Setting Up 2 Factor Authentication

Jul 22, 2010

We are in the process of building a new website which we want to lock down to specific computers to only allow access, then once the pc is authenticated we will do our in built user authentication. Also, when a pc is known, we dont really want anything on the pc which can be easily transfered (by the client) onto another pc in order to gain access to the website. the best way to achieve this 'lock down', we dont really want to go down the AD route and have loads of extra user data to maintain.

View 2 Replies


Similar Messages:

Enable Multi - Factor Authentication

Nov 17, 2010

Does anyone have any pointers for implementing the following: I want to cheaply enable multi-factor authentication on an asp.net website. I want people to be able to use an app on their phone (iPhone at the very least) to generate the token used alongside their username/password to login to the site. I do not want the people to have to carry a third-party device/fob to generate the token.

View 3 Replies

Architecture :: Implementing Two Factor Authentication Solution To An App

Oct 7, 2010

implementing a strong two factor authentication solution to an app that's already using asp.net authentication? any particular add-ons that work well with asp.net? Preferably one that doesnt involved end-user hardware.

View 1 Replies

Authentication Cookie Timout And IIS 7 Setting?

Jun 11, 2010

I have an ASP.NET website for which i've set the authetication timeout to 60 days so that my users don't have to log in each time they come back if they checked the "remember me" option. Basic ASP.NET login mechanism... It's working fine on my developpement server as well as on the visual studio built-in web server. I can close the browser, wait around 30-40 minutes and browse back to the site and be automatically logged in.

However, I've not moved the site to a hosting provider and it seems that whatever I do to my Web.config file, the cookie expires after around 30 minutes (hard to tell the exact amount of time). I have asked the provider's help support and they basically told me: "Web.config file is to configure your website. Please do not change it if you don't know what you are doing"Frustrating answer indeed... be sure, I checked everywhere on the net for exceptions, fine prints, in the basic asp.net authentication but found none.I have access to IIS remote management for my site (IIS 7) but don't really know where to look. Can there be something in the IIS setting that is overriding my web.config authentication setting?

View 1 Replies

Dynamically Setting Default Url In Forms Authentication

Feb 14, 2011

I have two login control in the index page of my website,each of two different usertypes. there are two user types brands and creatives.the branded user will log in to brands bin(brandsbin.aspx) the Creative user will sign in to creativebin(creativebin.aspx) i am using forms authentication for signin. so i am confused here to to rediret to default path for each user types. how to set default page for each user types. in the web config file i have added like this

<authentication mode="Forms">
<forms name="forms" loginUrl="Index.aspx" defaultUrl="brandsbin.aspx" path="/" timeout="15" slidingExpiration="true"></forms>
</authentication>

View 1 Replies

MVC - Factor Repository Interfaces Based On Multi - Level Object Model?

Feb 15, 2011

I've got a multi level dependency chain in my object model: An organization has the following children relationships:

Organization
.CompetitionGroups
.CompetitionGroups.Venues
.CompetitionGroups.Competitions
.Divisions.Games
.Divisions.Games.Participants
.Divisions.Games.Participants.GameSegments
.Divisions.SubDivisions...
.Divisions
.Teams
.Teams.Players
.Teams.Participants
.Teams.Participants.GameSegments
.VenueDates

This is just a glimpse at the object model, but it's focused on the complexity of the relationships and lists. What I can't really get is what's the best way to factor my repository interfaces, given the requirements to do a unit of work. For example, to create a game, you'll need a venuedate and two participants. Does that mean the GamesController should require an IGameRepository, an IVenueDateRepository, and an IParticipant repository? Should they be rolled into one repository?

Also, what about in the consumption cases? For example, to display a signle team's schedule, you'll need all of the Participants for that Team, all of the Games for that participant, and all of the GameSegments for the participant. If those are factored into individual repositories I can't see how you can do efficient queries. Does that mean you have Repositories specifically focused on different cases? for example:

