It is working fine in my local machine but when I deploy on my server then it is not working.is it any iss setting or something else..
what I need to do for this.below is web.config code and local machine having IIS 6.0 and Server having IIS 7.0
I'm trying to setup Forms Authentication in an asp.net mvc 2 application that will be hosted on IIS 6. There's an issue somewhere in my routing, but I can't pinpoint exactly where it is.
Here is the route entries I'm using to route the mvc requests through the aspx processing on IIS 6. These may or may not be the "right" way, but they do work on the server at current
Here I am using forms authentication and I have used an access database. I have put the db in App_Data folder and declared the connectionstring in web.config. The problem I am facing is that when I request any page without logging in the browser displays the requested page. At the bottom of the page there is a script error when I check the details it says Sys is not defined. Has this something to do with this issue??
In web.config file I have added the following lines in the <system.web></system.web> section.
On login button click after comparing userid & password I am using the foll stmts:-
If code = 0 Then ' code 0 means match for userid and pwd FormsAuthentication.RedirectFromLoginPage(txtuserid.Text, False) Else Response.Redirect("~/Default.aspx") End If
So on my journey to become better at asp.net I've encountered a problem. I'm working on a login. I added some Style to it by adding a CSS file and after some time I made it look a lot better. Thereafter I added Asp authentication forms - which actually works great aswell except that if you're not logged in the CSS is not used. Once I've logged in and recieved a cookie I can go back to the login page and everything looks nice. But as long as I haven't "logged in" the page looks as if no CSS is used.
Recently I've implemnted Single SignOn feature in my website which was developed on Framwork 2.0 using visual studio 2005.These website works on all browsers perfectly except that there two systems in my testing environment where the FormsAuthentication doesn't work on IE only.
On Those systems itself FormsAuthentication works for other browsers like mozilla.On these system I have checked that FormsAuthentication cookie is created but it lost it value as soon as other page is traversed.But when I try to login again it give me the messsage that user is already login i.e. user was able to login successfully.Both of them are currenlty using IE 8.
I have a .net 1.1 ASP application (domain.com) which has a .net 2 virtual directory (domain.com/v2) beneath it, both applications run within their own app pool on the same Windows Server 2003 machine running IIS 6. The web.config files for both apps are setup for Forms Authentication as described here - [URL]
Users would be directed to the domain.com/v2/login.aspx page which would authenticate for both applications, this configuration has been working fine for the last few years until installing one of the recent Windows 2003 security updates today. Now after authenticating under /v2 users keep getting redirected back to domain.com/v2/Login.aspx as domain.com doesnt see them as authenticated anymore.
which security update would have caused this and if its possible to fix or rollback?
I have implemented the .Net Membership provider with my website which is, for the most part, working well. However, occasionally a user will try and login and nothing will happen. There will be no error, they will just hit "Submit" from the login screen and continue to the homepage as an unauthenticated user. This behavior persists until they clear their web cache, or restart their machine... which makes me think it's some kind of cookie expiration error?
Does anyone have any ideas on how to troubleshoot this?
Previously, I have implemented two separate ASP.NET Web Applications, one as a virtual application in a subfolder of the other, which successfully shared forms authentication as described at [URL]
(basically, setting up identical <forms> sections in the Web.config, and keys in the <machineKey> section)
Now, I am trying to do something similar to get BlogEngine.NET (which is a Web Site, not a Web Application) to work sharing forms authentication with a Web Application of mine. I have tried both putting it as a virtual application in a subfolder, and setting it up as a separate IIS site (same domain name, different port number), but I can't get the authentication to work at all: when I go to the blog while logged in to my Web Application, Page.User.Identity.IsAuthenticated is always still "false".
I'm really not sure how to even start debugging this, since the forms authentication is handled before any of my code runs.
My question is about an approach, and I am looking for tips or links to help me develop a solution. I have an .NET 4.0 web forms application that works with Forms authentication using the aspnetdb SQL database of users and passwords. A new feature for the application is a new authentication mechanism using single sign on to allow access for thousands of new users. Essentially, when the user logs in through the new single-sign-on method, I will be able to identify them as legitimate users with a role I will have something like HttpContext.Current.Session["email_of_authenticated_user"] (their identity) and HttpContext.Current.Session["role_of_authenticated_user"] (their role).
I have a web app containing a silverlight application. How do I keep the ASP.NET session / Forms Authentication alive when the user is using the silverlight application?
We're developping an application that uses forms authentication and URL rewriting (www.urlrewriter.net). In order to make extension-less URL rewriting possible we had to add a default application mapping for the asp.net aspnet_isapi.dll.
The problem we're experiencing now is that when the website is accessed by http://www.myapp.com/ then the aspnet_isapi.dll gets the request and forms authentication forwards it to our login site, so the user gets redirected to http://www.myapp.com/login.aspx?ReturnUrl=%2f instead of having default.aspx displayed (which is allowed to anyone).
Here's the part of web.config dealing with forms auth:
I did quite some research on this problem but didn't find any solution. Is this scenario possible at all, or does default application mapping and forms auth using <deny users="?"/> interfere by design?
P.S. the problems only manifest when running on IIS 6, the ASP.net Development Server handles it without any problems
My application is working fine in local environment but not working after push code in live. My locale environment and hosting environment both are having same configuration. Same app working fine 2 month before but in different domain but same hosting server.
how to check the both config / any possible to run debug mode in hosting server please let me know. below code used in all page for checking user session status but when I click on any link page redirect to login.aspx I think session got timeout. I don't know why session got time frequently, but this issue not happening in local environment (desktop).
we are migrating existing windows form application to asp.net(3.5) intranet portal, there is a requirement whereby database connection should be made by the logged in windows user. Is it possible to achieve this functionality?
I'm developing a MVC2 application and using Forms Authentication on it. The scripts, images and styles are all blocked to unlogged users and, consequently, the login page looks awful. It works well local, the problem is when I publish to the server. Does anyone has any idea WHY? The server IIS is version 7.5
I just found out that my site authentication is not working in IE8. It works in FF, Chrome, Opera but not in IE8. I've deleted all the cookies and temporary files but no change. After a short research I found out that there is some problems with the cookies with IE8.Look at this http://www.reachfarther.com/persistent_cookies_fail_in_ie8.htmlHere is my web.config
we are experiencing big difficulties in the configuration of ASP.Net state service and II7. The service seems not working correctly because when the application pools recycles the applicatio loose the session.If we try the same configuration in IIS6 it works correcly.What is the correct way to configure the aspnet session state service in iis7?
I've found this article on enabling windows authentication within an intranet ASP.NET application. I did exactly what the article says, and when I go to the page on the server all it does is prompt me for a username and password, which I would assume means that it is seeing me as an anonymous user and not a windows user (which is not true).
In my application on the IIS i have the "Integrated Windows Authentication" box checked and this is what I have for my web.config file:
[Code]....
I've also tried this before and got the same results:
[Code]....
I have no idea what I need to do to get this to authenticate correctly. I've been banging my head off a wall for the past 2 days on this issue.
I have a basic intranet website for my company but there is one page that cannot allow anonymous as I need to grab the user's login. I created the site and everything works perfectly on my development machine. once moved to the production server it no longer works.
Here is the problem: I can get the login prompt when going to the secure page, but when trying to login I get a "401.1 - Unauthorized", even when trying to login as a server administrator. Here is the authentication portion in my web.config:
[Code]....
I have done this before and always gotten it to work. I hope I am just missing something very simple...
I'm trying to hit my intranet website and get it to run a simple sql query as the windows user I'm logged in as.
When I debug through Visual Studio, everything works great. When I hit the webserver though, I get an error from sqlconnection saying, "ERROR:Login failed for user 'YOUR_DOMAINYOUR_WEBSERVER_NAME'."
Request.ServerVariables[AUTH_USER]: YOUR_DOMAINUserBob System.Security.Principal.WindowsIdentity.GetCurrent().Name: NT AUTHORITYNETWORK SERVICE Page.User.Identity.Name: YOUR_DOMAINUserBob System.Threading.Thread.CurrentPrincipal.Identity.Name: YOUR_DOMAINUserBob
I set these setting below at the Web.config of my site And it still return me to the loginpage after about 20 mins I checked the Properties of the site at IIS and the time out is 660 However at the properties of the defaultWeb it's not 660 since it will influence all the sites and that I don't want
I'm trying to write a simple ASP.NET 4.0 app, using Windows authentication to login. This is on my peer-to-peer home network. When I click to login, it instantly shows my Windows identity, so it looks as though I don't even need to login, as it's already done that for me. However when I then go to any other page in the app, it looks as though I'm not logged in. Why is that and how do I fix it?
In IIS 7.5 server I have a website apps.mydomain.com. Site binding for this website is:
IP: All Unassigned
Port: 80
Host name: apps.mydomain.com
In DNS there is an ip address pointing to apps.mydomain.com. Site comes up fine when browsing to this hostname.
I want to get current windows logged in username from asp.net web apps. I enabled windows authentication and disabled anonymous. Using this ASP.Net code to test:
Response.Write(Page.User.Identity.Name);
However, browsing to http://apps.mydomain.com/site/ the application pool identity shows as the Page.User.Identity.Name value and not the current windows logged in username.
If I browse to http://servername/site/ then Page.User.Identity.Name will return current windows logged in username.
Is there something else I need to configure to get the current windows logged in username when using host header?
I have a SqlMembershipProvider store with Roles enabled. This is configured and has the user "devtest" in the roles "xxUser" and "xxAdmin".
I also have a WCF service, which I want to authenticate and authorize against. My problem is that:
the authorisation is not happening, code just executes despite the policy attribute I don't get any identity or security context so do not know who is calling the service I need: to know which user is calling the method some degree of rejecting users if permissions don't match (ideally this should be performed within the RoleProvider/MembershipProvider/WCF but can do it myself if I have to) SSL in transport
I have my service contract set up thus:
[ServiceContract] public interface ISupportService { [OperationContract] [PrincipalPermission(SecurityAction.Demand, Role = "ThisRoleDoesNotExist")] List<BaseInterestRate> GetAllBaseInterestRates(); } the code is simple enough: public class SupportService : ISupportService { public List<BaseInterestRate> GetAllBaseInterestRates() { OperationContext operationContext = OperationContext.Current; ServiceSecurityContext serviceSecurityContext = ServiceSecurityContext.Current; // is always null using (xxxEntities entities = new xxxEntities()) { return new List<BaseInterestRate>(entities.BaseInterestRates); } }} My service configuration is thus: --> <behaviors> <serviceBehaviors> <behavior name="SupportServiceBehavior"> <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> <serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName="AspNetSqlRoleProvider" /> <serviceCredentials> <userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="SqlMembershipProvider" /> </serviceCredentials> </behavior> <behavior> <serviceMetadata httpGetEnabled="true"/> <serviceDebug includeExceptionDetailInFaults="false"/> </behavior> </serviceBehaviors> </behaviors> <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
I have followed the instructions at these pages to the letter:
How to: Use the SQL Server Role Provider with Windows Authentication in WCF Calling from Windows Forms (MSDN) How to: Create and Install Temporary Client Certificates in WCF During Development (MSDN) How to: Use wsHttpBinding with Username Authentication and TransportWithMessageCredentials in WCF Calling from Windows Forms (MSDN) Also quite useful found via SO: Use Asp.Net Membership provider with a WCF .svc service (Alkampfer's Place)
I would at lest expect an issue with certificates/transport/etc. to fail with exceptions, but I can debug right in and over the WCF call. I have no security context/ user context available to me and when I use a user not in the two mentioned roles (which I do in the code example above), I don't get "kicked out".
My client app is currently a Web App, but will ultimately also serve a Windows Forms app and Test suite. I'm currently using the ASP.NET WebDev server and am running .NET 4.0.
