I'm using the Windows Identity Foundation (WIF) Security Token Service (STS) to handle authentication for my application which is working all well and good. However I can't seem to get any long running login with the STS. From my understanding I shouldn't care about the client tokens at the application level since they can expire all they want to and it should redirect me to the STS and as long as they're still logged in on the STS it should refresh their application token. Yet it doesn't seem to want to keep them signed in.
Here's what occurs in my login.aspx on the STS var cookie = FormsAuthentication.GetAuthCookie(userName, persistTicket); if (persistTicket) cookie.Expires = DateTime.Now.AddDays(14); Response.Cookies.Add(cookie); var returnUrl = Request.QueryString["ReturnUrl"]; Response.Redirect(returnUrl ?? "default.aspx");
Which was taken almost directly from existing application using normal Forms Auth. From my web.config <authentication mode="Forms"> <forms loginUrl="Login.aspx" protection="All" timeout="2880" name=".STS" path="/" requireSSL="false" slidingExpiration="true" defaultUrl="default.aspx" cookieless="UseDeviceProfile" enableCrossAppRedirects="false" /> </authentication>
Looking at the cookie after I sign in I can see the expires time on the cookie is set for 14 days in the future and that the cookie is NOT a session cookie. When I'm required to log back into the STS I can see that my original cookie is still there. Is there some kind of time stamp functionality that the STS embeds into the cookie that is invalidating my cookie even though as far as I know it should still be valid?
My web application uses forms authentication. One of my users who uses IE8 says that she always stays logged into the website on her computer. This is even after she closes the browser window and restarts the computer. This only happens on her computer, if she switches computers the same thing won't happen.
I'm baffled by this. Is there a setting in IE that could save her login information and automatically sign her in every time she accesses the website? Is there anything else to look into?
When the user logs out of the page and does not close Internet Explorer, and again try to access the page either through favorite link or by entering URL, they are automatically logged into the page again.We want this NOT to happen. We want the user to always have to re-enter all Login data on the main login.aspxI have validated session correctly, even though this problem continueonly my system. Other system workingcorrectly. I think something browser settings problem.
i used security in login page which restricts all users who have not logged in to all pages. I need to restrict specific users to specific pages. I'm not using AspSqlService provider. So i cannot create roles and restrict automatically. And the pictures i use in login page are not visible @ runtime.
I am using Visual Studio 2008 Express and created a login page using the ASP.net web site Adminstration tool security to generate users and passwords.
After login, a new page appears. I have a button to go back to the login page to allow a user to relogin. When I try loging in again as a different user or the same, I get an error saying the resource that I am looing for was not available.
I have a button on the page after login (one this one page will occur) and I am using on on click event to do the following:
After clicking on this button, the Login page appears again. How can I release everyting to allow it to work like when I first open the application.
This is the error message I get:
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested URL: /MyFirstSite/default.aspx
Version Information: Microsoft .NET Framework Version:2.0.50727.3615; ASP.NET Version:2.0.50727.3618
I've successfully made a custom membership provider that connects, queries, and updates my custom Oracle database. I found a good sample on MSDN. I also found documentatio on the provider itself. However, I cannot find anywhere example calls you have to make for the different actions within the web pages themselves. Where can I find that?
For example
How do I check if a user is already logged in? What do I do when a user hits the login button? How does each page get the user that is logged in? etc.I am not using the asp login control. I have custom form, custom data, and custom graphics.
I created asp.net application on alumni information database.After logged in it redirects to page i wish but the problem is the page i am redirected is not holding the user logged information. it just simply showing as annonymus user.
access the page on public section of the website from the admin section,while logged in?Or i am causing a security hole,jumping like this?all admin section pages have role based authorization and can not be accessed unless authenticated.Public of course is accessible to anyone.
this is basically to show a welcome message [welcome user]on the index page after login in as a registered user of my site. i can achieve this with session but i really want to see this work. i read it in a book. it is not working as i want instead it is displaying my pc's name, instead of showing welcome for the current loggrd in user. put into consideraton that i programmatically created my login controls, my database on sqlserver myself, without asp.net custom login controls.