public interface IScheduleRepository {
public ICollection<Game> GetScheduleForTeam(Team team);
// More consumption methods
}
public class ScheduleRepositry : IScheduleRepository {
public ScheduleRepository (ModelContext context) {
// Do stuff with context
}
public ICollection<Game> GetScheduleForTeam(Team team) {
return (
from p in context.Participants
where ((p.Game.VenueDate != null) &&
(p.TeamId == team.Id))
orderby p.Game.VenueDate.StartTime
select p.Game).ToList();
}
// more consumption methods
}
public interface IGameRepository {
public void AddGame(Game game);
// More crud methods
}
// Not showing games repository
public class GamesController : Controller {
public GamesController (IGameRepository gamesRepo,
IVenueDateRepository venueDateRepo,
IParticipantRepository participantRepo) {
// do stuff with repos here
}
[HttpPost]
public ActionResult AddGame(Game game) {
// Skipping validation logic
// this?
VenueDate = venueDateRepo.Add(game.VenueDate);
foreach (Participant p in Game.Participants)
{
participantRepo.Add(p);
}
Game = gamesRepo.AddGame(game);
// or this?
// how would the game repo know to persist
// the children elements? is that tight coupling?
Game = gamesRepo.AddGame(game);
}
// more consumption methods
}

My question is I don't yet understand to what degree factoring your repositories make sense based on a connected object model. I'd love to get some advice here.

View 1 Replies

C# - Setting Up IIS / Active Directory For Forms Authentication Security?

Mar 10, 2011

What's the easiest way to make Forms Authentication functional? Do I need to setup IIS/Active Directory? If so, how would you code that?

I was looking at this tutorial but it is a bit long, hard, and confusing: [URL]

Here's my web.config info:

[Code]....

View 1 Replies

Security :: Setting Up Form Authentication For A Specific Folder?

Oct 5, 2010

I have an "Admin" folder in my application that will include pages that I would not like to have anonymous access to. When a user attempts to load a page that resides in this folder, I would like to redirect them to a login page. Here is what I have in my config so far.

[Code]....

[Code]....

View 12 Replies

C# - Setting A Timeout Using A Manually Created Forms Authentication Ticket?

Dec 29, 2010

The constructors for manually creating FormsAuthenticationTicket objects force us to set an "expiration" value, and this value overrides the "timeout" setting in web.config in my tags, which is not what I want, because now the user doesn't timeout. The "session" just expires at the given time.I need to manually create my ticket for UserData reasons, and it is just the way I decided to build my app. I guess I could spend a whole lot of time and redo the way my app. authorizes, and store the "userdata" elsewhere... but this seems extremely tedious for something so small..Is there anyway to manually create an Auth Ticket and still maintain timeout settings?! And by timeout, I mean resetting the timer on user activity. Not a fixed timeout!

View 1 Replies

Security :: LoginView And Windows Authentication - Setting - User's Account And Password Checked By Active Directory?

Sep 19, 2010

i have a problem with the users authentication on my site. I made <authentication mode="Windows"> in my web.config. The LoginView shows "mycomputermyusername" if i request the page. So far as well. Now i want to login with a different username. Users are stored in an Active Directory. My questions: wich setting i have to do, that user's account and password checked by Active Directory? how can i force the system to make a new login? Logout doesn't work, i always see my on account.

View 1 Replies

Security :: Setting Up Windows Authentication In Windows 2008 RC2?

Sep 8, 2010

We have a working version of application (Intranet) with uses Windows Authentication deployed in Windows 2003. The application uses HttpContext.Current.User.Identity.Name to get the logged-in user. Here impersonate is turned off.Right now, we are move to Windows 2008 RC2 where this Windows Authentication problem arised. I have Digest Authentication and Windows Authentication enabled. And also I have enabled Anonymous Authentication enabled to avoid the Login dialog of IIS in the end-user IE. Now I am getting HttpContext.Current.User.Identity.Name as Empty. When I impersonate using username and password, I am used to login using that user but all the users uses the same user to login.Does any has solution for this?Deployment Server - Windows 2008 RC2 (IIS 7.5)Development - Windows 7 (IIS 7.5)I am new to IIS 7.5. Please give me a solution

View 3 Replies

C# - What's The Difference: Windows Authentication, Passport Authentication And Form Authentication

Sep 17, 2010

Just going to start making a web application and was wondering which was better, or at least what are the main differences between them (as it probably matters what I am using them for)?

View 3 Replies

Localization :: Cannot Fix Or Limit User To Setting PC Regional Setting To UK

Dec 23, 2010

I have develop a web application. I have put my web application in my server and user can access from any location.

My server regional and setting is English (US). Now my problem is

1) When user access to my system and his pc setting is English (UK), it will prompt and error

and after i debug i suspect it is because of Datetime conflict (dd/MM/yyyy and MM/dd/yyyy)

2) I cannot fix or limit my user to setting his/her pc regional setting to UK

So what can i do in my web application solve this issue?

