how to implement WCF username authentication with a custom validator in both client side and server side. I am trying this since last 2 days. but no result.
View 7 Replies
I have a WCF application set up to use UserName authentication through the built in MembershipProvider. When I call up a simple test function to see if the user is authenticated I get false. I've included as much info as I can.
The simple method in WCF:
[Code]....
Identity.Username and all that is blank as well.
This is the test code I'm using (from a test project):
[Code]....
And here are the relevant sections of web.config:
[Code]....
I am trying to create a basichttpbinding with custom validator. I create a self signed cert in IIS @ 443.
My endpoint in service config looks like this
[Code]....
The service is running fine (I can see it in browser).
In the client, I am setting client credentials and then accessing a method but at this point i get the following exception
There was no endpoint listening at [code].... that could accept the message. This is often caused by an incorrect address or SOAP action
The remote server returned an error: (404) Not Found.
I am using Kerberos as the Authentication mode for a WCF Client to interact with an ASMX Web Service. I am using customBinding in the WCF Client. I am getting the below mentioned Fault Exception when I invoke the HelloWorld Method by creating a Proxy using SVCUTIL.
`System.Web.Services.Protocols.SoapHeaderException: Server unavailable, please try later ---> System.ApplicationException: WSE841: An error occured processing an outgoing fault response. ---> System.Web.Services.Protocols.SoapException:
System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.InvalidOperationException: WSE914: This instance of derived key token does not support encryption, decryption, or key wrapping. It can only be used to sign or verify signature. Please make sure that the length of the derived key matches the length of the key required by the symmetric encryption algorithm configured for the derived key token manager.
at Microsoft.Web.Services3.Security.Tokens.DerivedKeyToken.Psha1SymmetricKeyAlgorithm.get_EncryptionFormatter()
at Microsoft.Web.Services3.Security.EncryptedData.ResolveDecryptionKey(String algorithmUri, KeyInfo keyInfo)
at Microsoft.Web.Services3.Security.EncryptedData.Decrypt(XmlElement encryptedElement)
I am badly struck with this exception and unable to progress further.
I created my custom validator in one project, something like that:
[Code]....
he composite control in another project. I added a reference of the custom validator project to the composite control project. I have a textbox in a composite control and I would like to validate this textbox by the composite control I created. But how can I do that? How can I create the custom validator instance that is linked to the custom validator I created?
I want to implement a custom authentication in my application using the basic authentication schema. I've configured it in the Web.config and enabled the basic authentication in the IIS, but when I try to open the service in the browser... appears a login dialog... what do I have to put ther? Besides, I want to control the authentication, I mean, I want to check whom is allowed in my custom list... where is it looking now?
When I use the WebRequest class, I'm getting a "401 - Unauthorized":
req = WebRequest.Create("http://localhost/RESTfulService/Service1.svc/Test");
req.Credentials = CredentialCache.DefaultNetworkCredentials;
WebResponse res = req.GetResponse();
What do I have to do for implement a custom basic authentication? (I cannot use membership providers).
I've set up in the Web.config:
[code]....
I have a validator callout extender that works, it shows the callout box. But, it does a postback. It didn't do a post back the first time I clicked the button but it did for subsequent times. I read on the AJAX site that a custom validator must be used with this for it to work. I'm currently using this with a required field and regular expression validator. It works, the callout appears, but it doesn't work every time with out the post back.I posted this to see if there is a way to get this to work with a required field and regular expression validator, with out using a custom validator. I'm using the newest release of the toolkit, so I thought the documentation may be old, since the callout is appearing.
View 8 RepliesI've been trying to get a custom validator component working that ensures at least one checkbox from a checkboxlist has been checked. I've been used some code I found on dotnetjunkies.com but the client-side validation didn't work. I've been attempting to modify it to get the client-side javascript validation to work with no luck. Basically, I compile the below code into a DLL and add it to my bin folder.
[Code]....
I'm using Forms authentication.In Windows Authentication for get the user name of the PC i use: User.Identity.Name
I need this information also in Forms authentication but User.Identity.Name doesn't work.How can I get the User.Identity.Name without using Windows authentication?
After a user is authenticated I store their username in session state but if the session times out, I want to create a new session for the user based on their username they authenticated with original. How can I get from Forms Authentication the currently authenticated user?
