Security :: Logon Box Appears Every 5 Minutes?

Jan 8, 2010

I get about 5 minutes of inactivity before a logon box appears for a site I manage. Once logged in, our users must be able to stay logged on all day with no annoying logon popups. This started happening after a change i made to IIS6. We formerly had digest authentication and windows integrated authentication checked and everything worked fine but our users complained because they had to put creds in as <domainuserid>. We want to get rid of the domain requirement. To do this i unchecked windows integrated authentication and added the domain to the "Realm" text box. I can log in now without the domain, and everything works as before but I only get a few minutes before I have to relogon. I tried increasing the connection timout to 36000 and have keep alives checked on the web site property page. I also tried setting the web servers registry setting: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesInetInfoParametersDigestContextCacheTTL to 36000 (ten hours). these changes had no effect that I can see.Our setup:we use SSL and have a test certificate that is expired We are hitting the site on our intranet with IE7 or IE8. The production version of this site is on the internet though.IIS6 on a 2003 serverkeep alives is checkedanonymous authentication is uncheckeddigest authentication is checkedwindows integrated authentication is uncheckedIISRESET was run after each change.

View 7 Replies

Similar Messages:

Security :: How To Redirect The User After 2 Minutes If There Is Inactivity For 2 Minutes

Feb 13, 2011

I want to redirect the user after 2 mins if there is inactivity for 2 mins. I am not using ASP.NEt membership. And I dont want to use Sessiontimeout for this. Session timeout will logout the user even if he is working on the system. My objective is like screensaver process.

If there is no action for the specified time, the screensaver runs. Similarly, I want to redirect the user to login page.

note that i have already handled it with the following javascript:


Here what my problem is,

the user is working on the site...ok.. he want to see someother site.he browse someother site and works on....or even he can do some other work in his system...but he is active in his system... What this script does is, it automatically logout the user and redirect him to login page. But it should not do while he is active...IT SHOULD REDIRECT IF HE IS NOT ACTIVE REALLY (Similar to Screensaver process)

Is it possible ?

View 1 Replies

Security :: Logon Failure Security Event 534 And Impersonation?

Oct 4, 2010

I have an app that uses impersonation to gain access to a database (on server separate from IIS). The app connects to the database using a trusted connection and seems to be working just fine. However, we get these logon failure events in the security event viewer:


It must have something to do with impersonation because the login failure is for the domain account which my app is impersonating under. But again, the app is working fine so I'm having a hard time figuring out how to stop these logon failures.

View 2 Replies

Security :: Prevent Multiple Logon On Different Tab In The Same Session?

Jan 14, 2010

I managed to user to perform multiple log on from other IE window session in my web application if the same log on is currently being used.Unfortunately I have problem to control multiple log on if the user is logging in using tab browsing in the same session. I know this is due to the same session Id but is there any way to trace down to the tab level within the same session?

View 2 Replies

Security :: How To Store / Get The Details Of The Logon User

Sep 5, 2010

We will put the active directory logon when the user access the website, the user needs to fill in his user name and password.

How do we store/get the details of the logon user once the user is logged in?

View 2 Replies

Security :: How To Enforce Logon Hours Validation

Oct 6, 2010

How to enforce logon hours validation

View 10 Replies

Security :: Get Current Windows Logon User?

Mar 22, 2010

I have created an intranet site in win 2008 server. Enabled Windows Authentication and disabled Anonymous. I want to get AD logon username(current win logon user).I used HttpContext.Current.User.Identity.Name and also tried User.Identity.NameI am accessing the site from client machine. I am not getting the client's logon user instead getting the server's logon user. But I want client's logon user only.I just want to get username. I dont need any login screens or bla blaWhen I run in my development system(XP), its working fine.
When I deploy to windows 2008 server, I am getting problem(Getting only the server's logon user instead of getting the client's logon user).So, problem in the server settings. So, any settings I need to set to get this worked?I enabled Windows Authentication for my site in IIS management window. Disabled Anonymous authentication.

View 1 Replies

Security :: Using Logon Form With Windows Authentication?

Oct 13, 2010

I have created an Intranet site using windows authentication based on role membership. It is working great. My Web.config is shown below.

<authentication mode="Windows" />
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider" />
<allow roles="D820Developers, D820IT, D820Staff, D820Providers, D820Supervisors, D820Directors, D820Interns" />
<deny users="?"/>

Now my user wants the capability of being able to login to the intranet site as another user. For example, IT guy needs to login on a user's system to set some data.

I have created a standard MS Login Page. However when I try to login on the page I get the message

Your login attempt was not successful. Please try again

I do not have a database (aspnetdb.mdf) storing user information but login against the active directory. Can you use the login form with windows authentication without a database?

