C# - Skip Authentication For Certain User Agents On IIS7?
Aug 30, 2010
I'm writting a software in C# and .NET to manage my store, which has a site where you can go and opt in to receive a sellers person visit. This site has an behind the scenes manager, but I want the software to do this instead, effectively removing the browser manager and the first step towards this goal is to allow the software access to a PHP script that generates tha XML file required.
The problem is, the login mechanics, written in C# and using web.config, doesn't allow the software to access the said script, which is inside a protected folder for the browser manager. I already tried using HttpWebRequest object, WebClient object with lots os combinations of post, credentials, streams and even a special user-agent to try and login, without success, I can only download the login page.
Here's the code I'm using to download data at the moment (That's my latest try, using the special header):
string agent = "AGENT"; //Not real name, it's just confidential
WebClient client = new WebClient();
client.Headers["HTTP_USER_AGENT"] = agent;
client.DownloadFileCompleted += new AsyncCompletedEventHandler(DownloadFileCompletedEvtHdl);
client.DownloadProgressChanged += new DownloadProgressChangedEventHandler(DownloadProgressChangedEvtHdl);
if (!Directory.Exists(toSavePath))
{
Directory.CreateDirectory(toSavePath);
}
if (File.Exists(toSavePath + filename))
{
File.Delete(toSavePath + filename);
}
client.DownloadFileAsync(new Uri(url), toSavePath + filename);
The login page is pretty simple, it only assings a click event to the login button to check if the user and password are the same in web.config. If true, got to redirect page, else, error.
So, what's the best method for this? Is there any way to configure IIS7 to skip the authentication on that special user agent or some other custom header? Or I'm going the wrong way?
View 1 Replies
Similar Messages:
Jan 8, 2011
User.Identity.IsAuthenticated
<asp:CreateUserWizard ID="CreateUserWizard1"
<asp:CreateUserWizardStep ID="CreateUserWizardStep1"
The result is TRUE after the second step in creating a user account
View 3 Replies
Apr 13, 2010
I am creating an Asp.net web site which will support dynamic data. When I am creating a dynamic web site from Scratch (from template in VS) all is working fine. But when I am trying to add dynamic entity (.edmx) file and running the application I am getting following error
"The method 'Skip' is only supported for sorted input in LINQ to Entities. The method 'OrderBy' must be called before the method 'Skip'. "
View 2 Replies
Mar 24, 2010
I have an application that ran fine on a Win 2003 box using windows authentication. After installing the app on a 32-bit Windows Server 2008 box the users are now prompted for domain credentials every time they call the site. I went into IIS manager for IIS7 and disabled anonymous authentication and enabled windows authentication. What do I need to do here for the user to not be prompted for the credentials?
View 5 Replies
Jan 20, 2011
I'm having a tough time implementing mixed-mode authentication (windows & forms based) for my application using IIS 7. Doing it in IIS6 is easy, but the process doesn't translate to 7/7.5 - and my research has led to me to conflicting answers, none of which.
I have redirect page called WindowsLogin.aspx, and a forms-based one called Login.aspx. I'm having difficulty enabling Windows authentication for just WindowsLogin.aspx.
View 1 Replies
Mar 22, 2010
I have an ASP.NET web application that is using forms authentication. Everything is configured and working correctly. However, i'm dealing with the issue of creating and maintaining users and role membership.
I know that I can roll my own solution but I'm wondering if there is an alternative solution?
Does iis7 provide screens for managing forms authentication users? Is there a reliable, free solution that someone would recommend?
View 4 Replies
Sep 28, 2010
I have a website on IIS 7. This website has a HttpModule with an AuthorizeRequest event handler. This event does not fire for CSV files and I can access the file without logging in, I guess this is because IIS7 is not configured to require form autentication for CSV files.
View 2 Replies
Feb 10, 2010
I've got an ASP.NET web app that uses Crystal Reports XI Release 2 (Service Pack 4 + Fix Pack 4.1), and when I use Windows Authentication, the report still passes the application pool identity to the database instead of the user's identity. Every other portionof the program sends the user's identity (checked using SQL profiler). I know I've gotten this working on a client's windows 2008 server before, but I don't have access to that machine to make a comparison with the one I'm working on. I'm pretty sure it's an IIS configuration issue, but I can't seem to find the thing that's causing the Crystal reports to behave differently from the rest of the application.
View 2 Replies
Sep 14, 2011
I am trying to implement single sign on for users within our domain and if the are not then they get re-directed to the login screen to use forms authentication.
I have followed this tutorial below
however I get two issues firstly if I go to my forms authentication page no css or images now display and if i try to login i get an error.
If I go to the login page which should recognise me from the AD I get 401 - Unauthorized: Access is denied due to invalid credentials. You do not have permission to view this directory or page using the credentials that you supplied.
[URL].....
View 3 Replies
Mar 21, 2011
I notice that some sites are coping the content of one of my client's sites using automated agents. I want to detect their requests and show them a captcha code to prevent them from coping the site content. Is there anyway to detect them?
View 2 Replies
Jul 30, 2010
I have a website deployed on IIS 7 . And want one of my pages authenticated by windows authentication. But While trying this I am getting error "This feature has been locked or Read Only".
View 1 Replies
Mar 11, 2011
Before I get started it's important to note that this issue only happens in IIS7 and IE7, which means it works fine in all our IIS6 environments and Chrome and Firefox hitting IIS7.
We have an ASP.NET 3.5 application that is doing a very basic window.open to open our report server.
ex.
window.open('http://555.55.5.55/ReportServer', 'Reports');
Once launched the user is prompted for their username and password. If the user selects cancel and goes back to the parent window they can use all the Ajax functionality just fine; however, if the user logs into report server then all the Ajax functionality on the parent window ceases to work (example error below). We changed the javascript line above to popup a window to google and everything worked fine. We even tried changing it to '_self' to act like a redirect and we had the same results, everything failed. The issue appears to be related to something in IE7 and the authentication popup.
We've already set the application pool hosting the site in IIS7 to classic mode and this did not resolve our problem.
Error:
Error: Sys.WebForms.PageRequestManagerParserErrorException: The message received from the server could not be parsed. Common causes for this error are when the response is modified by call to Reponse.Write(), response filters, HttpModules, or server trace is enabled.
Details: Error Parsing near ' <!DOCTYPE html PUB'.
View 3 Replies
Nov 9, 2010
I'm using .net 4.0 and iis 7 and windows server 2008
my web application use form athentication and wok properly in vs 2010
but when i try to config the web site in iis 7 the form athenticate redirection doesn't work without any kinds of error.
here is my web.config code
<authentication mode="Forms">
<forms loginUrl="Pages/login.aspx" name=".ASPXFORMSAUTH"></forms>
</authentication>
<authorization>
<allow users="?" />
</authorization>
I enabled the authentication form in iis.
View 3 Replies
Jan 8, 2010
We have windows authentication set up on our staging server for our clients to help prevent google from indexing our staging URLs. We recently found out that one of our sites is seemingly ignoring our IIS settings (anonymous authentication is disabled, windows authentication is enabled). We ended up figuring out that removing the setting runAllManagedModulesForAllRequests="true" on the modules node (which is required for our URL rewriting on the site) fixes the issue and the windows login/password box appears as expected when we browse to the site. If we keep the setting there, the site allows any anonymous user to browse the website.How can we keep anonymous authentication off while keeping runAllManagedModulesForAllRequests set to true?
EDIT: We realized that we have other sites where this setting is on and windows authentication is working just fine. This only appears to happen in our ASPDotNetStorefront websites. I'm now wondering where I should check to see what is causing this issue - my guess is some sort of custom authentication module, but I don't have enough knowledge to figure out where to start debugging this.
View 1 Replies
May 7, 2015
i develope asp.net web site based on users authentication.
How can i promiss that user who logins to the site and closes and explorer, could reopen it and be connected without insert his user & password again.
View 1 Replies
Jan 8, 2010
I've used the UrlRewriting.Net module for a couple years now without any problems in Windows XP and Windows 2003. I just recently upgraded my home PC to Windows 7 and started developing a new website.The plan was to use .html extensions and rewrite them to their .aspx counterparts using the UrlRewriting.Net module. Everything works flawlessly in VWD 2008, but when I try running it through IIS7 it is a different story.
When I try to access a page via the .html rewrite I can no longer access Page.User; it keeps returning null. If I hit the page using it's .aspx extension, Page.User is correctly populated. I should also mention that I have a LoginView controller in my Master Page and it suffers from the same symptoms: When accessing via .html extension it shows the AnonyousTemplate; When using .aspx extension it properly shows the LoggedInTemplate. I'm guessing the two are related.
[Note: I've also tried extensionless URLs and they exhibit the same problem]
The only way I've gotten it to work is to switch the application pool to Classic, which then requires me to add an ASP.Net ddl handler for the .html extension [otherwise it is handled by the StaticFileHandler and comes up as a 404 error]. However, I'd like my web app to run properly for people without having to fiddle around with IIS.So I am left with several questions:Does anyone have ideas as to why Page.User always equals null for .html => .aspx rewritten pages?
Why does it work in VWD 2008, but not IIS7?
What changed from IIS6 => IIS7 that could have caused this?
[Note: I just tried a .aspx => .aspx rewrite and it did not exhibit the problem. Not really what I want, but thought I should mention it.]
View 2 Replies
Jul 17, 2015
Article : Encrypt and Decrypt Username or Password stored in database
The whole thing works very well but my issue is, after entering and encrypted password how does the user then log into the database?
When a user types in his password, the typed in password will not match the ecnrypted value in the database.
So how do I decrypt what is in the database and compare with what the user typed in and then validate the user.
View 1 Replies
Nov 22, 2010
I need an app pool recycle to be completely transparent to the users of my web app. I use ASP.NET 3.5 MVC 1.
Currently, upon an IIS 7 App Pool recycle all users logged into my web app are kicked out and are required to log back in (Context.User.Identity.IsAuthenticated is set to false). I employ SQL State Server, I use forms authentication and both are configured to use cookies. I was under the impression that .NET and/or IIS handles authentication of cookies.
However, every time the app pool is recycled Context.User.Identity.IsAuthenticated is set to false my users are kicked out and are required to log back in. I can see that the session id remains the same throughout logins, I can also view this session information in the database/state server.
Logon method:
[Code]....
Custom Controller Attribute:
[Code]....
WebConfig:
[Code]....
View 1 Replies
Jan 8, 2010
[FYI - Posted the same thing over at StackOverflow]I've used the UrlRewriting.Net module for a couple years now without any problems in Windows XP and Windows 2003. I just recently upgraded my home PC to Windows 7 and started developing a new website.The plan was to use .html extensions and rewrite them to their .aspx counterparts using the UrlRewriting.Net module. Everythingworks flawlessly in VWD 2008, but when I try running it through IIS7 it is a different story.
When I try to access a page via the .html rewrite I can no longer access Page.User; it keeps returning null. If I hit the page using it's .aspx extension, Page.User is correctly populated. I should also mention that I have a LoginView controller in my Master Page and it suffers from the same symptoms: When accessing via .html extension it shows the AnonyousTemplate; When using .aspx extension it properly shows the LoggedInTemplate. I'm guessing the two are related.[Note: I've also tried extensionless URLs and they exhibit the same problem]The only way I've gotten it to work is to switch the application pool to Classic, which then requires me to add an ASP.Net ddl handler for the .html extension [otherwise it is handled by the StaticFileHandler and comes up as a 404 error]. However, I'd like my web app to run properly for people without having to fiddle around with IIS.
So I am left with several questions:Does anyone have ideas as to why Page.User always equals null for .html => .aspx rewritten pages?Why does it work in VWD 2008, but not IIS7? What changed from IIS6 => IIS7 that could have caused this? Any other thoughts on workarounds?[Note: I just tried a .aspx => .aspx rewrite and it did not exhibit the problem. Not really what I want, but thought I should mention it.]
View 5 Replies
May 19, 2010
Our code relies on checking the Context.User.Identity value in the Global.asax Application AuthenticateRequest(...) method to retrieve some information about the logged in user. This works fine in classic mode but when I flip IIS to use the Integrated Pipeline "Context.User" comes back as null, but only intermittently.I have < authentication mode="Windows"> and only Windows Auth enabled in the Virtual Directory.
View 1 Replies
Oct 27, 2010
I have the following:
[Code]....
How can I get the commented part to just look at the one underneath.
View 2 Replies
Nov 6, 2010
I know how can I skip steps programmatically but I need "Skip" button too.
View 1 Replies
Jan 4, 2011
I want to use forms authentication on my ASP.NET MVC site. All I need is a place for users to login, a page to add a user, and a page to edit a user. I'm using all the default ASP.NET forms authentication tables for SQL Server (aspnet_Profile, aspnet_Roles, aspnet_Users, etc.). The only difference is that I've added an Employees table to my database, which contains a FK to aspnet_Users to create a one-to-one relationship. The Employees table contains columns for FirstName, LastName, StartDate, etc. It's a way for me to keep additional information for the users.
I'm having trouble finding any sort of tutorial that would help me build a basic page in MVC, everything I find is for WebForms. For my page to add a user, I'd like there to be fields for the Employees table. I don't know if I can modify the CreateUserWizard to add those fields, or if I'd be better off just creating my own custom page.
View 2 Replies
Feb 14, 2010
I've got data in a xml document.The xml document is generated by a stored procedure.I like to change the stored procedure so i can skip a lot of rows.The count of rows, i like to add as a Parameter.With a top of 20 i get 20 rows.But after i show the 20 rows there is some kind of paging on de website so the user can put next, and get the next 20 rows.But how can i skip in that case the first 20 rows?, and after that 20 rows, i want the next 20 rows....So i like to add it as a parameter.
But how?With linq its quite easy, but i don't want ms sql resultss the complete rows to the xml file, becasue it would be lots of them (100.000...)
View 2 Replies
Mar 25, 2011
I have a number of 0-12345-67890 and I want to capture 0123456789 in a named capture group. I got this far:
@"(?<upc>d-d{5}-d{5})"
Which captures the string as-is. How do you skip the dashes while grabbing the number as a single named group? BTW, this is ASP.NET Regex.
View 2 Replies