(Can i write any code in my client side (.aspx) to convert or do standardization to US)

View 2 Replies

Setting A JavaScript, JQuery Setting From Code Behind

Feb 11, 2010

I would like to set a value:

[code]....


...where [HERE] is the placeholder for my value, from my code behind in ASP.NET before the page is rendered. I generate a guid, and I need that apart of the script on the page.

View 2 Replies

DataSource Controls :: Use Mixed And Server Authentication Option Inplace Of Windows Authentication?

Jan 8, 2010

I have just installed SQL Server 2005. I selected windows mode authentication. I am not able to login in management studion. Now, I want to use mixed and server authentication option inplace of windows authentication. so, would that be possible after installation.

View 2 Replies

Security :: Authentication Method - Enable Anoymous Access And Basic Authentication?

Jul 14, 2010

This could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.

View 3 Replies

Security :: What's The Difference Between Basic Authentication And Integrated Windows Authentication In IIS

Jan 4, 2011

What's the difference between Basic Authentication and Integrated Windows Authentication in IIS?

View 3 Replies

Security :: Enable Windows Authentication And Disable The Anonymous Authentication In IIS?

Mar 10, 2010

I set authentication mode to Windows in the web.config and I enable Windows Authentication and disable the Anonymous Authentication in IIS 7 on win 7, but HttpContext.Current.User is always null.It works fine when I host the web app in IIS 6.0.

View 1 Replies

AJAX :: AutoCompleteExtender - Authentication Failure (forms Authentication)

Apr 15, 2010

'm using the AutoCompleteExtender from the AJAX control toolkit on my aspx page - I have it wired up to a WCF service that is returning a string array and everything works happily.

If I change my service definition to include a demand for the caller to be authenticated, like so:

<OperationContract(), PrincipalPermission(SecurityAction.Demand, Authenticated:=True)> _Public Function GetLookupValues(ByVal prefixText As String, ByVal count As Integer, ByVal contextKey As String) As String()

Then the autocomplete extender stops working, and I get an authentication error in the service. The service is set up to use ASPNetCompatibility mode, and I was hoping that the extender would pass the authentication credentials for my logged in user - does anyone know how to make this work?

View 2 Replies

Security :: Changing From Forms Authentication To Windows Authentication?

Sep 3, 2010

What do I need to do in order to change an application from Forms Authentication to windows authentication?

View 2 Replies

Open Source - Authentication For The Database Which Already Have Form Authentication?

Feb 8, 2011

I have a database which has form authentication tables for an website [let say website A], now I have attached a new website [Website B] to the same database, in this website [Website B] also I have to provide login/authentication which would be separate from the website A authentication system. So I want to have separate table for the users of new website. Specification:

[code]....

will there be any open source membership provider like we have .NET membership provider [form authentication].

View 2 Replies

Security :: Web Farm Using Window Authentication Or Form Authentication?

Aug 9, 2010

I have a web farm web project, and want to make sure windows authentication is working well without any problem in web farm, can any one give me some web sites or information about that?

View 1 Replies

Security :: How To Develop Authentication Module Using Form Authentication

Feb 8, 2010

Am going to develop authentication part in the web site. I want my authentication module should not be hacked by any one and also want in secure side.

View 1 Replies

Security :: Using AD Authentication With Form Based Authentication & AzMan

Sep 2, 2010

I needed information regarding the capabilities & integration of AzMan tool with Asp.net.Currently, I got a Sharepoint 2007 website along with ASP.NET 2008 where I am using Form Based Authenication.Now, the requirement is any user within a domain registered in AD should be able to login in website through intranet.

Can I acheive this using AzMan, or I need to create two websites one with FBA for internet users and the other one for the intranet users with AD authenication. Also my intenet website is deployed and in use where usermapping and roles are already created, so using this tool what will be the impact on existing webiste.

View 2 Replies

Use Active Directory Authentication When Windows Authentication Fails?

Mar 29, 2011

I have a web application (intranet based) which uses Windows Authentication. Unfortunately there are public computers that have public logins at some company locations. My web app doesn't support these public logins because I need to know the user workingSo, even though these public users are windows authentication users, my app will fail because I have no user account setup for that particular account. I want to then try Active Directory Authentication.In my Default.aspx.cs I'd have something like this

protected void Page_Load(object sender, EventArgs e)
{try
userContext = new UserContext(); // If the authenticated user isn't a user in my system then throw an exception
}
[code]...

View 2 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved