In this code Page.User.Identity.Name is null
[Code]....
I thought the Name always was set when user was Authenticated?
If this is not the case, how should I do instead?
i have Using aspnetmembership
i want to know how i can ReNew The Life Time Of Page.User.Identity.UserId Session, , how i can increase the Time Of this session ??
i want this scenario in case when the user LogOn for 15 minutes , then the page refreshed ,then renew the TimeOut Of Session by adding addtional 15 minutes and so on
note that im using Page.User.Identity.UserId Session
I am trying to create a httphandler which will intercept a sample pdf file which we have in our website. The httphandler works fine from within my development machine and even my locally published website that if I just try to connect to the test url: [URL] I will get sent to the invalid access page. So pushing it to our IIS6 machine when I try to go to the URL it serves up the PDF document. context.User.Identity.IsAuthenticated is always showing as true. I'm using forms authentication. below is the code I am using as the handler.
public void ProcessRequest(HttpContext context)
{
if (context.User.Identity.IsAuthenticated)
{
string SampleURL = context.Request.AppRelativeCurrentExecutionFilePath;
context.Response.Buffer = true;
context.Response.Clear();
using (FileStream fs = new FileStream(HttpContext.Current.Server.MapPath(SampleURL),FileMode.Open))
{
int length = (int)fs.Length;
byte[] buffer;
using (BinaryReader br = new BinaryReader(fs))
{
buffer = br.ReadBytes(length);
}
context.Response.Clear();
context.Response.Buffer = true;
context.Response.ContentType = "application/pdf";
context.Response.BinaryWrite(buffer);
context.Response.End();
}
}
else
{
context.Response.Redirect(
"~/Error/invalid_access.aspx");
}}
in web.config I have the following for form authentication:
<authentication mode="Forms">
<forms name="Sample.Web" loginUrl="~/Security/" defaultUrl="~/default.aspx" protection="All" timeout="60" path="/" requireSSL="false" slidingExpiration="true" enableCrossAppRedirects="false" cookieless="UseDeviceProfile" domain="">
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
Ok so I am working on a control that when the user comes from a specific website then it will be a certain action. What would be the easiest way to do this?
View 3 RepliesI want to terminate an application stat or set value to null where user is leaving the page...
does anyone know how can I do that?
Actually I am working on project in asp.cs in which I want the user to give a exam only once a day. So, how I stop him from again giving that exam.
View 6 Repliesi have 2 page,
1.login.aspx --- 2.welcome.aspx
in my login.aspx im storing username into sesssion as below:
Session["usernm"] = txtUsername.Text;
in my welcome.aspx page
in page_load event
if (Session["usernm"]==null)
{
Response.Redirect("Login.aspx");
}
here if i manulally paste the url ( http://localhost:4125/Loginado/welcome.aspx) it should go to login.aspx for user credentials
but its going directly to welcome.aspx page.
i have created a custom principal class, and a custom Identity.
named SystemIdentity and SystemPrincipal.
SystemIdentity class has some additional properties ( UserID, UserName, Age, ...)
in my Global.asax file I changed PostAuthenticateRequest event as bottom
[code]....
i wonder theese questions answer now:
1. where i can assign the additional properties of SystemIdentity ( UserID, UserName, Age, ...)
2. which Identity is Authenticated by FormsAuthentication.SetAuthCookie? is my custom Identity, or GenericIdentity?
We have a web site that implements a custom SiteMapProvider using a User Control added in the master page. I need to be able to limit the sitemap nodes added depending on the logged in user, that is, certain users should not see certain sitemap nodes. Currently, the login processing code determines if users are in the certain category or role and then sets a value in session state, for example, Session["UserInRoleXXX"] = "Yes"; I tried changing the code in the user control to check the session state, but I got the following error: NullReferenceException ... Object reference not set to an instance of an object." Can session state be accessed in a user control?
View 6 RepliesMy prior asp.net apps used windows authentication on an intranet. Now I'm developing an app for the internet and am stumbling over how to properly manage user sessions and state.
I first developed my web site functionality; created the SQL DB and got all of the pages to properly handle the data. Then, I installed the SQL Membership database and was able to get the CreateUser, Login, Logout pages to work. On the Verify process for the Userid, I added a step that will take the membership UserId value and create a Company record in my tables and link my CompanyId key with the UserId.
