Sharing Forms Authentication Between A Website And A Web Application?
Aug 10, 2010
Previously, I have implemented two separate ASP.NET Web Applications, one as a virtual application in a subfolder of the other, which successfully shared forms authentication as described at [URL]
(basically, setting up identical <forms> sections in the Web.config, and keys in the <machineKey> section)
Now, I am trying to do something similar to get BlogEngine.NET (which is a Web Site, not a Web Application) to work sharing forms authentication with a Web Application of mine. I have tried both putting it as a virtual application in a subfolder, and setting it up as a separate IIS site (same domain name, different port number), but I can't get the authentication to work at all: when I go to the blog while logged in to my Web Application, Page.User.Identity.IsAuthenticated is always still "false".
I'm really not sure how to even start debugging this, since the forms authentication is handled before any of my code runs.
[Code]....
View 1 Replies
Similar Messages:
May 11, 2010
I have 2 almost identical asp.net (vb) applications. 1 Development and 1 Production.
They use forms authentication that is configured to run in SQL server. Both apps use the same aspnetdb database but have different application names.
The problem I have is:I have an Identical login for each app (same username, same password), but If I change profile information for that user in the development app, the changes are reflected in production app. This isn't what I want.
View 2 Replies
Nov 4, 2010
We have multiple applications written in 3.5 SP1. Our new application is being written in 4.0. They all reside inside the same domain, and all the other applications share the forms authentication security ticket by setting a machine key, and setting the Name of the forms tag.
Authentication in each application still works, HOWEVER:
* In the 4.0 app, if you log in, and then go to one of the 3.5 apps you are not logged in
* If you log into the 3.5 app, you are not logged into the 4.0 app, but you are logged into all the 3.5 apps
* If you log into the 4.0 app, you are LOGGED out of the 3.5 app even if you were logged in before.
The <machinekey> tag is there and set the same in all apps
The <forms> tag is set up the same in each app except for the LoginURL
The <membership> and <rolemanager> tags are also set up the same in all apps
Is this possible between frameworks? If so, do I need to do something differently? I really would like to avoid porting all the other apps to 4.0, or porting this down to 3.5
View 1 Replies
Jan 19, 2011
I have 2 applications. One on asp.net webforms [URL] which should provide authentication, user logs in and I can use the cookie to authenticate on my asp.net mvc app located at [URL]. All I'd like to do is able to access the cookie so I can get the userId that was stored in it using the FormsAuthentication.
They use normal authentication provided by microsoft;
<authentication mode="Forms">
<forms domain="test.com" loginUrl="Default.aspx" protection="All" path="/" requireSSL="false" timeout="45" name=".ASPXAUTH" slidingExpiration="true" defaultUrl="Default.aspx" cookieless="UseDeviceProfile" enableCrossAppRedirects="false"/>
</authentication>
This cookie should be accessible to any submain on [URL] right?
View 2 Replies
Feb 2, 2011
how can we create a desktop sharing application in asp.net? can we use silverlight for this?
or any third party tool that we can use?
View 3 Replies
Apr 23, 2010
I have an asp.net application and webservices (asmx) that reside in the same application but not in the same folder of the aspx files. I aslo have a winform application that uses the webservices. I have marked the webservice methods with [WebMethod(EnableSession = true)] but I am not able to share the same session values that are on the application in the webservices. The winform application has access to the sessionID from the application and I am using the following code
Uri uri = new Uri(ServerServiceUrl);
_cookieContainer = new CookieContainer();
_cookieContainer.Add(new Cookie("ASP.NET_SessionId", SessionID, "/", uri.Host));
My question is: Is there something that I am missing or doing wrong that I cannot access the application sessioin from the webservices?
View 2 Replies
Jul 5, 2010
I have a scenario with three applications:
1) Portal: where user executes login
2) Site1: after login at "Portal" user is able to use Site1
3) Site2: after login at "Portal" user is able to use Site2
I just need to execute a validation in Site1 and Site2, to validate if they (users) did login at Portal1.
Something like (in site1 main page page_load).
{
if (notFromPortal)
{
//redirect to Denied.apx
}
}
How can I do this in a simple way? With cookies? Does somebody have a url with sample?
My security requirements are almost zero. I just wanna prevent that user put a url from Site2 in browser and see a Site2 page.
View 1 Replies
Dec 1, 2010
I see on the bottom of blog pages a sharing buttons (Twitter and Facebook), where if clicked the link behind (which is normally the blog page url) the fshare button takes the clicker to the blog site facebook page respectively.