View 2 RepliesI have a service (WCF) with which my ASP.NET page will communicate. The WCF service has hashed passwords in its data store (a file actually). The WCF service requires the username and the hashed password on every call. Nowm the problem I'm encountering is that if I authenticate the user with forms authentication in ASP.NET, a cookie will be saved in the user's computer after the user is authenticated but I would like to save the username and hashed password too so that the user may able to use the WCF service. Where should this information should be saved so that it is safe and secure? Should I use session variables? If I choose that option that, then should I switch from forms-based authentication and manually authenticate using session variables or use both forms-based autentication for web page access and store the username and hashed password in a session variable? What are the pros and cons of each?
View 2 RepliesWhen a user log into my asp.net site I use the following code:
FormsAuthentication.RedirectFromLoginPage(userid, false);
As I often need to use the userid I can then later get the userid by:
string userid = System.Web.HttpContext.Current.User.Identity.Name;
Now I also want to show the logged in username on each page and my questions is therefore where do I place the username best if I need to use it on every page. User.Identity.Name is already taken by the userid so I can't use that one. Another solution would be to get the username from the database on each page, but that seems like a bad solution.
I had implemented the Forms Authentication for my application and used in-built login control for validating user credentials. I am creating persistant cookie using FormsAuthenticationTicket when the user checks 'Remeber Me' checkbox in login page.
Next time when I browse my application, it directly goes to resource access pages without redirecting to login page. This is the common approach in Forms Authentication with persistant cookie.
My requirement is, Is it possible to get username only in login page when using persistant cookie with Forms Authentication without redirecting into resource pages?
The same can achieve using cookies without using forms authentication. I need get the username automatically in login page using Form Authentication.
Once the user has authenticated, I would like to base all of the information displayed to the user based on their username. Isn't that saved in the cookie?
For instance, I would like to pull all of their client information using a GridView and have the parameter set to the appropriate authentication information.
I have an asp.net c# site that I have setup in IIS 7 and am loading into a sharepoint frame. Sharepoint doesn't prompt for domain credentials but my site does?In IIS I have enabled basic and windows authentication so I can get the domain users username, so if there is a way to get this without prompting that'd be a perfect solution for me.I am using the follwing statement to get username:
System.Web.
HttpContext.Current.User.Identity.Name
I'm writing an ASP.Net MVC intranet application which is accessed via handhelds and a range of browsers. My users all have AD accounts and have different permission to our SQL database views/procs depending on who they area. The database also uses CURRENT_USER for horizontal partitioning.
Because of the range of devices that need to access the application I can't rely on impersonation/delegation or the trusted subsystem. I want the user to simply input username and password (same as AD) when the above mechanisms fail.
Does anyone know how I can use AD username and password in a connection string to access the database without creating a set of SQL mirror accounts? I can't login with network service or a sql proxy account because the database needs to be user aware.
I'm bangin' my head against the wall here. I'm not even sure what I want to do is possible.
I have developed an ASP.NET app that will only be run on my local network (which incorporates a Windows Domain). It's running on IIS 7.5.I want to do this:
[Code]....
My problem is this: If I don't turn off Anonymous Authentication and ASP.NET Impersonation, I don't get the results I'm looking for. (if Anonymous is allowed, I get an empty string returned for username, and if ASP.NET impersonation is allowed, then "username" is always whatever account is associated with impersonation, like "Network Service"). If I turn those off and then turn Windows Authentication on, it works, but only after a dialog box presents itself asking for the Windows Credentials.
What I'm trying to do is NOT require the users to log in. Since they've already logged into the domain when they signed on their computer, I'd like to just allow them access to the ASP.NET application I've written, and identify who they are (based on their previous Windows login) using the line of code above. I don't need them to re-authenticate, because they're already authenticated from their domain login.I can't figure out what I'm doing wrong, or how to accomplish this. It seems the closest I've gotten to what I want so far, is to turn off all authentication EXCEPT for Windows Authentication. It works then, but only if the user first types in his/her username and password again in a dialog box. Is there any way to avoid having them type in their username and password again, but still be able to identify their domain username?
Cannot find a simple example that will call POST a service with username pass argument.
So, how to get the length of the service.
