I get about 5 minutes of inactivity before a logon box appears for a site I manage. Once logged in, our users must be able to stay logged on all day with no annoying logon popups. This started happening after a change i made to IIS6. We formerly had digest authentication and windows integrated authentication checked and everything worked fine but our users complained because they had to put creds in as <domainuserid>. We want to get rid of the domain requirement. To do this i unchecked windows integrated authentication and added the domain to the "Realm" text box. I can log in now without the domain, and everything works as before but I only get a few minutes before I have to relogon. I tried increasing the connection timout to 36000 and have keep alives checked on the web site property page. I also tried setting the web servers registry setting: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesInetInfoParametersDigestContextCacheTTL to 36000 (ten hours). these changes had no effect that I can see.Our setup:we use SSL and have a test certificate that is expired We are hitting the site on our intranet with IE7 or IE8. The production version of this site is on the internet though.IIS6 on a 2003 serverkeep alives is checkedanonymous authentication is uncheckeddigest authentication is checkedwindows integrated authentication is uncheckedIISRESET was run after each change.
I want to redirect the user after 2 mins if there is inactivity for 2 mins. I am not using ASP.NEt membership. And I dont want to use Sessiontimeout for this. Session timeout will logout the user even if he is working on the system. My objective is like screensaver process.
If there is no action for the specified time, the screensaver runs. Similarly, I want to redirect the user to login page.
Here what my problem is,
the user is working on the site...ok.. he want to see someother site.he browse someother site and works on....or even he can do some other work in his system...but he is active in his system... What this script does is, it automatically logout the user and redirect him to login page. But it should not do while he is active...IT SHOULD REDIRECT IF HE IS NOT ACTIVE REALLY (Similar to Screensaver process)
I have an app that uses impersonation to gain access to a database (on server separate from IIS). The app connects to the database using a trusted connection and seems to be working just fine. However, we get these logon failure events in the security event viewer:
It must have something to do with impersonation because the login failure is for the domain account which my app is impersonating under. But again, the app is working fine so I'm having a hard time figuring out how to stop these logon failures.
I managed to user to perform multiple log on from other IE window session in my web application if the same log on is currently being used.Unfortunately I have problem to control multiple log on if the user is logging in using tab browsing in the same session. I know this is due to the same session Id but is there any way to trace down to the tab level within the same session?
I have created an intranet site in win 2008 server. Enabled Windows Authentication and disabled Anonymous. I want to get AD logon username(current win logon user).I used HttpContext.Current.User.Identity.Name and also tried User.Identity.NameI am accessing the site from client machine. I am not getting the client's logon user instead getting the server's logon user. But I want client's logon user only.I just want to get username. I dont need any login screens or bla blaWhen I run in my development system(XP), its working fine. When I deploy to windows 2008 server, I am getting problem(Getting only the server's logon user instead of getting the client's logon user).So, problem in the server settings. So, any settings I need to set to get this worked?I enabled Windows Authentication for my site in IIS management window. Disabled Anonymous authentication.
I'm using forms authentication in my application but i want to get the active directory domain anme and user name of the logon user. is that possible. The IIS Directory security settings are Anonymous Access allowed and Integrated windows authentication ticked. I tried the following but to no avail
Request.LogonUserIdentity.Name (this is returning the machine name and user name used for anonymous access) System.Security.Principal.WindowsIdentity.GetCurrent().Name -> returning NT AUTHORITYNETWORK SERVICE
Ok so I've created a login page that accesses my Active Directory and challenges against it. What I would like, is if a user is logged onto the computer within the intranet with Active Directory Credentials for them to bypass the login to the web page.
However if they are outside of the building on a random computer, they should be presented with a login box just like they are now.
I have implemented the basic forms authentication.In web.config I have set the following, in the authentication tagtimeout = "50000000000" Other than that, I have an out-of the box implementation.I have no custom provider.My clients want to pretty much enter the username once a day.The timeout is in minutes, so I am sure that they are not waiting over 5 million minutes,so something else has to be booting them.
I'm running IIS 6.0 on a Windows 2003 server and running an ASP.NET 4 application which connects to an SQL Server 2005 database on another server. I have my Default.aspx page set to Windows authentication with anonymous access disabled.
When I load up the page it asks for a username and password (as expected), I enter my credentials and it comes up with the following error:Login failed for user ''. The user is not associated with a trusted SQL Server connection.