How does one do this in asp.net 2 , does one one use the <%# %> in the url part of these share buttons, are there any examples of how this is done?
View 8 Replies
Nov 12, 2010
im trying to set up a website with forms authentication. so i created a new asp.net project in vs2010 and ran the asp.net configuration after that i tried creating a new asp.net database and used the following code to disable the user instance database and use the new database i created.
<connectionStrings>
View 8 Replies
Jan 19, 2010
VWD 2008 Express. Visual Basic.
I have posed this question recently in a different form, but the answers I got led me nowhere. This is what I want to do:
Have a web site that requires users to login.
Have the authentication process be done by ASP.NET (rather than Windows).
I have had many links to voluminous articles in MSN that simply did not work. Is there not a simple (wizard-like) way to start a web site from scratch and establish the objective of having users login to the site? I have tried creating a blank ASP.NET Web Site and using the Website>ASP.Net Configuration tool. But as soon as I go to the Security tab, rather than getting the wizard, I get the error:
There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store.
The following message may help in diagnosing the problem: The database filename can not contain the following 3 characters: [ (open square brace), ] (close square brace) and ' (single quote)
Does anyone know some SIMPLE steps to setup a new web site with ASP.NET authentication (forms authentication)?
View 9 Replies
Mar 23, 2011
Until now, I've always used straightforward Forms Authentication on my community websites, and that one method of authentication, with that one cookie/ticket has been used throughout the website (with varying roles per user also stored in the ticket). I haven't used the built in LogIn controls and instead have always just created my own login/registration form, and written the code to insert into (and authenticate against in the log-in scenario) my bespoke 'Users' table. So I've essentially just been utilizing the .IsAuthenticated() method (to determine if a user is logged in), referenced the UserData property in the ticket (to determine which roles the user belongs to), and set up the 'location' restrictions in the Web.config, so the log-in page is automatically shown for pages that require 'member access' etc.
With my new project, I will need user registration/login for the Forums/Community part of the website only. I then need an additional user registration/login for the Recruitment part of the website (not related in any way to the users that sign up/log in to the Forums/Community part of the site).I was wondering if this possible, and if so, how to go about it?e user registration/sign-in pages might look the same, but my underlying code would would create accounts/authenticate against different DB tables.
View 1 Replies
Jul 29, 2010
I have a website, and if there is an anonymous user (not logged in) then I want my navigation (a section of the master page) to show an element of the menu called "Login". But if there is an authenticated user then I want the navigation to NOT show this "Login" option, but to display a menu item/link to a resource that is only available to logged on users.I know how to set restrictions on files and webpages, but how do I implement this with the navigation menu?
View 16 Replies
Mar 6, 2011
Is there a standard way to read an XML file from a website that uses forms based authentication? We want to read the file into a desktop app.
View 3 Replies
Jun 1, 2010
When I print
[Code]....
[Code]....
View 5 Replies
Mar 8, 2010
when i set forms authentication to my website to web.config file as
<authentication mode ="Forms">
<forms
loginUrl="login.aspx"></forms><authentication><authorization><deny
users="?"/></authorization>
and login button ,i write the following code
FormsAuthentication.RedirectFromLoginPage("login",
false);
and logout button ,i write the following code
FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();
it works but when i press browser back button after logout button click
it maintains the page history and the page will redirect to last requested page
View 7 Replies
Sep 20, 2015
i want to access yahoo user name and basic info by loging from my website.how it would b possible,i have created app in Yahoo,i have key and consumer secret value.
View 1 Replies
Feb 12, 2010
Below is my code for forms authentication in asp.net but some time it is not working means some time user is not logged in
FormsAuthentication.SetAuthCookie(authentificationString, rememberLogin);
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = System.Web.HttpContext.Current.Request.Cookies[cookieName];[code]....
It is working fine in my local machine but when I deploy on my server then it is not working.is it any iss setting or something else..
what I need to do for this.below is web.config code and local machine having IIS 6.0 and Server having IIS 7.0
View 2 Replies
Sep 22, 2010
I am working on creating an iphone application which logins to we website and retrieves a table, and displays the content within the app. To view the table a Login is required. It seems the site is using Form-Baseds Authentication. WebSite's Login Screen So How do I pass the login ID and pass from xcode to the to the site and retain the information so the user only needs to login once.