Code:
Dim encoder As ASCIIEncoding = New ASCIIEncoding
Dim data() As Byte = encoder.GetBytes(rawresp)
Dim request1 As HttpWebRequest = CType(WebRequest.Create("http://www.sas.gr/MobileService/MobileService.asmx?wsdl&op=getCinemaMoviesProgram"), HttpWebRequest)
request1.Method = "POST"
[Code] ...
Complains about wrong bytes. I can make it work with GET but i only get the schema.
Code:
Dim request = DirectCast(WebRequest.Create("http://www.sas.gr/MobileService/MobileService.asmx?wsdl&op=getCinemaMoviesProgram"), HttpWebRequest)
request.Method = "Get"
' request.ContentLength = 0
request.Credentials = New System.Net.NetworkCredential("WSl", "WSs")
Dim response1 = DirectCast(request.GetResponse, HttpWebResponse)
Dim reader = New StreamReader(response1.GetResponseStream())
Dim rawresp As String
rawresp = reader.ReadToEnd()
This will only give the schema back, no data. Also if i reference the service there is no getCinemaMoviesProgram function to call, so I suppose it only works with post.
In the web.config, how do add a connection string by using a window authentication with the username and password? I have tried like this and it keeps ignoring the username and password
<connectionStrings>
<clear/>
<remove name="LocalSqlServer"/>
<add name="LocalSqlServer" connectionString="Integrated Security=SSPI;Initial Catalog=ufiledb;Data Source=MyServer;User Id=user1;Password=xxxxxx" providerName="System.Data.SqlClient"/>
</connectionStrings>
I have the asp.net with authentication set to forms. After deploying new version on server it started to display a UsernName Password dialog box (like in windows authentication) on the login.aspx page.
When user click "cancel" the login.aspx page displays normally and user could log in and continue his work normally.
I don`t know how to get rid of that dialog box? Anonymous login on IIS is enabled, and the anonymous IIS user has access to that file - login.aspx
Foe getting Logon computer username i m using digest authntication mode. But when i browse website it's asking for username and password. while already windows login with the same username.
I understood that in this auhtntication mode it's required. But r there any configuration with it i am not getting this Prompt ? Any group ploicy ??
For IE i have added website into trusted zone but still it's asking for username and password.
R there any other way i getting Computer logon name in asp.net application. There are But only work when i run from Editor from IIS it's not retuning value.
I have an ASP.NET setup website using Windows authentication. Each time I open IE and try to access the webpage I get a windows authentication screen. Once I have logged in I can see the website fine. My problem is that every time I open a new IE browser I have to re-enter my username and password. I have heard about thew double hop issue, is this what it could be. If so how many ip fix this. Any ideas how i can stop this box showing up each time? I have ticked the "remember my username/password" tick box but still no joy. I am using Windows Server 2003, IIS 6.0 and .NET 4.0.
View 2 RepliesOne our customer complaint about HYH virus storing form authentication user credentials in clear text in his local system. Customer is accessing website through internet explorer. Is any preventing measure we can take in website or Code level?More details on Website1) Hosted in IIS 6.02) Windows Server 2003 Operating System ) Written in ASP & ASP.net combination
View 1 RepliesOk, I almost hate to ask this because I'm sure it's been covered many times on this forum, but I'm starting to get too frustrated trying to get it to work, so I'm gonna ask anyway.I have setup forms authentication on my site and have it working without any issues. What I'm trying to do now is to add "Remember Me" functionality so that the users don't have to log in each time they access the site. I'm able to get the authentication part down, but the issue I'm having is that when the user logs in, I set certain attributes in Session variables for that user (name, site role, etc.). These values are obtained from a database after the user has been authenticated, based on the username. What I'm having problems with is getting at this username from the FormsAuthentication cookie.
After I authenticate the first time, I setup my cookie this way:
[Code]....
I have tried getting at the Username utilizing the User prinicipal, but it just returns blank.
Does anybody know of a way to set the width of a custom validtor so that the error message text will wrap if it exceeds the specified width? I have a user control that contains a custom validator which the containing page can set the error message on based on specific validation results. he user control sits within a table cell in a page. If the message is very long it simply prints the entire message on a single line ignoring any column widths that are set. I have tried setting the width property on the custom validator itself to no avail.
View 2 Replies