At Login time, I create a CompanyId session variable; each page uses it to retrieve records for the user. When Session Timeout occurs and the user click a link to another page, the app redirects properly to a Login page. However, if the time expires and then the user interacts on that same page, 'Object not set to an instance of the object' - the CompanyId session variable has expired.
What is the proper way to handle this? I'd like the page to automatically redirect to a TimedOut page (this would happen automatically without the user doing anything).
I considered writing a Function where I pass the Session variable I want and the Function sees if it exists; if it doesn't it would do a Response.Redirect to the TimedOut page...I can't get the Redirect to work in a Class Function ('reference to a non-shared member...').
I assumed that I should set CompanyId as a Session Variable so each page knows the user to get data for. Another approach is to use the membership User and if it is still valid, do a DB lookup to get the CompanyId. I did not choose this because I felt that it would increase DB traffic and web traffic.
Here are several relevant settings from my web.config:
<sessionState cookieless="UseDeviceProfile" />
<authentication mode="Forms">
<forms loginUrl="~/UserTasks/Login.aspx" />
It feels like there should be a straightforward answer to this but I am missing it.
I have created a matser page with a two radio buttons, text box and a button. Whenever user sets some values to these control and clicks the button, i will navigating him from one content page to another based on the data he has entered. The problem is after the content page load, the values selected/given in the controls(radio button, text box) are getting cleared.
Is there some way to maintain the values ?
I have created a website which has Secure folder in which i have got a form which only "admin role" users can see. Now that form will appear if login is successful and it works great, if password or username is wrong then again the loginForm will appear which works great too.
Now the problem is if the users which are not in "admin role" enter the user name and password correctly, instead of coming back to the login page and showing them the "Not Authenticated" message, it gives me an error that myWebsite/login.aspx is not found. I think this is because the name for my login page is "AdminLoginPage.aspx" and which is not found and hence it shows me the error. I dont know where to change the login Page name to "AdminLoginPage.aspx"
I've a default.aspx page in my application's root folder. I added a a page in the root of inetpub that redirects requests to the default page. The idea is that the user need only enter the server name to get to the default page. How can I set things up so that all users have access to the default.aspx and that they only have access to the other pages once they've been authenticated?
I am using Windows Integrated Security and the users are being challenged and authenticated properly. I want them to be able to access Default.aspx without any challenges.
(On a side note which may answer this question, when using WIS does the user *allows* have to be challenged? Isn't it possible to pass through their Windows User and ID without the prompt?)
c: inetpubwwwroot
edirect.aspx (set as default document in IIS and simple executes Response.redirect("sites/mercury/default.aspx")
c:documents and settingsall usersdocumentswebsitesmercurydefault.aspx (home page for the site & server)web.config includes
[Code]....
i have a form on page1.aspx with several controls (textbox, dropdownlist, etc).on Page1 PageLoad event i load data from database and performe databinding.From Page1 a user can, by clicking a specific button, move to Page2.aspx to insert some details and, after saving details, he returns to page1.
if save changes are made on control on page1 before save them to db, obviously, these are lost on return from page2 (because are reloaded on pageload from db).How can i save control status between pages round trip?
I have one web application. In that, I have two pages. One is view/edit page and another one is login page. The view/edit page contains one edit button and one login button.
First I execute view/edit page, at that time I dont want to show edit button. When user clicks login button, the page will be redirected to login page, where the user has to enter username and password. If user enters both correct, again the page will be redirected back to view/edit page. This time, the edit button has to be shown to make some modifications, since the user is authenticated.
I tried this thing by using session with cookieless. It works perfectly but some times it shows web page not available. I made session timeout 120 minutes and cookieless is true. In URL session ID also available.
So, whats the alternate way to maintain user log state or whats wrong in web.config file.
I make a user control with DataList to expose pagining . I choose to use ViewState to save the state of pagining (TotalItems , CurentPage etc) , but it seems the view state of the parent page is not "synchronized" with the one from user control . It's basically the same situation like the example :
I have a dummy user control :
"<%@ Control Language="C#" AutoEventWireup="true" CodeFile="WebUserControl.ascx.cs" Inherits="WebUserControl" %>"
and the code -behind
"public partial class WebUserControl : System.Web.UI.UserControl
{
protected void Page_Load(object sender, EventArgs e)[code]...
The question is, why do I have to click twice to get the right result ...3 . I mean at the first click I still get the value 0 .
I have a page with a number of user controls, In one of my user controls I have a button event. I turn on output cache for the user control that has the button and vary by control using the ID property of a hidden field control in the user control. whenever I turn on the output cache my button event doesn't fire.
View 2 RepliesI am trying to use the Application_Error to redirect the user to a custom error page. I know I could use the web.config to do this, but let's assume for now that this is not a desirable path to take.
Initially, I tried to do a Response.Redirect to perform this, however, there seem to be occasions where the current http context does not define the response object. So, I attempted to perform a check to make sure that the response object is not null prior to attempting the redirection, and if it is not defined, perform a Server.Transfer instead.
What happens is that in most cases, the Redirect causes the browser to some generic "friendlyish" error page rather than the requested error page.
So then I tried using Server.Transfer exclusively, and this worked well for most cases, however, sometimes the transfer didn't seem to take in the browser. Changing it back to a redirect in these cases solved that problem, but reintroduced the issue where the errors previously being captured and transferred now were being redirected.
What I surmised from this is that in certain contexts where the Application_Error method is trapped, it is necessary to use Server.Transfer in redirection, whereas in others, it is necessary to use Response.Redirect. The question then became twofold: (a) When is one necessary and when is the other? and (b) What available information can I poll to tell me when a given condition exists.
After much searching, I cannot find a reasonable answer to this question. So I began to trap errors and examine the HttpContext object for some indicator. One thing that I was looking for is the reason why if even with a defined Response in the current context does a redirect fail. The only thing that stood out is that even though a Response object may exist, the Session data could be absent. I added the case to check whether the Session data was null and perform a Transfer in this case and it
seems to be handling it properly.
I emphasize "seems to be handling it properly" because no documentation I've been able to find confirms either the problem I am having or whether this is an appropriate strategy for solving it.
I guess the question is, am I on the right track here or is the null Session object just a red herring, indicative of nothing relevant. Here's the check I have set up for reference.
[Code]....
I need to check if an authenticated user is authorized to access a directory. I have done this before with a base class library method, I just cannot remember what class it's part of or what it's name was. I think the method was a static method and the class may have had the word Utility in it's name, but I just can't remember or find it on the net. BUT I KNOW I HAVE USED IT! The method definition was something like:
bool SomeTypeWithTheWordUtilityInTheNamePossibly.VerifyUserIsAuthorized(Principal user, string virtualPath)
I'm not using a roles provider in this application and I'm not planning to.
I have implemented Forms authentication in an ASP.NET MVC 2 website
By using <%: Page.User.Identity.Name %> on the Site.Master page I can display the userid of the logged in user.
I would like to use this value and display other information about the user that is stored in a User table in a MsSQL database, like:
<%: GetFirstname(Page.User.Identity.Name) %>
Is there a simple way to just retrieve the user's name, and not the Domain name, when using this function:
string quizTaker = Page.User.Identity.Name.ToString();
Right now it returns "DOMAIN_NAMEUserName"
I would like to just use isolate and use the user's name, without the Domain name.
I am having a ASP.net application it having three pages ,page 1,page 2,page 3,when the user navigating between this pages I want to maintain the view state in page level after postbacks(i.e.) .If a user visits page 3, passing some query loads some data .then he moves to page 1 doing some entries .after that he once again moves to page 3 now I want to display the data previously available at the time he moves to page 1, same
way I want to do to my three pages up to the user logging out.
I am getting this error while executing my Asp.Net application.i am not able to execute application using Visual Studio Interface and when i am trying to execute application from Local IIS. its executing well but when i am trying to click any button for searching etc it is giving this error. The state information is invalid for this page and might be corrupted. The detailed information is
[Code]....