//this is the label that shows the welcome text {welcomeLbl.Text = "you are welcome, "; //user.identity.name+"."; this is suppose to display the name of the current logged in user welcomeLbl.Text += User.Identity.Name + ".";}
In the web.config file i have put some code in so that when users log in they will be re-directed to another part of the website which only registered users can access. for the admin part only the admin can log in and it takes him to the admin section and that works fine. it is only this that is causing me problems.
the code i inserted for which the user needs to be diverted to is:
I am having a change password page in that when the user change his password and click on submit i will show a message and will redirect to main form. But the text which i like to display is not displaying. What i need is i would like to have the page in the same form for few amount of time and then redirect to the desired one.
<script type="text/javascript">function LoadPage() { var v =setTimeout("MovePage()",5000); //will call the MovePage() function after 5 seconds } function MovePage() { location.href='/FedData/newRoutingNumbervalidator.aspx'; } </script>
I've a page main.aspx. This page has a button 'Settings'. When it is clicked, I load another aspx page settigns.aspx in a popup. Now in the settings.aspx i allow the users to add controls dynamically. For example the user can create 5 textboxes. When he saves it there, I need to get that controls to main.aspx.
So i need to move all the controls from one page to another page. I'm not able to think of a solution with user controls.
I want to execute url but not to redirect to that page.My work should be cout. on the same page.. Eg :When i click on "Send" it should send that data to url bt page has to be same no effect should be their . .
What are the latest and greatest ways to move ViewState to bottom of the page Can this be done in a IHttpHandler that can be specified in the web.config to intercept requests to "*.aspx"?
Other options is that this could be done in a IHttpModule, but that is not as performant, as it will intercept all requests. Also it could be done in an a class deriving from the Page or MasterPage-class, but this is not as modular.Are there any performance penalties to this?
I have four panels on a page, each with a submit button. I want to warn the user when they move from one panel to another without having submitted any changes from the first panel. I've worked this out in Javascript but it would be better to do on the server side, and disable all submits except the panel with changed content. How would I do this? With a Sub that responds to ontextchanged? Or with comparison validator? Or some combination of the two?
I am using crystal report. I am able to go to 2nd page on clicking next button but further that nothing happens only 2nd page remains i.e. page not moving further.
I am making one application where i am fetching huge data from database to gridview.
for this it was taking some 30 to 40 seconds. so instead of showing nothing in the page
I am using update panel and update progress bar.
everything is ok but when progress image is showing in the page that time it's moving only one time and stop and before completing page postback.
Here is my code:
 <asp:ToolkitScriptManager ID="ToolkitScriptManager1" runat="server">   </asp:ToolkitScriptManager>   <div><script language="javascript" type="text/javascript">   var prm = Sys.WebForms.PageRequestManager.getInstance();  var popup = $find('<%= modalPopup.ClientID %>');   prm.add_initializeRequest(InitializeRequest);  Â
[Code] ....
And here is my code behind:
 protected void Button1_Click(object sender, EventArgs e)   {       con.Open();       SqlCommand com = new SqlCommand("select * from processdailydata", con);       SqlDataAdapter sda = new SqlDataAdapter(com);       DataSet ds = new DataSet(); sda.Fill(ds);       GridView1.DataSource = ds;       GridView1.DataBind();       con.Close();   }
i want to show progress image move regularly untile page load is not finished.
I have four dropdowns in the first page and then a button which saves the selected values from the dropdown to a session state .
In the second page I do have previous button which comes to the first page. My problem is that the dropdown values are not getting preserved.
Here is my code for the First page
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using MyBusinessLayer; using MyDataLAyer;
[Code]......
The problem is that I get the error object instance not set to an instance of an object
I have some static (pure html) pages in my MVC application that I need to authenticate, so that not just anybody can look at them. Is there an way to do this without moving all the code to asp files and adding a controller and from there use the Authorize attribute? I would really prefer to not need to do this!
I am hoping I am in the right place for this, I have a web application which has been running for about 4 years recently I updated my Ajax to the most recent version it continued to work OK then I changed from ScriptManager to ToolkitScriptManager now I get an error moving from my default page