If I add the following to my web.config file: <identity impersonate="true"/> then I get the following error:
Login failed for user 'NT AUTHORITYANONYMOUS LOGON'.
And if I add the <identity impersonate> tag set to true and with my username and password included it connects successfully.
I can't leave this in there as I want each user to connect as themselves, so why is the server not using the credentials that I enter when prompted to connect to the database ?
I have a web application that uses forms authentication, memberships and roles. I'm finding it difficult to test but it looks as though the application is forcing my users to log in again after about 20 minutes of inactivity. However, the nature of my application requires users to stay logged in for longer than this even if they aren't using the application constantly.
I've already set the following line in my web.config file so that doesn't seem to be making a difference:
Is there something else that I need to set to prevent my users from being redirected to the login page too early on? I'd like them to be inactive for about an hour before forceably logging them off. I don't want them to lose their work if they don't use the system for 20 minutes.
I am trying to force to show to the Logon popup when the session is timeout in Integrated Windows Authentication Enabled website. The session_timeout is firing during the session timeout, but the User.Identity.IsAuthenticated is true. How force to use the Windows Logon Screen when the session is timeout.
I want to get username and machine name of local computer logon to domain. So, how can I get it?My site has annonymous access checked in IIS. cause this application is for the Internet not our company's Intranet.for example, I logon to domain (test.com) in the local computer name is PC1, with the account and pass is: client1 and 1234567.I visit my website, now I want to get user and computer name to show up on asp.net.
I am a windows application developer doing a web application with VB.net and SQL 2008 for the first time.I have developed a web application where users are supposed to view a file after selecting from a listbox. I then pick the users logon ID from windows then store in database and produce statistical reports later. It was working fine on my local machine till i deployed it on server to make it accessible on the intranet. The server OS is Windows 2008 Server and runs IIS. My issues are as follows,1. The application is unable to store the user logon id from the client.2. When more than one user uses the application, then there are errors but one user does not produce errors.
I am a windows application developer doing a web application with VB.net and SQL 2008 for the first time.
I have developed a web application where users are supposed to view a file after selecting from a listbox. I then pick the users logon ID from windows then store in database and produce statistical reports later. It was working fine on my local machine till i deployed it on server to make it accessible on the intranet. The server OS is Windows 2008 Server and runs IIS. My issues are as follows,
1. The application is unable to store the user logon id from the client. 2. When more than one user uses the application, then there are errors but one user does not produce errors.
I have written a custom membership provider for my MVC 2 app, and it all works fine. I wanted to force people to log in as soon as they went to the site, so set the authorization section of the web config to deny annonymous users. As expected, when you try and access the site, it re-routes you straight to the LogOn.aspx page. The problem I'm having is that when it initially jumps to the LogOn page, it cannot find any of the files referenced in the html header section.
The strange thing is I set a path to a css file as follows:
../../Content/site.css yet in the page it shows up as ../Content/site.css
I even wrote a html helper that uses Url.Content on the paths passed in, but this still does not solve the problem. If I go to the LogOn page after the application has initially loaded, it references all the files correctly.
On Friday I gave a demo of an MVC application using the Authorize attribute on my JobCardController, and all was well. This morning, when I attempt an unauthorized action, I still get redirected to the LogOn view, using the below URL, but I appear to have what my reading tells me is called a White Screen of Death, i.e. nothing but white background and no actions invoked.
I have configured forms authentication for my MVC 3 RTM application. I updated the configuration to the following and set the autoFormsAuthentication per the Gu and StackOverflow to false. However, when my application is deployed to my web server (W2k3 Standard SP2, II6) the controllers marked with [Authorize] are always redirected to /Account/LogOn instead of the configured value.
I'm building an application using MVC3 RC and I'm trying to add a session variable as soon as anyone logs on. The variable is an int which is retrieved from a database using User.Identity.Name to retrieve the relevant database record.
I'm using the MS AccountController and tried adding the session variable immediately after the line:
I have a grid view which uses a Datasource to populate it. There is also a OnRowDataBound method which does lots of work using templatefields etc.I have a button which runs a delete method in the code behind, but when i use it the row i delete is still displayed on postback. I tried to set EnableViewState to false for the grid view, but then parts of the OnRowDataBound method failed where a variable set in the Page_Load is used.