[FormatException: Invalid character in a Base-64 string.] System.Convert.FromBase64String(String s) +0 System.Web.UI.ObjectStateFormatter.Deserialize(String inputString) +72 System.Web.UI.ObjectStateFormatter.System.Web.UI.IStateFormatter.Deserialize(String serializedState) +4 System.Web.UI.Util.DeserializeWithAssert(IStateFormatter formatter, String serializedState) +37 System.Web.UI.HiddenFieldPageStatePersister.Load() +113[ViewStateException: Invalid viewstate. Client IP: 127.0.0.1Port: 1307User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.1.249.1064 Safari/532.5ViewState: /wEPDwULLTIwOTUyMjAzMTgPZBYCZg9kFgICAw9kFgICCw9kFgICAQ9kFhgCAg8QDxYCHgtfIURhdGFCb3VuZGdkDxYFAgECAgIDAgQCBRYFEAUHQ2VudHJhbAUCODBnEAUITm9ydGhlcm4FAjgxZxAFB0Vhc3Rlcm4FAjgyZxAFCFNvdXRoZXJuBQI4M2cQBQdXZXN0ZXJuBQI4NGdkZAIJD2QWAmYPZBYKAgEPEA8WAh8AZ2QPFgUCAQICAgMCBAIFFgUQBQdDZW50cmFsBQI4MGcQBQdFYXN0ZXJuBQI4MmcQBQhOb3J0aGVybgUCODFnEAUIU291dGhlcm4FAjgzZxAFB1dlc3Rlcm4FAjg0ZxYBZmQCBw8QDxYCHwBnZGQWAWZkAgkPD2QPEBYBZhYBFgIeDlBhcmFtZXRlclZhbHVlBQItMRYBZmRkAgsPEA8WAh8AZ2RkFgFmZAINDw9kDxAWAWYWARYCHwEFAi0xFgFmZGQCCg9kFghmDw8WAh4JTWF4TGVuZ3RoZmRkAggPDxYEHgxNYXhpbXVtVmFsdWUFCTUvMjYvMjAxMB4MTWluaW11bVZhbHVlBQk1LzI2LzE5MTBkZAIMDxYQHhlDdWx0dXJlRGVjaW1hbFBsYWNlaG9sZGVyBQEuHgdDdWx0dXJlBQVlbi1VUx4bQ3VsdHVyZVRob3VzYW5kc1BsYWNlaG9sZGVyBQEsHg5DdWx0dXJlRGF0ZUZNVAUDTURZHhZDdWx0dXJlQU1QTVBsYWNlaG9sZGVyBQVBTTtQTR4WQ3VsdHVyZVRpbWVQbGFjZWhvbGRlcgUBOh4WQ3VsdHVyZU...][HttpException (0x80004005): The state information is invalid for this page and might be corrupted.] System.Web.UI.ViewStateException.ThrowError(Exception inner, String persistedState, String errorPageMessage, Boolean macValidationError) +106 System.Web.UI.ViewStateException.ThrowViewStateError(Exception inner, String persistedState) +14 System.Web.UI.HiddenFieldPageStatePersister.Load() +217 System.Web.UI.Page.LoadPageStateFromPersistenceMedium() +105 System.Web.UI.Page.LoadAllState() +43 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6785 System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +242 System.Web.UI.Page.ProcessRequest() +80 System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +21 System.Web.UI.Page.ProcessRequest(HttpContext context) +49 ASP.pages__cmtickets_cmtickets_reports_cmtickets_search_aspx.ProcessRequest(HttpContext context) in c:WINDOWSMicrosoft.NETFrameworkv2.0.50727Temporary ASP.NET Filesapp_mobily_alexmare1eddc658e6f2ba5App_Web_b9acfmsy.14.cs:0 System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +181 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75
Version Information: Microsoft .NET Framework Version:2.0.50727.3603; ASP.NET Version:2.0.50727.3082
i want to save the recent state of all controls against a button1 click event. e.g. recently selected item of a dropdownlist should persist selected when user loads page next time, if he/she had clicked button1 before leaing this page. And same for allother controls on this page.
View 1 RepliesI am a little bit new at handling multiple sessions congruently.
Basically i have created a chat application. In which i have a moderator page.
Now the moderator has the privilege to block particular users from the chat. Every user including the moderator has a session variable defined as Session["UserID"].
e.g for the username "moderator" the Session["UserID"]=moderator.
Now as i am logged in as the moderator how do i delete the session of a particular user whom i want to block the chat from commencing.