View 1 Replies

Security :: Get Windows Domainname And Username Of Logon User

Jan 19, 2011

I'm using forms authentication in my application but i want to get the active directory domain anme and user name of the logon user. is that possible. The IIS Directory security settings are Anonymous Access allowed and Integrated windows authentication ticked. I tried the following but to no avail

Request.LogonUserIdentity.Name (this is returning the machine name and user name used for anonymous access)
System.Security.Principal.WindowsIdentity.GetCurrent().Name -> returning NT AUTHORITYNETWORK SERVICE

View 3 Replies

Security :: Logon To Page With Already Authenticated Computer And Forms?

May 11, 2010

Ok so I've created a login page that accesses my Active Directory and challenges against it. What I would like, is if a user is logged onto the computer within the intranet with Active Directory Credentials for them to bypass the login to the web page.

However if they are outside of the building on a random computer, they should be presented with a login box just like they are now.

View 1 Replies

Security :: Timeout Is In Minutes?

Jan 25, 2010

I have implemented the basic forms authentication.In web.config I have set the following, in the authentication tagtimeout = "50000000000" Other than that, I have an out-of the box implementation.I have no custom provider.My clients want to pretty much enter the username once a day.The timeout is in minutes, so I am sure that they are not waiting over 5 million minutes,so something else has to be booting them.

View 7 Replies

Security :: Impersonation / Getting Error / Login Failed For User 'NT AUTHORITYANONYMOUS LOGON

Aug 16, 2010

I'm running IIS 6.0 on a Windows 2003 server and running an ASP.NET 4 application which connects to an SQL Server 2005 database on another server. I have my Default.aspx page set to Windows authentication with anonymous access disabled.

When I load up the page it asks for a username and password (as expected), I enter my credentials and it comes up with the following error:Login failed for user ''. The user is not associated with a trusted SQL Server connection.

If I add the following to my web.config file: <identity impersonate="true"/> then I get the following error:

Login failed for user 'NT AUTHORITYANONYMOUS LOGON'.

And if I add the <identity impersonate> tag set to true and with my username and password included it connects successfully.

I can't leave this in there as I want each user to connect as themselves, so why is the server not using the credentials that I enter when prompted to connect to the database ?

View 5 Replies

Security :: Loose Authentication After 30 Minutes?

Jan 5, 2011

This is my web.config settings:


AND this:


neither keep me in for more than 30 minutes.

for some reason the Ticket is set correctly for 90 days. But the cookie is always January 01, 0001. Below is the output of the Authentication Dates.

Ticket Issue Date: Wednesday, January 05, 2011 4:35:42 PM
Ticket Expiry Date: Tuesday, April 05, 2011 4:35:42 PM
Cookie Expiry Date: Monday, January 01, 0001 12:00:00 AM

View 5 Replies

Security :: User Being Asked To Log In Again After Approx 20 Minutes?

Oct 7, 2010

I have a web application that uses forms authentication, memberships and roles. I'm finding it difficult to test but it looks as though the application is forcing my users to log in again after about 20 minutes of inactivity. However, the nature of my application requires users to stay logged in for longer than this even if they aren't using the application constantly.

I've already set the following line in my web.config file so that doesn't seem to be making a difference:


Is there something else that I need to set to prevent my users from being redirected to the login page too early on? I'd like them to be inactive for about an hour before forceably logging them off. I don't want them to lose their work if they don't use the system for 20 minutes.

View 4 Replies

Security :: Force To Show To The Logon Popup When The Session Is Timeout In Integrated Windows Authentication Enabled Website

May 31, 2010

I am trying to force to show to the Logon popup when the session is timeout in Integrated Windows Authentication Enabled website. The session_timeout is firing during the session timeout, but the User.Identity.IsAuthenticated is true. How force to use the Windows Logon Screen when the session is timeout.

View 4 Replies

Security :: Get User's Windows Login Name "SAMaccount" And Computer Name Logon To Domain?

Jul 17, 2010

I want to get username and machine name of local computer logon to domain. So, how can I get it?My site has annonymous access checked in IIS. cause this application is for the Internet not our company's Intranet.for example, I logon to domain ( in the local computer name is PC1, with the account and pass is: client1 and 1234567.I visit my website, now I want to get user and computer name to show up on

View 1 Replies

Concurrent Viewing And Logon ID?

