Security :: Implement User Login In Website itself
Jan 26, 2011
i implement user login in my website itself and i dont use membership of asp.net
any user in my website have the apportunity to website for 5 times .after 5 times if still user is not logged in website ,user can after 15 minutes to be able to try again.
suppose we have two or mor ethan two website .All site ask username and password.Their database is located differnent places.I want to know how i can do this thing that user who authenticated from any site do not need to authenticate again he will pass directly.No authentication nothing like gmail .user who is login do not need to login again for useing orkut he directly go to that site and user of orkut directly go to gmail .In these case it do not ask authentication ike username and password!
What if, I'm not using the LOGIN CONTROL but rather creating a Custom Control for Login. Is it possible to have user roles and a site map that redirects to its own destination when the user login?
i want to access yahoo user name and basic info by loging from my website.how it would b possible,i have  created app in Yahoo,i have key and consumer secret value.
We have created a windows application which is distributed amongst our clients. The application uses SQL Server 2008 as the back end and each client uses their own database on their own server. The databases are all exactly the same but each clients data is specific only to them.
We would like to offer our clients the ability to log-in to our website which would then login to their own database so that when they are out in the field they can perform similar tasks to what they can do with the windows app.Each of the clients databases has a user table containing their login details, permissions etc.
Our server is running on IIS and has SQL Server 2008 installed but it only contains our data and nothing of the clients.How should we go about this?
What I mean is do we need to make each client have an additional login to our main server which would then hold each clients individual connection strings etc which would then be used to connect to there specific database and then they would need to login again?? Seems like a nightmare for the user.
It worked just fine untill this week, but now it fails to login.
the odd think is that it do login from localhost, but when trying to login through the profuction site it fails to login. this is happens to all users.
I've a Gmail account, assume that me@gmail.com. Now I want to login (as admin) in my website through this account. I know I can use OpenID etc. for that purpose but I want to limit it for just me only. Can I do this? I don't let anyone else to know which service I used to login and what is my address and etc. (Note: My website contains just one and only one login form, for just me, only!)
i m currently creating an article module, and i want if user wana comment on to the any particular artical, than he should login any of his mail id like gmail, yahoo hotmail etc and than post his or her comment and after than comment should go into the DB.
I have an live website and I need to enable roles and add it to a folder. What's the best way to go about it? Do I add code to web.config? Do I add code to individual pages? Do I use the membership provider service with V W D and recopy the website?
In asp.net c# , i want to implement auto website browsing i.e. when the user enters his user id and password on login page, the login button should be clicked automatically and a new browser should open and then the page should be redirected to desired page and then on the new page another linkbutton gets clicked and again redirect and so on.
I have two websites (one asp classic and the other asp.net) which we would like to implement some kind of security based on the client's hardware. We want something other than a password which could be shared. The purpose is to be sure access to information on the websites is not shared.
We were contrmplating storing hardware info in our database and validating against that upun website entry.
I have been looking into ActiveX (it would be acceptable to limit our users to IE), although we do have users who would like to use I-Phones. I have done no ActiveX development myself but have found a few articles on the web about ActiveX but that whole approach looks complicated. And also there seems to be a 64bit issue making it even more difficult.
So, I wonder if anybody has any advice as to what the best options might be for securing the website access in a way that would prevent sharing?
So, when i don't use Response.Redirect, the login succeeded, but all the links in the Response data refers to my development server, for example if i click on "support" link, it'll redirect the page to ("http://localhost:3506/support.cfm")!! which will rais of cource "The resource cannot be found" error
And when i use Response.Redirect, i'll loose the session, mean it'll not keep my login for the site.
I have a small website that uses the asp login control and now i want to allow a user login from another website that i have. The problem is the other website is only html not aspx and i'm not sure how to write the form to login. here is the login i'm currently using:
[Code]....
once the users click login the form post back to the server and verifies the credentials and retrieves the necessary information. How can i login to my website from the other website?
asp.net 3.5 IIS7 Hosted on Windows Server 2008 (virtual machine)
I have a website which have been running for about a year without any problems. Users have been able to login etc, but now I get reports about users not able to login while using Internet Explorer. Users using other internet browsers like FireFox, Chrome etc have no trouble logging in.
The website are using the standard Forms authentication.
Also lately another website has been setup in IIS7, but these sites are using application pool. I've stopped this webapplication in IIS, but that doesn't have any effect on my problem
I see that Windows Update have failed to install a lot of patches lately, not sure if that is related to this problem. But some of the windows patches are security patches.
I am trying to create a login page on my website. When I view the page in a browser and enter the login name and password, I receive the following error message:
Server Error in '/membership' Application.
Cannot open database "aspnetdb" requested by the login. The login failed. Login failed for user 'NT AUTHORITYNETWORK SERVICE'.
Description:
An unhandled exception occurred during the execution of the current web request. review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Cannot open database "aspnetdb" requested by the login. The login failed. Login failed for user 'NT AUTHORITYNETWORK SERVICE'.
Source Error:
[Code]....
Stack Trace:
[Code]....
I was able to connect to the aspnetdb database using the Web Site Administration Tool. The aspnetdb database is not in the App_Data directory.
Is it possible to log the user automatically into a third-party website if we have their details on record? For example, if I had a users facebook/hotmail username/password stored in my database, is it possible to use these details to log them into facebook/hotmail, then open up facebook/hotmail.com with them already logged in?
Basically my Client uses Basecamp for their customers and wants a way of automatically logging his customers into basecamp from their website without them having to go through the trouble of logging in again (after they've already logged in through my clients website).
I am using login control in my website for authentication. after login successfully i am storing value in session variable in session["LoginId"] and after login the template of login control gets converted into loggedInTemplate by calling authentication.redirectFromLoginPage(). But sometimes what happens the login template is gets converted into anonymous template while there is a session value in session variable i.e. session["LoginId"] variable has the value still login control shows anonymous template.