View 1 Replies
Dec 24, 2010
My question is about an approach, and I am looking for tips or links to help me develop a solution. I have an .NET 4.0 web forms application that works with Forms authentication using the aspnetdb SQL database of users and passwords. A new feature for the application is a new authentication mechanism using single sign on to allow access for thousands of new users. Essentially, when the user logs in through the new single-sign-on method, I will be able to identify them as legitimate users with a role I will have something like HttpContext.Current.Session["email_of_authenticated_user"] (their identity) and HttpContext.Current.Session["role_of_authenticated_user"] (their role).
View 1 Replies
Sep 13, 2010
I have a web app containing a silverlight application. How do I keep the ASP.NET session / Forms Authentication alive when the user is using the silverlight application?
View 1 Replies
Apr 1, 2010
We're developping an application that uses forms authentication and URL rewriting (www.urlrewriter.net). In order to make extension-less URL rewriting possible we had to add a default application mapping for the asp.net aspnet_isapi.dll.
The problem we're experiencing now is that when the website is accessed by http://www.myapp.com/ then the aspnet_isapi.dll gets the request and forms authentication forwards it to our login site, so the user gets redirected to http://www.myapp.com/login.aspx?ReturnUrl=%2f instead of having default.aspx displayed (which is allowed to anyone).
Here's the part of web.config dealing with forms auth:
<system.web>
<authorization>
<deny users="?"/>
<allow users="*" />
</authorization>
<authentication mode="Forms" >
<forms slidingExpiration="true" cookieless="UseCookies" defaultUrl="default.aspx" loginUrl="default.aspx" name="gzfb_site_test" timeout="525600"></forms>
</authentication>
</system.web>
<location path="default.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
I did quite some research on this problem but didn't find any solution. Is this scenario possible at all, or does default application mapping and forms auth using <deny users="?"/> interfere by design?
P.S. the problems only manifest when running on IIS 6, the ASP.net Development Server handles it without any problems
View 2 Replies
Dec 18, 2010
we are migrating existing windows form application to asp.net(3.5) intranet portal, there is a requirement whereby database connection should be made by the logged in windows user. Is it possible to achieve this functionality?
View 1 Replies
Sep 15, 2010
I'm developing a MVC2 application and using Forms Authentication on it. The scripts, images and styles are all blocked to unlogged users and, consequently, the login page looks awful. It works well local, the problem is when I publish to the server. Does anyone has any idea WHY? The server IIS is version 7.5
<configuration>
<system.web>
<globalization culture="pt-BR" uiCulture="pt-BR" />
<httpRuntime requestValidationMode="2.0"/>
<customErrors mode="Off" />
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
<pages>
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
<add namespace="Admin.Models" />
</namespaces>
</pages>
<authentication mode="Forms">
<forms name="AGAuth" loginUrl="~/Home/Login" timeout="120" />
</authentication>
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<connectionStrings>
<add name="DBContainer" connectionString="metadata=res://*/Database.DB.csdl|res://*/Database.DB.ssdl|res://*/Database.DB.msl;provider=System.Data.SqlClient;provider connection string="Data Source=thewebserver.com,5158;Initial Catalog=thedatabase;Persist Security Info=True;User ID=theuser;Password=thepassword;MultipleActiveResultSets=True"" providerName="System.Data.EntityClient" />
</connectionStrings>
</configuration>
View 9 Replies
Jan 28, 2013
I use Form Based Authentication in my siteIn my login page I have:
FormsAuthentication.SetAuthCookie(user.userName, true)
View 1 Replies
May 27, 2010
I am using database with a list of username/passwords, and a simple web form that allows for users to enter their username/password.
When they submit the page, I simply do a stored procedure check to authenticate. If they are authorised, then their user details (e.g. username, dob, address, company address, other important info) are stored in a custom User object and then in a session. This custom User object that I created is used throughout the web application, and also in a sub-site (session sharing).
My question/problems are:Is my method of authentication the correct way to do things? I find users complaining that their session have expired although they "were not idle", possibly due the app pool recycling? They type large amounts of text and find that their session had expired and thus lose all the text typed in. I am uncertain whether the session does really reset sporadically but will Forms Authentication using cookies/cookiless resolve the issue?
Alternatively should I build and store the User Object in a session, cookie or something else instead in order to be more "correct" and avoid cases like in point #2.If I go down the Forms Authentication route, I believe I cannot store my custom User object in a Forms Authentication cookie so does it mean I would store the UserID and then recreate the user object on every page? Would this not be a huge increase on the server load?
View 4 Replies
