reset it there. How can I trap for expired passwords and allow them to change it like they can with OWA?

View 1 Replies

Security :: LDAP Throws Invalid Credentials With Valid Credentials Supplied?

Feb 1, 2011

I'm working on an ASP.NET project for the first time in about three years; in the meantime I've been working with Python/Django, PHP and Obj-C. Anyways, picked it right back up... except something that is totally killing me right now, and I have a feeling it must be staring me in the face:

I'm trying to bind to an LDAP server, for the purpose of authenticating users. The way it works here is, you bind on your own credentials, use that to find the Distinguished Name of the user you're authenticating, then you bind again on their DN and their password. If the bind is successful, the password was correct and the user can be authenticated.

Here's the problem - the first bind (on the fixed credentials, the ones with the ability to search for users and their subtrees) works fine. The search works fine. The second bind fails, no matter what, with the LDAP error INVALID_CREDENTIALS. This happens even when completely valid credentials are supplied.

Here's the code, with the usernames and passwords redacted, of course...

[Code]....

View 1 Replies

Security :: How To Add Configured Credentials User To A Specific Group

Oct 8, 2010

i'm wondering is there a way that i can add my configuration User to a specific role ?

so i have this in my web.config file

<forms loginUrl="/Account/Login.aspx">

View 1 Replies

Security :: IIS6 User Credentials Not Passed To SQL Server?

Jan 20, 2010

I have an ASP.net 2.0 application on an IIS6 server with a second server running SQL.

The problem I have is that I can't use Integrated Windows Authentication to authenticate against the SQL server, instead the IIS passes its machine name (DOMAINMachineName$) to the SQL server. Of course I can add the necessary permissions to the machine name account on SQL, but I want to use the local user credentials in Integrated Windows Authentication to authenticate against SQL.

I have tried to find some reading/articles online but apart from a basic understanding I can't find the details I need to implement into my application. All I have found is that IIS doesn't pass the credentials onto a remote machine when using Integrated Windows Authentication, and Kerberos should be used instead. I have no experience of Kerberos or how to use it in ASP.net so I am hoping it can be done using Integrated Windows Authentication or be pointed to some good easy to understand articles on using/implementing Kerberos.

View 6 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved