C# - How To Call Url With Basic Authentication Inside Application
Aug 23, 2010
I need to create an application (ASP.NET or WinForms or Windows Service, not sure) that needs to make a call to a url including username and password for basic authentication and have the url return a csv file. I then need to use the csv file in the application. I don't know how to do this. How do I call the url in my app. There can be no user interaction, it needs to be completely automated in the returning of the csv file.
This could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.
In my asp.net MVC 3 web application, I want to implement basic authentication system in my webapp. I have been searching and reading for past two days but still not able to get a hold of it.
I was following [URL]
I created a CustomMembershipProvider class in my models
[Code]....
In my webconfig file, I do have [Code]....
Now, I created a AccountController, in that I added following code
[Code]....
After that I added view fo Logon
[Code]....
Now, the first problem which I am facing is, when I Debug the webapplication, I get HTTP404 error. Url generated
I have an Intranet which is on IIS 7.0. I want to authenticate my users and know who is logged in. What options do I have to set in IIS Authentication part that my users do not need to type their user name and password to login to Intranet. I have set the Authentication to Basic and Impersonation, but it is asking user name and password.
I'm looking to implement my own basic webforms authentication. I don't want to use the 'membership' features in this case because I don't want to modify the database schema with all the membership elements that I won't use, and I don't need to support users across multiple applications. I want to wind up with one simple 'users' table that has username, password, passwordSalt, and several other fields to support custom user attributes specific to this application.
but it's rather dated... is this still valid? I'm looking for guidance on what I need to do to implement a custom webforms auth solution. A very basic skeleton I can expand upon, or a good tutorial/guide that illustrates the necessary parts... just the basics..
We have Novell's Access Manager protecting our site. After the user logs in, Access Manager forwards the request back to a web page. On that web page, I need to read a combination of some Basic Auth username information as well as some custom header variablest that AM is passing to the web page. AM will continue to send these variables/values on every page as long as the user stays logged in.
What I'd like to do is create a class that checks for these values to evaluate whether the user is logged in or not. How do I gain access to those variables from a .cs class file?
I have an XML web service where the authentication used is BASIC WINDOWS. Following is my client code to connect to the service.
[Code]....
Now, the issue is that the client is really authenticated only in the first attempt(First time I execute the code in VS). Further attempts succeed even if the code to assign credentials is commented or even after providing wrong user id/ password. I ensured that the server is hit each time(Just to make it clear that it not just because of client side caching).Is this the behavior of Basic authentication/credential cache. I would prefer the client be authenticated each time he hits the server.
I want to implement a custom authentication in my application using the basic authentication schema. I've configured it in the Web.config and enabled the basic authentication in the IIS, but when I try to open the service in the browser... appears a login dialog... what do I have to put ther? Besides, I want to control the authentication, I mean, I want to check whom is allowed in my custom list... where is it looking now?
When I use the WebRequest class, I'm getting a "401 - Unauthorized":
req = WebRequest.Create("http://localhost/RESTfulService/Service1.svc/Test"); req.Credentials = CredentialCache.DefaultNetworkCredentials; WebResponse res = req.GetResponse();
What do I have to do for implement a custom basic authentication? (I cannot use membership providers).
I made really basic facebook application, which collect permission from user to post data. Some time ago (around New year) it worked fine.I am using http://facebooktoolkit.codeplex.com, and my code looks like this:
public partial class Facebook : CanvasFBMLBasePage { protected void Page_Load(object sender, EventArgs e)
I just made my first MVC3 app, and I thought it would be fun to upload it to my web hotell. So I did a publish locally in visual studio and then transfered the published files to them over ftp. They have support for MVC3, so there shouldn't be any problems there. But what I get when I try to go the the page I get an 403 - Forbidden: Access is denied I've tried to add the:
I am trying to figure out what are the basic assemblies required to run a basic ASP.NET 4.0 website. Say.. a website with just a label in it. I looked online and didn't find a list there. I know installing the framework 4.0 will give me all the dlls but I just need the basic ones that will make a basic site work on ASP.NET 4.0.
i need to create an online html editor to be used in my asp.net application with the basic button of dataformating + adding/inserting images+creating templates
I want to use forms authentication on my ASP.NET MVC site. All I need is a place for users to login, a page to add a user, and a page to edit a user. I'm using all the default ASP.NET forms authentication tables for SQL Server (aspnet_Profile, aspnet_Roles, aspnet_Users, etc.). The only difference is that I've added an Employees table to my database, which contains a FK to aspnet_Users to create a one-to-one relationship. The Employees table contains columns for FirstName, LastName, StartDate, etc. It's a way for me to keep additional information for the users.
I'm having trouble finding any sort of tutorial that would help me build a basic page in MVC, everything I find is for WebForms. For my page to add a user, I'd like there to be fields for the Employees table. I don't know if I can modify the CreateUserWizard to add those fields, or if I'd be better off just creating my own custom page.
