Session Management After Implementing Openid?
Aug 16, 2010
i have implemented the the openid in my page using dotnet open id when i get authenticated iam storing the details provided by openid provider in my database and creating a session of that username and redirecting the user to login protected page it is working fine but some time if i left the page idle for some time and then do any kind of postback then the session is lost and my page do not allows me to do any thing as it is login protected some time it is working fine without any problem. can you suggest me why is it so.
View 1 Replies
Similar Messages:
Mar 8, 2010
I am currently playing with DotNetOpenAuth to make an ASP.NET (C#) website use OpenID instead of the normal login-password routine for user and session handling. Up till now, I have added the DotNetOpenAuth.dll into my project and tried a test login page with the following: <rp:OpenIdLogin ID="OpenIdLogin1" runat="server" />
When I run the page, I enter a valid myopenid url and the website redirects to the myopenid page, where I enter my password, and upon success, it returns back to my default.aspx, due to the following in my web.config:
<authentication mode="Forms">
<forms defaultUrl="/Default.aspx" loginUrl="~/Login.aspx"/>
</authentication>
Now that the user is "logged in", how can handle my session? At the moment, I don't know how I can, for example, check if the session is still alive or how to terminate the session. My basic question is, how can I manage the session once the user is authenticated with OpenID ?
[Update]
I am now using the following to check for authentication: HttpContext.Current.User, and with that I can now check if a user is authenticated with a session. Now is there a possible way on how I can "link" user details that are stored in my database with an openid account?
View 1 Replies
Jan 26, 2011
I'm looking to implement a membership system using OpenID for my ASP.NET application, similar to the system used here on StackOverflow. I'm aware that the OpenAuth library is generally recognized as the way to go, but I'm having trouble figuring out how to implement it.
I use NHibernate to persist my domain objects. I have a Users table with a username column, email column, etc. I'm not sure how to integrate OpenID with my own users table, and I haven't found any good tutorials on this. Does anyone have any experience with this? What is the best way to go about doing it?
View 3 Replies
Sep 17, 2010
Firstly, This question may be asked. But I could not get the information i am looking for.
I am creating a website which should take to [URL] where the user enters his account information and it redirect back to my website similar to how stack over flow is doing when we click on gmail image.
I am trying to implement a website in .net.
list a step by step procedure to implement it or suggest some documentation to follow.
I clearly dont want other types of openID implemention where u enter the open id and pick ur open id provider.
View 2 Replies
Feb 16, 2011
In my asp.net application, users are created by the administrators & those users need to log-in into the system using their own email/password or openid. So what is the best option to implement in this scenario?
I mean, as users can't register them self,do administrator required to associate each openid with the users & what kind of table structure do I need?
And do I also need the log-in interface like that of [URL] showing multiple types of authentication(default & openid from various providers)?
View 1 Replies
Jan 16, 2011
I am new to asp.net and developing an application where there will be some roles like (admin, entry user, maker, checker) one user can have all or can have partial roles based on the provided roles and the page should restrict functionality based on the user role.
What is the best way of implementing it without memberships in asp.net ..
View 1 Replies
May 5, 2010
I am doing web based projects in dotnet. Currently I am implementing security using session variables. I keep current user id and user type in session and authenticate user from these session variables (say Session["UserId"],Session["UserName"] and Session["UserType"]).
I've heard that such security can be broken and applications can be hacked very easily, like it is possible to get session id and directly connect to that session id etc.
View 1 Replies
Oct 7, 2010
My ASP.NET 1.1 application is using load balancing servers. Before load balancing servers, there is no problem related to session management. After googling, I found the following two points:
1) Website instance ID must be same on both the servers. When I ran Microsoft provided VB Script to check instance ID. On both the servers, they are same.
2) I have also generated a unique machine key and pasted it in the machine.config on both the servers.
View 9 Replies
Nov 10, 2010
I want to know how can I write custom session management mechanism in ASP.NET. I do not want to use cookies or URL to have my session ID thus I think I can not use SessionIDManager. I will like to save the sessionID in a post variable and at server I will like to extract this ID to map with session.
View 3 Replies
Sep 14, 2010
I added the following code to global.asax to load up several session variable when a session starts. I'm assuming that when a page goes to use the variable that I should be
1) checking at the page level that the value is valid not 0 when its not expected to be 0, not a zero-length string when its expected to have a length
2) have code at the page level that sets the values if the values have not been set as when the Session timeout, ideally putting the code in a class derived from Page and then deriving all of my pages from the new class so that the code does not have to be repeated in every page
[Code]....