Aug 19, 2010

I am a windows application developer doing a web application with and SQL 2008 for the first time.I have developed a web application where users are supposed to view a file after selecting from a listbox. I then pick the users logon ID from windows then store in database and produce statistical reports later. It was working fine on my local machine till i deployed it on server to make it accessible on the intranet. The server OS is Windows 2008 Server and runs IIS. My issues are as follows,1. The application is unable to store the user logon id from the client.2. When more than one user uses the application, then there are errors but one user does not produce errors.

View 1 Replies

VS 2008 Concurrent Viewing And Logon ID?

Jun 7, 2010

I am a windows application developer doing a web application with and SQL 2008 for the first time.

I have developed a web application where users are supposed to view a file after selecting from a listbox. I then pick the users logon ID from windows then store in database and produce statistical reports later. It was working fine on my local machine till i deployed it on server to make it accessible on the intranet. The server OS is Windows 2008 Server and runs IIS. My issues are as follows,

1. The application is unable to store the user logon id from the client.
2. When more than one user uses the application, then there are errors but one user does not produce errors.

View 7 Replies

SQL Server :: Sql Native Client For Logon CR?

Sep 25, 2010

As i have developed my application with crystal report using sql server 2005.... on windows xp OS machine x86

My hosting provider is using sql server 2008 on windows server 2008 OS x64...

Please let me know the sql native client version of ms sql server 2005
and sql native client version of ms sql server 2008

will sql native client version of ms sql server 2005 will work on sql native client version of ms sql server 2008..

or we need the same sql native client version of ms sql server 2005 to run my crystal report

View 1 Replies

MVC :: 2 File Referencing From Within LogOn.aspx

Apr 10, 2010

I have written a custom membership provider for my MVC 2 app, and it all works fine. I wanted to force people to log in as soon as they went to the site, so set the authorization section of the web config to deny annonymous users. As expected, when you try and access the site, it re-routes you straight to the LogOn.aspx page. The problem I'm having is that when it initially jumps to the LogOn page, it cannot find any of the files referenced in the html header section.

The strange thing is I set a path to a css file as follows:

yet in the page it shows up as

I even wrote a html helper that uses Url.Content on the paths passed in, but this still does not solve the problem. If I go to the LogOn page after the application has initially loaded, it references all the files correctly.

View 1 Replies

Blank LogOn View In MVC Application?

Jul 12, 2010

On Friday I gave a demo of an MVC application using the Authorize attribute on my JobCardController, and all was well. This morning, when I attempt an unauthorized action, I still get redirected to the LogOn view, using the below URL, but I appear to have what my reading tells me is called a White Screen of Death, i.e. nothing but white background and no actions invoked.


ADDENDUM: I forgot to mention that I have moved the Account models and services out into my DataObjects and Services projects, but I had done this last week already without this problem.

I'm not asking what is wrong, but what are the common faults that could cause something like this and how can I start debugging this mess?

SOLVED: Somehow an Authorize attribute had landed up on my whole controller class, as in,

public class AccountController : BaseController

I removed that and everything is working again.

View 1 Replies

MVC :: RTM Authorize Always Redirects To Account / LogOn?

Feb 7, 2011

I have configured forms authentication for my MVC 3 RTM application. I updated the configuration to the following and set the autoFormsAuthentication per the Gu and StackOverflow to false. However, when my application is deployed to my web server (W2k3 Standard SP2, II6) the controllers marked with [Authorize] are always redirected to /Account/LogOn instead of the configured value.


View 5 Replies

MVC :: Create Session Variable At Logon?

Dec 3, 2010

I'm building an application using MVC3 RC and I'm trying to add a session variable as soon as anyone logs on. The variable is an int which is retrieved from a database using User.Identity.Name to retrieve the relevant database record.

I'm using the MS AccountController and tried adding the session variable immediately after the line:

FormsService.SignIn(model.UserName, model.RememberMe);

Although this is the point at which the logon is validated the User.Identity.Name is still showing as null when I try to get it immediately after.

Does anyone know when User.Identity.Name is actually populated in the session and how I can intervene to grab it at that point?

View 2 Replies

MVC :: Nerddinner LogOn And Authentication Method?

Mar 14, 2011

i created a mvc project and looked to account controller LogOn action method. methood defined as bottom.



View 3 Replies

Delete A Row From A Table But It Still Appears?

Jun 8, 2010

I have a grid view which uses a Datasource to populate it. There is also a OnRowDataBound method which does lots of work using templatefields etc.I have a button which runs a delete method in the code behind, but when i use it the row i delete is still displayed on postback. I tried to set EnableViewState to false for the grid view, but then parts of the OnRowDataBound method failed where a variable set in the Page_Load is used.

View 3 Replies

Copyrights 2005-15, All rights reserved