I have a web page that calls a WCF service that makes a sql database call using Integrated Security. I get an error saying, "Login failed for user 'CorpDomainServerName01$'". I want it so that it all layers will execute under the user's AD credetials (working in an intranet), ie: "CorpDomainAlbert". On the server (Win 2008/IIS 7), I have Windows Authentication turned on and everything else off (including Anonymous) under Authentication for both the web client and the WCF service. Here's my client web.config:
I have a production web application that uses <authentication mode="Windows"/> I have added an .asmx page with a method in it. I'd like to test making calls to it from a separate client web app. When I do this I get the error: The request failed with HTTP status 401: Access Denied What do I need to do in my client app to access this webservice?
I tried to take advantage of jQuery AJAX call to enhance user experience but I am facing a tricky problem.
When the user does nothing for a period of time, e.g. 30 minutes to reach authentication timeout, making AJAX call becomes the problem. The server side will return login page and display in my target div section. The simplest solution I can think of is to inject a dummy tag in login page, and when detecting such dummy tag then use javascript to redirect to login page. But this means that I have to do that every time I make AJAX call.
Pinging back to a webservice in ajax from the client keeps the user's session alive, I don't want this to happen. More extensive summary For a website we're developing, we need the client to ping back (in js) to a webservice (ASMX) on the server (IIS7.5). This happens to let the server know that the user is still on the site, and hasn't browsed away to another site. This is as our customer wants to let users lock records, but if they browse away to other sites, then let other people take over those locked records. Perhaps the distinction between the client being on the site but inactive and on another site seems unimportant, but that's kinda irrelevant, I don't get to write the UI spec, I just have to make it work.
My problem is this, the ping stops the user from being timed out on the server through the standard forms authentication timeout mechanism. Not surprising as there is that 30 second ping in the background keeping the session alive. Even though we want to know if the user is still on the site, we want the normal forms authentication timeout mechanism to be honoured. I thought I might be able to fix this by removing the ASP.NET_SessionId and .ASPXAUTH cookies in the XMLHttpRequest that is the server ping, but I can't figure out how to do this. This is how my web service & method are defined:
[WebService(Namespace = "http://tempuri.org/")] [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] [ScriptService] public class PingWS : WebService { [WebMethod] public void SessionActive(string sessionID) { // does stuff here } This is how I'm calling it in js (request is over HTTPS, : $.ajax({ type: "POST", url: "PingWS.asmx/SessionActive", data: 'sessionID=' + aspSessionID + '}', beforeSend: function (xhr) { xhr.setRequestHeader('Cookie', ''); xhr.setRequestHeader('Cookie', 'ASP.NET_SessionId=aaa; .ASPXAUTH=bbb;'); }, dataType: "json" });
I was trying with the setRequestHeader, but that just appends to the header rather than overwrites the header, and IIS is happy to ignore that junk I added. I'm thinking maybe I should be trying to do this at the server end, someone take PingWS.asmx out of the loop so that it doesn't keep the session active, but I'm not sure how to do this. Although the title of the question is focused on clearing the cookie in the header, I'd be super happy if anyone points out that I'm being really stupid and there is actually a much better way of trying to do what I'm doing.
I'm thinking at this stage maybe I need to add something to the webmethod that says how long this particular page has been inactive, and use that knowledge to timeout manually. That actually sounds pretty easy, so I think I'll do that for now. I'm still convinced that there must be an easy way to do what I originally wanted to do though. Update I'm thinking I'm pretty screwed in terms of cookie manipulation here as both the .ASPXAUTH and ASP.NETSessionId cookie are HttpOnly, which means the browser takes them out of your hands, you can't access them via the document.cookies object. So I would say that leaves me with:
Updating my SessionAlive webmethod to track each request so I can tell how long the user has been sitting idle on a page and timeout if needs be Marking the .asmx page somehow on the server end so that it's taken out of the normal authentication/session tracking flow I know how to do 1. so I'll start there but 2. seems much cleaner to me.
I'm using Form Authentication in my web application.In my application I have a lot of pop up windows that include form inside.when the form ticket expires the user is redireced to Login page.Also it happens inside a popup window. If user leaves the pop up open and come back after the ticket is expired, it redirects him to the Login inside that pop up.
i have a repository class inside my model folder; this repositiry contains many methods , which are called from Action methods in the controllers; so my question is :- if i have a method insidle my model.reporsitory which calls a stored procedure, then can i call it an "action method"? or "action method" expression only apply to controller methods?
I have a rquirement thay in grdivew need to show the 2 custom ads and 3 google ads, so i have written an user control and inside that using the adsense script, and binding the gridview manually with 2 custom ads and then calling the user control with few functionality. But i have used ajax to ignore the post back So while clikging on paging the google ads are not loading as they are loading from javascript.I came to know that we cannot call javascript inside updaetpanel means Ajax, this is an urgent requirement for me,