View 7 Replies
Mar 2, 2011
I have a problem by getting session which created for new site visit or session expired.
View 3 Replies
Oct 11, 2010
I use some session variables to get the job done(shopping cart, etc) but it is not stable..manytimes I get no items in session object and other times(refreshing the page) I get missing data...I downloaded the entire site code to my local pc and debugged it and run it succesfully without any session data missing...When I run it in the server, I get bad session again: no products in shopping cart or products with missing quantities...
The same website runs smoothly in our production server too....The problem is with our development server...
View 2 Replies
Nov 11, 2010
I have some code in my page load event where I just want to fire once when the user opens the Browser. The only issue is if you open a new tab with the same website the session variable does not reset. Is there a way to reset the session variable when you open a new tab or do you have to take the whole web browser down for it to clear the session variable.
In Global Page:
[code]....
View 2 Replies
May 3, 2010
which place(exact folder) the session & session id will be stored?
View 8 Replies
Jul 15, 2010
I have a website live in asp.net
now if user closes browser. the session does not get killed.
I spoke with friend and he said that cannot be done as sessions are on server.
but i see banking website who kills session when browser is closed.
View 10 Replies
Aug 5, 2010
I have been spending a better part of a week trying to track down why I am not able to clear all session variables in a web app (vs 2010, vb.net). What I have tracked it down to is that when I remove or abandon sessions that my html pages or codebehind access, it works, but for some reason in any of my class files where I use "Public Shared strConnection as String = HttpContext.Current.Session("strConnection").ToString" to access a session variable, it finds the old one and not the current one. I have to wait for it to time out, go in again, and it will find the new one.
I do not use Linq, and there is only one place in the whole web app that I place the connection string in a variable whcih is when a person logs in. It points them to the correct database. The sqlconnection is set for all of my listviews in Page_Init to make sure that they aren't using any session variable that they create on their own. Interestingly enough that if I use debug to go in each time, exit debug, enter debug again trying to access a different database, it works correct each time. I assume that debug is correctly killing the session variable for the classes for me.
View 4 Replies
Jan 25, 2011
I need to make my asp.net session cookie as secure but whenever i check user authentication and after that i am trying to set cookie to true then my session lost my user information and so it always redirect login page. I am settings user to HttpContext.Current.Session["user"] and check every time, is user is valid and if valid then move ahead. but before that i make my asp.net session cookie as true.
[Code]....
but after that i observe that somehow "Session_Start" event gets called.
View 1 Replies
Oct 7, 2010
I want to be able to persist data across a session but do this outside of the built-in session state object. Why is a long story that I will not go into here. I just need to know where I can put data other than in the session object that will persist across the specific session.
View 3 Replies
Dec 29, 2010
how to set asp.net session alive no session timed out problem
View 11 Replies
Apr 21, 2010
I am new to asp.net Can you please guide me what is session and session variables ? Please I don't need a comparision of asp session and asp.net session because I don't know anything about asp. I have saw many articles on types of session as well. But still I cant understand exectly what is session and what are session variables in asp.net ?
View 9 Replies
Jan 9, 2011
i want to upload picture throw FileUpload control and then store it in session, after store in session i want to read it out to image control and insert to database.
View 3 Replies
Mar 9, 2011
I wanna write a method to get or set session timeout at run time.
View 1 Replies
May 10, 2010
Lets say I am doing a shoping cart. I authenticate the user with a session variable.For example:
If(Request.IsAuthenticated)
// Here I want to add to the shoping cart.
// Can I do the following
Session["Cart"] = "Washing Machine";
Now will this Session["Cart"] value which is washing machine here be unique to diff customers?
View 1 Replies
Nov 18, 2010
I read the solutioin for this error, at the following link :http://forums.asp.net/p/1046935/1576341.aspxbut I am still not clear what exactly causes the error. I have two doubts :1. Can anyone please elaborate a bit on this issue, with any example ????2. Is there any drawback of this approach ?
View 4 Replies
Jan 11, 2010
I would like to create a site that authenticates using Google's OpenID. How would I do this? Also, how would I use roles with custom tables?
View 3 Replies
